1plus1.ua Open in urlscan Pro
195.137.240.80 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://1plus1.ua/
Effective URL:
https://1plus1.ua/
Submission: On August 16 via api (August 16th 2022, 2:21:43 am UTC) from GB — Scanned from GB

Summary HTTP 325 Redirects Links 28 Behaviour Indicators

Summary

This website contacted 72 IPs in 11 countries across 53 domains to perform 325 HTTP transactions. The main IP is 195.137.240.80, located in Ukraine and belongs to ASN-UNIAN, UA. The main domain is 1plus1.ua. The Cisco Umbrella rank of the primary domain is 463959.
TLS certificate: Issued by R3 on July 12th 2022. Valid for: 3 months.

This is the only time 1plus1.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 10	195.137.240.80 195.137.240.80	29389 (ASN-UNIAN) (ASN-UNIAN)
23	195.137.240.108 195.137.240.108	29389 (ASN-UNIAN) (ASN-UNIAN)
14	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
60	195.137.240.20 195.137.240.20	29389 (ASN-UNIAN) (ASN-UNIAN)
5	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
4	45.133.44.4 45.133.44.4	7018 (ATT-INTER...) (ATT-INTERNET4)
2	195.137.240.12 195.137.240.12	29389 (ASN-UNIAN) (ASN-UNIAN)
4	2a03:90c0:41:... 2a03:90c0:41:2801::254	199524 (GCORE) (GCORE)
1	18.66.97.10 18.66.97.10	16509 (AMAZON-02) (AMAZON-02)
1 10	146.59.10.80 146.59.10.80	16276 (OVH) (OVH)
1	194.247.175.38 194.247.175.38	196831 (BEMOBILE-AS) (BEMOBILE-AS)
4	194.247.175.26 194.247.175.26	196831 (BEMOBILE-AS) (BEMOBILE-AS)
2	2a03:2880:f00... 2a03:2880:f007:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
5	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
1	52.222.236.63 52.222.236.63	16509 (AMAZON-02) (AMAZON-02)
8	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	13.224.189.122 13.224.189.122	16509 (AMAZON-02) (AMAZON-02)
6	2a0c:5c81:514... 2a0c:5c81:5142::2	55081 (24SHELLS) (24SHELLS)
11	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
2	146.59.30.108 146.59.30.108	16276 (OVH) (OVH)
1 2	51.83.220.94 51.83.220.94	16276 (OVH) (OVH)
1	62.149.0.72 62.149.0.72	15497 (COLOCALL ...) (COLOCALL Internet Data Center ColoCALL)
1 2	147.75.198.217 147.75.198.217	54825 (PACKET) (PACKET)
2 10	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
3	194.247.175.25 194.247.175.25	196831 (BEMOBILE-AS) (BEMOBILE-AS)
6	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
1 3	51.89.9.253 51.89.9.253	16276 (OVH) (OVH)
1	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
2	178.250.2.131 178.250.2.131	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2606:4700:303... 2606:4700:3030::6815:5525	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	37.252.172.123 37.252.172.123	29990 (ASN-APPNEX) (ASN-APPNEX)
8	2602:803:c004... 2602:803:c004:200::140	26667 (RUBICONPR...) (RUBICONPROJECT)
1	185.255.84.151 185.255.84.151	200271 (IGUANE-) (IGUANE-)
1	146.0.227.109 146.0.227.109	20773 (GODADDY) (GODADDY)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	147.75.85.234 147.75.85.234	54825 (PACKET) (PACKET)
1 2	46.249.52.249 46.249.52.249	50673 (SERVERIUS-AS) (SERVERIUS-AS)
4	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
19	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
3	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1 1	2600:9000:20e... 2600:9000:20eb:8c00:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1 11	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
2 2	99.81.70.153 99.81.70.153	16509 (AMAZON-02) (AMAZON-02)
1	185.86.139.94 185.86.139.94	201081 (SMARTADSE...) (SMARTADSERVER)
2 2	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
1	104.96.128.226 104.96.128.226	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
14	2606:4700:20:... 2606:4700:20::ac43:4a81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	178.250.2.148 178.250.2.148	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:1::2 2a02:2638:1::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.2.135 178.250.2.135	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
4 4	3.120.120.86 3.120.120.86	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2006	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::ac43:444e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	142.250.186.70 142.250.186.70	15169 (GOOGLE) (GOOGLE)
3 3	104.111.239.217 104.111.239.217	16625 (AKAMAI-AS) (AKAMAI-AS)
1	148.251.139.77 148.251.139.77	24940 (HETZNER-AS) (HETZNER-AS)
1	2606:4700::68... 2606:4700::6812:7f05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.133.111.12 18.133.111.12	16509 (AMAZON-02) (AMAZON-02)
2 4	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	13.225.78.56 13.225.78.56	16509 (AMAZON-02) (AMAZON-02)
1	18.66.139.56 18.66.139.56	16509 (AMAZON-02) (AMAZON-02)
1	2a03:2880:f02... 2a03:2880:f02d:110:face:b00c:0:2	32934 (FACEBOOK) (FACEBOOK)
2	3.8.108.133 3.8.108.133	16509 (AMAZON-02) (AMAZON-02)
1	141.95.98.66 141.95.98.66	16276 (OVH) (OVH)
325	72

10 195.137.240.80 (Ukraine) 1 redirects

ASN29389 (ASN-UNIAN, UA)
PTR: front02.1plus1.ua

1plus1.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 195.137.240.108 (Ukraine)

ASN29389 (ASN-UNIAN, UA)
PTR: front03.1plus1.ua

1plus1.video	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.1plus1.video	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

60 195.137.240.20 (Ukraine)

ASN29389 (ASN-UNIAN, UA)
PTR: images.1plus1.ua

images.1plus1.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.1plus1.video	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 45.133.44.4 (Philadelphia, United States)

ASN7018 (ATT-INTERNET4, US)

player.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.137.240.12 (Ukraine)

ASN29389 (ASN-UNIAN, UA)
PTR: assay.1plus1.ua

assay.1plus1.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:90c0:41:2801::254 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)

cdn.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-10.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 146.59.10.80 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip80.ip-146-59-10.eu

gaua.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 194.247.175.38 (Ukraine)

ASN196831 (BEMOBILE-AS, UA)

source.mmi.bemobile.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 194.247.175.26 (Ukraine)

ASN196831 (BEMOBILE-AS, UA)

pa.tns-ua.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f007:8:face:b00c:0:1 (Vienna, Austria)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-63.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.189.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-122.fra2.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a0c:5c81:5142::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)

ghb.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ghb1.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 146.59.30.108 (France)

ASN16276 (OVH, FR)
PTR: ip108.ip-146-59-30.eu

ls.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.83.220.94 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: app-ngx-pl-03.adpartner.pro

a4p.adpartner.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 62.149.0.72 (Ukraine)

ASN15497 (COLOCALL Internet Data Center ColoCALL, UA)
PTR: 0-72.cc86365-03-tmp.cc.colocall.com

sync.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 147.75.198.217 (Tokyo, Japan) 1 redirects

ASN54825 (PACKET, US)
PTR: sync-1

sync.pubwise.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 194.247.175.25 (Ukraine)

ASN196831 (BEMOBILE-AS, UA)

sslpagestat.mmi.bemobile.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.89.9.253 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::6815:5525 (United States)

ASN13335 (CLOUDFLARENET, US)

ads.adnuntius.delivery	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.172.123 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2602:803:c004:200::140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.151 (Ivry-sur-Seine, France)

ASN200271 (IGUANE-, FR)

hb-api.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.0.227.109 (Ascension Island)

ASN20773 (GODADDY, DE)

inv-nets.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

adtelligent-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.85.234 (Schiphol, Netherlands)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.249.52.249 (Amsterdam, Netherlands) 1 redirects

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net

pbjs.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:8c00:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.186.34 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.81.70.153 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-70-153.eu-west-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.94 (France)

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.56.137 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.96.128.226 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-128-226.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.135 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.am5.vip.prod.criteo.com

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.193.173 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.120.120.86 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-120-86.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:444e (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.70 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.111.239.217 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.zenaps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 148.251.139.77 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.77.139.251.148.clients.your-server.de

banner.congstar.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:7f05 (United States)

ASN13335 (CLOUDFLARENET, US)

www.conrad.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.133.111.12 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-133-111-12.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638:1::13 (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-56.fra2.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.139.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-139-56.fra60.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f02d:110:face:b00c:0:2 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

graph.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.8.108.133 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-8-108-133.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.66 (France)

ASN16276 (OVH, FR)
PTR: ns3216537.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
52	1plus1.ua 1 redirects 1plus1.ua — Cisco Umbrella Rank: 463959 images.1plus1.ua assay.1plus1.ua	4 MB
43	1plus1.video 1plus1.video — Cisco Umbrella Rank: 201469 api.1plus1.video — Cisco Umbrella Rank: 234708 images.1plus1.video — Cisco Umbrella Rank: 666056	1 MB
37	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 124 c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 160	420 KB
30	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 55 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 222 stats.g.doubleclick.net — Cisco Umbrella Rank: 118 cm.g.doubleclick.net — Cisco Umbrella Rank: 208 ad.doubleclick.net — Cisco Umbrella Rank: 214	231 KB
14	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 22303 ad4m.at — Cisco Umbrella Rank: 2303 assets.ad4m.at — Cisco Umbrella Rank: 34366	459 KB
14	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 98 www.google.com — Cisco Umbrella Rank: 10	4 KB
12	gemius.pl 1 redirects gaua.hit.gemius.pl — Cisco Umbrella Rank: 53429 ls.hit.gemius.pl — Cisco Umbrella Rank: 12163	63 KB
11	criteo.com 2 redirects bidder.criteo.com — Cisco Umbrella Rank: 732 cat.nl.eu.criteo.com — Cisco Umbrella Rank: 9488 rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 11084 gum.criteo.com — Cisco Umbrella Rank: 401 mug.criteo.com — Cisco Umbrella Rank: 2755	10 KB
11	adtelligent.com player.adtelligent.com — Cisco Umbrella Rank: 5312 ghb.adtelligent.com — Cisco Umbrella Rank: 5331 sync.adtelligent.com — Cisco Umbrella Rank: 4266 ghb1.adtelligent.com — Cisco Umbrella Rank: 7003	150 KB
10	gstatic.com www.gstatic.com fonts.gstatic.com	553 KB
8	rubiconproject.com fastlane.rubiconproject.com — Cisco Umbrella Rank: 528	9 KB
8	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 67 imasdk.googleapis.com — Cisco Umbrella Rank: 448 Failed	335 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 52	59 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 187	201 KB
5	admixer.net cdn.admixer.net — Cisco Umbrella Rank: 41533 inv-nets.admixer.net — Cisco Umbrella Rank: 2584	85 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 94	228 KB
4	bidswitch.net 4 redirects x.bidswitch.net — Cisco Umbrella Rank: 292	3 KB
4	google.de adservice.google.de — Cisco Umbrella Rank: 8117 www.google.de — Cisco Umbrella Rank: 5596	2 KB
4	tns-ua.com pa.tns-ua.com — Cisco Umbrella Rank: 94078	4 KB
4	bemobile.ua source.mmi.bemobile.ua — Cisco Umbrella Rank: 350159 sslpagestat.mmi.bemobile.ua — Cisco Umbrella Rank: 333404	20 KB
3	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 18601 api.webgains.io — Cisco Umbrella Rank: 54408	52 KB
3	criteo.net pix.eu.criteo.net — Cisco Umbrella Rank: 7159 static.criteo.net — Cisco Umbrella Rank: 627	101 KB
3	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 381	793 B
3	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 792	845 B
3	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 642 script.hotjar.com — Cisco Umbrella Rank: 770 vars.hotjar.com — Cisco Umbrella Rank: 803	68 KB
2	awin1.com 2 redirects www.awin1.com — Cisco Umbrella Rank: 14571	1 KB
2	ctnsnet.com 2 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 39481	1009 B
2	ad4mat.net prod-rtb.ad4mat.net — Cisco Umbrella Rank: 110895 static-de.ad4mat.net — Cisco Umbrella Rank: 152918	4 KB
2	yahoo.com 2 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 277	794 B
2	360yield.com 2 redirects match.360yield.com — Cisco Umbrella Rank: 4170	791 B
2	e-planning.net 1 redirects pbjs.e-planning.net — Cisco Umbrella Rank: 7423	1 KB
2	pubmatic.com hbopenbid.pubmatic.com — Cisco Umbrella Rank: 518	166 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 100 graph.facebook.com — Cisco Umbrella Rank: 130	901 B
2	pubwise.io 1 redirects sync.pubwise.io — Cisco Umbrella Rank: 8124	342 B
2	adpartner.pro 1 redirects a4p.adpartner.pro — Cisco Umbrella Rank: 8094	509 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 155	88 KB
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 541	616 B
1	webgains.team cdn.track.production.webgains.team	85 KB
1	webgains.com track.webgains.com — Cisco Umbrella Rank: 41780	2 KB
1	conrad.de www.conrad.de — Cisco Umbrella Rank: 46722	1 KB
1	zenaps.com 1 redirects www.zenaps.com — Cisco Umbrella Rank: 18179	696 B
1	congstar.de banner.congstar.de — Cisco Umbrella Rank: 74614	518 B
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 289	17 KB
1	teads.tv sync.teads.tv — Cisco Umbrella Rank: 921	172 B
1	smartadserver.com ssbsync.smartadserver.com — Cisco Umbrella Rank: 924	75 B
1	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 704	442 B
1	a-mo.net prebid.a-mo.net — Cisco Umbrella Rank: 1237	31 KB
1	openx.net adtelligent-d.openx.net — Cisco Umbrella Rank: 26346	582 B
1	omnitagjs.com hb-api.omnitagjs.com — Cisco Umbrella Rank: 4534	524 B
1	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 238	1 KB
1	adnuntius.delivery ads.adnuntius.delivery — Cisco Umbrella Rank: 39791	2 KB
1	creativecdn.com prebid-eu.creativecdn.com — Cisco Umbrella Rank: 5951	171 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 862	641 B
325	53

	Domain	Requested by
40	images.1plus1.ua	1plus1.ua
20	images.1plus1.video	1plus1.ua
19	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com securepubads.g.doubleclick.net
14	api.1plus1.video	1plus1.ua api.1plus1.video 1plus1.video client imasdk.googleapis.com
14	pagead2.googlesyndication.com	1plus1.ua pagead2.googlesyndication.com tpc.googlesyndication.com c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com www.googletagservices.com
11	cm.g.doubleclick.net	1 redirects c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com
10	www.google.com	2 redirects api.1plus1.video 1plus1.ua tpc.googlesyndication.com securepubads.g.doubleclick.net c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com
10	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net 1plus1.ua c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com
10	gaua.hit.gemius.pl	1 redirects 1plus1.ua gaua.hit.gemius.pl 1plus1.video
10	1plus1.ua	1 redirects 1plus1.ua
9	1plus1.video	1plus1.ua 1plus1.video
8	fastlane.rubiconproject.com	player.adtelligent.com
6	assets.ad4m.at	as.ad4m.at
6	www.gstatic.com	www.google.com c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com
6	fonts.googleapis.com	api.1plus1.video c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com
6	googleads.g.doubleclick.net	pagead2.googlesyndication.com c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com
5	ghb.adtelligent.com	player.adtelligent.com
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
5	www.googletagservices.com	1plus1.ua c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com securepubads.g.doubleclick.net
5	www.googletagmanager.com	1plus1.ua 1plus1.video
4	gum.criteo.com	2 redirects static.criteo.net
4	ad4m.at	as.ad4m.at ad4m.at
4	x.bidswitch.net	4 redirects
4	as.ad4m.at	c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com as.ad4m.at ad4m.at
4	fonts.gstatic.com	fonts.googleapis.com
4	c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net imasdk.googleapis.com
4	pa.tns-ua.com	1plus1.ua source.mmi.bemobile.ua pa.tns-ua.com
4	cdn.admixer.net	1plus1.ua cdn.admixer.net
4	player.adtelligent.com	1plus1.ua player.adtelligent.com
3	mug.criteo.com
3	match.adsrvr.org	c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com
3	onetag-sys.com	1 redirects player.adtelligent.com
3	sslpagestat.mmi.bemobile.ua	source.mmi.bemobile.ua
3	adservice.google.de	pagead2.googlesyndication.com securepubads.g.doubleclick.net
2	api.webgains.io	analytics.webgains.io
2	www.awin1.com	2 redirects
2	ad.doubleclick.net	2 redirects
2	static.criteo.net	player.adtelligent.com static.criteo.net
2	gcm.ctnsnet.com	2 redirects
2	ups.analytics.yahoo.com	2 redirects
2	match.360yield.com	2 redirects
2	imasdk.googleapis.com	1plus1.video imasdk.googleapis.com
2	pbjs.e-planning.net	1 redirects 1plus1.ua
2	hbopenbid.pubmatic.com	player.adtelligent.com
2	bidder.criteo.com	player.adtelligent.com
2	sync.pubwise.io	1 redirects 1plus1.ua
2	a4p.adpartner.pro	1 redirects player.adtelligent.com
2	ls.hit.gemius.pl	gaua.hit.gemius.pl
2	connect.facebook.net	1plus1.ua connect.facebook.net
2	assay.1plus1.ua	1plus1.ua
1	id5-sync.com	player.adtelligent.com
1	graph.facebook.com	1plus1.ua
1	cdn.track.production.webgains.team	as.ad4m.at
1	analytics.webgains.io	track.webgains.com
1	track.webgains.com	as.ad4m.at
1	www.conrad.de	as.ad4m.at
1	www.zenaps.com	1 redirects
1	banner.congstar.de	as.ad4m.at
1	static-de.ad4mat.net	as.ad4m.at
1	s0.2mdn.net	imasdk.googleapis.com
1	pix.eu.criteo.net	c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com
1	rtb.nl.eu.criteo.com	c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com
1	cat.nl.eu.criteo.com	c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com
1	prod-rtb.ad4mat.net	1plus1.ua
1	sync.teads.tv	c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com
1	ssbsync.smartadserver.com	c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com
1	s.ad.smaato.net	1 redirects
1	prebid.a-mo.net	player.adtelligent.com
1	adtelligent-d.openx.net	player.adtelligent.com
1	inv-nets.admixer.net	player.adtelligent.com
1	hb-api.omnitagjs.com	player.adtelligent.com
1	ib.adnxs.com	player.adtelligent.com
1	ads.adnuntius.delivery	player.adtelligent.com
1	ghb1.adtelligent.com	player.adtelligent.com
1	prebid-eu.creativecdn.com	player.adtelligent.com
1	www.google.de	1plus1.ua
1	www.facebook.com	1plus1.ua
1	stats.g.doubleclick.net	www.google-analytics.com
1	sync.adtelligent.com	1plus1.ua
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	source.mmi.bemobile.ua	1plus1.ua
1	static.hotjar.com	1plus1.ua
325	85

This site contains links to these domains. Also see Links.

Domain
1plus1.video
www.facebook.com
t.me
instagram.com
poshuk.1plus1.ua
dovgadoba.1plus1.ua
images.1plus1.ua
tsn.ua
plus-plus.tv
2plus2.ua
tet.tv
1plus1.international
bigudi.tv
www.unian.net
paramountcomedy.com.ua
tv.kyivstar.ua
media.1plus1.ua
sales.1plus1.digital

Subject Issuer	Validity	Valid
1plus1.ua R3	`2022-07-12` - `2022-10-10`	3 months	crt.sh
*.1plus1.video Go Daddy Secure Certificate Authority - G2	`2022-07-13` - `2023-08-14`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
images.1plus1.ua R3	`2022-08-15` - `2022-11-13`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
player.adtelligent.com R3	`2022-07-19` - `2022-10-17`	3 months	crt.sh
assay.1plus1.ua R3	`2022-07-10` - `2022-10-08`	3 months	crt.sh
*.admixer.net Sectigo RSA Domain Validation Secure Server CA	`2022-06-08` - `2023-06-21`	a year	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
*.hit.gemius.pl Sectigo ECC Domain Validation Secure Server CA	`2021-09-08` - `2022-09-25`	a year	crt.sh
*.mmi.bemobile.ua Sectigo RSA Domain Validation Secure Server CA	`2022-01-14` - `2023-02-03`	a year	crt.sh
juke.mmi.tns-ua.com R3	`2022-07-19` - `2022-10-17`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-05-25` - `2022-08-23`	3 months	crt.sh
ghb.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2022-08-05` - `2022-11-03`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-10` - `2023-01-03`	a year	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-17` - `2023-04-12`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-15` - `2022-09-18`	3 months	crt.sh
ghb1.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2022-08-08` - `2022-11-06`	3 months	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-30` - `2023-05-30`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-21` - `2023-07-21`	a year	crt.sh
adpartner.pro R3	`2022-06-14` - `2022-09-12`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.a-mo.net R3	`2022-07-04` - `2022-10-02`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
teads.tv R3	`2022-06-01` - `2022-08-30`	3 months	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2022-06-18` - `2022-09-16`	3 months	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-08-02` - `2022-11-01`	3 months	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-12` - `2022-09-12`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-21` - `2022-09-23`	3 months	crt.sh
*.webgains.com Amazon	`2022-06-14` - `2023-07-13`	a year	crt.sh
*.webgains.io Amazon	`2022-02-10` - `2023-03-11`	a year	crt.sh
cdn.track.production.webgains.team Amazon	`2022-08-08` - `2023-09-06`	a year	crt.sh
*.id5-sync.com R3	`2022-05-31` - `2022-08-29`	3 months	crt.sh

This page contains 29 frames:

Primary Page: https://1plus1.ua/
Frame ID: E1A95ABB331366C77AF605E128DA5211
Requests: 152 HTTP requests in this frame

Frame: https://1plus1.video/video/embed/E2fzXbha?autoplay=0&l=ua
Frame ID: 0AA3791B0AF7D65697BB8DE93D35A191
Requests: 66 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/48427/c.html?b=48427
Frame ID: 750A8DCAD7B32EDBB3E52B2F9E41236A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220811/r20190131/zrt_lookup.html
Frame ID: 76BF3601FA9EC423E4F40FF6C92E199D
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-1ada912494ba7fc7aca15fcef1c2a7ae.html
Frame ID: E21B9662B8D85C6B3AE20887F59195DF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9111367348737651&output=html&adk=1812271804&adf=3025194257&lmt=1660616495&plat=1%3A16777216%2C2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2F1plus1.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660616495739&bpp=5&bdt=701&idt=175&shv=r20220811&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3782523039314&frm=20&pv=2&ga_vid=1451509079.1660616496&ga_sid=1660616496&ga_hid=1339046466&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760911%2C31060048%2C31064019&oid=2&pvsid=1079456314554186&tmod=1500385511&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=191
Frame ID: B7F4F444AA2302347946CD84EDA76A03
Requests: 1 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: 48D4FFDFA26242DB0F192300075DFB42
Requests: 1 HTTP requests in this frame

Frame: https://pa.tns-ua.com/viewability/cm.html
Frame ID: 1571AE7A6B0FA75279EEE2E0BC4430DB
Requests: 1 HTTP requests in this frame

Frame: https://c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 534E6DC15C84A27B301F90974F194247
Requests: 1 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: 00BDBD8EF4BA14F22A6A3597FB273040
Requests: 1 HTTP requests in this frame

Frame: https://c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: B3744F467E6D981ECD51586810A0E2F4
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3CB11D5F9A2E8BAE0C0F6C900287AF57
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FF069B6307350C5717E3A64C4CB0D78F
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: E3D8893FD53D32923234C5AC1A1A0248
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 42C02A2CB22F3B0DC73D932ED13C9AA5
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: CAC7A9A145623A2F126DF198A9FDDCD9
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/lIG_-rjQweUtsPTJkqViasoL1XPo6OtXzg5InKx-NMQ.js
Frame ID: 8C541B9CAD29D62A1C97BCC2E8BD5412
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjste8HRKR9wvYjIN0qfC9Yf-vgPrSpnpGSm7rDpqMwmiK7vCTfrztOoPl61xL_MWtn6CxHMMNRBPphlA9qopalGQ_TbXHt2_hX3ySndHYtvAHzHdOR7qzcaXurWDWnobKOtoR9t2jS5MPMZ7AaByC3LFBPesKWUjI3DDfI9n1XY2LBowYPNbiuN8d__XiAtm-R1REl_gKLlGIP_3lXwjIBknZboZQJ9hp0_lCckkF8GWzFg4YnMPvtPLzSNgXHYj4TdkbM4fdh3jf8WG3PyH7fC6QWvFIDvGSy3j0Jmvn45ipTingCK7Yf9JqFs7QKrEEe7PuCBSKa2yt-6HnF9UecW2&sai=AMfl-YTFHTRveE2i_vfqUY6eZGXzHJRmbebM0i_5jcgm_-2MsDVTUe8IYwg8L-gbQtISpJYlItVy7ewGzE51dsLnmOnw8atL7fn9jkwY7S7IUPnT4LMA341R52K8-D-4YA&sig=Cg0ArKJSzBlliCCpwwHgEAE&uach_m=[UACH]&adurl=
Frame ID: C43C793435051EF7BA1714198510B219
Requests: 8 HTTP requests in this frame

Frame: https://c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2C3DD5582491542BF7D5E7E3AE18ADBF
Requests: 17 HTTP requests in this frame

Frame: https://c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 9C12EB4A81AD701DBF5DC54282489657
Requests: 10 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1jpq0rctmt21sfjngmr1ens49ehe4z4at5v0mteg5egdpw2a92qm68hn7gje1m2jmbms4e7txceqhrv9p34f7nr87fjavvh53qn2dw0emxs142q7jmnkcn114sp0bb7t08padh2kbe2e81p21cb1fp1z1cpnradyedg35vcgw1jyxmr9fjtq8n8gsgh0274p5p1wnysm64305ap0d0d4qd9chkrx38cc2e2a8nvmdfc2bp7shtda1ctwr1wc1kk9tyvhg81cmtdsf15r5w78yrf3sqwm8an7x84m1b4tvnmpaja6xc75sn27z9ftzvv9k2m64x2rxbtzh5m8638mktpa6bffhgpj2r9328sskwz5885bqkfxr5xt05kv3tqrmdkvgmy57sgvh90bmztbpdbdr3k6s8t008&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGJImMf_6Yv7VHqGxgAeizKfYDJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTEzODI0NzY1Mzc1NDUzM6ABwq7o3QPIAQmpAierLxeVDLE-4AIAqAMBqgTnAU_Q-awj9pOw75K8Wi6bdktPnFaRfL4DMg5vz7vYK8oOEjQZcM2eczUzqK5FtOcABQRR0DaOefhPerk8R1r_Q8hRA_YZ1xl5CgioiMdwpRY0L_mIdov1sfvRC_S_4HkJTyjZyCUEIPiG1qiIHaXg6qvpE7cTTxBjMZZ2FjmV81wReBv7Gn8cUMDz_zFtrpfSDBY4legEn0Z5h_Z38y3Cqb7v9-NO5W9BY01qFavZu7dn0K_4tQMxcdVG5Dx5b1lv7SDO411PECqfJh0LZAhfPy7JC1u1nSu5JQXxSI6yc3vrcMikUIo5VuAEAYAG8bq-wcyDn7X8AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1bHM4yyd5pS3PlUdDrVm25QvEERg%26client%3Dca-pub-9138247653754533%26adurl%3D
Frame ID: D816CD82B1071FB9E910443E78DE7122
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9E8C73BE47566496DF6167BE759975CE
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: C3EEA608B4E2457945DF578CB19426DC
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 98F81A4170098D730AD67335D7CD5C07
Requests: 5 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: 597866862B82366785E1FDE70713A392
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.525.0_uk.html
Frame ID: B7DAB994B3A12B437F4D9D075D109E6E
Requests: 2 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 69B0E9487700D105E85C65D223BF7B9E
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=196439%2C24673%2C14019&b=JBeszf5f3drKCBH6H7tptrjQtxSgTbWguX%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=GjeTBfpfXwxkcKHeHGtBC31dHZSYTeA9tE%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=300&d=250&e=&g=a2e3c3a4cd7ec8a80151cbd2bdaf6f68%2F5127987868298825557&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1660616498811&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h7pm4n6aknyf46tfmghqmnpbybyvcq98kynj1tcv8gj6ckkc44na3qvcg2kascf7ynd3n4cjq02w69p9d23x26wshdm5gchp3pwnn04k6bvfcdvpt211kvbkrxkh5py8ekf7x7a77gganjz490b5e8tra0grgwqqqxct8wp9h2g52t4mrzvbsyrrq48bvxcm5xk8cmewyqhkstfq5sxc14ser6nyk186vg2bcb32pst961x8a2jzyk1cjte21scbkrwnwgvyngt8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCGJImMf_6Yv7VHqGxgAeizKfYDJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTEzODI0NzY1Mzc1NDUzM6ABwq7o3QPIAQmpAierLxeVDLE-4AIAqAMBqgTnAU_Q-awj9pOw75K8Wi6bdktPnFaRfL4DMg5vz7vYK8oOEjQZcM2eczUzqK5FtOcABQRR0DaOefhPerk8R1r_Q8hRA_YZ1xl5CgioiMdwpRY0L_mIdov1sfvRC_S_4HkJTyjZyCUEIPiG1qiIHaXg6qvpE7cTTxBjMZZ2FjmV81wReBv7Gn8cUMDz_zFtrpfSDBY4legEn0Z5h_Z38y3Cqb7v9-NO5W9BY01qFavZu7dn0K_4tQMxcdVG5Dx5b1lv7SDO411PECqfJh0LZAhfPy7JC1u1nSu5JQXxSI6yc3vrcMikUIo5VuAEAYAG8bq-wcyDn7X8AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1bHM4yyd5pS3PlUdDrVm25QvEERg%2526client%253Dca-pub-9138247653754533%2526adurl%253D&y=1&s=&z=0
Frame ID: EC651E0A592036045F27A2401892C241
Requests: 14 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=1plus1.ua
Frame ID: 83177935092D76958BACDB3903CDFF95
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Офіційний сайт каналу 1+1Kyivstar

Page URL History Show full URLs

http://1plus1.ua/ HTTP 301
https://1plus1.ua/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Gemius (Analytics) Expand

Overall confidence: 100%
Detected patterns

hit\.gemius\.pl/xgemius\.js
hit\.gemius\.pl
xgemius\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Matomo Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

piwik\.js|piwik\.php

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

325
Requests

91 %
HTTPS

41 %
IPv6

53
Domains

85
Subdomains

72
IPs

11
Countries

8883 kB
Transfer

16003 kB
Size

66
Cookies

28 Outgoing links

These are links going to different origins than the main page.

URL: https://1plus1.video/
Title: Відео

Search URL Search Domain Scan URL

URL: https://www.facebook.com/1plus1.ua/

Search URL Search Domain Scan URL

URL: https://t.me/OnePlusOneChannel

Search URL Search Domain Scan URL

URL: https://instagram.com/1plus1_ua?utm_medium=copy_link

Search URL Search Domain Scan URL

URL: https://poshuk.1plus1.ua/
Title: Знайти своїх

Search URL Search Domain Scan URL

URL: https://dovgadoba.1plus1.ua/
Title: Довга доба

Search URL Search Domain Scan URL

URL: https://1plus1.video/tancy-so-zvezdami/
Title: Всі відео

Search URL Search Domain Scan URL

URL: https://1plus1.video/golos-strany/12-sezon
Title: Голос країни 12 сезон 5 випуск. Вибір наосліп 12 сезон 5 випуск

Search URL Search Domain Scan URL

URL: https://images.1plus1.ua/uploads/gallery/000/861/427/52e43f15d2888e2bea1a412d1f3df3f4.jpg?v=1645557776

Search URL Search Domain Scan URL

URL: https://images.1plus1.ua/uploads/gallery/000/860/641/337329a5e3fec02712e8d60b21e1412b.jpg?v=1645529997

Search URL Search Domain Scan URL

URL: https://images.1plus1.ua/uploads/gallery/000/860/650/f151616dfa4225a5765c58f2fe77ae18.jpg?v=1645530032

Search URL Search Domain Scan URL

URL: https://images.1plus1.ua/uploads/gallery/000/860/659/b179b1a345011da2f620df40a3fba89a.jpg?v=1645530060

Search URL Search Domain Scan URL

URL: https://images.1plus1.ua/uploads/gallery/000/860/668/6476cab202c46a67552db7f8e6293399.jpg?v=1645530090

Search URL Search Domain Scan URL

URL: https://images.1plus1.ua/uploads/gallery/000/862/984/83ff7b55149114842e5483a7bee20364.jpg?v=1645633328

Search URL Search Domain Scan URL

URL: https://1plus1.video/video/embed/E2fzXbha?l=ua
Title: Стародавні традиції гуцулів-сироварів та секрети виробництва карпатських твердих сирів

Search URL Search Domain Scan URL

URL: https://tsn.ua/

Search URL Search Domain Scan URL

URL: https://plus-plus.tv/

Search URL Search Domain Scan URL

URL: https://2plus2.ua/

Search URL Search Domain Scan URL

URL: https://tet.tv/

Search URL Search Domain Scan URL

URL: https://1plus1.international/

Search URL Search Domain Scan URL

URL: https://bigudi.tv/

Search URL Search Domain Scan URL

URL: https://www.unian.net/

Search URL Search Domain Scan URL

URL: https://paramountcomedy.com.ua/

Search URL Search Domain Scan URL

URL: https://tv.kyivstar.ua/
Title: Kyivstar

Search URL Search Domain Scan URL

URL: https://media.1plus1.ua/ua/media/channels/1plus1
Title: ПРО КАНАЛ

Search URL Search Domain Scan URL

URL: https://sales.1plus1.digital/
Title: РЕКЛАМА

Search URL Search Domain Scan URL

URL: https://media.1plus1.ua/ua/media/channels/problems
Title: ПРОБЛЕМИ З ПРИЙОМОМ КАНАЛУ 1+1

Search URL Search Domain Scan URL

URL: https://media.1plus1.ua/ua/hr
Title: КАР’ЄРА

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://1plus1.ua/ HTTP 301
https://1plus1.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 99

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=bb097895-9d49-4d58-97fc-d812cf2fc971

Request Chain 100

https://sync.pubwise.io/usersync/adtellsspban/%7Buid%7D HTTP 302
https://sync.pubwise.io/usersync/adtellsspban/%7Buid%7D?zcc=1

Request Chain 109

https://gaua.hit.gemius.pl/_1660616496271/rexdot.js?l=100&id=AjrqKCOxP8PKBji0fzFPYcU1XmENAbtLwaFZEcN9oWn.27&et=view&hsrc=1&initsonar=1&extra=&inner=_ver%3D328&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2F1plus1.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=8S4QrwvH82e2IO0WEL4rec6Svlm_mD5YFIA4R1w6Nqf.A7H.TSnN9mMQCEggvY3N8V9NZYVr911FAe9HCJSWxmKOHsdv/Vld9MzOxb_A0s/&ltime=270&fpdata=-TURNEDOFF HTTP 301
https://gaua.hit.gemius.pl/__/_1660616496271/rexdot.js?l=100&id=AjrqKCOxP8PKBji0fzFPYcU1XmENAbtLwaFZEcN9oWn.27&et=view&hsrc=1&initsonar=1&extra=&inner=_ver%3D328&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2F1plus1.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=8S4QrwvH82e2IO0WEL4rec6Svlm_mD5YFIA4R1w6Nqf.A7H.TSnN9mMQCEggvY3N8V9NZYVr911FAe9HCJSWxmKOHsdv/Vld9MzOxb_A0s/&ltime=270&fpdata=-TURNEDOFF

Request Chain 152

https://pbjs.e-planning.net/pbjs/1/2e43c/1/1plus1.ua/ROS?rnd=0.3236481053714162&e=300x250_0%3A300x250%2B300x250_1%3A300x250%2C300x600%2B300x250_2%3A300x250%2C300x600%2B970x250_0%3A970x250%2C750x250%2B1440x180_0%3A1440x180&ur=https%3A%2F%2F1plus1.ua%2F&pbv=6.25.1-c&ncb=1&vs=FFFFF&crs=UTF-8&fr=https%3A%2F%2F1plus1.ua%2F&gdpr=0&e_pubcid=e3a50f3c-c85a-46f9-8b84-2b684c202fd4 HTTP 302
https://pbjs.e-planning.net/hb/1/2e43c/1/1plus1.ua/ROS?ct=1&r=pbjs&rnd=0.3236481053714162&e=300x250_0%3A300x250%2B300x250_1%3A300x250%2C300x600%2B300x250_2%3A300x250%2C300x600%2B970x250_0%3A970x250%2C750x250%2B1440x180_0%3A1440x180&ur=https%3A%2F%2F1plus1.ua%2F&pbv=6.25.1-c&ncb=1&vs=FFFFF&crs=UTF-8&fr=https%3A%2F%2F1plus1.ua%2F&gdpr=0&e_pubcid=e3a50f3c-c85a-46f9-8b84-2b684c202fd4

Request Chain 213

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEO9HEr4SnkoPeYr6QF1dh-k&google_cver=1&google_push=AehlK4A3RSqGwE4F0M66OU9v6xB9TjUhuN_12u56jdaDlvH2KTtw-DyZi-Noh5VT9CX_IWaMtaRxGNUU3QBZcUB6_PdyJJD0lDb74A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AehlK4A3RSqGwE4F0M66OU9v6xB9TjUhuN_12u56jdaDlvH2KTtw-DyZi-Noh5VT9CX_IWaMtaRxGNUU3QBZcUB6_PdyJJD0lDb74A

Request Chain 214

https://match.360yield.com/match/ebda?google_gid=CAESEIcZCJux_Putygb8xN5VY6A&google_cver=1&google_push=AehlK4BcZLx-yYioY0Bbd603AmWO5lYvfNTNb5ij5luKvFVPtjCN5Em9ir9y3G6lBSBl6sS0gWZwOFtPvpuNUL3znsA_ZqZVkj-xIA HTTP 302
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEIcZCJux_Putygb8xN5VY6A&google_cver=1&google_push=AehlK4BcZLx-yYioY0Bbd603AmWO5lYvfNTNb5ij5luKvFVPtjCN5Em9ir9y3G6lBSBl6sS0gWZwOFtPvpuNUL3znsA_ZqZVkj-xIA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=OdNIYvLtQTe41ZoH7Ggj-g&google_push=AehlK4BcZLx-yYioY0Bbd603AmWO5lYvfNTNb5ij5luKvFVPtjCN5Em9ir9y3G6lBSBl6sS0gWZwOFtPvpuNUL3znsA_ZqZVkj-xIA

Request Chain 216

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEGxDxc12Ew1c3mZe4kJQz4c&google_cver=1&google_push=AehlK4DPjjey8nVPn7nox1MPPSx-9GIxisb-bOoorrBNOpRl_d9bOwLH13EoP-OlEAXhsq-w2n0qwpI-dhYF7SyEVW7Wi9SRD9doCi0 HTTP 302
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEGxDxc12Ew1c3mZe4kJQz4c&google_cver=1&google_push=AehlK4DPjjey8nVPn7nox1MPPSx-9GIxisb-bOoorrBNOpRl_d9bOwLH13EoP-OlEAXhsq-w2n0qwpI-dhYF7SyEVW7Wi9SRD9doCi0&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS00aVlCYUxsRTJ1SHpkRndLcEVXWHMuV2RuSnc1RnU0V35B&google_push=AehlK4DPjjey8nVPn7nox1MPPSx-9GIxisb-bOoorrBNOpRl_d9bOwLH13EoP-OlEAXhsq-w2n0qwpI-dhYF7SyEVW7Wi9SRD9doCi0

Request Chain 217

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEOQxhdkIUNheaAaweVaP9wk&google_cver=1&google_push=AehlK4DBDR8R-oLeBNyu-2JMo4tztkgSuuiawVoFdeXPKmU-WfXL_dAuZEBUGYwZW2l1vyTM1ZS0dvHU0_VuZJZ5vFxoXmF7kofnckw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AehlK4DBDR8R-oLeBNyu-2JMo4tztkgSuuiawVoFdeXPKmU-WfXL_dAuZEBUGYwZW2l1vyTM1ZS0dvHU0_VuZJZ5vFxoXmF7kofnckw HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 221

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 267

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEDYp1JdnHN6kKE0iABEiZ74&google_cver=1&google_push=AehlK4DtfLqVf_6QyEjXDTF_4HXPh865mLmaoeScZq7-bLhJWJY_G14pdFD2x8ftZncck-F2Wx3cNC0mWmUSYE6ZJaDONaONV-_Mug HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AehlK4DtfLqVf_6QyEjXDTF_4HXPh865mLmaoeScZq7-bLhJWJY_G14pdFD2x8ftZncck-F2Wx3cNC0mWmUSYE6ZJaDONaONV-_Mug&google_hm=Ax07d69UQCSRo9mXVRjediw

Request Chain 268

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEF-6rCpYMQssXCp0DEQyZqo&google_cver=1&google_push=AehlK4A_pPHf5hFGn7Onu5PgoGeptFx15ZeAH8tbg2KKWJcKlPE8uJG7PEIDvv8XQyKybN7dCqAg_5u3rBPjnDpJ3mgQHLqK9T6E0A HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEF-6rCpYMQssXCp0DEQyZqo&google_cver=1&google_push=AehlK4A_pPHf5hFGn7Onu5PgoGeptFx15ZeAH8tbg2KKWJcKlPE8uJG7PEIDvv8XQyKybN7dCqAg_5u3rBPjnDpJ3mgQHLqK9T6E0A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AehlK4A_pPHf5hFGn7Onu5PgoGeptFx15ZeAH8tbg2KKWJcKlPE8uJG7PEIDvv8XQyKybN7dCqAg_5u3rBPjnDpJ3mgQHLqK9T6E0A&google_hm=2_U06uTRRwy1_leSjjzTYQ==

Request Chain 275

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 277

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEDYp1JdnHN6kKE0iABEiZ74&google_cver=1&google_push=AehlK4BaEOLGDTq7czGJkNxXU3uCJEM5tSlxFM-KuwVroyNsrzQfT7DTcTsSq7xmS-5e83FQDYAgZveAuDSkrCjLf0oe29Ct6g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AehlK4BaEOLGDTq7czGJkNxXU3uCJEM5tSlxFM-KuwVroyNsrzQfT7DTcTsSq7xmS-5e83FQDYAgZveAuDSkrCjLf0oe29Ct6g&google_hm=yh4BCtLvSfCaNW0n5avGbSw

Request Chain 278

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEF-6rCpYMQssXCp0DEQyZqo&google_cver=1&google_push=AehlK4A8vGM-h8cQnJ8EQPY5cnItaHJ-k0Mz_qL4maIl1o08W0VVqiQJ-JLlHdNmri_E8Lc5ZQ1jsx44DBk6vKU8PW9d5tdURjg HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEF-6rCpYMQssXCp0DEQyZqo&google_cver=1&google_push=AehlK4A8vGM-h8cQnJ8EQPY5cnItaHJ-k0Mz_qL4maIl1o08W0VVqiQJ-JLlHdNmri_E8Lc5ZQ1jsx44DBk6vKU8PW9d5tdURjg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AehlK4A8vGM-h8cQnJ8EQPY5cnItaHJ-k0Mz_qL4maIl1o08W0VVqiQJ-JLlHdNmri_E8Lc5ZQ1jsx44DBk6vKU8PW9d5tdURjg&google_hm=42IFOW2bTvmT_mJFpFUiMQ==

Request Chain 307

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=%3Fhttps%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=pv_oneidJBeszf5f3drKCBH6H7tptrjQtxSgTbWguXoneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CLeQpcSmyvkCFZHwuwgdq_cEEg;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=%3Fhttps%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=pv_oneidJBeszf5f3drKCBH6H7tptrjQtxSgTbWguXoneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=pv_oneidJBeszf5f3drKCBH6H7tptrjQtxSgTbWguXoneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1660616499_2904eae0-1d0a-11ed-a34d-22350b028903

Request Chain 312

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7oneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.zenaps.com/cshow.php?pvr=28e5ca20-1d0a-11ed-a34d-22350b028903&v=11354&r=412871&q=377129&s=2470185&viewref3=oneidRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7oneid__dc_reach_suite02wkz&pv=1&gdpr=0&gdpr_consent= HTTP 302
https://www.conrad.de/ztpv.php?awc=11354_412871_1660616499_28e5ca20-1d0a-11ed-a34d-22350b028903&insert=AW&&gdpr=0&gdpr_consent=

Request Chain 318

https://gum.criteo.com/sid/json?origin=publishertag&domain=1plus1.ua&sn=ChromeSyncframe&so=0&topUrl=1plus1.ua&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=Zmay6HxleGpjQjlTSG5PS2ZwS0lkUlE2ZHIwZTRqeWRVemRMeDlqcTU2WCtTOElabFBGaVF3b1VKUlpBYlBhTmE1c0VxNHFESm1qR0NJZTlLK3UyS0dNbG5ZQUZid081eXhNSnNUQ1V1anZlb0IrSzF1UWZ3dTNOOFZhOG9nSHVIamlEa3ZXYVhzaTNoOHRXTEVBMCt0LzU1TmMxVXhkYmtjWmdHNkplNXlOUEJHNXZwN2swMTdMRTVvMGVDamdZdlZQdkRUMDlwb0FHZ1NYaDZOdXdxTksxTGhvMGFkSW5TaytNQnUvSm1JVXVxTFRRSzJZNVJOTVEyQWYrWVR3SnBSYWJwMXkrYVVDU3lYWjZqajFMZWFCQ3MrUT09fA&cppv=2

Request Chain 325

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2F1plus1.ua%2F&domain=1plus1.ua&cw=1&pbt=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=EWNMhXxucERmUGZFMlprYWJ6dmh2N0hrZDRQbTZHZ1dwNU9mT05hNmlsMXFKSVgrZ29CTWRYTlVSaTZQZmMyNDZNTnE4bUtWc1VEUVhJeDFPUDNZWnMyQ2tRTkc1NjBIOG8ybGNmdnV1U0ZOM2J1Y3dGQnFwNys0NW03bExUNTdqQS9jazBIOWtzTmVaVzQvd3RDMnFiRUhFZkxQMFQ0a1c5aDlhNllUTE1UaHRQbnZweXlYQVBLdWlLTEo5anZobVJvZ2t4bUIzMnkzY3BybzVPaVdBalVJWEFuTVM4aHZxWEhnSUU1c241SHRsNmI3REx5L2J6UkVhMXQxOWluVnhiK0NZZWwyaE9TOVkwMlhVQURLL2pON1dRQT09fA&cppv=2

325 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
1plus1.ua/
Redirect Chain

http://1plus1.ua/
https://1plus1.ua/

270 KB
68 KB

412ms
161ms

Document
text/html

195.137.240.80
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://1plus1.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.80 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front02.1plus1.ua
Software: nginx /
Resource Hash: c7c271659388528625f91e9dee25d58198b53c57c451ec10140ed28396ae4019

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Cache-Control: no-cache, private
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Tue, 16 Aug 2022 02:21:34 GMT
Keep-Alive: timeout=15
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

Redirect headers

Connection: keep-alive
Content-Length: 178
Content-Type: text/html
Date: Tue, 16 Aug 2022 02:21:34 GMT
Keep-Alive: timeout=15
Location: https://1plus1.ua/
Server: nginx

GET
H/1.1 200
OK desktop.css
1plus1.ua/build/css/ 136 KB
33 KB 159ms
83ms Stylesheet
text/css 195.137.240.80
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://1plus1.ua/build/css/desktop.css?id=c39a6fec71f6f36b6aef
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.80 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front02.1plus1.ua
Software: nginx /
Resource Hash: 2b7f68582252a22f529528a5bcd334c5d727a7e972d2808677aaee4a4ba20259

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 16 Aug 2022 02:21:35 GMT
Content-Encoding: gzip
Last-Modified: Mon, 27 Jun 2022 13:34:00 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Tue, 23 Aug 2022 02:21:35 GMT

GET
H/1.1 200
OK api.0.3.0.js Show response
1plus1.video/static/player/js/ 7 KB
3 KB 347ms
80ms Script
application/javascript 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://1plus1.video/static/player/js/api.0.3.0.js
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: a5af34b74868f58da2483e0ad87af7bfb087d4fc23ee86139a4fba443bb66e5f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 16 Aug 2022 02:21:35 GMT
Content-Encoding: gzip
Last-Modified: Thu, 27 Jun 2019 14:17:47 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Thu, 15 Sep 2022 02:21:31 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 170 KB
57 KB 251ms
94ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8594cb2dc9610a76971289bc99a642ef0c8b4fb4746e8c2f65c8f3db5082f3ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57467
x-xss-protection: 0
server: cafe
etag: 14218955286494703992
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 16 Aug 2022 02:21:35 GMT

GET
H2 200 eb8f67df47745bdbff7555ffdd16aaa5_1050x960.jpg
images.1plus1.ua/uploads/articles/001/066/183/ 105 KB
106 KB 922ms
657ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/066/183/eb8f67df47745bdbff7555ffdd16aaa5_1050x960.jpg?v=1660287848
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 0a3a92c5307798ca9d5ae76a1db018bbffa8cab6a672c82fde508c7c9536c46a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:35 GMT
last-modified: Fri, 12 Aug 2022 07:05:21 GMT
server: nginx
etag: "e7104427eec24d154eec48e26946292f"
content-type: image/jpeg
cache-control: max-age=315360000
content-length: 107837
accept-ranges: bytes
x-1p1-cdn: MISS; Tue, 16 Aug 2022 02:21:35 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 a28986ebd9efe66d30e6196ccacb4816_1050x960.jpeg
images.1plus1.ua/uploads/articles/001/043/788/ 69 KB
69 KB 430ms
165ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/043/788/a28986ebd9efe66d30e6196ccacb4816_1050x960.jpeg?v=1658391777
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: db594b4f38b5bd46f7a1eebe2eac37f61ed967b5ecd61dcd1ad08e71dfa221fc

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:35 GMT
last-modified: Thu, 21 Jul 2022 08:22:59 GMT
server: nginx
etag: "dcc0de00a8fb746e77b954b1d75cfb2c"
content-type: image/jpeg
cache-control: max-age=315360000
content-length: 70346
accept-ranges: bytes
x-1p1-cdn: MISS; Tue, 16 Aug 2022 02:21:35 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 98df8a264a2de546927ab866752d7016_1050x960.jpg
images.1plus1.ua/uploads/articles/001/052/815/ 121 KB
122 KB 671ms
406ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/052/815/98df8a264a2de546927ab866752d7016_1050x960.jpg?v=1659029187
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 5c0c70dc847c4285694bb65e01b295c435620a4c9fef463cf5504ee40d25c821

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:35 GMT
last-modified: Thu, 28 Jul 2022 17:26:27 GMT
server: nginx
etag: "8ed6a76c48e8184dfd872da072e7521d"
content-type: image/jpeg
cache-control: max-age=315360000
content-length: 124198
accept-ranges: bytes
x-1p1-cdn: MISS; Tue, 16 Aug 2022 02:21:35 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 a20644fde4048b2e34739e74bacc9c33_1050x960.png
images.1plus1.ua/uploads/articles/001/050/769/ 1 MB
1 MB 926ms
661ms Image
image/png 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/050/769/a20644fde4048b2e34739e74bacc9c33_1050x960.png?v=1658919030
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 7fa72974d5786f991bf53f9bab1a40a1cbfa90dbcab60743c1fbf31850d0dc70

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:35 GMT
last-modified: Wed, 27 Jul 2022 10:50:31 GMT
server: nginx
etag: "ecbd415734ed57872df0b88feeac4c38"
content-type: image/png
cache-control: max-age=315360000
content-length: 1222682
accept-ranges: bytes
x-1p1-cdn: MISS; Tue, 16 Aug 2022 02:21:35 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 40830a9c2b9549eaf746b9c565a000c7_210x150.jpg
images.1plus1.ua/uploads/articles/001/069/165/ 6 KB
6 KB 668ms
403ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/069/165/40830a9c2b9549eaf746b9c565a000c7_210x150.jpg?v=1660553618
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 4f7fe4a04340c47cf1fa1364dee49a7300b931943b3b84fedce3444e6e664890

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:35 GMT
last-modified: Mon, 15 Aug 2022 08:53:38 GMT
server: nginx
etag: "44f31441968feb51cf4535ff49d7bcea"
content-type: image/jpeg
cache-control: max-age=315360000
content-length: 6266
accept-ranges: bytes
x-1p1-cdn: MISS; Tue, 16 Aug 2022 02:21:35 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1202f72cf0e2134b8d0984124b94edf2_210x150.png
images.1plus1.ua/uploads/articles/001/060/546/ 40 KB
40 KB 430ms
165ms Image
image/png 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/060/546/1202f72cf0e2134b8d0984124b94edf2_210x150.png?v=1659686229
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: c0023c4051ba86e34d4b1cf8ddbc6dc87a3220574b9e8926fcaf677f580ee697

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:35 GMT
last-modified: Fri, 05 Aug 2022 07:57:09 GMT
server: nginx
etag: "f2f06942d495ea14a99e0ecbe33558d8"
content-type: image/png
cache-control: max-age=315360000
content-length: 40717
accept-ranges: bytes
x-1p1-cdn: MISS; Tue, 16 Aug 2022 02:21:35 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 764b171687ae0471836b03bfd7b9dece_210x150.png
images.1plus1.ua/uploads/articles/001/058/107/ 42 KB
43 KB 616ms
406ms Image
image/png 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/058/107/764b171687ae0471836b03bfd7b9dece_210x150.png?v=1659528512
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 9e072ca829803dd367110f3c3af587bfa79e09d975ed534a402ef1b337c17a23

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:35 GMT
last-modified: Wed, 03 Aug 2022 12:08:32 GMT
server: nginx
etag: "a17928cc6fba9849c95d5d7a3ed29045"
content-type: image/png
cache-control: max-age=315360000
content-length: 43231
accept-ranges: bytes
x-1p1-cdn: MISS; Tue, 16 Aug 2022 02:21:35 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 c2b3d2feff7c8125106e4ed10ed8f132_210x150.png
images.1plus1.ua/uploads/articles/001/040/686/ 6 KB
6 KB 544ms
334ms Image
image/png 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/040/686/c2b3d2feff7c8125106e4ed10ed8f132_210x150.png?v=1658140090
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 5b03423b10570e63499ba1bce1661cce400537c6f1202c1e2d750b418227c3a5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:35 GMT
last-modified: Mon, 18 Jul 2022 10:28:10 GMT
server: nginx
etag: "64faf92119c1d7d60cbcfd0ba56ef731"
content-type: image/png
cache-control: max-age=315360000
content-length: 5939
accept-ranges: bytes
x-1p1-cdn: MISS; Tue, 16 Aug 2022 02:21:35 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 c73dda2e59de59dd03f39d35fda79d4a_210x150.jpeg
images.1plus1.ua/uploads/articles/001/055/818/ 8 KB
9 KB 861ms
651ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/055/818/c73dda2e59de59dd03f39d35fda79d4a_210x150.jpeg?v=1659373604
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 8d399297a6cd103e21da435aa516732e7601d03c9c6ea3e3fc83b91419c26181

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:35 GMT
last-modified: Mon, 01 Aug 2022 17:06:45 GMT
server: nginx
etag: "2e73a23d58016c6fd8628db1c2e1bc70"
content-type: image/jpeg
cache-control: max-age=315360000
content-length: 8474
accept-ranges: bytes
x-1p1-cdn: MISS; Tue, 16 Aug 2022 02:21:35 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fce80d3c550e056f5e44315f7dd20945.jpg
images.1plus1.ua/uploads/articles/000/693/997/ 1 MB
1 MB 625ms
415ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/000/693/997/fce80d3c550e056f5e44315f7dd20945.jpg?v=1629045463
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: abb8b186d4a9460e5976f8f6bf7d35344cf80526c73e60fbbc2698066b006713

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:35 GMT
last-modified: Sun, 15 Aug 2021 16:37:47 GMT
server: nginx
etag: "dad6c18d98b1dddbbf988b0b76721145"
content-type: image/jpeg
cache-control: max-age=315360000
content-length: 1299664
accept-ranges: bytes
x-1p1-cdn: HIT; Mon, 15 Aug 2022 12:12:02 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 c7d22234dd5dab49e6e521be048fef31_210x150.jpg
images.1plus1.ua/uploads/articles/001/069/891/ 8 KB
8 KB 615ms
405ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/069/891/c7d22234dd5dab49e6e521be048fef31_210x150.jpg?v=1660565552
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 19efd060fb8e2136420342b8dc60dd738f0dfcffa1704f92a72f902f6748f70a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:35 GMT
last-modified: Mon, 15 Aug 2022 12:12:33 GMT
server: nginx
etag: "db569ec357a71e550e96a802137ffc38"
content-type: image/jpeg
cache-control: max-age=315360000
content-length: 8241
accept-ranges: bytes
x-1p1-cdn: MISS; Tue, 16 Aug 2022 02:21:35 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 6349591101db487ac3b3d1bd64928afe_210x150.jpg
images.1plus1.ua/uploads/articles/001/069/066/ 6 KB
6 KB 859ms
650ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/069/066/6349591101db487ac3b3d1bd64928afe_210x150.jpg?v=1660550014
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: c550f80f041ce40006bbf0bc592219f5cc31f8ecb7d37241c3a7f5c00c204902

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:35 GMT
last-modified: Mon, 15 Aug 2022 07:53:34 GMT
server: nginx
etag: "7679b19e217a585107b9cff7ffbb2d46"
content-type: image/jpeg
cache-control: max-age=315360000
content-length: 6321
accept-ranges: bytes
x-1p1-cdn: MISS; Tue, 16 Aug 2022 02:21:35 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 48c1105ef2d9c8e0b4a5ff5b63251704_210x150.jpg
images.1plus1.ua/uploads/articles/001/069/255/ 5 KB
5 KB 869ms
659ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/069/255/48c1105ef2d9c8e0b4a5ff5b63251704_210x150.jpg?v=1660555407
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 2bb92adfe18053c1a9c970e62deb3c731c64dfb05695362668d5bc5bf95a7bcd

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:35 GMT
last-modified: Mon, 15 Aug 2022 09:23:28 GMT
server: nginx
etag: "e72c2195a44f857a7c0a23f3956a123e"
content-type: image/jpeg
cache-control: max-age=315360000
content-length: 4744
accept-ranges: bytes
x-1p1-cdn: MISS; Tue, 16 Aug 2022 02:21:35 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 baa4820a94cc45d19ef1adcaaf1d1293_210x150.jpg
images.1plus1.ua/uploads/articles/001/068/886/ 7 KB
7 KB 857ms
648ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/068/886/baa4820a94cc45d19ef1adcaaf1d1293_210x150.jpg?v=1660496963
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: b98dc70933322d9f63a2970ee857ef7a57c1bbf71fea07f9322312b001959ac5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:35 GMT
last-modified: Sun, 14 Aug 2022 17:09:24 GMT
server: nginx
etag: "2071cfb69e74054b9d32c625daae853d"
content-type: image/jpeg
cache-control: max-age=315360000
content-length: 6872
accept-ranges: bytes
x-1p1-cdn: MISS; Tue, 16 Aug 2022 02:21:35 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 57346603e6f957418050266375fae0e2_210x150.jpg
images.1plus1.ua/uploads/articles/001/070/161/ 5 KB
5 KB 870ms
660ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/070/161/57346603e6f957418050266375fae0e2_210x150.jpg?v=1660573039
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 3825b2a1d4dfe040dfd3b7cbcf55cdac3837bf91457f0b5fcb15e5e0923d3f0f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:35 GMT
last-modified: Mon, 15 Aug 2022 14:39:15 GMT
server: nginx
etag: "e6983b249d6761109086db4a0f12cf2c"
content-type: image/jpeg
cache-control: max-age=315360000
content-length: 5367
accept-ranges: bytes
x-1p1-cdn: MISS; Tue, 16 Aug 2022 02:21:35 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 60c24b56c86a9fc939dd7d878999e5ef_210x150.jpg
images.1plus1.ua/uploads/articles/001/070/071/ 8 KB
8 KB 864ms
654ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/070/071/60c24b56c86a9fc939dd7d878999e5ef_210x150.jpg?v=1660570391
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 978f5fa8b0a82b426c4fd10ce8ea4d9e6729d2892e85116e02f4eeb545e0794e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:35 GMT
last-modified: Mon, 15 Aug 2022 13:33:11 GMT
server: nginx
etag: "8d6566dbfeb70248d03333105c73e257"
content-type: image/jpeg
cache-control: max-age=315360000
content-length: 8298
accept-ranges: bytes
x-1p1-cdn: MISS; Tue, 16 Aug 2022 02:21:35 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 aec17b241b465e9ae19ed09890b8f63f_210x150.jpg
images.1plus1.ua/uploads/articles/001/069/981/ 12 KB
12 KB 867ms
657ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/069/981/aec17b241b465e9ae19ed09890b8f63f_210x150.jpg?v=1660569992
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 61d5810d0ad9f0dce3a4aaec9dc4240f5dfeb7e65659f490a4d7891c03a0bcfd

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:35 GMT
last-modified: Mon, 15 Aug 2022 13:26:33 GMT
server: nginx
etag: "68a8cad678132b77221aa87b989acad3"
content-type: image/jpeg
cache-control: max-age=315360000
content-length: 12391
accept-ranges: bytes
x-1p1-cdn: MISS; Tue, 16 Aug 2022 02:21:35 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 a877f3b452d8302c84be0e4699eb7d1e_210x150.jpg
images.1plus1.ua/uploads/articles/001/069/345/ 10 KB
10 KB 863ms
653ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/069/345/a877f3b452d8302c84be0e4699eb7d1e_210x150.jpg?v=1660556490
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: ff87e6c7dc497671879e3b80393ac9fcc1f02bd296773bbf88936bae324e878f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:35 GMT
last-modified: Mon, 15 Aug 2022 09:41:31 GMT
server: nginx
etag: "31d5feef10e3f7d46d2822329d41681d"
content-type: image/jpeg
cache-control: max-age=315360000
content-length: 9744
accept-ranges: bytes
x-1p1-cdn: MISS; Tue, 16 Aug 2022 02:21:35 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 143 KB
50 KB 184ms
68ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PWKM5Z

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f6e598bc78be7182e1eb3692433a25a7fa3706dd0a6b028f48b29bbb9dd952e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:35 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50738
x-xss-protection: 0
last-modified: Tue, 16 Aug 2022 00:05:33 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 16 Aug 2022 02:21:35 GMT

GET
H/1.1 200
OK app.js Show response
1plus1.ua/build/js/ 315 KB
112 KB 85ms
85ms Script
application/javascript 195.137.240.80
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://1plus1.ua/build/js/app.js?id=ff35a9d53833cf45c98e
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.80 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front02.1plus1.ua
Software: nginx /
Resource Hash: 3fdf445b8cfc96cac2dc15cf848136734465e421404c4af45aa2edf8aac271e1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 16 Aug 2022 02:21:35 GMT
Content-Encoding: gzip
Last-Modified: Thu, 20 Jan 2022 11:37:07 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=604800
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Tue, 23 Aug 2022 02:21:35 GMT

GET
H/1.1 200
OK l.js Show response
api.1plus1.video/u/ 895 B
2 KB 382ms
99ms Script
application/javascript 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.1plus1.video/u/l.js?p=&l=ua&f=0&auth=1&login_profile=1
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: 77d48e4f45ee4d8312f0297cc2c1aefd9b638f4e75090ba04f9a2e96228c43f4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 16 Aug 2022 02:21:35 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: https://1plus1.ua
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Keep-Alive: timeout=15
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 wrapper_hb_298309_4139.js Show response
player.adtelligent.com/prebid/ 787 B
748 B 219ms
56ms Script
application/javascript 45.133.44.4
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/prebid/wrapper_hb_298309_4139.js?cb=19220
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: 4530df8aee209a327000bc9da93db8a487af0941c3498ce1401f2437be5e6c8f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:35 GMT
content-encoding: gzip
last-modified: Wed, 10 Aug 2022 14:39:34 GMT
server: nginx
etag: W/"62f3c326-313"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Thu, 18 Aug 2022 02:21:35 GMT
cache-control: max-age=172800
x-proxy-cache: HIT

GET
H2 200 piwik.js Show response
assay.1plus1.ua/ 57 KB
23 KB 300ms
79ms Script
application/javascript 195.137.240.12
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL

https://assay.1plus1.ua/piwik.js

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

195.137.240.12 , Ukraine, ASN29389 (ASN-UNIAN, UA),

Reverse DNS

assay.1plus1.ua

Software

nginx /

Resource Hash

714576ef1d7b58980b7658ae9b8b4d74a223fba87934dc442db4098873e179a3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:35 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Tue, 08 Jan 2019 00:15:41 GMT
server: nginx
etag: W/"5c33ebad-e3b1"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 loader2.js Show response
cdn.admixer.net/scripts3/ 176 KB
55 KB 194ms
64ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/loader2.js
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: e4501d959d3638f5749d6687283f31f7fc48d9e37770520cd0f275b632eeb5b4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc8
date: Tue, 16 Aug 2022 02:21:35 GMT
content-encoding: gzip
last-modified: Thu, 28 Jul 2022 13:08:58 GMT
server: nginx
etag: W/"62e28a6a-2c101"
x-cached-since: 2022-08-16T02:17:31+00:00
content-type: application/javascript
cache-control: max-age=600
cache: HIT
expires: Thu, 28 Jul 2022 13:20:15 GMT

GET
H2 200 hotjar-1437498.js Show response
static.hotjar.com/c/ 5 KB
3 KB 244ms
54ms Script
application/javascript 18.66.97.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1437498.js?sv=6

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.10 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-10.fra56.r.cloudfront.net

Software

Resource Hash

7c7cd8ca0696fad2662a0b9c3f9daf636a943bddfdfc4b789af9fbd08f47eede

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
age: 52
x-cache: Hit from cloudfront
date: Tue, 16 Aug 2022 02:21:10 GMT
cross-origin-resource-policy: cross-origin
via: 1.1 80a51c83bb9479e2a3aa1ea59b366458.cloudfront.net (CloudFront)
cache-control: max-age=60
etag: W/24cfe0409f5ed2e3ae963a91fa95085a
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: s9kPsQZgogCgY_oehWJau_7MFugp97Wl33dgo9S1lgic9UQYSHlXIA==

GET
H/1.1 200
OK dancingStars__slide.jpg
1plus1.ua/build/images/ 33 KB
34 KB 288ms
162ms Image
image/jpeg 195.137.240.80
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1plus1.ua/build/images/dancingStars__slide.jpg?c8c69a3b3ba47ad12f574e642cd8ff97
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/build/css/desktop.css?id=c39a6fec71f6f36b6aef
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.80 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front02.1plus1.ua
Software: nginx /
Resource Hash: 77639b450a3179e657341017374b6b46eaa79cf1e02cd816c53feb97db03bf6c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/build/css/desktop.css?id=c39a6fec71f6f36b6aef
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 16 Aug 2022 02:21:35 GMT
Last-Modified: Tue, 09 Nov 2021 09:53:25 GMT
Server: nginx
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 34003
Expires: Tue, 23 Aug 2022 02:21:35 GMT

GET
H/1.1 200
OK 1plus1_2020-Bold.woff2
1plus1.ua/build/fonts/ 40 KB
40 KB 96ms
95ms Font
font/woff2 195.137.240.80
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://1plus1.ua/build/fonts/1plus1_2020-Bold.woff2?162ea61293c1251c9d38ebfbb41955e8
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/build/css/desktop.css?id=c39a6fec71f6f36b6aef
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.80 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front02.1plus1.ua
Software: nginx /
Resource Hash: f7d679ac3eacbeb4ab5801b3f1dd63d710fad1c3d44440be04f102adb53a6bcb

Request headers

Referer: https://1plus1.ua/build/css/desktop.css?id=c39a6fec71f6f36b6aef
Origin: https://1plus1.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 16 Aug 2022 02:21:35 GMT
Last-Modified: Tue, 12 Oct 2021 22:31:59 GMT
Server: nginx
Content-Type: font/woff2
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 40500
Expires: Tue, 23 Aug 2022 02:21:35 GMT

GET
H/1.1 200
OK 1plus1_2020-Regular.woff2
1plus1.ua/build/fonts/ 38 KB
39 KB 162ms
162ms Font
font/woff2 195.137.240.80
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://1plus1.ua/build/fonts/1plus1_2020-Regular.woff2?90bfe5ae3558a09fc8e59e35be273ed8
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/build/css/desktop.css?id=c39a6fec71f6f36b6aef
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.80 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front02.1plus1.ua
Software: nginx /
Resource Hash: fa1e91b87103157f908a9ee3b3c0eab74ab3c71026f7538071c715a009f73b7a

Request headers

Referer: https://1plus1.ua/build/css/desktop.css?id=c39a6fec71f6f36b6aef
Origin: https://1plus1.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 16 Aug 2022 02:21:35 GMT
Last-Modified: Tue, 12 Oct 2021 22:31:59 GMT
Server: nginx
Content-Type: font/woff2
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 39364
Expires: Tue, 23 Aug 2022 02:21:35 GMT

GET
H/1.1 200
OK 1plus1_2020-Light.woff2
1plus1.ua/build/fonts/ 40 KB
40 KB 178ms
82ms Font
font/woff2 195.137.240.80
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://1plus1.ua/build/fonts/1plus1_2020-Light.woff2?cfb0332de68c76eefb11f8e7b649bf5b
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/build/css/desktop.css?id=c39a6fec71f6f36b6aef
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.80 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front02.1plus1.ua
Software: nginx /
Resource Hash: ff3ae49d160812d67552eddd8cde0a5b4bae37c20ebdcf47784a74f6f23be809

Request headers

Referer: https://1plus1.ua/build/css/desktop.css?id=c39a6fec71f6f36b6aef
Origin: https://1plus1.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 16 Aug 2022 02:21:35 GMT
Last-Modified: Tue, 12 Oct 2021 22:31:59 GMT
Server: nginx
Content-Type: font/woff2
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 40576
Expires: Tue, 23 Aug 2022 02:21:35 GMT

GET
H/1.1 200
OK 1plus1_2020-RegularOblique.woff2
1plus1.ua/build/fonts/ 43 KB
43 KB 323ms
161ms Font
font/woff2 195.137.240.80
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://1plus1.ua/build/fonts/1plus1_2020-RegularOblique.woff2?c64da9994c0baf83a13910fe8cea8652
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/build/css/desktop.css?id=c39a6fec71f6f36b6aef
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.80 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front02.1plus1.ua
Software: nginx /
Resource Hash: 67318e1c9ea0047b035276d21690ea657f781686c5fb857f4f80ba1084ea3671

Request headers

Referer: https://1plus1.ua/build/css/desktop.css?id=c39a6fec71f6f36b6aef
Origin: https://1plus1.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 16 Aug 2022 02:21:35 GMT
Last-Modified: Tue, 12 Oct 2021 22:31:59 GMT
Server: nginx
Content-Type: font/woff2
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 43528
Expires: Tue, 23 Aug 2022 02:21:35 GMT

GET
H/1.1 200
OK 1plus1_2020-Black.woff2
1plus1.ua/build/fonts/ 38 KB
38 KB 321ms
162ms Font
font/woff2 195.137.240.80
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://1plus1.ua/build/fonts/1plus1_2020-Black.woff2?7d9bb787c86f7fe8b7258cdeee70c3bd
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/build/css/desktop.css?id=c39a6fec71f6f36b6aef
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.80 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front02.1plus1.ua
Software: nginx /
Resource Hash: fb28e529eb48422c4f3150357d137cfa2fba6055291e5e75ad8239da66074888

Request headers

Referer: https://1plus1.ua/build/css/desktop.css?id=c39a6fec71f6f36b6aef
Origin: https://1plus1.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 16 Aug 2022 02:21:35 GMT
Last-Modified: Tue, 12 Oct 2021 22:31:59 GMT
Server: nginx
Content-Type: font/woff2
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 38848
Expires: Tue, 23 Aug 2022 02:21:35 GMT

GET
H2 200 57346603e6f957418050266375fae0e2_770x420.jpg
images.1plus1.ua/uploads/articles/001/070/161/ 26 KB
27 KB 845ms
656ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/070/161/57346603e6f957418050266375fae0e2_770x420.jpg?v=1660573040
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 56aa55141d1f2313d6b6eeebc80695337480d63e84f000eca5f1d5fe9054d8d0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:35 GMT
last-modified: Mon, 15 Aug 2022 14:42:23 GMT
server: nginx
etag: "c66d3465dc3cf9d3ef344a3671956d4b"
content-type: image/jpeg
cache-control: max-age=315360000
content-length: 26942
accept-ranges: bytes
x-1p1-cdn: MISS; Tue, 16 Aug 2022 02:21:35 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 60c24b56c86a9fc939dd7d878999e5ef_490x1050.jpg
images.1plus1.ua/uploads/articles/001/070/071/ 118 KB
118 KB 847ms
657ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/070/071/60c24b56c86a9fc939dd7d878999e5ef_490x1050.jpg?v=1660570391
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: e37124c947efd10b06a9586590d150133cd5a17d85d62f5b37edd00d3bae53bf

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:35 GMT
last-modified: Mon, 15 Aug 2022 13:33:11 GMT
server: nginx
etag: "1212fc0ce3ddefe3cf0919cc0f21d89d"
content-type: image/jpeg
cache-control: max-age=315360000
content-length: 120448
accept-ranges: bytes
x-1p1-cdn: MISS; Tue, 16 Aug 2022 02:21:35 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 aec17b241b465e9ae19ed09890b8f63f_770x420.jpg
images.1plus1.ua/uploads/articles/001/069/981/ 69 KB
69 KB 523ms
334ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/069/981/aec17b241b465e9ae19ed09890b8f63f_770x420.jpg?v=1660569993
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 0dc2003f3aa835a39406a88f7f79dae2998de152accf3974efc168bb40839bae

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:35 GMT
last-modified: Mon, 15 Aug 2022 13:26:33 GMT
server: nginx
etag: "542cfbcc8f68843a4a39ad798eb65aa8"
content-type: image/jpeg
cache-control: max-age=315360000
content-length: 70159
accept-ranges: bytes
x-1p1-cdn: MISS; Tue, 16 Aug 2022 02:21:35 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 c7d22234dd5dab49e6e521be048fef31_770x420.jpg
images.1plus1.ua/uploads/articles/001/069/891/ 41 KB
42 KB 850ms
660ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/069/891/c7d22234dd5dab49e6e521be048fef31_770x420.jpg?v=1660565554
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 4805c87d89196eff610a6e6adc224e70b01790e9fc7938b24d54abd4f61ec22b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:35 GMT
last-modified: Mon, 15 Aug 2022 12:43:40 GMT
server: nginx
etag: "7869c57c09d3740ee31b805f8c598565"
content-type: image/jpeg
cache-control: max-age=315360000
content-length: 42445
accept-ranges: bytes
x-1p1-cdn: MISS; Tue, 16 Aug 2022 02:21:35 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 2a9b9ae8c1874a906d0bcb255fa74b7b_490x1050.jpg
images.1plus1.ua/uploads/articles/000/963/235/ 66 KB
67 KB 661ms
659ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/000/963/235/2a9b9ae8c1874a906d0bcb255fa74b7b_490x1050.jpg?v=1652181813
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 5a4bf6765c70fc79d4a77d75bbd839f0054209a82412b838a05b070141ef0889

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:35 GMT
last-modified: Tue, 10 May 2022 11:23:34 GMT
server: nginx
etag: "fc7e2658bd1f9868a872f0295e5ecce9"
content-type: image/jpeg
cache-control: max-age=315360000
content-length: 67985
accept-ranges: bytes
x-1p1-cdn: MISS; Tue, 16 Aug 2022 02:21:35 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 b634e95cb4e072767b2c9faaa2728477_350x350.jpg
images.1plus1.ua/uploads/articles/000/859/720/ 13 KB
14 KB 661ms
660ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/000/859/720/b634e95cb4e072767b2c9faaa2728477_350x350.jpg?v=1645456207
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 8a224f5666106a0d1c78951d4dfb964ab63183d044119a68404f7c01c19f951d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:35 GMT
last-modified: Mon, 21 Feb 2022 15:10:07 GMT
server: nginx
etag: "b9d33f76e570821d980e3a7595b7f15a"
content-type: image/jpeg
cache-control: max-age=315360000
content-length: 13745
accept-ranges: bytes
x-1p1-cdn: MISS; Tue, 16 Aug 2022 02:21:35 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 3ef0edcf9a05d7422edf32bfc5510bc4_350x350.jpg
images.1plus1.ua/uploads/articles/000/841/054/ 13 KB
13 KB 653ms
652ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/000/841/054/3ef0edcf9a05d7422edf32bfc5510bc4_350x350.jpg?v=1644229512
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: f1f3fd397b3a2fe331f7c691c53f0b577d2cbd2398b84e4c3fc8fcb653570a2a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:35 GMT
last-modified: Mon, 07 Feb 2022 10:25:12 GMT
server: nginx
etag: "1e490b3e02de4533a0e0d3577347d4e7"
content-type: image/jpeg
cache-control: max-age=315360000
content-length: 13088
accept-ranges: bytes
x-1p1-cdn: MISS; Tue, 16 Aug 2022 02:21:35 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 96fb4455b12c0e0bfb8c5cee42aea643_350x350.jpg
images.1plus1.ua/uploads/articles/000/841/327/ 24 KB
25 KB 655ms
654ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/000/841/327/96fb4455b12c0e0bfb8c5cee42aea643_350x350.jpg?v=1644239449
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: ce7c4b304c61ab6f6bc5bc4d333177a66061d1b84c6ee3b0b322ec360f65dcc4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:35 GMT
last-modified: Mon, 07 Feb 2022 13:10:49 GMT
server: nginx
etag: "3b63edeebc085c7329eb132a56399239"
content-type: image/jpeg
cache-control: max-age=315360000
content-length: 25029
accept-ranges: bytes
x-1p1-cdn: MISS; Tue, 16 Aug 2022 02:21:35 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 d1734693cb79dbe3fefcf84fba0c63f0_350x350.jpg
images.1plus1.ua/uploads/articles/000/840/793/ 29 KB
29 KB 659ms
658ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/000/840/793/d1734693cb79dbe3fefcf84fba0c63f0_350x350.jpg?v=1644225067
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 16aec55d227d15b95ca9a2297e928565f7563468e81b0f92cfaff43c2aede381

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:35 GMT
last-modified: Mon, 07 Feb 2022 09:11:08 GMT
server: nginx
etag: "a679dc9f06348d06073cc07e617ecdc8"
content-type: image/jpeg
cache-control: max-age=315360000
content-length: 29355
accept-ranges: bytes
x-1p1-cdn: MISS; Tue, 16 Aug 2022 02:21:35 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 f8e670099b35be64983f9897f4e6bdb6_140x140.jpg
images.1plus1.ua/uploads/articles/001/037/671/ 5 KB
5 KB 660ms
659ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/037/671/f8e670099b35be64983f9897f4e6bdb6_140x140.jpg?v=1657801679
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 4596b3d166f6e8609c22c2c710e14944bf6dfdf65b6eb8f8e3106628d390385a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:35 GMT
last-modified: Thu, 14 Jul 2022 12:27:59 GMT
server: nginx
etag: "fa8d98c12377f81bc679bc80f4f69816"
content-type: image/jpeg
cache-control: max-age=315360000
content-length: 4707
accept-ranges: bytes
x-1p1-cdn: MISS; Tue, 16 Aug 2022 02:21:35 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 e0986beb47e21ded981cc0f92685e782_140x140.jpg
images.1plus1.ua/uploads/articles/001/029/724/ 5 KB
5 KB 656ms
655ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/029/724/e0986beb47e21ded981cc0f92685e782_140x140.jpg?v=1657181867
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 3b0464081ea585a89a02303644ebb231f4cbf5ce95d349a3fcd277b15acbe9f6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:35 GMT
last-modified: Thu, 07 Jul 2022 08:17:48 GMT
server: nginx
etag: "97395a5ea5b286a352afe6c2cef41eef"
content-type: image/jpeg
cache-control: max-age=315360000
content-length: 5025
accept-ranges: bytes
x-1p1-cdn: MISS; Tue, 16 Aug 2022 02:21:35 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 10c087244f4c6e30bfb2f60aff192542_140x140.jpg
images.1plus1.ua/uploads/articles/000/861/010/ 4 KB
4 KB 645ms
644ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/000/861/010/10c087244f4c6e30bfb2f60aff192542_140x140.jpg?v=1645539114
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: d807c12f029f4df6967f2f082f63eee8013a45f2125c9201b368bb4bb37f9361

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:35 GMT
last-modified: Tue, 22 Feb 2022 14:11:56 GMT
server: nginx
etag: "f4a4cdc50a9738d9bf7bef45569acf60"
content-type: image/jpeg
cache-control: max-age=315360000
content-length: 3652
accept-ranges: bytes
x-1p1-cdn: HIT; Tue, 16 Aug 2022 01:06:51 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 a71c7d36326abb6a722d3d45bb2520b3_140x140.jpg
images.1plus1.ua/uploads/articles/001/002/739/ 4 KB
4 KB 659ms
658ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/002/739/a71c7d36326abb6a722d3d45bb2520b3_140x140.jpg?v=1654869933
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: ac7d2fe900025cf93204a654c7e4e5d48d595c99f63f3e937a52c37458b738ce

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:35 GMT
last-modified: Fri, 10 Jun 2022 14:05:35 GMT
server: nginx
etag: "e3a43907dfc1cb6010ff91134ac2525e"
content-type: image/jpeg
cache-control: max-age=315360000
content-length: 4211
accept-ranges: bytes
x-1p1-cdn: MISS; Tue, 16 Aug 2022 02:21:35 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 c1216120fafc39242ef9765cdbaf30bc_140x140.jpg
images.1plus1.ua/uploads/articles/000/980/119/ 3 KB
3 KB 659ms
658ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/000/980/119/c1216120fafc39242ef9765cdbaf30bc_140x140.jpg?v=1653235122
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: ee734b7a7a90aca78f134641a456d1887253a2990eba06fd109bea1cb876e0b9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:35 GMT
last-modified: Sun, 22 May 2022 15:58:42 GMT
server: nginx
etag: "f2dccb03f9ca5a5fef8478c1e7099653"
content-type: image/jpeg
cache-control: max-age=315360000
content-length: 2844
accept-ranges: bytes
x-1p1-cdn: MISS; Tue, 16 Aug 2022 02:21:35 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK E2fzXbha Show response
1plus1.video/video/embed/ Frame 0AA3 11 KB
6 KB 120ms
119ms Document
text/html 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://1plus1.video/video/embed/E2fzXbha?l=ua
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: 2136d5fe89f1ccde0114a6424759b3c69f7c57c1139c0ce88f9d01268a5b2e24

Request headers

Referer: https://1plus1.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Tue, 16 Aug 2022 02:21:35 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=15
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H2 200 92d3195f325a4d45ee303ab9d892d5b3.190x105.jpg
images.1plus1.video/card-5/E2fzXbha/ 13 KB
13 KB 573ms
239ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/card-5/E2fzXbha/92d3195f325a4d45ee303ab9d892d5b3.190x105.jpg
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 18490029527d0166564d08d77d15347f5c7604cb916606860eb0bf458565ba9f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:35 GMT
last-modified: Tue, 15 Jun 2021 14:24:39 GMT
server: nginx
etag: "a87fa4df91a2dc0e28d9c245f9b31a56"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 13066
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 16 Aug 2022 02:21:35 GMT
expires: Tue, 23 Aug 2022 02:21:35 GMT

GET
H2 200 9fef5ac5c02b786d294d1ec518d81257.190x105.jpg
images.1plus1.video/card-5/IRHSLdka/ 11 KB
12 KB 441ms
215ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/card-5/IRHSLdka/9fef5ac5c02b786d294d1ec518d81257.190x105.jpg
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 8f9e71ad37578a2db5a8e702ba31316a65dc3f36b2883198adab4d8261631483

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:35 GMT
last-modified: Tue, 15 Jun 2021 14:24:45 GMT
server: nginx
etag: "2e74435d3edf5310a445de62177853fb"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 11649
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 16 Aug 2022 02:21:35 GMT
expires: Tue, 23 Aug 2022 02:21:35 GMT

GET
H2 200 9a92952634e23723a23e420e15b6f09d.190x105.jpg
images.1plus1.video/card-5/NCkBenm2/ 9 KB
9 KB 445ms
248ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/card-5/NCkBenm2/9a92952634e23723a23e420e15b6f09d.190x105.jpg
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 0fc2fc5d88d357fa83957e664039e6a19588081e55a215d8d077eed82d43beba

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:35 GMT
last-modified: Tue, 01 Jun 2021 10:56:33 GMT
server: nginx
etag: "5df517d83b1757de3cf407fdcd55b5a0"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 9392
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 16 Aug 2022 02:21:35 GMT
expires: Tue, 23 Aug 2022 02:21:35 GMT

GET
H2 200 9556af606060a6b58f92630ea068995e.190x105.jpg
images.1plus1.video/card-5/hu7lAxSR/ 8 KB
8 KB 403ms
249ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/card-5/hu7lAxSR/9556af606060a6b58f92630ea068995e.190x105.jpg
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: f98c3b183a8834fa2303d8c358f62cc42785540dec4bcca3bf682dcd893874bb

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:35 GMT
last-modified: Tue, 01 Jun 2021 10:56:41 GMT
server: nginx
etag: "7ea4a7d31c835975e1e8be8db6f4f88c"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 8104
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 16 Aug 2022 02:21:35 GMT
expires: Tue, 23 Aug 2022 02:21:35 GMT

GET
H2 200 1eda3950d64f35c64203c53fd9a9a786.190x105.jpg
images.1plus1.video/card-5/lCJAkGEa/ 10 KB
10 KB 287ms
169ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/card-5/lCJAkGEa/1eda3950d64f35c64203c53fd9a9a786.190x105.jpg
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 851ab1d0997cc0dd8c000ccb7d04106aafa3d5586dd097a74a0805301b8ec95d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:35 GMT
last-modified: Tue, 01 Jun 2021 10:56:28 GMT
server: nginx
etag: "c134988e94035ff0ee6cd435dde2c1e3"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 10297
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 16 Aug 2022 02:21:35 GMT
expires: Tue, 23 Aug 2022 02:21:35 GMT

GET
H2 200 fc4b2fd9690e913cf3f3b3e197f56eca.190x105.jpg
images.1plus1.video/card-5/muW5KxO2/ 10 KB
11 KB 276ms
158ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/card-5/muW5KxO2/fc4b2fd9690e913cf3f3b3e197f56eca.190x105.jpg
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: f37d4d26f9adb40c5edb56ade0aa60b59d5f5f7bdacab6d34a13b2a3f8e120fc

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:35 GMT
last-modified: Sun, 20 Feb 2022 21:21:45 GMT
server: nginx
etag: "a6b9b0f86e53737e95a49a0121b47c63"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 10570
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 16 Aug 2022 02:21:35 GMT
expires: Tue, 23 Aug 2022 02:21:35 GMT

GET
H2 200 c1cb9441b388591d2ecc2fa83bf8d466.190x105.jpg
images.1plus1.video/card-5/HaqwM4Sa/ 10 KB
11 KB 232ms
231ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/card-5/HaqwM4Sa/c1cb9441b388591d2ecc2fa83bf8d466.190x105.jpg
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 7f9a44771c2088ce273d74602d782522125915870f00d6adee316c0504c80de5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:35 GMT
last-modified: Sun, 13 Feb 2022 21:19:04 GMT
server: nginx
etag: "c7529270a49fbff3fad42166d1225751"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 10565
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 16 Aug 2022 02:21:35 GMT
expires: Tue, 23 Aug 2022 02:21:35 GMT

GET
H2 200 74cbea2cb555f441c35f7427ec961dc5.190x105.jpg
images.1plus1.video/card-5/M2VnPLy2/ 10 KB
11 KB 276ms
276ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/card-5/M2VnPLy2/74cbea2cb555f441c35f7427ec961dc5.190x105.jpg
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 727d017565f60a77f88f8753c1b297bb752bd86fae73e89ae9cff404d5de1902

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:35 GMT
last-modified: Sun, 06 Feb 2022 20:05:15 GMT
server: nginx
etag: "8f78ca40cd331ce47a33c3003c4c6d7a"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 10557
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 16 Aug 2022 02:21:35 GMT
expires: Tue, 23 Aug 2022 02:21:35 GMT

GET
H2 200 6a4fde5b971645afc15d66c54d158c70.190x105.jpg
images.1plus1.video/card-5/ka5ZKpIR/ 10 KB
11 KB 300ms
300ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/card-5/ka5ZKpIR/6a4fde5b971645afc15d66c54d158c70.190x105.jpg
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: ddcede6dc423a82c6a23bcd3624f799da8710d00831dc72a7e8eda1b4aa08f6a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:35 GMT
last-modified: Sun, 30 Jan 2022 21:38:38 GMT
server: nginx
etag: "818106c2fe1e7dded51af88d14bf7db7"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 10556
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 16 Aug 2022 02:21:35 GMT
expires: Tue, 23 Aug 2022 02:21:35 GMT

GET
H2 200 592fb9a78ccbb667f473e8861dccdb56.190x105.jpg
images.1plus1.video/card-6/sRNnWo4C/ 10 KB
11 KB 301ms
301ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/card-6/sRNnWo4C/592fb9a78ccbb667f473e8861dccdb56.190x105.jpg
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: f37d4d26f9adb40c5edb56ade0aa60b59d5f5f7bdacab6d34a13b2a3f8e120fc

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:35 GMT
last-modified: Fri, 05 Aug 2022 19:03:22 GMT
server: nginx
etag: "a6b9b0f86e53737e95a49a0121b47c63"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 10570
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 16 Aug 2022 02:21:35 GMT
expires: Tue, 23 Aug 2022 02:21:35 GMT

GET
H2 200 52e43f15d2888e2bea1a412d1f3df3f4_755x500.jpg
images.1plus1.ua/uploads/gallery/000/861/427/ 34 KB
34 KB 576ms
575ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/gallery/000/861/427/52e43f15d2888e2bea1a412d1f3df3f4_755x500.jpg?v=1645557790
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 1a1cbd003f02f0c1712e6de047260a8897034a6966acd5cccf3472fd1637ffb3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:35 GMT
last-modified: Tue, 22 Feb 2022 19:23:10 GMT
server: nginx
etag: "83a5e65aa6e0b9abe0e1d35df7ad25b8"
content-type: image/jpeg
cache-control: max-age=315360000
content-length: 35041
accept-ranges: bytes
x-1p1-cdn: HIT; Tue, 16 Aug 2022 01:15:40 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 337329a5e3fec02712e8d60b21e1412b_755x500.jpg
images.1plus1.ua/uploads/gallery/000/860/641/ 30 KB
30 KB 577ms
576ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/gallery/000/860/641/337329a5e3fec02712e8d60b21e1412b_755x500.jpg?v=1645530002
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: abee2ab95491ef1e29b65b7c025f035fc075327c87817750d1149ed782780477

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:35 GMT
last-modified: Tue, 22 Feb 2022 11:40:02 GMT
server: nginx
etag: "cde866112b4b81b54aa1bd45cc67011d"
content-type: image/jpeg
cache-control: max-age=315360000
content-length: 30780
accept-ranges: bytes
x-1p1-cdn: HIT; Tue, 16 Aug 2022 01:15:40 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 f151616dfa4225a5765c58f2fe77ae18_755x500.jpg
images.1plus1.ua/uploads/gallery/000/860/650/ 42 KB
42 KB 588ms
588ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/gallery/000/860/650/f151616dfa4225a5765c58f2fe77ae18_755x500.jpg?v=1645530034
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 48c780f7e651b6071883d1dbf7a21e38f4b9e9250335487cc846abc0b4cff053

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:35 GMT
last-modified: Tue, 22 Feb 2022 11:40:34 GMT
server: nginx
etag: "09e423317519e26fcd0c5fc1a026561b"
content-type: image/jpeg
cache-control: max-age=315360000
content-length: 42603
accept-ranges: bytes
x-1p1-cdn: MISS; Tue, 16 Aug 2022 02:21:35 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 b179b1a345011da2f620df40a3fba89a_755x500.jpg
images.1plus1.ua/uploads/gallery/000/860/659/ 25 KB
25 KB 578ms
578ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/gallery/000/860/659/b179b1a345011da2f620df40a3fba89a_755x500.jpg?v=1645530063
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 7e6edea54ce8e20a389520d8987ce05d3b0ad269008dd07de7600ed4b8e8d2ae

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:35 GMT
last-modified: Tue, 22 Feb 2022 11:41:03 GMT
server: nginx
etag: "aa2b1236fb5ac10089d752b01f89bdfb"
content-type: image/jpeg
cache-control: max-age=315360000
content-length: 25695
accept-ranges: bytes
x-1p1-cdn: MISS; Tue, 16 Aug 2022 02:21:35 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 6476cab202c46a67552db7f8e6293399_755x500.jpg
images.1plus1.ua/uploads/gallery/000/860/668/ 26 KB
26 KB 580ms
580ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/gallery/000/860/668/6476cab202c46a67552db7f8e6293399_755x500.jpg?v=1645530093
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: bbb05b94711d32b94bf45db19a44a6f68bc361a1374016744bfd911dc43c4e3c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:35 GMT
last-modified: Tue, 22 Feb 2022 11:41:33 GMT
server: nginx
etag: "1aa71e70bddf3967c0297a3b71f6dbc7"
content-type: image/jpeg
cache-control: max-age=315360000
content-length: 26725
accept-ranges: bytes
x-1p1-cdn: MISS; Tue, 16 Aug 2022 02:21:35 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 83ff7b55149114842e5483a7bee20364_755x500.jpg
images.1plus1.ua/uploads/gallery/000/862/984/ 42 KB
43 KB 589ms
589ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/gallery/000/862/984/83ff7b55149114842e5483a7bee20364_755x500.jpg?v=1645633339
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 2314da4607398a6481be7b838cabed671605b3706f882c5435b677adfe8734b7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:35 GMT
last-modified: Wed, 23 Feb 2022 16:22:20 GMT
server: nginx
etag: "dabe971598e8a3e3683c6a552a2974ba"
content-type: image/jpeg
cache-control: max-age=315360000
content-length: 43269
accept-ranges: bytes
x-1p1-cdn: MISS; Tue, 16 Aug 2022 02:21:35 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 xgemius.js Show response
gaua.hit.gemius.pl/ 57 KB
15 KB 268ms
77ms Script
application/x-javascript 146.59.10.80
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/xgemius.js
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.10.80 , France, ASN16276 (OVH, FR),
Reverse DNS: ip80.ip-146-59-10.eu
Software: GHC /
Resource Hash: ed5727c5f85ede091e2379abbb49dd4b1f7138e683f889a894ef4e62c7b3ba5d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:35 GMT
content-encoding: gzip
last-modified: Mon, 25 Jul 2022 11:52:01 GMT
server: GHC
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: max-age=43200
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 15187
expires: Tue, 16 Aug 2022 14:21:35 GMT

GET
H2 200 cm.js Show response
source.mmi.bemobile.ua/cm/ 52 KB
20 KB 304ms
85ms Script
application/javascript 194.247.175.38
BEMOBILE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://source.mmi.bemobile.ua/cm/cm.js
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.247.175.38 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software: nginx/1.13.0 /
Resource Hash: 5d1b56a762d63b6e9bfb8a70552ce75c1c3938c782f8d9de971ecc960836c451

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:36 GMT
content-encoding: gzip
last-modified: Wed, 06 Nov 2019 07:55:53 GMT
server: nginx/1.13.0
etag: W/"5dc27c89-d0f6"
content-type: application/javascript; charset=utf-8
cache-control: no-cache
expires: Thu, 07 Nov 2019 07:55:53 GMT

GET
H2 200 pic.gif
pa.tns-ua.com/bug/ 56 B
138 B 309ms
86ms Image
image/gif 194.247.175.26
BEMOBILE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pa.tns-ua.com/bug/pic.gif?siteid=1plus1.ua&j=1&nocache=0.044764896517074826
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.247.175.26 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software: nginx/1.13.0 /
Resource Hash: 2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:36 GMT
cache-control: no-cache
server: nginx/1.13.0
expires: -1

GET
H2 200 sdk.js Show response
connect.facebook.net/uk_UA/ 3 KB
2 KB 222ms
70ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/uk_UA/sdk.js

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e8ff2f9c8c431b96699714b654c5f0aa61feb35f247a8a647170b2a47d8074a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: pHLjd2Er4nxgWQsG/4cJ5A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1688
x-fb-rlafr: 0
x-fb-debug: ITrZnAvamKcXgHdf8TvLdd3gw5NZEKLtAIo9X6H5BniiKAukqLW6U5tAsxwzsIhBzMnws8gvXnVFSy+cueQk4w==
x-fb-trip-id: 720026100
x-fb-content-md5: 58692b559903ed84c468c77b9b940b58
x-frame-options: DENY
date: Tue, 16 Aug 2022 02:21:36 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "d486f6350f280d6af5d56b6c469ac438"
timing-allow-origin: *
priority: u=3,i
expires: Tue, 16 Aug 2022 02:38:07 GMT

GET
H/1.1 200
OK ovva.0.3.0.css
1plus1.video/static/player/css/ Frame 0AA3 171 KB
26 KB 161ms
160ms Stylesheet
text/css 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://1plus1.video/static/player/css/ovva.0.3.0.css?v=704f1bf8100dcad41f29c14adca06bf8df2c5c76
Requested by: Host: 1plus1.video
URL: https://1plus1.video/video/embed/E2fzXbha?l=ua
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: 3dac64a94fcc4eae3c54f1f12824e9b82bebbec1acb3cb8b908f4ecc1f90e578

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/video/embed/E2fzXbha?l=ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 16 Aug 2022 02:21:35 GMT
Content-Encoding: gzip
Last-Modified: Mon, 29 Nov 2021 13:08:40 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Thu, 15 Sep 2022 02:21:25 GMT

GET
H/1.1 200
OK ovva.0.3.0.js Show response
1plus1.video/static/player/js/ Frame 0AA3 198 KB
69 KB 319ms
159ms Script
application/javascript 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=704f1bf8100dcad41f29c14adca06bf8df2c5c76
Requested by: Host: 1plus1.video
URL: https://1plus1.video/video/embed/E2fzXbha?l=ua
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: 517d4417f1918881abb8b87e7be918ca95b9eb50de3a5ef4a46e2e39626aba7b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/video/embed/E2fzXbha?l=ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 16 Aug 2022 02:21:35 GMT
Content-Encoding: gzip
Last-Modified: Wed, 12 Jan 2022 10:01:09 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Thu, 15 Sep 2022 02:16:54 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 0AA3 106 KB
41 KB 65ms
64ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-104502981-1

Requested by

Host: 1plus1.video
URL: https://1plus1.video/video/embed/E2fzXbha?l=ua

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

47727881bc948609e9e54a1582861ee99343b60c620b4d8b76f8b197bdd93281

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:35 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41782
x-xss-protection: 0
last-modified: Tue, 16 Aug 2022 00:05:33 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 16 Aug 2022 02:21:35 GMT

GET
H2 200 hbw_master_298309_4139.js Show response
player.adtelligent.com/prebidlink/x461282/ 124 KB
31 KB 177ms
176ms Script
application/javascript 45.133.44.4
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/prebidlink/x461282/hbw_master_298309_4139.js
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebid/wrapper_hb_298309_4139.js?cb=19220
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: 922aea1ffbd0cd401297921a9b9b4f24027b3076907d61ebb03e06e18e727963

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:35 GMT
content-encoding: gzip
last-modified: Wed, 10 Aug 2022 14:39:34 GMT
server: nginx
etag: W/"62f3c326-1f0ed"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Thu, 18 Aug 2022 02:21:35 GMT
cache-control: max-age=172800
x-proxy-cache: HIT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 83 KB
29 KB 178ms
61ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a65e12985d44f14398aa11d74fac822e2dd0318b5a02aaf3bf914756d653e98d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28619
x-xss-protection: 0
server: sffe
etag: "1305 / 371 of 1000 / last-modified: 1660601245"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 16 Aug 2022 02:21:36 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 182ms
53ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PWKM5Z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 4776
date: Tue, 16 Aug 2022 01:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 16 Aug 2022 03:02:00 GMT

GET
H2 200 modules.8b83be320cd47888a36c.js Show response
script.hotjar.com/ 249 KB
64 KB 214ms
66ms Script
application/javascript 52.222.236.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.8b83be320cd47888a36c.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1437498.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-63.fra56.r.cloudfront.net

Software

Resource Hash

3395548d12c45b3163fe2231ff03b0ced049771aeae73bacb45b2726e2f61010

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 10:54:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 314850
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains
content-length: 65169
access-control-allow-origin: *
last-modified: Fri, 12 Aug 2022 10:53:25 GMT
etag: "aa31991b0402338880bb68565eec8d76"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 d9bcd0a29e17b9290f8c9f1617335954.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: g6xCX58p_Y23hpGUC1Zkk3JoKNVEMI8ywisedLLbKJKNxCJ4EEbSLg==

GET
H2 200 c.html Show response
cdn.admixer.net/scripts3/48427/ Frame 750A 738 B
519 B 59ms
58ms Document
text/html 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/48427/c.html?b=48427
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer: https://1plus1.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache: HIT
cache-control: max-age=31622400
content-encoding: gzip
content-type: text/html
date: Tue, 16 Aug 2022 02:21:35 GMT
etag: W/"62e28a7b-2e2"
expires: Sat, 29 Jul 2023 13:10:16 GMT
last-modified: Thu, 28 Jul 2022 13:09:15 GMT
server: nginx
vary: Accept-Encoding
x-cached-since: 2022-07-28T13:10:16+00:00
x-id: fr5-up-gc8

GET
H2 200 a21031c0f6a0994b3314.b.js Show response
cdn.admixer.net/scripts3/48427/ 23 KB
8 KB 61ms
60ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/48427/a21031c0f6a0994b3314.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 680f6e9a0e9f9d8c145e11d6937f688ff4299215d44bf0a54368ffc6acdbfc51

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc8
date: Tue, 16 Aug 2022 02:21:35 GMT
content-encoding: gzip
last-modified: Thu, 28 Jul 2022 13:09:13 GMT
server: nginx
etag: W/"62e28a79-5d41"
vary: Accept-Encoding
x-cached-since: 2022-07-28T13:10:16+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Sat, 29 Jul 2023 13:10:16 GMT

GET
H2 200 0a75d04ce9f53a1a35b6.b.js Show response
cdn.admixer.net/scripts3/48427/ 75 KB
20 KB 66ms
66ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/48427/0a75d04ce9f53a1a35b6.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: ecd2e45fcd6ed0f17eaefccd72cdb8253be8673636adcbf3f8902aeeed654fe2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc8
date: Tue, 16 Aug 2022 02:21:35 GMT
content-encoding: gzip
last-modified: Thu, 28 Jul 2022 13:09:02 GMT
server: nginx
etag: W/"62e28a6e-12c39"
vary: Accept-Encoding
x-cached-since: 2022-07-28T13:10:16+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Sat, 29 Jul 2023 13:10:16 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208090101/ 340 KB
120 KB 81ms
80ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9111367348737651&plah=1plus1.ua

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ece6c9b1d1c1fa8114b9955322df55bb60c35a2b9ece46af5f3ecac109340c3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122760
x-xss-protection: 0
server: cafe
etag: 8166151643679177491
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 16 Aug 2022 02:21:35 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220811/r20190131/ Frame 76BF 10 KB
5 KB 183ms
53ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220811/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1plus1.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 71620
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 Aug 2022 06:27:55 GMT
etag: 8616628553774171045
expires: Mon, 29 Aug 2022 06:27:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK api.auth.0.0.5.js Show response
api.1plus1.video/static/js/ 108 KB
33 KB 255ms
161ms Script
application/javascript 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.1plus1.video/static/js/api.auth.0.0.5.js?v=704f1bf8100dcad41f29c14adca06bf8df2c5c76
Requested by: Host: api.1plus1.video
URL: https://api.1plus1.video/u/l.js?p=&l=ua&f=0&auth=1&login_profile=1
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: 792972a6b7f330144c0cf22b9c63f8efaff4665dfb2b43868d0cbbaff721d100

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 16 Aug 2022 02:21:36 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Apr 2022 11:59:04 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Thu, 15 Sep 2022 02:18:49 GMT

GET
H2 200 box-1ada912494ba7fc7aca15fcef1c2a7ae.html Show response
vars.hotjar.com/ Frame E21B 2 KB
1 KB 188ms
57ms Document
text/html 13.224.189.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vars.hotjar.com/box-1ada912494ba7fc7aca15fcef1c2a7ae.html

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1437498.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-122.fra2.r.cloudfront.net

Software

Resource Hash

90438997aa817bad94f49d367b04dbaaaa387493ef5a1f5b5d5f7b953b76c1ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://1plus1.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 2915309
cache-control: max-age=31536000
content-encoding: br
content-length: 1044
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 13 Jul 2022 08:33:06 GMT
etag: "0b3d3f4206ab84d8861a8cc4b2ddbe66"
last-modified: Wed, 13 Jul 2022 08:32:20 GMT
strict-transport-security: max-age=86400; includeSubDomains
vary: Accept-Encoding
via: 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
x-amz-cf-id: pveCCUYr1_vStJ5Cu1j1dHMt9_h_L2RK-NNQY10ablWQoJi0LnZw4g==
x-amz-cf-pop: FRA2-C1
x-cache: Hit from cloudfront
x-robots-tag: none

GET
H2 200 piwik.php
assay.1plus1.ua/ 43 B
145 B 84ms
84ms Image
image/gif 195.137.240.12
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assay.1plus1.ua/piwik.php?action_name=%D0%9E%D1%84%D1%96%D1%86%D1%96%D0%B9%D0%BD%D0%B8%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%D1%83%201%2B1&idsite=2&rec=1&r=228320&h=2&m=21&s=35&url=https%3A%2F%2F1plus1.ua%2F&_id=9a2865db329a0183&_idts=1660616496&_idvc=1&_idn=0&_refts=0&_viewts=1660616496&send_image=1&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&gt_ms=243

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

195.137.240.12 , Ukraine, ASN29389 (ASN-UNIAN, UA),

Reverse DNS

assay.1plus1.ua

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:35 GMT
content-encoding: none
server: nginx
content-length: 43
x-frame-options: SAMEORIGIN
content-type: image/gif

GET
H2 200 hb_298309_4139.js Show response
player.adtelligent.com/prebidlink/ex19220/ 360 KB
112 KB 69ms
69ms Script
application/javascript 45.133.44.4
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/prebidlink/ex19220/hb_298309_4139.js
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/x461282/hbw_master_298309_4139.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: 6903e81927c3f3e28ae08163d84178c351135f4d0853e83f76ce32aa1117905b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:35 GMT
content-encoding: gzip
last-modified: Tue, 19 Jul 2022 19:11:06 GMT
server: nginx
etag: W/"62d701ca-5a0ba"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Thu, 18 Aug 2022 02:21:35 GMT
cache-control: max-age=172800
x-proxy-cache: HIT

GET
H/1.1 200
OK / Show response
ghb.adtelligent.com/geo/ 148 B
413 B 155ms
43ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/geo/
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/x461282/hbw_master_298309_4139.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 47b0f36d04c917e0298fc6b93154020c2091dc5db7210b9db17888230f0541e6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 16 Aug 2022 02:21:35 GMT
Server: Adtelligent
Content-Type: application/json
Access-Control-Allow-Origin: https://1plus1.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 148

GET
H/1.1 200
OK tracking Show response
ghb.adtelligent.com/adunit/ 43 B
426 B 155ms
44ms XHR
image/gif 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/adunit/tracking?event=11&type=0&client_id=298309&site_id=4139&full_page_url=https%3A%2F%2F1plus1.ua%2F&adid=vk6orm.z4&features=16416&vpbv=G077&lifecycle_tte=1395
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/x461282/hbw_master_298309_4139.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 16 Aug 2022 02:21:35 GMT
Server: Adtelligent
Content-Type: image/gif
Access-Control-Allow-Origin: https://1plus1.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 43

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 213 B
641 B 190ms
62ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=1plus1.ua&callback=_gfp_s_&client=ca-pub-9111367348737651

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9111367348737651&plah=1plus1.ua

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

4d569e83f62183eeb0feb40de8c366cc3d1664f246279c6c319c72463b949455

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 196
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 179ms
63ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=1plus1.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 16 Aug 2022 02:21:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 191ms
62ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=1plus1.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 16 Aug 2022 02:21:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 87ms
87ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2F1plus1.ua%2F&tn=DIV&cls=cookies%20open&ign=false&pw=1600&ph=1200&x=1575&y=1175

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Aug 2022 02:21:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 87ms
87ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2F1plus1.ua%2F&tn=HEADER&cls=header&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Aug 2022 02:21:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B7F4 603 B
248 B 73ms
73ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9111367348737651&output=html&adk=1812271804&adf=3025194257&lmt=1660616495&plat=1%3A16777216%2C2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2F1plus1.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660616495739&bpp=5&bdt=701&idt=175&shv=r20220811&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3782523039314&frm=20&pv=2&ga_vid=1451509079.1660616496&ga_sid=1660616496&ga_hid=1339046466&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760911%2C31060048%2C31064019&oid=2&pvsid=1079456314554186&tmod=1500385511&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=191

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1plus1.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 16 Aug 2022 02:21:35 GMT
expires: Tue, 16 Aug 2022 02:21:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 fpdata.js Show response
gaua.hit.gemius.pl/ 278 B
415 B 77ms
77ms Script
application/x-javascript 146.59.10.80
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/fpdata.js?href=1plus1.ua
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.10.80 , France, ASN16276 (OVH, FR),
Reverse DNS: ip80.ip-146-59-10.eu
Software: GHC /
Resource Hash: 0d90464ee9b1b63f4d25925a108c27f80ab2f2329d0257bfa5332caac8dbc90c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:36 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
server: GHC
etag: PRIVATE7520710249
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: private, max-age=2592000
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 278
expires: Thu, 15 Sep 2022 02:21:36 GMT

GET
H2 200 lsget.html Show response
ls.hit.gemius.pl/ Frame 48D4 5 KB
3 KB 239ms
77ms Document
text/html 146.59.30.108
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ls.hit.gemius.pl/lsget.html
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.30.108 , France, ASN16276 (OVH, FR),
Reverse DNS: ip108.ip-146-59-30.eu
Software: GHC /
Resource Hash: 85ed9324626f3a3ef60fd5d14ffc9fa94f572e3aad145af582b3d4b6f4bc6d46

Request headers

Referer: https://1plus1.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: none
cache-control: private, max-age=2592000
content-encoding: gzip
content-length: 2712
content-type: text/html;charset=utf-8
cross-origin-resource-policy: cross-origin
date: Tue, 16 Aug 2022 02:21:36 GMT
etag: PRIVATE7520710249
expires: Thu, 15 Sep 2022 02:21:36 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
p3p: CP="NOI DSP COR NID PSAo OUR IND"
server: GHC
vary: Accept-Encoding,Origin,User-Agent

GET
H/1.1 200
OK csyncs Show response
ghb.adtelligent.com/ 285 B
552 B 44ms
43ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/csyncs?aid1=437381
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/x461282/hbw_master_298309_4139.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 7bb41cb01e8d4beee575e8407d30ea36e35b372e463778e8ad16813236423d53

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 16 Aug 2022 02:21:35 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://1plus1.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 248

GET
H/1.1 200
OK l.js Show response
api.1plus1.video/u/ Frame 0AA3 898 B
2 KB 95ms
95ms Script
application/javascript 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.1plus1.video/u/l.js?p=128902&l=ua&f=0&auth=1&login_profile=1&_t=1660616496047
Requested by: Host: 1plus1.video
URL: https://1plus1.video/video/embed/E2fzXbha?l=ua
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: 0794b9a67a407f7032a86d5b5db6ab1c2ec16d05118d0aa080c6ef7eeab58412

Request headers

Referer: https://1plus1.video/
Origin: https://1plus1.video
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 16 Aug 2022 02:21:36 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: https://1plus1.video
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Keep-Alive: timeout=15
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame 0AA3 131 KB
48 KB 64ms
62ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WPC3Q76

Requested by

Host: 1plus1.video
URL: https://1plus1.video/video/embed/E2fzXbha?l=ua

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2ed29ecb64c40cba3d32f44c6e17c3e985b9ea42d824bddcbedbd5a39792dc97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:36 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49239
x-xss-protection: 0
last-modified: Tue, 16 Aug 2022 00:05:33 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 16 Aug 2022 02:21:36 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 0AA3 49 KB
20 KB 132ms
69ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-104502981-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 4776
date: Tue, 16 Aug 2022 01:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 16 Aug 2022 03:02:00 GMT

GET
H/1.1

200
OK

csync
sync.adtelligent.com/
Redirect Chain

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=bb097895-9d49-4d58-97fc-d812cf2fc971

0
404 B

751ms
190ms

Image
text/plain

62.149.0.72
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=bb097895-9d49-4d58-97fc-d812cf2fc971
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: HTTP/1.1
Server: 62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS: 0-72.cc86365-03-tmp.cc.colocall.com
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 16 Aug 2022 02:21:36 GMT
Server: Adtelligent
Etag: 9f5f360b599052b1
Content-Length: 0

Redirect headers

location: https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=bb097895-9d49-4d58-97fc-d812cf2fc971
date: Tue, 16 Aug 2022 02:21:36 GMT
cache-control: no-store no-transform
server: nginx
content-length: 166
content-type: text/html; charset=utf-8

GET
H2

200

%7Buid%7D
sync.pubwise.io/usersync/adtellsspban/
Redirect Chain

https://sync.pubwise.io/usersync/adtellsspban/%7Buid%7D
https://sync.pubwise.io/usersync/adtellsspban/%7Buid%7D?zcc=1

43 B
92 B

132ms
131ms

Image
image/gif

147.75.198.217
PACKET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.pubwise.io/usersync/adtellsspban/%7Buid%7D?zcc=1
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Server: 147.75.198.217 Tokyo, Japan, ASN54825 (PACKET, US),
Reverse DNS: sync-1
Software: nginx /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:36 GMT
server: nginx

Redirect headers

location: https://sync.pubwise.io/usersync/adtellsspban/%7Buid%7D?zcc=1
date: Tue, 16 Aug 2022 02:21:36 GMT
server: nginx
content-type: text/html

GET
H2 200 cds.js Show response
pa.tns-ua.com/viewability/ 2 KB
3 KB 84ms
84ms Script
application/javascript 194.247.175.26
BEMOBILE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pa.tns-ua.com/viewability/cds.js
Requested by: Host: source.mmi.bemobile.ua
URL: https://source.mmi.bemobile.ua/cm/cm.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.247.175.26 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software: nginx/1.13.0 /
Resource Hash: 9cfc3a96cab0eb315783265b6db554e532e060952d409399cc7dd1d7e775b9a3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:36 GMT
last-modified: Mon, 02 Jul 2018 17:27:00 GMT
server: nginx/1.13.0
accept-ranges: bytes
etag: "5b3a6064-9c3"
content-length: 2499
content-type: application/javascript; charset=utf-8

GET
H/1.1 200
OK api.auth.0.0.5.js Show response
api.1plus1.video/static/js/ Frame 0AA3 108 KB
33 KB 221ms
159ms Script
application/javascript 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.1plus1.video/static/js/api.auth.0.0.5.js?v=704f1bf8100dcad41f29c14adca06bf8df2c5c76
Requested by: Host: api.1plus1.video
URL: https://api.1plus1.video/u/l.js?p=128902&l=ua&f=0&auth=1&login_profile=1&_t=1660616496047
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: 792972a6b7f330144c0cf22b9c63f8efaff4665dfb2b43868d0cbbaff721d100

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 16 Aug 2022 02:21:36 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Apr 2022 11:59:04 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Thu, 15 Sep 2022 02:18:49 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 172ms
63ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1339046466&t=pageview&_s=1&dl=https%3A%2F%2F1plus1.ua%2F&ul=en-us&de=UTF-8&dt=%D0%9E%D1%84%D1%96%D1%86%D1%96%D0%B9%D0%BD%D0%B8%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%D1%83%201%2B1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAEABAAAAAC~&jid=663817731&gjid=849396695&cid=1451509079.1660616496&tid=UA-22507043-9&_gid=1884303810.1660616496&_r=1&gtm=2wg8f0PWKM5Z&z=780400648

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 16 Aug 2022 02:21:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://1plus1.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 169ms
64ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1339046466&t=pageview&_s=1&dl=https%3A%2F%2F1plus1.ua%2F&ul=en-us&de=UTF-8&dt=%D0%9E%D1%84%D1%96%D1%86%D1%96%D0%B9%D0%BD%D0%B8%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%D1%83%201%2B1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAjAAEABAAAAAC~&jid=494943291&gjid=1047390082&cid=1451509079.1660616496&tid=UA-113262294-1&_gid=1884303810.1660616496&_r=1&gtm=2wg8f0PWKM5Z&z=846495811

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 16 Aug 2022 02:21:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://1plus1.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/uk_UA/ 303 KB
86 KB 144ms
73ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/uk_UA/sdk.js?hash=780cb46144bb92bb993045091e7744b6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/uk_UA/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

010fc49006208426914e70347c6f84561073cba092232280b8901de805071508

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://1plus1.ua/
Origin: https://1plus1.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: bel3UNF4a8wLmcB8Ktluyg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 88017
x-fb-rlafr: 0
x-fb-debug: +Ob6ZURbK4rzwHrzubTD1DyUWrAsvS6RJlVF0IgK6sVScwDJLSeB/RchOTbfWSP9LSP+JnVy8vozvkvsu2QU1g==
x-fb-content-md5: 51a9c5612423bff45e128dc2bb8960e5
x-frame-options: DENY
date: Tue, 16 Aug 2022 02:21:36 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "7e1325c18024c686abd0e62839febc0c"
timing-allow-origin: *
priority: u=3,i
expires: Wed, 16 Aug 2023 02:18:07 GMT

GET
H2 200 pubads_impl_2022081101.js Show response
securepubads.g.doubleclick.net/gpt/ 388 KB
133 KB 420ms
54ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081101.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

sffe /

Resource Hash

48bd457befd1682d1e21bd4327a12799559ecc1308da5413b21ee60d2e6c0dde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:03:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4701
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 135472
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 08:35:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 16 Aug 2023 01:03:15 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 157 B
742 B 430ms
62ms XHR
application/json 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=1plus1.ua

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

3ab326af9dc6c82a2117248f99b169c68e64ef429ca3cfb75ddf9aa81e07c3a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 16 Aug 2022 02:21:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 106
x-xss-protection: 0
expires: Tue, 16 Aug 2022 02:21:36 GMT

GET
H2 200 cm.html Show response
pa.tns-ua.com/viewability/ Frame 1571 3 KB
1 KB 84ms
84ms Document
text/html 194.247.175.26
BEMOBILE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pa.tns-ua.com/viewability/cm.html
Requested by: Host: pa.tns-ua.com
URL: https://pa.tns-ua.com/viewability/cds.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.247.175.26 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software: nginx/1.13.0 /
Resource Hash: 9b99450717649bd5715ae5cba0e064d8cc879abe705815792d66097163cfb576

Request headers

Referer: https://1plus1.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 16 Aug 2022 02:21:36 GMT
etag: W/"5b31038d-b5f"
last-modified: Mon, 25 Jun 2018 15:00:29 GMT
server: nginx/1.13.0

GET
H2

200

rexdot.js Show response
gaua.hit.gemius.pl/__/_1660616496271/
Redirect Chain

https://gaua.hit.gemius.pl/_1660616496271/rexdot.js?l=100&id=AjrqKCOxP8PKBji0fzFPYcU1XmENAbtLwaFZEcN9oWn.27&et=view&hsrc=1&initsonar=1&extra=&inner=_ver%3D328&eventid=0&fr=1&tz=0&fv=-&href=https%3A...
https://gaua.hit.gemius.pl/__/_1660616496271/rexdot.js?l=100&id=AjrqKCOxP8PKBji0fzFPYcU1XmENAbtLwaFZEcN9oWn.27&et=view&hsrc=1&initsonar=1&extra=&inner=_ver%3D328&eventid=0&fr=1&tz=0&fv=-&href=https...

169 B
423 B

183ms
182ms

Script
application/x-javascript

146.59.10.80
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/__/_1660616496271/rexdot.js?l=100&id=AjrqKCOxP8PKBji0fzFPYcU1XmENAbtLwaFZEcN9oWn.27&et=view&hsrc=1&initsonar=1&extra=&inner=_ver%3D328&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2F1plus1.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=8S4QrwvH82e2IO0WEL4rec6Svlm_mD5YFIA4R1w6Nqf.A7H.TSnN9mMQCEggvY3N8V9NZYVr911FAe9HCJSWxmKOHsdv/Vld9MzOxb_A0s/&ltime=270&fpdata=-TURNEDOFF
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Server: 146.59.10.80 , France, ASN16276 (OVH, FR),
Reverse DNS: ip80.ip-146-59-10.eu
Software: GHC /
Resource Hash: 148a6268f4df5f8b0a298dc702ea68501fed607179676913d080af1525a46405

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Aug 2022 02:21:36 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 169
expires: Mon, 15 Aug 2022 02:21:36 GMT

Redirect headers

pragma: no-cache
date: Tue, 16 Aug 2022 02:21:36 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: /__/_1660616496271/rexdot.js?l=100&id=AjrqKCOxP8PKBji0fzFPYcU1XmENAbtLwaFZEcN9oWn.27&et=view&hsrc=1&initsonar=1&extra=&inner=_ver%3D328&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2F1plus1.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=8S4QrwvH82e2IO0WEL4rec6Svlm_mD5YFIA4R1w6Nqf.A7H.TSnN9mMQCEggvY3N8V9NZYVr911FAe9HCJSWxmKOHsdv/Vld9MzOxb_A0s/&ltime=270&fpdata=-TURNEDOFF
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Mon, 15 Aug 2022 02:21:36 GMT

GET
H/1.1 200
OK api.auth.css
api.1plus1.video/static/css/ 56 KB
9 KB 386ms
386ms Stylesheet
text/css 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.1plus1.video/static/css/api.auth.css?_t767030813759
Requested by: Host: client
URL: about:client
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: a691ce0fb054d5f2128394b9ad9c5961d7c0cdc1804bc83d6760df78ee304d7f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 16 Aug 2022 02:21:36 GMT
Content-Encoding: gzip
Last-Modified: Tue, 13 Apr 2021 11:47:41 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Thu, 15 Sep 2022 02:21:36 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 925 B
1000 B 180ms
63ms Script
text/javascript 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=__api_auth_recaptcha_on_load__&render=explicit&hl=uk

Requested by

Host: api.1plus1.video
URL: https://api.1plus1.video/static/js/api.auth.0.0.5.js?v=704f1bf8100dcad41f29c14adca06bf8df2c5c76

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d071426c6d2cbed63eeb1df70d8449cb0a0cba82c11deef4f17d5283a570721a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 587
x-xss-protection: 1; mode=block
expires: Tue, 16 Aug 2022 02:21:36 GMT

GET
H/1.1 200
OK api.auth.css
api.1plus1.video/static/css/ Frame 0AA3 56 KB
9 KB 81ms
81ms Stylesheet
text/css 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.1plus1.video/static/css/api.auth.css?_t907486506520
Requested by: Host: client
URL: about:client
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: a691ce0fb054d5f2128394b9ad9c5961d7c0cdc1804bc83d6760df78ee304d7f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 16 Aug 2022 02:21:36 GMT
Content-Encoding: gzip
Last-Modified: Tue, 13 Apr 2021 11:47:41 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Thu, 15 Sep 2022 02:21:36 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
437 B 169ms
56ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-22507043-9&cid=1451509079.1660616496&jid=663817731&gjid=849396695&_gid=1884303810.1660616496&_u=YAhAAEAAAAAAAC~&z=1648927726

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 16 Aug 2022 02:21:36 GMT
content-type: text/plain
access-control-allow-origin: https://1plus1.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 PageStatEntry Show response
sslpagestat.mmi.bemobile.ua/pagestat/ 36 B
131 B 632ms
85ms XHR
application/json 194.247.175.25
BEMOBILE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sslpagestat.mmi.bemobile.ua/pagestat/PageStatEntry?cookie=BDE9DB9575DD4145A4C8CCFC1B3777FC&time=1660616496171&location=https%3A%2F%2F1plus1.ua%2F&referrer=&is_flash=0&session_id=705497297&version=3.5.337_ua/1.83&sw=1600&sh=1200&scd=24&spd=24&tnscm_adn=inline_cm&param1=~cm_timer~&param2=0&param3=1200&param5=2&vt=d
Requested by: Host: source.mmi.bemobile.ua
URL: https://source.mmi.bemobile.ua/cm/cm.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.247.175.25 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 147b1111edda7e2c2f9d672b5649de2f2dc5d5cb9dda7905198aa883a4273013

Request headers

Accept: application/json
Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 16 Aug 2022 02:21:36 GMT
server: nginx/1.16.0
content-length: 36
content-type: application/json

GET
H2 200 pic.gif
pa.tns-ua.com/bug/ 56 B
231 B 84ms
84ms Image
image/gif 194.247.175.26
BEMOBILE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pa.tns-ua.com/bug/pic.gif?uid=BDE9DB9575DD4145A4C8CCFC1B3777FC&time=1660616496389
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.247.175.26 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software: nginx/1.13.0 /
Resource Hash: 2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:36 GMT
cache-control: no-cache
server: nginx/1.13.0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ Frame 0AA3 925 B
652 B 167ms
64ms Script
text/javascript 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=__api_auth_recaptcha_on_load__&render=explicit&hl=uk

Requested by

Host: api.1plus1.video
URL: https://api.1plus1.video/static/js/api.auth.0.0.5.js?v=704f1bf8100dcad41f29c14adca06bf8df2c5c76

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d071426c6d2cbed63eeb1df70d8449cb0a0cba82c11deef4f17d5283a570721a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 587
x-xss-protection: 1; mode=block
expires: Tue, 16 Aug 2022 02:21:36 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 0AA3 5 KB
1 KB 179ms
64ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700&subset=cyrillic-ext,latin-ext

Requested by

Host: api.1plus1.video
URL: https://api.1plus1.video/static/css/api.auth.css?_t907486506520

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

910612fc65208677f4e2fff60558e0f1949138a3696402a17ed5582efe0d2649

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://api.1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 16 Aug 2022 01:09:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 16 Aug 2022 02:21:36 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 16 Aug 2022 02:21:36 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 208ms
58ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1834787353214372&ev=fb_page_view&dl=https%3A%2F%2F1plus1.ua%2F&rl=&if=false&ts=1660616496517&sw=1600&sh=1200&at=

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:36 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Tue, 16 Aug 2022 02:21:36 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
296 B 66ms
65ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-22507043-9&cid=1451509079.1660616496&jid=663817731&_u=YAhAAEAAAAAAAC~&z=1655915620

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Aug 2022 02:21:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 180ms
65ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-22507043-9&cid=1451509079.1660616496&jid=663817731&_u=YAhAAEAAAAAAAC~&z=1655915620

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Aug 2022 02:21:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 recaptcha__uk.js Show response
www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/ 417 KB
157 KB 170ms
54ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/recaptcha__uk.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=__api_auth_recaptcha_on_load__&render=explicit&hl=uk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63c8520eb549db1fe0d18ae74dd243b2442c3880b0219bd4635d4b8c9bb4eca7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1plus1.ua/
Origin: https://1plus1.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 10:39:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 56501
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 159917
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 08:12:45 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 15 Aug 2023 10:39:55 GMT

GET
H2 200 recaptcha__uk.js Show response
www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/ Frame 0AA3 417 KB
156 KB 232ms
117ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/recaptcha__uk.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=__api_auth_recaptcha_on_load__&render=explicit&hl=uk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63c8520eb549db1fe0d18ae74dd243b2442c3880b0219bd4635d4b8c9bb4eca7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1plus1.video/
Origin: https://1plus1.video
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 10:39:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 56501
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 159917
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 08:12:45 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 15 Aug 2023 10:39:55 GMT

GET
H3 200 css
fonts.googleapis.com/ 5 KB
667 B 172ms
63ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700&subset=cyrillic-ext,latin-ext

Requested by

Host: api.1plus1.video
URL: https://api.1plus1.video/static/css/api.auth.css?_t767030813759

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

910612fc65208677f4e2fff60558e0f1949138a3696402a17ed5582efe0d2649

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://api.1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 16 Aug 2022 01:05:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 16 Aug 2022 02:21:36 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 16 Aug 2022 02:21:36 GMT

GET
H2 200 config.json Show response
player.adtelligent.com/exchange_rates/298308/ 4 KB
2 KB 170ms
56ms XHR
application/json 45.133.44.4
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/exchange_rates/298308/config.json?cb=https%3A%2F%2F1plus1.ua%2F
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19220/hb_298309_4139.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: c82c236f68101d046ca39f124a51791e9287b8f89bae3317c224cd30b5c52c13

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 16 Aug 2022 02:21:36 GMT
content-encoding: gzip
last-modified: Mon, 15 Aug 2022 00:02:11 GMT
server: nginx
etag: W/"62f98d03-1171"
content-type: application/json
access-control-allow-origin: https://1plus1.ua
expires: Thu, 18 Aug 2022 02:21:36 GMT
cache-control: max-age=172800
x-proxy-cache: HIT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 172ms
63ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=1plus1.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 16 Aug 2022 02:21:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 171ms
62ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=1plus1.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 16 Aug 2022 02:21:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 145 KB
43 KB 520ms
411ms XHR
text/plain 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1079456314554186&correlator=3357841042747514&eid=31068829%2C31068924%2C31064019&output=ldjh&gdfp_req=1&vrg=2022081101&ptt=17&impl=fifs&iu_parts=82479101%2C1plus1.ua%2CWeb_Interstitual&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=2&adks=2910912907&sfv=1-0-38&ists=1&fas=8&fsapi=false&eri=1&sc=1&cookie=ID%3D6714111e46a8c048-22c6634ff4cd00ac%3AT%3D1660616496%3ART%3D1660616496%3AS%3DALNI_MZZXZ7vfLuC9TTRbSrXeJmIoB0XhA&abxe=1&dt=1660616496848&lmt=1660616496&dlt=1660616495037&idt=1766&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2F1plus1.ua%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1451509079.1660616496&ga_sid=1660616496&ga_hid=1339046466&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

16f60a886f27383f8a1fdf605efc175370161962920174e49a2f446b5af172bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44347
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://1plus1.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 534E 6 KB
4 KB 315ms
61ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1plus1.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 16 Aug 2022 02:21:37 GMT
expires: Wed, 16 Aug 2023 02:21:37 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads_2022081101.js Show response
securepubads.g.doubleclick.net/gpt/ 36 KB
13 KB 159ms
54ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022081101.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

sffe /

Resource Hash

b5d59cabb74825156b2bb79c42dfa9f625e1ea9c99fc1d404acacb4f93314b23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:40:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 402073
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13585
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 08:35:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 11 Aug 2023 10:40:23 GMT

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
356 B 187ms
58ms XHR
application/json 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19220/hb_298309_4139.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://1plus1.ua
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
171 B 187ms
52ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19220/hb_298309_4139.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://1plus1.ua
date: Tue, 16 Aug 2022 02:21:37 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
211 B 239ms
49ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.25.1-c&cb=42485168795

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19220/hb_298309_4139.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 16 Aug 2022 02:21:36 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://1plus1.ua
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

POST
H/1.1 200
OK / Show response
ghb.adtelligent.com/v2/auction/ 3 KB
680 B 68ms
68ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/v2/auction/
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19220/hb_298309_4139.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 131432643e0165e0a7f83cb2265dd8205d737daebd1018baa23f8e9092c873dc

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 16 Aug 2022 02:21:36 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://1plus1.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 376

POST
H/1.1 200
OK / Show response
ghb1.adtelligent.com/v2/auction/ 571 B
568 B 272ms
62ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb1.adtelligent.com/v2/auction/
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19220/hb_298309_4139.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2989d122b428032347ee59214588caa9b61ff760ead0a8d23637af3728222143

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 16 Aug 2022 02:21:36 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://1plus1.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 264

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
55 B 475ms
177ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19220/hb_298309_4139.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://1plus1.ua
date: Tue, 16 Aug 2022 02:21:36 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
111 B 431ms
134ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19220/hb_298309_4139.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://1plus1.ua
date: Tue, 16 Aug 2022 02:21:35 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 i Show response
ads.adnuntius.delivery/ 7 KB
2 KB 280ms
176ms XHR
application/json 2606:4700:3030::6815:5525
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adnuntius.delivery/i?tzo=0&format=json&consentString=undefined
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19220/hb_298309_4139.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:5525 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5dc0702dec75bdeb8a67d19957304730cdd4aa53bd1a940ba00ba31b6256a624

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 16 Aug 2022 02:21:37 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-adn-diagnostic-request-id: 322478a36d05c1885227d5495c459da9
x-adn-backend-server-id: hcc1ff82
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1235
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RHhUDCYIoC8vPoaUYXXdB8RInSmP8K1XLFlcLj9FHD27Nm2m0s%2FckhGIXGGCBayFOW%2BDdKPod8V5mqqSHGaJ5kchI1IYhaOB4LIxvHUqe9kED04V2ir0FVPYDrTZL8RXwEB1rvKUNUtVN4Bg9gs4DUwI3snQ"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://1plus1.ua
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 73b6b2926a18f41f-LHR
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 613 B
1 KB 303ms
181ms XHR
application/json 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19220/hb_298309_4139.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

45fff35851d8c34ef6df7518b3b26356694076eb620c43396638fa12a1edb2aa

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 16 Aug 2022 02:21:37 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 82.199.130.44; 82.199.130.44; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: bef7ca43-f67a-45c9-b326-cf149db62de6
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://1plus1.ua
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 325 B
1 KB 294ms
111ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2126352&size_id=15&gdpr=0&eid_pubcid.org=e3a50f3c-c85a-46f9-8b84-2b684c202fd4%5E1&rf=https%3A%2F%2F1plus1.ua%2F&tg_i.pbadslot=%2F82479101%2F1plus1.ua%2F1plus1_300x250_2%23div-gpt-ad-1519059092931-2&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=fd126008-f8f7-44f8-ae96-6dbd119e66af&l_pb_bid_id=5395b736632e549&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F82479101%2F1plus1.ua%2F1plus1_300x250_2%23div-gpt-ad-1519059092931-2&slots=1&rand=0.2774825610470111
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19220/hb_298309_4139.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: ff5784ee41f5d5fae982c0469b9f0029d45cb54e6bd99e9fbfe0ffe2fc5f5170

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 16 Aug 2022 02:21:37 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://1plus1.ua
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 325
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 353 B
1 KB 295ms
111ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2126352&size_id=15&alt_size_ids=10&gdpr=0&eid_pubcid.org=e3a50f3c-c85a-46f9-8b84-2b684c202fd4%5E1&rf=https%3A%2F%2F1plus1.ua%2F&tg_i.pbadslot=%2F82479101%2F1plus1.ua%2F1plus1_300x600%23div-gpt-ad-1519059092931-01333031834&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=e074499e-d771-4af3-8a4f-275875d3017c&l_pb_bid_id=5425a7c8a34541c&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F82479101%2F1plus1.ua%2F1plus1_300x600%23div-gpt-ad-1519059092931-01333031834&slots=1&rand=0.05593253933240239
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19220/hb_298309_4139.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 87d710f5ddf668c92c4f3d3cc93c7fb8cfec48960b6c9b262d4bb7b378250787

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 16 Aug 2022 02:21:37 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://1plus1.ua
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 353
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 324 B
1 KB 313ms
129ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2126352&size_id=57&gdpr=0&eid_pubcid.org=e3a50f3c-c85a-46f9-8b84-2b684c202fd4%5E1&rf=https%3A%2F%2F1plus1.ua%2F&tg_i.pbadslot=%2F82479101%2F1plus1.ua%2F1plus1_1250x250%23div-gpt-ad-1519059092931-1&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=dfae5311-ad11-430c-ba70-7fa72c003461&l_pb_bid_id=55242ba5287607d&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F82479101%2F1plus1.ua%2F1plus1_1250x250%23div-gpt-ad-1519059092931-1&slots=1&rand=0.05998567026765533
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19220/hb_298309_4139.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: f19edd43c8291933b70acf5ce715590f9487488781287063bd91dcc8a23de399

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 16 Aug 2022 02:21:37 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://1plus1.ua
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 324
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 353 B
1 KB 293ms
110ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2126352&size_id=15&alt_size_ids=10&gdpr=0&eid_pubcid.org=e3a50f3c-c85a-46f9-8b84-2b684c202fd4%5E1&rf=https%3A%2F%2F1plus1.ua%2F&tg_i.pbadslot=%2F82479101%2F1plus1.ua%2F1plus1_300x600%23div-gpt-ad-1519059092931-01333031834&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=99367a64-8543-49b1-b24b-ea3bfe84d83a&l_pb_bid_id=56f69bebee2f0d5&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F82479101%2F1plus1.ua%2F1plus1_300x600%23div-gpt-ad-1519059092931-01333031834&slots=1&rand=0.1912313932519547
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19220/hb_298309_4139.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: b243c676027af3bc0d693e59255412a4a2b5ff61bca542e2d23ed1cad8c971a8

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 16 Aug 2022 02:21:37 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://1plus1.ua
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 353
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 v1 Show response
hb-api.omnitagjs.com/hb-api/prebid/ 180 B
524 B 305ms
102ms XHR
application/json 185.255.84.151
IGUANE-

General

Check archive.org

Show headers Download Go to

Full URL

https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2F1plus1.ua%2F&CanonicalUrl=https%3A%2F%2Fm.1plus1.ua%2F&PublisherDomain=https%3A%2F%2F1plus1.ua

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19220/hb_298309_4139.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.151 Ivry-sur-Seine, France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

059e09ab2a9506e7809a1d952f005532229db1c89b3fa6bbaaad4292aeddbddd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 16 Aug 2022 02:21:36 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://1plus1.ua
access-control-max-age: 3600
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 42
access-control-allow-headers: Accept-Encoding, Content-Type
content-length: 180
expires: 0

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 324 B
1 KB 308ms
126ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48254&zone_id=1767304&size_id=15&gdpr=0&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=e3a50f3c-c85a-46f9-8b84-2b684c202fd4%5E1&rf=https%3A%2F%2F1plus1.ua%2F&tg_i.pbadslot=%2F82479101%2F1plus1.ua%2F1plus1_300x250_2%23div-gpt-ad-1519059092931-2&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=fd126008-f8f7-44f8-ae96-6dbd119e66af&l_pb_bid_id=61a6cd8360c601&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F82479101%2F1plus1.ua%2F1plus1_300x250_2%23div-gpt-ad-1519059092931-2&slots=1&rand=0.791637892382673
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19220/hb_298309_4139.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 45c8c61dee1fa623f68cb4e37cfc3d2859667d0e3472475e20f81cdb4114bbed

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 16 Aug 2022 02:21:37 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://1plus1.ua
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 324
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 352 B
1 KB 318ms
135ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48254&zone_id=1767304&size_id=15&alt_size_ids=10&gdpr=0&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=e3a50f3c-c85a-46f9-8b84-2b684c202fd4%5E1&rf=https%3A%2F%2F1plus1.ua%2F&tg_i.pbadslot=%2F82479101%2F1plus1.ua%2F1plus1_300x600%23div-gpt-ad-1519059092931-01333031834&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=e074499e-d771-4af3-8a4f-275875d3017c&l_pb_bid_id=626aa2c3e5092a7&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F82479101%2F1plus1.ua%2F1plus1_300x600%23div-gpt-ad-1519059092931-01333031834&slots=1&rand=0.09536062283903357
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19220/hb_298309_4139.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 05cabacfb913494a2aa4a7456edde299adc54abe9e6228748feb849adce9185c

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 16 Aug 2022 02:21:37 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://1plus1.ua
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 352
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 323 B
1 KB 415ms
123ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48254&zone_id=1767304&size_id=57&gdpr=0&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=e3a50f3c-c85a-46f9-8b84-2b684c202fd4%5E1&rf=https%3A%2F%2F1plus1.ua%2F&tg_i.pbadslot=%2F82479101%2F1plus1.ua%2F1plus1_1250x250%23div-gpt-ad-1519059092931-1&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=dfae5311-ad11-430c-ba70-7fa72c003461&l_pb_bid_id=63677941562ccff&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F82479101%2F1plus1.ua%2F1plus1_1250x250%23div-gpt-ad-1519059092931-1&slots=1&rand=0.4400534193963781
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19220/hb_298309_4139.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 6ace42c213508ccdc1bfd2ce43d508cf8691e6d7591fdd51fe8290ec2ef0dd75

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 16 Aug 2022 02:21:37 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://1plus1.ua
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 323
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 352 B
1 KB 424ms
132ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48254&zone_id=1767304&size_id=15&alt_size_ids=10&gdpr=0&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=e3a50f3c-c85a-46f9-8b84-2b684c202fd4%5E1&rf=https%3A%2F%2F1plus1.ua%2F&tg_i.pbadslot=%2F82479101%2F1plus1.ua%2F1plus1_300x600%23div-gpt-ad-1519059092931-01333031834&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=99367a64-8543-49b1-b24b-ea3bfe84d83a&l_pb_bid_id=64bf880f64a7164&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F82479101%2F1plus1.ua%2F1plus1_300x600%23div-gpt-ad-1519059092931-01333031834&slots=1&rand=0.6908790879308333
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19220/hb_298309_4139.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: d9d78d77ac22738553a7568e8588eaf77e1519d70004b7a3f175a21e8db9c84e

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 16 Aug 2022 02:21:37 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://1plus1.ua
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 352
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 bid Show response
a4p.adpartner.pro/hb/ 3 B
250 B 82ms
82ms XHR
application/json 51.83.220.94
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/hb/bid?tag=8048&sizes=1440x180&referer=https%3A%2F%2F1plus1.ua%2F
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19220/hb_298309_4139.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-03.adpartner.pro
Software: nginx /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://1plus1.ua
date: Tue, 16 Aug 2022 02:21:36 GMT
cache-control: no-store no-transform
access-control-allow-credentials: true
server: nginx
content-length: 3
content-type: application/json

POST
H/1.1 200
OK prebid.1.2.aspx Show response
inv-nets.admixer.net/ 991 B
1 KB 188ms
62ms XHR
text/javascript 146.0.227.109
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/prebid.1.2.aspx

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19220/hb_298309_4139.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

c74ec4606bd3cfca5f069daf66b9d7d5ce9656f0c9aec93bc66a4ee088c5485c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 16 Aug 2022 02:21:37 GMT
Server: nginx
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: https://1plus1.ua
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Keep-Alive: timeout=25
Content-Length: 991
X-Xss-Protection: 0

GET
H2 200 arj Show response
adtelligent-d.openx.net/w/1.0/ 174 B
582 B 418ms
269ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adtelligent-d.openx.net/w/1.0/arj?ju=https%3A%2F%2F1plus1.ua%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=fd126008-f8f7-44f8-ae96-6dbd119e66af%2Ce074499e-d771-4af3-8a4f-275875d3017c%2Cdfae5311-ad11-430c-ba70-7fa72c003461%2C99367a64-8543-49b1-b24b-ea3bfe84d83a%2Cfb62e6b7-e8a1-48cd-8b92-0afeb11a8cf8&nocache=1660616496913&gdpr=0&pubcid=e3a50f3c-c85a-46f9-8b84-2b684c202fd4&schain=1.0%2C1!adtelligent.com%2C298309%2C1%2C%2C%2C&aus=300x250%7C300x600%2C300x250%7C970x250%2C750x250%7C300x600%2C300x250%7C1440x180&divids=div-gpt-ad-1519059092931-2%2Cdiv-gpt-ad-1519059092931-01293973108%2Cdiv-gpt-ad-1519059092931-1%2Cdiv-gpt-ad-1519059092931-01333031834%2Capi-gpt-catfish-wrapper&aucs=%252F82479101%252F1plus1.ua%252F1plus1_300x250_2%2523div-gpt-ad-1519059092931-2%2C%252F82479101%252F1plus1.ua%252F1plus1_300x600%2523div-gpt-ad-1519059092931-01333031834%2C%252F82479101%252F1plus1.ua%252F1plus1_1250x250%2523div-gpt-ad-1519059092931-1%2C%252F82479101%252F1plus1.ua%252F1plus1_300x600%2523div-gpt-ad-1519059092931-01333031834%2C%252F82479101%252F1plus1.ua%252Fcatfish%2523api-gpt-catfish-wrapper&auid=541177132%2C541177132%2C541177132%2C541177132%2C541177132
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19220/hb_298309_4139.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 76074bb710aa7fad1e81b7b1bc210e4f5aa7469159da7f3888310e42e1548ee4

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 16 Aug 2022 02:21:37 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://1plus1.ua
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 162
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 c Show response
prebid.a-mo.net/a/ 88 KB
31 KB 234ms
117ms XHR
application/json 147.75.85.234
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19220/hb_298309_4139.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: f304834401b77a8e3f5458cd78e65052aafb28552a5a5f10f3c6fce8a4b995c3

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 16 Aug 2022 02:21:37 GMT
content-encoding: gzip
server: envoy
vary: origin, accept-encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://1plus1.ua
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 63
content-length: 31363

GET
H2

200

ROS Show response
pbjs.e-planning.net/hb/1/2e43c/1/1plus1.ua/
Redirect Chain

https://pbjs.e-planning.net/pbjs/1/2e43c/1/1plus1.ua/ROS?rnd=0.3236481053714162&e=300x250_0%3A300x250%2B300x250_1%3A300x250%2C300x600%2B300x250_2%3A300x250%2C300x600%2B970x250_0%3A970x250%2C750x250...
https://pbjs.e-planning.net/hb/1/2e43c/1/1plus1.ua/ROS?ct=1&r=pbjs&rnd=0.3236481053714162&e=300x250_0%3A300x250%2B300x250_1%3A300x250%2C300x600%2B300x250_2%3A300x250%2C300x600%2B970x250_0%3A970x250...

427 B
837 B

51ms
51ms

XHR
application/json

46.249.52.249
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pbjs.e-planning.net/hb/1/2e43c/1/1plus1.ua/ROS?ct=1&r=pbjs&rnd=0.3236481053714162&e=300x250_0%3A300x250%2B300x250_1%3A300x250%2C300x600%2B300x250_2%3A300x250%2C300x600%2B970x250_0%3A970x250%2C750x250%2B1440x180_0%3A1440x180&ur=https%3A%2F%2F1plus1.ua%2F&pbv=6.25.1-c&ncb=1&vs=FFFFF&crs=UTF-8&fr=https%3A%2F%2F1plus1.ua%2F&gdpr=0&e_pubcid=e3a50f3c-c85a-46f9-8b84-2b684c202fd4
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Server: 46.249.52.249 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: 03d6145a857d86defd62c2424232241b5f126db974f1d17f4bd8b1a8e678260d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:37 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://1plus1.ua
expires: Tue, 16 Aug 2022 02:21:37 GMT
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 427
x-sid: AMS-746

Redirect headers

date: Tue, 16 Aug 2022 02:21:37 GMT
server: openresty
access-control-allow-origin: https://1plus1.ua
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location: /hb/1/2e43c/1/1plus1.ua/ROS?ct=1&r=pbjs&rnd=0.3236481053714162&e=300x250_0%3A300x250%2B300x250_1%3A300x250%2C300x600%2B300x250_2%3A300x250%2C300x600%2B970x250_0%3A970x250%2C750x250%2B1440x180_0%3A1440x180&ur=https%3A%2F%2F1plus1.ua%2F&pbv=6.25.1-c&ncb=1&vs=FFFFF&crs=UTF-8&fr=https%3A%2F%2F1plus1.ua%2F&gdpr=0&e_pubcid=e3a50f3c-c85a-46f9-8b84-2b684c202fd4
access-control-allow-credentials: true
content-type: text/html; charset=iso-8859-1
x-sid: AMS-746

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
210 B 216ms
49ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.25.1-c&cb=58457533542

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19220/hb_298309_4139.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 16 Aug 2022 02:21:36 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://1plus1.ua
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

GET
H/1.1 200
OK hls.light.min.js Show response
1plus1.video/static/player/js/ Frame 0AA3 153 KB
53 KB 81ms
81ms Script
application/javascript 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://1plus1.video/static/player/js/hls.light.min.js
Requested by: Host: 1plus1.video
URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=704f1bf8100dcad41f29c14adca06bf8df2c5c76
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: bd9072da49e87b2c3688527532eb51a54a6886366915be497e4e2de0c83e5859

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/video/embed/E2fzXbha?l=ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 16 Aug 2022 02:21:37 GMT
Content-Encoding: gzip
Last-Modified: Mon, 11 Dec 2017 12:35:16 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Thu, 15 Sep 2022 02:17:35 GMT

GET
H2 200 92d3195f325a4d45ee303ab9d892d5b3.custom.jpg
images.1plus1.video/card-5/E2fzXbha/ Frame 0AA3 367 KB
0 117ms
116ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/card-5/E2fzXbha/92d3195f325a4d45ee303ab9d892d5b3.custom.jpg
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:37 GMT
last-modified: Tue, 15 Jun 2021 14:24:37 GMT
server: nginx
etag: "c7be8b09dd21bd3fc4aad93543f193e6"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 486113
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 16 Aug 2022 02:21:37 GMT
expires: Tue, 23 Aug 2022 02:21:37 GMT

GET
DATA 200
OK truncated
/ Frame 0AA3 369 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5f9ecc527406b9b72bc3a9f4527892dcf842584b7e6aeb7ce816a4c7c8803954

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
fonts.gstatic.com/s/opensans/v34/ Frame 0AA3 8 KB
0 235ms
114ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700&subset=cyrillic-ext,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://1plus1.video
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 19:02:00 GMT
x-content-type-options: nosniff
age: 26377
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26240
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:14:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 15 Aug 2023 19:02:00 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ Frame 0AA3 32 KB
0 172ms
54ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700&subset=cyrillic-ext,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://1plus1.video
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 18:50:34 GMT
x-content-type-options: nosniff
age: 27063
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 15 Aug 2023 18:50:34 GMT

GET
H2 200 gplayer.js Show response
gaua.hit.gemius.pl/ Frame 0AA3 22 KB
6 KB 78ms
77ms Script
application/x-javascript 146.59.10.80
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/gplayer.js
Requested by: Host: 1plus1.video
URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=704f1bf8100dcad41f29c14adca06bf8df2c5c76
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.10.80 , France, ASN16276 (OVH, FR),
Reverse DNS: ip80.ip-146-59-10.eu
Software: GHC /
Resource Hash: 8ea36d679c5c9dd3d5582d5f55c70ef4d7e3cf8d5360f8c45a637587483f6ee1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:37 GMT
content-encoding: gzip
last-modified: Mon, 25 Jul 2022 11:52:01 GMT
server: GHC
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: max-age=43200
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 5978
expires: Tue, 16 Aug 2022 14:21:37 GMT

GET
H/1.1 200
OK 128902 Show response
api.1plus1.video/v2/ua/recommendation_projects/ Frame 0AA3 2 KB
1 KB 112ms
112ms XHR
application/json 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.1plus1.video/v2/ua/recommendation_projects/128902?cid=E2fzXbha&vct=3&_t657938201750
Requested by: Host: 1plus1.video
URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=704f1bf8100dcad41f29c14adca06bf8df2c5c76
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: 657e07a55f961a681edb0af46650e3f9def875b0a521e2eafd07405be688ccbc

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 16 Aug 2022 02:21:37 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://1plus1.video
Cache-Control: no-store, no-cache, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Keep-Alive: timeout=15
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 gemiuslib.js Show response
gaua.hit.gemius.pl/ Frame 0AA3 54 KB
14 KB 78ms
78ms Script
application/x-javascript 146.59.10.80
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/gemiuslib.js
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/gplayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.10.80 , France, ASN16276 (OVH, FR),
Reverse DNS: ip80.ip-146-59-10.eu
Software: GHC /
Resource Hash: 12048eb039a836906a3a799018735711add81d651a6e111eafbda8e4951c1fa6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:37 GMT
content-encoding: gzip
last-modified: Mon, 25 Jul 2022 11:52:01 GMT
server: GHC
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: max-age=43200
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 14661
expires: Tue, 16 Aug 2022 14:21:37 GMT

GET
H/1.1 200
OK api.chat.0.0.1.js Show response
api.1plus1.video/static/js/ Frame 0AA3 33 KB
13 KB 80ms
80ms Script
application/javascript 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.1plus1.video/static/js/api.chat.0.0.1.js
Requested by: Host: 1plus1.video
URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=704f1bf8100dcad41f29c14adca06bf8df2c5c76
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: e2b2134adf52398755a5e6428ee95f6a6f99db6b82530f2b3e964c5be470cfe0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 16 Aug 2022 02:21:37 GMT
Content-Encoding: gzip
Last-Modified: Wed, 23 Feb 2022 14:15:45 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Thu, 15 Sep 2022 02:19:20 GMT

GET ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 0AA3 0
0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 180ms
70ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220811&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bf3e6b9fd59c73ad7242dd8173dfa89a97b23d59eb62624226c48e7245179964

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 16 Aug 2022 02:21:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11248
x-xss-protection: 0

GET
H2 200 52e43f15d2888e2bea1a412d1f3df3f4_755x500.jpg
images.1plus1.ua/uploads/gallery/000/861/427/ 34 KB
34 KB 81ms
80ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/gallery/000/861/427/52e43f15d2888e2bea1a412d1f3df3f4_755x500.jpg?v=1645557790
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/build/js/app.js?id=ff35a9d53833cf45c98e
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 1a1cbd003f02f0c1712e6de047260a8897034a6966acd5cccf3472fd1637ffb3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:37 GMT
last-modified: Tue, 22 Feb 2022 19:23:10 GMT
server: nginx
etag: "83a5e65aa6e0b9abe0e1d35df7ad25b8"
content-type: image/jpeg
cache-control: max-age=315360000
content-length: 35041
accept-ranges: bytes
x-1p1-cdn: HIT; Tue, 16 Aug 2022 01:15:40 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 337329a5e3fec02712e8d60b21e1412b_755x500.jpg
images.1plus1.ua/uploads/gallery/000/860/641/ 30 KB
30 KB 82ms
81ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/gallery/000/860/641/337329a5e3fec02712e8d60b21e1412b_755x500.jpg?v=1645530002
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/build/js/app.js?id=ff35a9d53833cf45c98e
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: abee2ab95491ef1e29b65b7c025f035fc075327c87817750d1149ed782780477

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:37 GMT
last-modified: Tue, 22 Feb 2022 11:40:02 GMT
server: nginx
etag: "cde866112b4b81b54aa1bd45cc67011d"
content-type: image/jpeg
cache-control: max-age=315360000
content-length: 30780
accept-ranges: bytes
x-1p1-cdn: HIT; Tue, 16 Aug 2022 01:15:40 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK E2fzXbha Show response
1plus1.video/video/embed/ Frame 0AA3 11 KB
6 KB 112ms
111ms Document
text/html 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://1plus1.video/video/embed/E2fzXbha?autoplay=0&l=ua
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: ee7295cc1684ca82dbf34fbae5c755d532036e40db4581d82e64016532294b25

Request headers

Referer: https://1plus1.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Tue, 16 Aug 2022 02:21:37 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=15
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET 580fc007f314b6c7a87ec2f320914a1a.220x330.jpg
images.1plus1.video/playlist-1/5589/ Frame 0AA3 0
0

GET fa026e772cfd5e39f5c43fb03bea1247.220x330.jpg
images.1plus1.video/playlist-1/101800/ Frame 0AA3 0
0

GET 370c2b73c5a49b7670bbcbdc1171051f.220x330.jpg
images.1plus1.video/playlist-1/3467/ Frame 0AA3 0
0

GET 220x330.jpg
images.1plus1.video/playlist-1/3093/ Frame 0AA3 0
0

GET 08889206d0bc6f22496fd04b86041fed.220x330.jpg
images.1plus1.video/playlist-1/326/ Frame 0AA3 0
0

GET e2811c3b984e91c24e364696bb27bc38.220x330.jpg
images.1plus1.video/playlist-1/93/ Frame 0AA3 0
0

GET 200x335.jpg
images.1plus1.video/playlist-1/172/ Frame 0AA3 0
0

GET f0ee1990bc109bdc1d80ced614848fbe.220x330.jpg
images.1plus1.video/playlist-1/118669/ Frame 0AA3 0
0

GET fpdata.js
gaua.hit.gemius.pl/ Frame 0AA3 0
0

GET lsget.html
ls.hit.gemius.pl/ Frame 00BD 0
0

POST redot.gif
gaua.hit.gemius.pl/_1660616497331/ Frame 0AA3 0
0

GET
H/1.1 200
OK ovva.0.3.0.css
1plus1.video/static/player/css/ Frame 0AA3 171 KB
26 KB 81ms
80ms Stylesheet
text/css 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://1plus1.video/static/player/css/ovva.0.3.0.css?v=704f1bf8100dcad41f29c14adca06bf8df2c5c76
Requested by: Host: 1plus1.video
URL: https://1plus1.video/video/embed/E2fzXbha?autoplay=0&l=ua
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: 3dac64a94fcc4eae3c54f1f12824e9b82bebbec1acb3cb8b908f4ecc1f90e578

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/video/embed/E2fzXbha?autoplay=0&l=ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 16 Aug 2022 02:21:37 GMT
Content-Encoding: gzip
Last-Modified: Mon, 29 Nov 2021 13:08:40 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Thu, 15 Sep 2022 02:21:25 GMT

GET
H/1.1 200
OK ovva.0.3.0.js Show response
1plus1.video/static/player/js/ Frame 0AA3 198 KB
69 KB 81ms
81ms Script
application/javascript 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=704f1bf8100dcad41f29c14adca06bf8df2c5c76
Requested by: Host: 1plus1.video
URL: https://1plus1.video/video/embed/E2fzXbha?autoplay=0&l=ua
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: 517d4417f1918881abb8b87e7be918ca95b9eb50de3a5ef4a46e2e39626aba7b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/video/embed/E2fzXbha?autoplay=0&l=ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 16 Aug 2022 02:21:37 GMT
Content-Encoding: gzip
Last-Modified: Wed, 12 Jan 2022 10:01:09 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Thu, 15 Sep 2022 02:16:54 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 0AA3 106 KB
41 KB 63ms
63ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-104502981-1

Requested by

Host: 1plus1.video
URL: https://1plus1.video/video/embed/E2fzXbha?autoplay=0&l=ua

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dbc354859fef7dae46a4e2bf46dd588a370af74891a423c519c8a7708b513f8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:37 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41784
x-xss-protection: 0
last-modified: Tue, 16 Aug 2022 00:05:33 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 16 Aug 2022 02:21:37 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 74ms
74ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=1plus1.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 16 Aug 2022 02:21:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 63ms
63ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=1plus1.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 16 Aug 2022 02:21:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 200 KB
33 KB 624ms
623ms XHR
text/plain 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1079456314554186&correlator=4454596864084204&eid=31068829%2C31068924%2C31064019&output=ldjh&gdfp_req=1&vrg=2022081101&ptt=17&impl=fifs&iu_parts=82479101%2C1plus1.ua%2C1plus1_300x250_2%2C1plus1_300x600%2C1plus1_1250x250%2Ccatfish&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F3%2C%2F0%2F1%2F5&prev_iu_szs=300x250%2C300x600%7C300x250%2C970x250%7C750x250%2C300x600%7C300x250%2C1440x180&ifi=3&adks=695559250%2C4079972484%2C3836652839%2C3439286118%2C2198103003&sfv=1-0-38&fsapi=false&prev_scp=Project_1plus1%3DMain%26hb_rfBid%3D0%26strategy%3DG%26excl_cat%3DPREPOST%7CProject_1plus1%3DMain%26hb_rfBid%3D0%26strategy%3DG%26excl_cat%3DPREPOST%7CProject_1plus1%3DMain%26hb_rfBid%3D0%26strategy%3DG%26excl_cat%3DPREPOST%7CProject_1plus1%3DOther%26hb_rfBid%3D0%26strategy%3DG%26excl_cat%3DPREPOST%7CProject_1plus1%3Dother%26hb_rfBid%3D0%26strategy%3DG%26excl_cat%3DPREPOST&eri=1&sc=1&cookie=ID%3D6714111e46a8c048-22c6634ff4cd00ac%3AT%3D1660616496%3ART%3D1660616496%3AS%3DALNI_MZZXZ7vfLuC9TTRbSrXeJmIoB0XhA&abxe=1&dt=1660616497386&lmt=1660616497&dlt=1660616495037&idt=1766&adxs=299%2C983%2C315%2C983%2C80&adys=680%2C2368%2C4423%2C5030%2C1020&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C1%7C2%7C3%7C0&ucis=2%7C3%7C4%7C5%7C6&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2F1plus1.ua%2F&frm=20&vis=1&psz=314x0%7C300x0%7C1176x120%7C300x0%7C1600x-1&msz=314x0%7C300x0%7C1176x0%7C300x0%7C1600x-1&fws=0%2C0%2C0%2C0%2C512&ohw=0%2C0%2C0%2C0%2C0&ga_vid=1451509079.1660616496&ga_sid=1660616496&ga_hid=1339046466&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

a9815a218a8880a5fd082882093e52ac35d40d9a773e854bdd069d8f7bbdd1b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:37 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33315
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-1,5933081408
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,-1,-1,138382859779
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://1plus1.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 177ms
61ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 16 Aug 2022 02:21:37 GMT

GET
H3 200 container.html Show response
c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B374 6 KB
3 KB 171ms
61ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1plus1.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 16 Aug 2022 02:21:37 GMT
expires: Wed, 16 Aug 2023 02:21:37 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK l.js Show response
api.1plus1.video/u/ Frame 0AA3 898 B
2 KB 102ms
101ms Script
application/javascript 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.1plus1.video/u/l.js?p=128902&l=ua&f=0&auth=1&login_profile=1&_t=1660616497501
Requested by: Host: 1plus1.video
URL: https://1plus1.video/video/embed/E2fzXbha?autoplay=0&l=ua
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: 5a748bf4e1de84386c5aef3cab3cf7acf1508b099a53dee9915f718a73321230

Request headers

Referer: https://1plus1.video/
Origin: https://1plus1.video
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 16 Aug 2022 02:21:37 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: https://1plus1.video
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Keep-Alive: timeout=15
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame 0AA3 131 KB
48 KB 63ms
62ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WPC3Q76

Requested by

Host: 1plus1.video
URL: https://1plus1.video/video/embed/E2fzXbha?autoplay=0&l=ua

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2ed29ecb64c40cba3d32f44c6e17c3e985b9ea42d824bddcbedbd5a39792dc97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:37 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49239
x-xss-protection: 0
last-modified: Tue, 16 Aug 2022 00:05:33 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 16 Aug 2022 02:21:37 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 0AA3 49 KB
20 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-104502981-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 4777
date: Tue, 16 Aug 2022 01:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 16 Aug 2022 03:02:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3CB1 13 KB
5 KB 165ms
54ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1plus1.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 13966
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 15 Aug 2022 22:28:51 GMT
expires: Tue, 15 Aug 2023 22:28:51 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame FF06 783 B
534 B 175ms
63ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

807ff9f64aca022eca6aded14b0aa128abb57266e851445bfe60f9428665b320

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-KNE-H9VpcUCt1EibrfZNwA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://1plus1.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-KNE-H9VpcUCt1EibrfZNwA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 16 Aug 2022 02:21:37 GMT
expires: Tue, 16 Aug 2022 02:21:37 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 css2
fonts.googleapis.com/ Frame B374 4 KB
636 B 64ms
64ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com
URL: https://c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 16 Aug 2022 01:00:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 16 Aug 2022 02:21:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 16 Aug 2022 02:21:37 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame E3D8 8 KB
893 B 64ms
64ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com
URL: https://c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 16 Aug 2022 01:01:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 16 Aug 2022 02:21:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 16 Aug 2022 02:21:37 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220811/r20110914/client/ Frame E3D8 2 KB
902 B 154ms
90ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220811/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com
URL: https://c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:21:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3607
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 Aug 2022 01:21:30 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220811/r20110914/ Frame E3D8 23 KB
9 KB 116ms
54ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220811/r20110914/abg_lite_fy2021.js

Requested by

Host: c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com
URL: https://c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:25:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3360
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9668
x-xss-protection: 0
server: cafe
etag: 3250940068065303693
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 Aug 2022 01:25:37 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220811/r20110914/client/ Frame E3D8 3 KB
1 KB 115ms
53ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220811/r20110914/client/window_focus_fy2021.js

Requested by

Host: c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com
URL: https://c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:08:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 788
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 Aug 2022 02:08:29 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220811/r20110914/client/ Frame E3D8 17 KB
7 KB 134ms
72ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220811/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com
URL: https://c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:35:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2779
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 Aug 2022 01:35:18 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E3D8 140 KB
43 KB 176ms
67ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com
URL: https://c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75bf5c0112a41f871dc47c5e98deef6dc7db8e94178bf0c853f3a09415f6d338

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44015
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1660137096112928"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 16 Aug 2022 02:21:37 GMT

GET
H3 200 16838d5bcb4c763c91f5404f5ca97705.js Show response
www.gstatic.com/mysidia/ Frame E3D8 33 KB
13 KB 166ms
56ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/16838d5bcb4c763c91f5404f5ca97705.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com
URL: https://c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93b23044262887fc2d7651deb7749b1d5b9dd942922da55a84fec5dfb38e024f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 03:40:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 427238
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13605
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 03:14:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 09 Nov 2022 03:40:59 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220811/r20110914/elements/html/ Frame B374 19 KB
8 KB 139ms
80ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220811/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com
URL: https://c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f964612ea368ffe1d612a004f0a0e05453155fa7cb27dff624e5ada25c6847fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:30:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3087
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8368
x-xss-protection: 0
server: cafe
etag: 5162546928090487746
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 Aug 2022 01:30:10 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame B374 205 B
229 B 160ms
55ms Image
image/png 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com
URL: https://c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:31:57 GMT
x-content-type-options: nosniff
age: 2980
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 16 Aug 2023 01:31:57 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame B374 604 B
628 B 161ms
55ms Image
image/png 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com
URL: https://c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:06:13 GMT
x-content-type-options: nosniff
age: 4524
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 16 Aug 2023 01:06:13 GMT

GET
H/1.1 200
OK api.auth.0.0.5.js Show response
api.1plus1.video/static/js/ Frame 0AA3 108 KB
33 KB 80ms
80ms Script
application/javascript 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.1plus1.video/static/js/api.auth.0.0.5.js?v=704f1bf8100dcad41f29c14adca06bf8df2c5c76
Requested by: Host: api.1plus1.video
URL: https://api.1plus1.video/u/l.js?p=128902&l=ua&f=0&auth=1&login_profile=1&_t=1660616497501
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: 792972a6b7f330144c0cf22b9c63f8efaff4665dfb2b43868d0cbbaff721d100

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 16 Aug 2022 02:21:37 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Apr 2022 11:59:04 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Thu, 15 Sep 2022 02:18:49 GMT

GET
H/1.1 200
OK api.auth.css
api.1plus1.video/static/css/ Frame 0AA3 56 KB
9 KB 81ms
81ms Stylesheet
text/css 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.1plus1.video/static/css/api.auth.css?_t1419227252994
Requested by: Host: client
URL: about:client
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: a691ce0fb054d5f2128394b9ad9c5961d7c0cdc1804bc83d6760df78ee304d7f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 16 Aug 2022 02:21:37 GMT
Content-Encoding: gzip
Last-Modified: Mon, 03 Aug 2020 07:12:56 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Thu, 15 Sep 2022 02:21:37 GMT

GET
H3 200 api.js Show response
www.google.com/recaptcha/ Frame 0AA3 925 B
608 B 65ms
64ms Script
text/javascript 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=__api_auth_recaptcha_on_load__&render=explicit&hl=uk

Requested by

Host: api.1plus1.video
URL: https://api.1plus1.video/static/js/api.auth.0.0.5.js?v=704f1bf8100dcad41f29c14adca06bf8df2c5c76

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d071426c6d2cbed63eeb1df70d8449cb0a0cba82c11deef4f17d5283a570721a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 587
x-xss-protection: 1; mode=block
expires: Tue, 16 Aug 2022 02:21:37 GMT

GET
H3 200 nFxlsDypB7fADXJag6hgweS-nRuXDEO5nQJQNtw06Bw.js Show response
pagead2.googlesyndication.com/bg/ Frame 3CB1 36 KB
14 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/nFxlsDypB7fADXJag6hgweS-nRuXDEO5nQJQNtw06Bw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c5c65b03ca907b7c00d725a83a860c1e4be9d1b970c43b99d025036dc34e81c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 20:24:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21429
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14139
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 15 Aug 2023 20:24:28 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 42C0 143 B
163 B 162ms
53ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com
URL: https://c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 2544
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Tue, 16 Aug 2022 01:39:13 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame CAC7 1 KB
749 B 55ms
54ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com
URL: https://c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 35660
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 Aug 2022 16:27:17 GMT
etag: 48472445140208031
expires: Tue, 16 Aug 2022 16:27:17 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame FF06 0
0 88ms
88ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220811&jk=1079456314554186&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 recaptcha__uk.js Show response
www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/ Frame 0AA3 417 KB
156 KB 164ms
55ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/recaptcha__uk.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=__api_auth_recaptcha_on_load__&render=explicit&hl=uk

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63c8520eb549db1fe0d18ae74dd243b2442c3880b0219bd4635d4b8c9bb4eca7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1plus1.video/
Origin: https://1plus1.video
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 10:39:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 56502
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 159917
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 08:12:45 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 15 Aug 2023 10:39:55 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 0AA3 5 KB
667 B 65ms
64ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700&subset=cyrillic-ext,latin-ext

Requested by

Host: api.1plus1.video
URL: https://api.1plus1.video/static/css/api.auth.css?_t1419227252994

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

910612fc65208677f4e2fff60558e0f1949138a3696402a17ed5582efe0d2649

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://api.1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 16 Aug 2022 00:54:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 16 Aug 2022 02:21:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 16 Aug 2022 02:21:37 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame CAC7 70 B
265 B 176ms
59ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEBHNmRFBVNIJ_eXepNvSen4&google_cver=1&google_push=AehlK4D4sfWvuxQvi7to3cziyqQMZl7tfXWWFBtDDmaCJpCbAAwsitgOmBWfrRlkXH_JPEJhDOCCSD3TQEh4onAoKt-MzASn7udxEg
Requested by: Host: c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com
URL: https://c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Aug 2022 02:21:38 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CAC7
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEO9HEr4SnkoPeYr6QF1dh-k&google_cver=1&google_push=AehlK4A3RSqGwE4F0M66OU9v6xB9TjUhuN_12u56jdaDlvH2KTtw-DyZi-Noh5VT9CX_IWaMtaRxGNUU3QBZcUB6...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AehlK4A3RSqGwE4F0M66OU9v6xB9TjUhuN_12u56jdaDlvH2KTtw-DyZi-Noh5VT9CX_IWaMtaRxGNUU3QBZcUB6_PdyJJD0lDb74A

170 B
188 B

186ms
76ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AehlK4A3RSqGwE4F0M66OU9v6xB9TjUhuN_12u56jdaDlvH2KTtw-DyZi-Noh5VT9CX_IWaMtaRxGNUU3QBZcUB6_PdyJJD0lDb74A

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Aug 2022 02:21:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 16 Aug 2022 02:21:38 GMT
via: 1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA2-C1
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AehlK4A3RSqGwE4F0M66OU9v6xB9TjUhuN_12u56jdaDlvH2KTtw-DyZi-Noh5VT9CX_IWaMtaRxGNUU3QBZcUB6_PdyJJD0lDb74A
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: 4vZCV4J73sPf8ZqJDXIRtbxbia-IUqewknOSY7bvf-VzgtkiAS2ogg==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CAC7
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESEIcZCJux_Putygb8xN5VY6A&google_cver=1&google_push=AehlK4BcZLx-yYioY0Bbd603AmWO5lYvfNTNb5ij5luKvFVPtjCN5Em9ir9y3G6lBSBl6sS0gWZwOFtPvpuNUL3znsA_Zq...
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEIcZCJux_Putygb8xN5VY6A&google_cver=1&google_push=AehlK4BcZLx-yYioY0Bbd603AmWO5lYvfNTNb5ij5luKvFVPtjCN5Em9ir9y3G6lBSBl6sS0gWZwOFtPvpuNUL3z...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=OdNIYvLtQTe41ZoH7Ggj-g&google_push=AehlK4BcZLx-yYioY0Bbd603AmWO5lYvfNTNb5ij5luKvFVPtjCN5Em9ir9y3G6lBSBl6sS0gWZwOFtPvpuNUL3...

170 B
188 B

97ms
76ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=OdNIYvLtQTe41ZoH7Ggj-g&google_push=AehlK4BcZLx-yYioY0Bbd603AmWO5lYvfNTNb5ij5luKvFVPtjCN5Em9ir9y3G6lBSBl6sS0gWZwOFtPvpuNUL3znsA_ZqZVkj-xIA

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Aug 2022 02:21:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=OdNIYvLtQTe41ZoH7Ggj-g&google_push=AehlK4BcZLx-yYioY0Bbd603AmWO5lYvfNTNb5ij5luKvFVPtjCN5Em9ir9y3G6lBSBl6sS0gWZwOFtPvpuNUL3znsA_ZqZVkj-xIA
date: Tue, 16 Aug 2022 02:21:38 GMT
access-control-allow-origin: *
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame CAC7 0
75 B 366ms
51ms Image
text/plain 185.86.139.94
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESELEEw-AGmxUoKpve_hcIwgs&google_cver=1&google_push=AehlK4Dbz6_ZkyKerf_A4CT8a4vAzRLr1A_eNBu4V-QYAG3OfwXIweZpaBgUvEOndHAPh73Tr3dB9poTChSZFVAuXtTixRxckVR5Lw
Requested by: Host: c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com
URL: https://c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.94 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:37 GMT
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CAC7
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEGxDxc12Ew1c3mZe4kJQz4c&google_cver=1&google_push=AehlK4DPjjey8nVPn7nox1MPPSx-9GIxisb-bOoorrBNOpRl_d9bOwLH13EoP-OlEAXhsq-w2n...
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEGxDxc12Ew1c3mZe4kJQz4c&google_cver=1&google_push=AehlK4DPjjey8nVPn7nox1MPPSx-9GIxisb-bOoorrBNOpRl_d9bOwLH13EoP-OlEAXhsq-w2n...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS00aVlCYUxsRTJ1SHpkRndLcEVXWHMuV2RuSnc1RnU0V35B&google_push=AehlK4DPjjey8nVPn7nox1MPPSx-9GIxisb-bOoorrBNOpRl_d9bOwLH1...

170 B
188 B

99ms
77ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS00aVlCYUxsRTJ1SHpkRndLcEVXWHMuV2RuSnc1RnU0V35B&google_push=AehlK4DPjjey8nVPn7nox1MPPSx-9GIxisb-bOoorrBNOpRl_d9bOwLH13EoP-OlEAXhsq-w2n0qwpI-dhYF7SyEVW7Wi9SRD9doCi0

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Aug 2022 02:21:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS00aVlCYUxsRTJ1SHpkRndLcEVXWHMuV2RuSnc1RnU0V35B&google_push=AehlK4DPjjey8nVPn7nox1MPPSx-9GIxisb-bOoorrBNOpRl_d9bOwLH13EoP-OlEAXhsq-w2n0qwpI-dhYF7SyEVW7Wi9SRD9doCi0
date: Tue, 16 Aug 2022 02:21:38 GMT
server: ATS/9.1.0.46
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

/
onetag-sys.com/match/ Frame CAC7
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEOQxhdkIUNheaAaweVaP9wk&google_cver=1&google_push=AehlK4DBDR8R-oLeBNyu-2JMo4tztkgSuuiawVoFdeXPKmU-WfXL_dAuZEBUGYwZW2l1vyTM1ZS0dvHU0_V...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AehlK4DBDR8R-oLeBNyu-2JMo4tztkgSuuiawVoFdeXPKmU-WfXL_dAuZEBUGYwZW2l1vyTM1ZS0dvHU0_VuZJZ5vFxoXmF7kofnckw
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

57ms
57ms

Image
text/plain

51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Protocol

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Tue, 16 Aug 2022 02:21:38 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame CAC7 23 B
172 B 377ms
108ms Image
image/gif 104.96.128.226
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEGPyVoVPMZsf5N2MFPgX3e8&google_cver=1&google_push=AehlK4DbPUAmShQAC5-96BzSu2rImbIZER0bkykgYeEQ91XzgbpPMCxUeEp278OIVLvk9rDc3d3b7JkDr24cgucgKyDp0Myq34Cvrg
Requested by: Host: c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com
URL: https://c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.128.226 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-128-226.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.8 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Aug 2022 02:21:38 GMT
cache-control: max-age=0, no-cache, no-store
expires: Tue, 16 Aug 2022 02:21:38 GMT
server: akka-http/10.2.8
content-length: 23
content-type: image/gif

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame CAC7 0
223 B 194ms
62ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JHmJ0bWRAHgvOLiNXp8hZxoxLZrmjR6OkWTGXIa7bh5SsTryxNRtl0jdekROMUZNiUEL2QLPim

Requested by

Host: c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com
URL: https://c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:38 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3CB1 0
10 B 53ms
53ms Image
text/plain 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?BnwD0Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:37 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 42C0
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

70ms
70ms

Document
text/html

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com
URL: https://c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 16 Aug 2022 02:21:38 GMT
expires: Tue, 16 Aug 2022 02:21:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 16 Aug 2022 02:21:37 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 lIG_-rjQweUtsPTJkqViasoL1XPo6OtXzg5InKx-NMQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 8C54 36 KB
14 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lIG_-rjQweUtsPTJkqViasoL1XPo6OtXzg5InKx-NMQ.js

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9481bffab8d0c1e52db0f4c992a5626aca0bd573e8e8eb57ce0e489cac7e34c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 12:24:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50234
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14125
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 15 Aug 2023 12:24:23 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C43C 0
0 92ms
91ms Fetch
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjste8HRKR9wvYjIN0qfC9Yf-vgPrSpnpGSm7rDpqMwmiK7vCTfrztOoPl61xL_MWtn6CxHMMNRBPphlA9qopalGQ_TbXHt2_hX3ySndHYtvAHzHdOR7qzcaXurWDWnobKOtoR9t2jS5MPMZ7AaByC3LFBPesKWUjI3DDfI9n1XY2LBowYPNbiuN8d__XiAtm-R1REl_gKLlGIP_3lXwjIBknZboZQJ9hp0_lCckkF8GWzFg4YnMPvtPLzSNgXHYj4TdkbM4fdh3jf8WG3PyH7fC6QWvFIDvGSy3j0Jmvn45ipTingCK7Yf9JqFs7QKrEEe7PuCBSKa2yt-6HnF9UecW2&sai=AMfl-YTFHTRveE2i_vfqUY6eZGXzHJRmbebM0i_5jcgm_-2MsDVTUe8IYwg8L-gbQtISpJYlItVy7ewGzE51dsLnmOnw8atL7fn9jkwY7S7IUPnT4LMA341R52K8-D-4YA&sig=Cg0ArKJSzBlliCCpwwHgEAE&uach_m=[UACH]&adurl=

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 16 Aug 2022 02:21:38 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220811/r20110914/client/ Frame C43C 3 KB
1 KB 55ms
53ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220811/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:08:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 789
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 Aug 2022 02:08:29 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C43C 140 KB
43 KB 66ms
64ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75bf5c0112a41f871dc47c5e98deef6dc7db8e94178bf0c853f3a09415f6d338

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44015
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1660137096112928"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 16 Aug 2022 02:21:38 GMT

GET
H3 200 16477273106259141800
tpc.googlesyndication.com/simgad/ Frame C43C 87 KB
87 KB 56ms
55ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16477273106259141800

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c342cf44bda3d1aa3ffe18e68360b534b97a015eef7ce00cbd7ddf4ed265952

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 07:16:07 GMT
x-content-type-options: nosniff
age: 414331
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 89441
x-xss-protection: 0
last-modified: Thu, 24 Feb 2022 20:25:32 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 11 Aug 2023 07:16:07 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame C43C 0
0 63ms
61ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT1h8r_ERmWzzTdY0f3oleKsdODLYA94lrO9BiQgwKmwzBdUCKnkdKUkEKndLUQ2_Nb8SN0r7NjNXasB3tQyHPsPRBVTg
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081101.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 container.html Show response
c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2C3D 6 KB
3 KB 54ms
54ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1plus1.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 16 Aug 2022 02:21:37 GMT
expires: Wed, 16 Aug 2023 02:21:37 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9C12 6 KB
3 KB 54ms
53ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1plus1.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 16 Aug 2022 02:21:37 GMT
expires: Wed, 16 Aug 2023 02:21:37 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame C43C 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bfc54f34301ba9211903b66d11c74eba9ef94ef42c48e9bea5f688e706b569f3

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK hls.light.min.js Show response
1plus1.video/static/player/js/ Frame 0AA3 153 KB
53 KB 80ms
80ms Script
application/javascript 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://1plus1.video/static/player/js/hls.light.min.js
Requested by: Host: 1plus1.video
URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=704f1bf8100dcad41f29c14adca06bf8df2c5c76
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: bd9072da49e87b2c3688527532eb51a54a6886366915be497e4e2de0c83e5859

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/video/embed/E2fzXbha?autoplay=0&l=ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 16 Aug 2022 02:21:38 GMT
Content-Encoding: gzip
Last-Modified: Mon, 11 Dec 2017 12:35:16 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Thu, 15 Sep 2022 02:17:35 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 2C3D 702 B
372 B 63ms
62ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Slabo+27px:400&lang=uk

Requested by

Host: c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com
URL: https://c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

547acc9e82421e913029cc4fb4e65cf7273c615813c18e504b4ac7847b00658a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 16 Aug 2022 02:21:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 16 Aug 2022 02:21:38 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 16 Aug 2022 02:21:38 GMT

GET
H3 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220811/r20110914/client/ Frame 2C3D 34 KB
14 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220811/r20110914/client/m_js_controller_fy2021.js

Requested by

Host: c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com
URL: https://c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b493e2e2fc6205daea36c1339205681e5cbaf2c816401d9d52baf9c30e19c17b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:15:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 367
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14050
x-xss-protection: 0
server: cafe
etag: 7129214490944754455
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 Aug 2022 02:15:31 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 2C3D 22 KB
7 KB 61ms
60ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com
URL: https://c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 11:21:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53998
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 15 Aug 2023 11:21:40 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2C3D 140 KB
43 KB 75ms
74ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com
URL: https://c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75bf5c0112a41f871dc47c5e98deef6dc7db8e94178bf0c853f3a09415f6d338

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44015
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1660137096112928"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 16 Aug 2022 02:21:38 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220811/r20110914/ Frame 2C3D 23 KB
9 KB 67ms
65ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220811/r20110914/abg_lite_fy2021.js

Requested by

Host: c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com
URL: https://c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:25:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3361
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9668
x-xss-protection: 0
server: cafe
etag: 3250940068065303693
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 Aug 2022 01:25:37 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220811/r20110914/client/ Frame 2C3D 3 KB
1 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220811/r20110914/client/window_focus_fy2021.js

Requested by

Host: c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com
URL: https://c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:08:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 789
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 Aug 2022 02:08:29 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220811/r20110914/client/ Frame 2C3D 17 KB
7 KB 72ms
70ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220811/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com
URL: https://c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:35:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2780
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 Aug 2022 01:35:18 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 2C3D 0
0 62ms
62ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTb4WCLZaAGzUeielAYtBBzUUHfEdIvsAw0EAynbiNtin5S7AOtydYK2y379xT0HR23q3bW10q7QwVPNJghUkFOJE2_4g
Requested by: Host: c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com
URL: https://c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C43C 0
0 217ms
91ms Fetch
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstDr_Yn3YTYAPkYjVA0Yy-h0Q_MybZgBMNhchkYfjoes1KkqZkUOgsJImLauRq42i7_1tsIoP-3gPMNqNwWreZZasC5PZ1Z0AQIscrhqSOrmPvOxnCYz4jU_vGAfyPY36rqM0VZE6CO9AHvco4xPpEPYRkXeSbrP4JTq3mt-JOlQEIaRtx3Yh-QtD3s_iXpHdIcluhL5leMIPMRdWPgPeVXaKcZMsZoVALbtxUNaweXAQAJ0M9BEmRIrqAcrK0Tix0J472PAHreCVqh1h9gJxnGMA7AjOowTwEMwK0kvN0pYQi6mwhdH0c3YmqTjuQvp1uWoKxP&sai=AMfl-YQXkDf1IL63iVrVB4bku2TnOfpf3ka4DkoQwNXJWXlOELT8hJIAlG0q2oNZrdJJx7QaTmVmJLYqFpG4Abyc6YyPARudV6ZPoAWytOeg7cImwZ8ElQRwJrlibEoAvA&sig=Cg0ArKJSzIVRg-ftyWQWEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 16 Aug 2022 02:21:38 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 16 Aug 2022 02:21:38 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 9C12 0
0 114ms
113ms Fetch
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C6BlGMf_6Yv7VHqGxgAeizKfYDJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTEzODI0NzY1Mzc1NDUzM6ABwq7o3QPIAQmpAierLxeVDLE-4AIAqAMBqgTkAU_Q-awj9pOw75K8Wi6bdktPnFaRfL4DMg5vz7vYK8oOEjQZcM2eczUzqK5FtOcABQRR0DaOefhPerk8R1r_Q8hRA_YZ1xl5CgioiMdwpRY0L_mIdov1sfvRC_S_4HkJTyjZyCUEIPiG1qiIHaXg6qvpE7cTTxBjMZZ2FjmV81wReBv7Gn8cUMDz_zFtrpfSDBY4legEn0Z5h_Z38y3Cqb7v9-NO5W9BY01qFavZu7dn0K_4tQMxcdVG5Dx5b1kt7wFcNKTIUOIYbovRLZqtBjrDplGbhfY550xjsBqsX2M-rFfkmOAEAYAG8bq-wcyDn7X8AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItOTEzODI0NzY1Mzc1NDUzMxjV2xY&sigh=Aht1LR9N_1w&uach_m=[UACH]&cid=CAQSOwCsnQUxiibX_ggbb6wn1GV2NBlOwANvmi8mKAbgnvmKsYGJkXw2DWwGLpzFpRROARLIX98Q2szmcfuQGAE
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra02s19-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 9C12 0
0 182ms
63ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1g9wxjsn5b4648sta2pjxsb65sg7h6g63ymdchgqtzhgjvk27rhcrg0643fjyn1yzzw5586vd1z34826tp15xj8yk8th8jvzae1vcyjn155bvvs6gbgw6b4m85j5jeka6sbc774pjwp103ww0eaymytgdjpnrjgrh1ab2t69dqrszfv00vp7mqr31q7hmewtkv1amjj686dwx5ybyrxy47jya7x83wyxr7rvrsr0fwjqwwq6zh6k6gq1tq6f2ktgqtn82c7822ckd87bx05f9jjxym656y3kfj8ht3her8k4qa5v5g0ex8e2wxse14wbnnd1md21z51a5xcy2p8hb8wtttm1tp9jgbv262j83y35f9mbft9n6cenbny5yc8ewb1cs0z4kt2zd5w4kj9m5xg&b=Yvr_MQAHqv4K4BihAAnmIqWfUW2eHp1o0IlkCg
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 16 Aug 2022 02:21:38 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame D816 2 KB
3 KB 192ms
76ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1jpq0rctmt21sfjngmr1ens49ehe4z4at5v0mteg5egdpw2a92qm68hn7gje1m2jmbms4e7txceqhrv9p34f7nr87fjavvh53qn2dw0emxs142q7jmnkcn114sp0bb7t08padh2kbe2e81p21cb1fp1z1cpnradyedg35vcgw1jyxmr9fjtq8n8gsgh0274p5p1wnysm64305ap0d0d4qd9chkrx38cc2e2a8nvmdfc2bp7shtda1ctwr1wc1kk9tyvhg81cmtdsf15r5w78yrf3sqwm8an7x84m1b4tvnmpaja6xc75sn27z9ftzvv9k2m64x2rxbtzh5m8638mktpa6bffhgpj2r9328sskwz5885bqkfxr5xt05kv3tqrmdkvgmy57sgvh90bmztbpdbdr3k6s8t008&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGJImMf_6Yv7VHqGxgAeizKfYDJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTEzODI0NzY1Mzc1NDUzM6ABwq7o3QPIAQmpAierLxeVDLE-4AIAqAMBqgTnAU_Q-awj9pOw75K8Wi6bdktPnFaRfL4DMg5vz7vYK8oOEjQZcM2eczUzqK5FtOcABQRR0DaOefhPerk8R1r_Q8hRA_YZ1xl5CgioiMdwpRY0L_mIdov1sfvRC_S_4HkJTyjZyCUEIPiG1qiIHaXg6qvpE7cTTxBjMZZ2FjmV81wReBv7Gn8cUMDz_zFtrpfSDBY4legEn0Z5h_Z38y3Cqb7v9-NO5W9BY01qFavZu7dn0K_4tQMxcdVG5Dx5b1lv7SDO411PECqfJh0LZAhfPy7JC1u1nSu5JQXxSI6yc3vrcMikUIo5VuAEAYAG8bq-wcyDn7X8AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1bHM4yyd5pS3PlUdDrVm25QvEERg%26client%3Dca-pub-9138247653754533%26adurl%3D

Requested by

Host: c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com
URL: https://c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5511a978a9bbc089e50eb8de309f12fbb9e6e3d6f6585ddda716bec6c827694

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 73b6b29abf6972b2-LHR
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Tue, 16 Aug 2022 02:21:38 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220811/r20110914/client/ Frame 9C12 3 KB
1 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220811/r20110914/client/window_focus_fy2021.js

Requested by

Host: c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com
URL: https://c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:08:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 789
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 Aug 2022 02:08:29 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 9E8C 1 KB
749 B 54ms
53ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com
URL: https://c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 35661
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 Aug 2022 16:27:17 GMT
etag: 48472445140208031
expires: Tue, 16 Aug 2022 16:27:17 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220811/r20110914/client/ Frame 9C12 17 KB
7 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220811/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com
URL: https://c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:35:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2780
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 Aug 2022 01:35:18 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 9C12 0
0 63ms
61ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRGElTNtmpKqB6TpTUrZP3e7nGtkURTYuyKitSlcb8cOrFccEDhpveVi7khmt_gFyzA2gpu5xj4PcC2o8TfmMhAh0qrgg
Requested by: Host: c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com
URL: https://c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 9C12 22 KB
7 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com
URL: https://c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 11:21:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53998
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 15 Aug 2023 11:21:40 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9C12 140 KB
43 KB 79ms
77ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com
URL: https://c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75bf5c0112a41f871dc47c5e98deef6dc7db8e94178bf0c853f3a09415f6d338

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44015
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1660137096112928"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 16 Aug 2022 02:21:38 GMT

GET
DATA 200
OK truncated
/ Frame 2C3D 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 2C3D 0
0 101ms
100ms Fetch
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CCQaMMf_6Yv_VHqGxgAeizKfYDMme0rFczfHi3YgBwI23ARABIABglQKCARdjYS1wdWItOTEzODI0NzY1Mzc1NDUzM6AB1bbS6gPIAQmpAierLxeVDLE-4AIAqAMByAMCqgToAU_QaHLXwupxPRyYnfMJZYNwP2DLNBE40dCuSilexJUZeHozoysy04X8xgNDuzCV8rF0hxRPmC-mU4YkcWYqfjG9ZXTt5Y0rn0cciDr3il0w52PJ6lElppvZO402yqpx_LcPweDiWObrfob6uzvt-IIDjSfSQa1D3SrBfOrnmfc5jnx-SnLgMkwpB_FmsF446fEoznYY2ijE3jZGl27ufTxwklYu4HSmX-HqvDRO0IZX9JE0AsSV58JSlNt1mp2kEj5tPtGx7WyMaJwBvpN5c4r-Ffdp6HCUjIFpjng21SpF0riU0nfXsUzgBAGABviK1bLx-6rBVqAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItOTEzODI0NzY1Mzc1NDUzMxjV2xY&sigh=eB78ifgxcjw&uach_m=[UACH]&cid=CAQSOwCsnQUxiibX_ggbb6wn1GV2NBlOwANvmi8mKAbgnvmKsYGJkXw2DWwGLpzFpRROARLIX98Q2szmcfuQGAE
Requested by: Host: c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com
URL: https://c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra02s19-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 lgn.php Show response
cat.nl.eu.criteo.com/delivery/ Frame 2C3D 43 B
348 B 269ms
52ms Fetch
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://cat.nl.eu.criteo.com/delivery/lgn.php?cppv=3&cpp=wJ7PF25yGmFdfKrgKIqTGt-BcAsaeU8DycpdxhOZ01kU3vuYBVRYlsEVzGp4dH9bdIqca3HP7WqraUununnV10CeyBGke7j1CHgrlBkXnZn4a4lxVWAYv61vXbe5Vjidlbg0WSkIe-v8c3hj45kTTw5WLK1KQDyiKyEhdFC2nGxN--7lewOJ5yXmdc1O9gcAC3pevHI26iGmtmgY_wkgf414p49SW1E3uy29xTdxmuyVMckVUUiFCfMk2YP7E25LQC4W64XViGfdz642i2Uq5p6SqIHxvHuVK4P2WCEmVWIBfEeNZ_stHJtkLjL3kSlZsQp6JC_f8F_3s0O6udGtAuyoLbmBsuiUFCn-ZLFYKNNE_p1clYZNoN9QnYGou-XP9tSUDzsS_gpWUq4U7_HPPuMfk83axVglB8knoLSRjb0v1pLK&z=Yvr_MQAHqv8K4BihAAnmIuvLes6Bu2NCGYabrA

Requested by

Host: c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com
URL: https://c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Aug 2022 02:21:38 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3615469
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame 2C3D 0
0 272ms
63ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=ksvjDZT0FwAAnYNiAgIAAABhiIzF9YsrK_AWAi0QMf_6YiUVpg6jj7IUNxzMABIDAQ&wp=Yvr_MQAHqv8K4BihAAnmIuvLes6Bu2NCGYabrA

Requested by

Host: c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com
URL: https://c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:37 GMT
server: Kestrel
server-processing-duration-in-ticks: 264454
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 2C3D 0
0 126ms
126ms Fetch
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CE6OoMf_6Yv_VHqGxgAeizKfYDMme0rFczfHi3YgBwI23ARABIABglQKCARdjYS1wdWItOTEzODI0NzY1Mzc1NDUzM6AB1bbS6gPIAQmpAierLxeVDLE-4AIAqAMBqgToAU_QaHLXwupxPRyYnfMJZYNwP2DLNBE40dCuSilexJUZeHozoysy04X8xgNDuzCV8rF0hxRPmC-mU4YkcWYqfjG9ZXTt5Y0rn0cciDr3il0w52PJ6lElppvZO402yqpx_LcPweDiWObrfob6uzvt-IIDjSfSQa1D3SrBfOrnmfc5jnx-SnLgMkwpB_FmsF446fEoznYY2ijE3jZGl27ufTxwklYu4HSmX-HqvDRO0IZX9JE0AsSV58JSlNt1mp2kEj5tPtGx7WyMaJwBvpN5c4r-Ffdp6HCUjIFpjng21SpF0riU0nfXsUzgBAGABviK1bLx-6rBVqAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItOTEzODI0NzY1Mzc1NDUzMxjV2xY&sigh=Ig8U31AU0go&uach_m=[UACH]&cid=CAQSOwCsnQUxiibX_ggbb6wn1GV2NBlOwANvmi8mKAbgnvmKsYGJkXw2DWwGLpzFpRROARLIX98Q2szmcfuQGAE&vt=10
Requested by: Host: c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com
URL: https://c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra02s19-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 2C3D 44 KB
45 KB 395ms
269ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=15724&q=80&r=0&u=https%3A%2F%2Fi1.adis.ws%2Ft%2Fjpl%2Fjd_product_list%3Fplu%3Djd_375758_a%26resmode%3Dsharp%26qlt%3D80%26w%3D600%26h%3D425%26v%3D1&ups=1&v=3&w=800&s=QsBn2ISIrRBFL60-LN4mj_6j

Requested by

Host: c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com
URL: https://c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

9c7c7a2566206579c37d51ff0dcdccada9db6fbc903053184f7f40238bcc3663

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:38 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1799
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 45318
expires: Tue, 16 Aug 2022 02:51:38 GMT

GET
H2 200 92d3195f325a4d45ee303ab9d892d5b3.custom.jpg
images.1plus1.video/card-5/E2fzXbha/ Frame 0AA3 475 KB
476 KB 169ms
169ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/card-5/E2fzXbha/92d3195f325a4d45ee303ab9d892d5b3.custom.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: bc612c0463c547f2d209aebf6d513fe30242194a0c14739ac81495248c0c4d66

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:38 GMT
last-modified: Tue, 15 Jun 2021 14:24:37 GMT
server: nginx
etag: "c7be8b09dd21bd3fc4aad93543f193e6"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 486113
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 16 Aug 2022 02:21:38 GMT
expires: Tue, 23 Aug 2022 02:21:38 GMT

GET
DATA 200
OK truncated
/ Frame 0AA3 369 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5f9ecc527406b9b72bc3a9f4527892dcf842584b7e6aeb7ce816a4c7c8803954

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
fonts.gstatic.com/s/opensans/v34/ Frame 0AA3 26 KB
26 KB 189ms
77ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700&subset=cyrillic-ext,latin-ext

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59bd288e64c57e034672999e33ebda6eb5ad1575945eb563dbfb5b44f226e1e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://1plus1.video
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 19:02:00 GMT
x-content-type-options: nosniff
age: 26378
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26240
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:14:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 15 Aug 2023 19:02:00 GMT

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ Frame 0AA3 44 KB
44 KB 169ms
57ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700&subset=cyrillic-ext,latin-ext

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://1plus1.video
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 18:50:34 GMT
x-content-type-options: nosniff
age: 27064
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 15 Aug 2023 18:50:34 GMT

GET
H2 200 gplayer.js Show response
gaua.hit.gemius.pl/ Frame 0AA3 22 KB
6 KB 77ms
77ms Script
application/x-javascript 146.59.10.80
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/gplayer.js
Requested by: Host: 1plus1.video
URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=704f1bf8100dcad41f29c14adca06bf8df2c5c76
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.10.80 , France, ASN16276 (OVH, FR),
Reverse DNS: ip80.ip-146-59-10.eu
Software: GHC /
Resource Hash: 8ea36d679c5c9dd3d5582d5f55c70ef4d7e3cf8d5360f8c45a637587483f6ee1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:38 GMT
content-encoding: gzip
last-modified: Mon, 25 Jul 2022 11:52:01 GMT
server: GHC
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: max-age=43200
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 5978
expires: Tue, 16 Aug 2022 14:21:38 GMT

GET
H/1.1 200
OK 128902 Show response
api.1plus1.video/v2/ua/recommendation_projects/ Frame 0AA3 2 KB
1 KB 104ms
104ms XHR
application/json 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.1plus1.video/v2/ua/recommendation_projects/128902?cid=E2fzXbha&vct=3&_t234526600539
Requested by: Host: 1plus1.video
URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=704f1bf8100dcad41f29c14adca06bf8df2c5c76
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: 0f88ae63128481eb45ee723fb36c422fcb8df2901050ac7e33987fc80cc89328

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 16 Aug 2022 02:21:38 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://1plus1.video
Cache-Control: no-store, no-cache, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Keep-Alive: timeout=15
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C3EE 143 B
163 B 62ms
62ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com
URL: https://c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 2545
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Tue, 16 Aug 2022 01:39:13 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 98F8 1 KB
749 B 62ms
61ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com
URL: https://c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 35661
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 Aug 2022 16:27:17 GMT
etag: 48472445140208031
expires: Tue, 16 Aug 2022 16:27:17 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 2C3D 22 KB
7 KB 61ms
61ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com
URL: https://c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 11:21:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53998
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 15 Aug 2023 11:21:40 GMT

GET
DATA 200
OK truncated
/ Frame 9C12 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a7a68ee329242c21bb3d781ad909246ee7227ea093accc6f91862b077ea0b30d

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 9E8C 70 B
264 B 63ms
54ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEBHNmRFBVNIJ_eXepNvSen4&google_cver=1&google_push=AehlK4Ds37_H1EmhUpeSTV2bX01fam0jvtlBVG1I8cU1rJnIGYTcB0In247Yb_2-oMeI-63aNcPMvCKsm9Lgj_jXO9qkL4KoJOTZ
Requested by: Host: c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com
URL: https://c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Aug 2022 02:21:38 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9E8C
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEDYp1JdnHN6kKE0iABEiZ74&google_cver=1&google_push=AehlK4DtfLqVf_6QyEjXDTF_4HXPh865mLmaoeScZq7-bLhJWJY_G14pdFD2x8ftZncck-F2Wx3cNC0mWmU...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AehlK4DtfLqVf_6QyEjXDTF_4HXPh865mLmaoeScZq7-bLhJWJY_G14pdFD2x8ftZncck-F2Wx3cNC0mWmUSYE6ZJaDONaONV-_Mug&google_hm=Ax07d69UQCSRo9mXVR...

170 B
188 B

67ms
67ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AehlK4DtfLqVf_6QyEjXDTF_4HXPh865mLmaoeScZq7-bLhJWJY_G14pdFD2x8ftZncck-F2Wx3cNC0mWmUSYE6ZJaDONaONV-_Mug&google_hm=Ax07d69UQCSRo9mXVRjediw

Requested by

Host: c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com
URL: https://c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Aug 2022 02:21:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 16 Aug 2022 02:21:38 GMT
via: 1.1 google
server: Apache-Coyote/1.1
status: 302
p3p: CP="NOI DSP COR NID CUR OUR NOR"
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AehlK4DtfLqVf_6QyEjXDTF_4HXPh865mLmaoeScZq7-bLhJWJY_G14pdFD2x8ftZncck-F2Wx3cNC0mWmUSYE6ZJaDONaONV-_Mug&google_hm=Ax07d69UQCSRo9mXVRjediw
cache-control: no-cache, must-revalidate
content-type: text/html;charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9E8C
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEF-6rCpYMQssXCp0DEQyZqo&google_cver=1&google_push=AehlK4A_pPHf5hFGn7Onu5PgoGeptFx15ZeAH8tbg2KKWJcKlPE8uJG7PEIDvv8XQyKybN7dCqAg_5u3rBPjnDpJ3mgQ...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEF-6rCpYMQssXCp0DEQyZqo&google_cver=1&google_push=AehlK4A_pPHf5hFGn7Onu5PgoGeptFx15ZeAH8tbg2KKWJcKlPE8uJG7PEIDvv8XQyKybN7dCqAg_5u3rBPjnD...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AehlK4A_pPHf5hFGn7Onu5PgoGeptFx15ZeAH8tbg2KKWJcKlPE8uJG7PEIDvv8XQyKybN7dCqAg_5u3rBPjnDpJ3mgQHLqK9T6E0A&google_hm=2_U06uTRRwy1_leSjjzTYQ==

170 B
188 B

65ms
65ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AehlK4A_pPHf5hFGn7Onu5PgoGeptFx15ZeAH8tbg2KKWJcKlPE8uJG7PEIDvv8XQyKybN7dCqAg_5u3rBPjnDpJ3mgQHLqK9T6E0A&google_hm=2_U06uTRRwy1_leSjjzTYQ==

Requested by

Host: c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com
URL: https://c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Aug 2022 02:21:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AehlK4A_pPHf5hFGn7Onu5PgoGeptFx15ZeAH8tbg2KKWJcKlPE8uJG7PEIDvv8XQyKybN7dCqAg_5u3rBPjnDpJ3mgQHLqK9T6E0A&google_hm=2_U06uTRRwy1_leSjjzTYQ==
Date: Tue, 16 Aug 2022 02:21:38 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 9E8C 0
12 B 68ms
61ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IL_7VwL33vq1rT9MqdiGZmCxFD7UPPgVaCGMWVEU7-eQ

Requested by

Host: c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com
URL: https://c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:38 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 gemiuslib.js Show response
gaua.hit.gemius.pl/ Frame 0AA3 54 KB
14 KB 82ms
82ms Script
application/x-javascript 146.59.10.80
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/gemiuslib.js
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/gplayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.10.80 , France, ASN16276 (OVH, FR),
Reverse DNS: ip80.ip-146-59-10.eu
Software: GHC /
Resource Hash: 12048eb039a836906a3a799018735711add81d651a6e111eafbda8e4951c1fa6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:38 GMT
content-encoding: gzip
last-modified: Mon, 25 Jul 2022 11:52:01 GMT
server: GHC
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: max-age=43200
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 14661
expires: Tue, 16 Aug 2022 14:21:38 GMT

GET
H/1.1 200
OK api.chat.0.0.1.js Show response
api.1plus1.video/static/js/ Frame 0AA3 33 KB
13 KB 84ms
84ms Script
application/javascript 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.1plus1.video/static/js/api.chat.0.0.1.js
Requested by: Host: 1plus1.video
URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=704f1bf8100dcad41f29c14adca06bf8df2c5c76
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: e2b2134adf52398755a5e6428ee95f6a6f99db6b82530f2b3e964c5be470cfe0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 16 Aug 2022 02:21:38 GMT
Content-Encoding: gzip
Last-Modified: Wed, 23 Feb 2022 14:15:45 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Thu, 15 Sep 2022 02:19:20 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 0AA3 375 KB
125 KB 66ms
66ms Script
text/javascript 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: 1plus1.video
URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=704f1bf8100dcad41f29c14adca06bf8df2c5c76

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ee00fad2265577bc5be56bc69c1e8c1071a4b201a5b9bd523c7204a54c31a28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127726
x-xss-protection: 0
expires: Tue, 16 Aug 2022 02:21:38 GMT

GET
DATA 200
OK truncated
/ Frame 2C3D 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cedb85b6d519df852b315f5696525e3f1721741b2f385692d88b007c54ac3899

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

POST
H/1.1 204
No Content multitracking Show response
ghb.adtelligent.com/adunit/ 0
220 B 88ms
87ms XHR
text/plain 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/adunit/multitracking
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/x461282/hbw_master_298309_4139.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://1plus1.ua
Date: Tue, 16 Aug 2022 02:21:38 GMT
Access-Control-Allow-Credentials: true
Server: Adtelligent
Connection: Keep-Alive
X-Robots-Tag: noindex

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C3EE
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

80ms
79ms

Document
text/html

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com
URL: https://c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 16 Aug 2022 02:21:38 GMT
expires: Tue, 16 Aug 2022 02:21:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 16 Aug 2022 02:21:38 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 98F8 70 B
264 B 57ms
56ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEBHNmRFBVNIJ_eXepNvSen4&google_cver=1&google_push=AehlK4Buxvb16xUauNIBCY6y2jw6q2Bk0vxirMO67pgW4byk81DDAIe3mELey0BEsMejoE0VQZhueLRVxoSzlmugsuIhilVvbBU
Requested by: Host: c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com
URL: https://c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Aug 2022 02:21:38 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 98F8
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEDYp1JdnHN6kKE0iABEiZ74&google_cver=1&google_push=AehlK4BaEOLGDTq7czGJkNxXU3uCJEM5tSlxFM-KuwVroyNsrzQfT7DTcTsSq7xmS-5e83FQDYAgZveAuDS...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AehlK4BaEOLGDTq7czGJkNxXU3uCJEM5tSlxFM-KuwVroyNsrzQfT7DTcTsSq7xmS-5e83FQDYAgZveAuDSkrCjLf0oe29Ct6g&google_hm=yh4BCtLvSfCaNW0n5avGbSw

170 B
188 B

66ms
66ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AehlK4BaEOLGDTq7czGJkNxXU3uCJEM5tSlxFM-KuwVroyNsrzQfT7DTcTsSq7xmS-5e83FQDYAgZveAuDSkrCjLf0oe29Ct6g&google_hm=yh4BCtLvSfCaNW0n5avGbSw

Requested by

Host: c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com
URL: https://c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Aug 2022 02:21:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 16 Aug 2022 02:21:38 GMT
via: 1.1 google
server: Apache-Coyote/1.1
status: 302
p3p: CP="NOI DSP COR NID CUR OUR NOR"
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AehlK4BaEOLGDTq7czGJkNxXU3uCJEM5tSlxFM-KuwVroyNsrzQfT7DTcTsSq7xmS-5e83FQDYAgZveAuDSkrCjLf0oe29Ct6g&google_hm=yh4BCtLvSfCaNW0n5avGbSw
cache-control: no-cache, must-revalidate
content-type: text/html;charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 98F8
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEF-6rCpYMQssXCp0DEQyZqo&google_cver=1&google_push=AehlK4A8vGM-h8cQnJ8EQPY5cnItaHJ-k0Mz_qL4maIl1o08W0VVqiQJ-JLlHdNmri_E8Lc5ZQ1jsx44DBk6vKU8PW9d...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEF-6rCpYMQssXCp0DEQyZqo&google_cver=1&google_push=AehlK4A8vGM-h8cQnJ8EQPY5cnItaHJ-k0Mz_qL4maIl1o08W0VVqiQJ-JLlHdNmri_E8Lc5ZQ1jsx44DBk6vK...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AehlK4A8vGM-h8cQnJ8EQPY5cnItaHJ-k0Mz_qL4maIl1o08W0VVqiQJ-JLlHdNmri_E8Lc5ZQ1jsx44DBk6vKU8PW9d5tdURjg&google_hm=42IFOW2bTvmT_mJFpFUiMQ==

170 B
188 B

66ms
65ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AehlK4A8vGM-h8cQnJ8EQPY5cnItaHJ-k0Mz_qL4maIl1o08W0VVqiQJ-JLlHdNmri_E8Lc5ZQ1jsx44DBk6vKU8PW9d5tdURjg&google_hm=42IFOW2bTvmT_mJFpFUiMQ==

Requested by

Host: c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com
URL: https://c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Aug 2022 02:21:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AehlK4A8vGM-h8cQnJ8EQPY5cnItaHJ-k0Mz_qL4maIl1o08W0VVqiQJ-JLlHdNmri_E8Lc5ZQ1jsx44DBk6vKU8PW9d5tdURjg&google_hm=42IFOW2bTvmT_mJFpFUiMQ==
Date: Tue, 16 Aug 2022 02:21:38 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 98F8 0
12 B 63ms
62ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L1GSjheCLIAUenvzkhTvw4w7uL88JnhTqc0utQ1j2Bsg

Requested by

Host: c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com
URL: https://c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:38 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 fa026e772cfd5e39f5c43fb03bea1247.220x330.jpg
images.1plus1.video/playlist-1/101800/ Frame 0AA3 77 KB
78 KB 1401ms
1399ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/101800/fa026e772cfd5e39f5c43fb03bea1247.220x330.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 7f4b62d09dc30ffd1f6943c722fc053199beca02c3a5962264608d05ec583484

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:38 GMT
last-modified: Thu, 23 Sep 2021 09:32:32 GMT
server: nginx
etag: "1ac7c7bca48ad0b6bf49709fb825bd52"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 79302
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 16 Aug 2022 02:21:38 GMT
expires: Tue, 23 Aug 2022 02:21:38 GMT

GET
H2 200 220x330.jpg
images.1plus1.video/playlist-1/3093/ Frame 0AA3 10 KB
10 KB 1402ms
1400ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/3093/220x330.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 0fb1468e01fc61820e905556d9a6bfd354404ea647b17db099f5913efa77658a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:38 GMT
last-modified: Fri, 27 Oct 2017 06:57:22 GMT
server: nginx
etag: "0d77b2184841ac8a117fae5b4a32808f"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 9804
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 16 Aug 2022 02:21:38 GMT
expires: Tue, 23 Aug 2022 02:21:38 GMT

GET
H2 200 200x335.jpg
images.1plus1.video/playlist-1/172/ Frame 0AA3 9 KB
9 KB 1401ms
1399ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/172/200x335.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 3414b58bed1def0f8a1f6eb4d0a00aefe269558f7c83e4991514f7557906d5d8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:38 GMT
last-modified: Fri, 27 Oct 2017 06:55:21 GMT
server: nginx
etag: "0f22fa88b853950fb893bc821641989a"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 9066
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 16 Aug 2022 02:21:38 GMT
expires: Tue, 23 Aug 2022 02:21:38 GMT

GET
H2 200 370c2b73c5a49b7670bbcbdc1171051f.220x330.jpg
images.1plus1.video/playlist-1/3467/ Frame 0AA3 21 KB
22 KB 1400ms
1398ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/3467/370c2b73c5a49b7670bbcbdc1171051f.220x330.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: cfd5a04c696bf13721ea7b8d1094c8432135fc5f9d457ecf2c1d80bcf87e2235

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:38 GMT
last-modified: Mon, 04 Jan 2021 09:14:05 GMT
server: nginx
etag: "327c4784d853ead9eb1f0309f353b8d9"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 21916
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 16 Aug 2022 02:21:38 GMT
expires: Tue, 23 Aug 2022 02:21:38 GMT

GET
H2 200 e2811c3b984e91c24e364696bb27bc38.220x330.jpg
images.1plus1.video/playlist-1/93/ Frame 0AA3 73 KB
73 KB 1401ms
1399ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/93/e2811c3b984e91c24e364696bb27bc38.220x330.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 623b8ed926c2eb6436ec5a876949f4986eea52ccb69a6a0064164dd9d6361179

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:38 GMT
last-modified: Sat, 30 Oct 2021 07:14:20 GMT
server: nginx
etag: "a24e7612ca888c6a3f26a9c9ad42fb7a"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 74890
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 16 Aug 2022 02:21:38 GMT
expires: Tue, 23 Aug 2022 02:21:38 GMT

GET
H2 200 580fc007f314b6c7a87ec2f320914a1a.220x330.jpg
images.1plus1.video/playlist-1/5589/ Frame 0AA3 82 KB
83 KB 1957ms
1955ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/5589/580fc007f314b6c7a87ec2f320914a1a.220x330.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: ae0b2fa6956c5bbeab3ebb80e69bc0d313506fbf6d9a75fdd41d3511d8aeb120

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:38 GMT
last-modified: Wed, 26 Jan 2022 08:14:28 GMT
server: nginx
etag: "3917fa01fa34fdfd43db5b1c15071af1"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 84258
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 16 Aug 2022 02:21:38 GMT
expires: Tue, 23 Aug 2022 02:21:38 GMT

GET
H2 200 08889206d0bc6f22496fd04b86041fed.220x330.jpg
images.1plus1.video/playlist-1/326/ Frame 0AA3 91 KB
91 KB 1479ms
1477ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/326/08889206d0bc6f22496fd04b86041fed.220x330.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 176cec0c0610df2346dd22066f273900fa263f1071814b001d07ffbd654b9eda

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:38 GMT
last-modified: Sat, 13 Feb 2021 11:59:34 GMT
server: nginx
etag: "70c7ed91bbef141e65887484066b2093"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 93213
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 16 Aug 2022 02:21:38 GMT
expires: Tue, 23 Aug 2022 02:21:38 GMT

GET
H2 200 f0ee1990bc109bdc1d80ced614848fbe.220x330.jpg
images.1plus1.video/playlist-1/118669/ Frame 0AA3 84 KB
84 KB 2038ms
2036ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/118669/f0ee1990bc109bdc1d80ced614848fbe.220x330.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: e52ce9aedd00c17de0baddbfc8112577c1a48f3d1c8aee25953a53feb7281d7c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:38 GMT
last-modified: Thu, 23 Sep 2021 09:37:45 GMT
server: nginx
etag: "cd80b64d6e8b1fb3fb0449e270085489"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 85922
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 16 Aug 2022 02:21:38 GMT
expires: Tue, 23 Aug 2022 02:21:38 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.21/one-ad/ Frame D816 84 KB
11 KB 101ms
53ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.21/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jpq0rctmt21sfjngmr1ens49ehe4z4at5v0mteg5egdpw2a92qm68hn7gje1m2jmbms4e7txceqhrv9p34f7nr87fjavvh53qn2dw0emxs142q7jmnkcn114sp0bb7t08padh2kbe2e81p21cb1fp1z1cpnradyedg35vcgw1jyxmr9fjtq8n8gsgh0274p5p1wnysm64305ap0d0d4qd9chkrx38cc2e2a8nvmdfc2bp7shtda1ctwr1wc1kk9tyvhg81cmtdsf15r5w78yrf3sqwm8an7x84m1b4tvnmpaja6xc75sn27z9ftzvv9k2m64x2rxbtzh5m8638mktpa6bffhgpj2r9328sskwz5885bqkfxr5xt05kv3tqrmdkvgmy57sgvh90bmztbpdbdr3k6s8t008&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGJImMf_6Yv7VHqGxgAeizKfYDJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTEzODI0NzY1Mzc1NDUzM6ABwq7o3QPIAQmpAierLxeVDLE-4AIAqAMBqgTnAU_Q-awj9pOw75K8Wi6bdktPnFaRfL4DMg5vz7vYK8oOEjQZcM2eczUzqK5FtOcABQRR0DaOefhPerk8R1r_Q8hRA_YZ1xl5CgioiMdwpRY0L_mIdov1sfvRC_S_4HkJTyjZyCUEIPiG1qiIHaXg6qvpE7cTTxBjMZZ2FjmV81wReBv7Gn8cUMDz_zFtrpfSDBY4legEn0Z5h_Z38y3Cqb7v9-NO5W9BY01qFavZu7dn0K_4tQMxcdVG5Dx5b1lv7SDO411PECqfJh0LZAhfPy7JC1u1nSu5JQXxSI6yc3vrcMikUIo5VuAEAYAG8bq-wcyDn7X8AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1bHM4yyd5pS3PlUdDrVm25QvEERg%26client%3Dca-pub-9138247653754533%26adurl%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a57b918c3515ced748a8b0d297202db9b15fefd82acfddaf11f977761407b2ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1jpq0rctmt21sfjngmr1ens49ehe4z4at5v0mteg5egdpw2a92qm68hn7gje1m2jmbms4e7txceqhrv9p34f7nr87fjavvh53qn2dw0emxs142q7jmnkcn114sp0bb7t08padh2kbe2e81p21cb1fp1z1cpnradyedg35vcgw1jyxmr9fjtq8n8gsgh0274p5p1wnysm64305ap0d0d4qd9chkrx38cc2e2a8nvmdfc2bp7shtda1ctwr1wc1kk9tyvhg81cmtdsf15r5w78yrf3sqwm8an7x84m1b4tvnmpaja6xc75sn27z9ftzvv9k2m64x2rxbtzh5m8638mktpa6bffhgpj2r9328sskwz5885bqkfxr5xt05kv3tqrmdkvgmy57sgvh90bmztbpdbdr3k6s8t008&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGJImMf_6Yv7VHqGxgAeizKfYDJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTEzODI0NzY1Mzc1NDUzM6ABwq7o3QPIAQmpAierLxeVDLE-4AIAqAMBqgTnAU_Q-awj9pOw75K8Wi6bdktPnFaRfL4DMg5vz7vYK8oOEjQZcM2eczUzqK5FtOcABQRR0DaOefhPerk8R1r_Q8hRA_YZ1xl5CgioiMdwpRY0L_mIdov1sfvRC_S_4HkJTyjZyCUEIPiG1qiIHaXg6qvpE7cTTxBjMZZ2FjmV81wReBv7Gn8cUMDz_zFtrpfSDBY4legEn0Z5h_Z38y3Cqb7v9-NO5W9BY01qFavZu7dn0K_4tQMxcdVG5Dx5b1lv7SDO411PECqfJh0LZAhfPy7JC1u1nSu5JQXxSI6yc3vrcMikUIo5VuAEAYAG8bq-wcyDn7X8AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1bHM4yyd5pS3PlUdDrVm25QvEERg%26client%3Dca-pub-9138247653754533%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:38 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 919432
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=86749
surrogate-control: no-store
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
last-modified: Fri, 05 Aug 2022 10:57:46 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
x-download-options: noopen
content-type: text/css; charset=utf-8
expires: 0
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 73b6b29b8a7a7308-LHR
cf-bgj: minify

GET
H2 200 fxpcopuw.js Show response
ad4m.at/ Frame D816 36 KB
13 KB 65ms
57ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/fxpcopuw.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jpq0rctmt21sfjngmr1ens49ehe4z4at5v0mteg5egdpw2a92qm68hn7gje1m2jmbms4e7txceqhrv9p34f7nr87fjavvh53qn2dw0emxs142q7jmnkcn114sp0bb7t08padh2kbe2e81p21cb1fp1z1cpnradyedg35vcgw1jyxmr9fjtq8n8gsgh0274p5p1wnysm64305ap0d0d4qd9chkrx38cc2e2a8nvmdfc2bp7shtda1ctwr1wc1kk9tyvhg81cmtdsf15r5w78yrf3sqwm8an7x84m1b4tvnmpaja6xc75sn27z9ftzvv9k2m64x2rxbtzh5m8638mktpa6bffhgpj2r9328sskwz5885bqkfxr5xt05kv3tqrmdkvgmy57sgvh90bmztbpdbdr3k6s8t008&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGJImMf_6Yv7VHqGxgAeizKfYDJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTEzODI0NzY1Mzc1NDUzM6ABwq7o3QPIAQmpAierLxeVDLE-4AIAqAMBqgTnAU_Q-awj9pOw75K8Wi6bdktPnFaRfL4DMg5vz7vYK8oOEjQZcM2eczUzqK5FtOcABQRR0DaOefhPerk8R1r_Q8hRA_YZ1xl5CgioiMdwpRY0L_mIdov1sfvRC_S_4HkJTyjZyCUEIPiG1qiIHaXg6qvpE7cTTxBjMZZ2FjmV81wReBv7Gn8cUMDz_zFtrpfSDBY4legEn0Z5h_Z38y3Cqb7v9-NO5W9BY01qFavZu7dn0K_4tQMxcdVG5Dx5b1lv7SDO411PECqfJh0LZAhfPy7JC1u1nSu5JQXxSI6yc3vrcMikUIo5VuAEAYAG8bq-wcyDn7X8AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1bHM4yyd5pS3PlUdDrVm25QvEERg%26client%3Dca-pub-9138247653754533%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22cadce4f1aad2a4af3657f90efa02d4e3d32217fdf307ff69512771d1fb08ab

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash: crc32c=ts3WBg==, md5=GiVSVFozAzGcRbGa3f2JRw==
date: Tue, 16 Aug 2022 02:21:38 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 55077
x-guploader-uploadid: ADPycdvkWzF-A52wpXMLivHjzdPyFtvKfE2H9_WWeClOGkqTIA70pDY-USN8OIqbYGryCye7GIddEsur-7sHvtfRBxAugA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 27 Jul 2022 10:39:36 GMT
server: cloudflare
etag: W/"1a2552545a3303319c45b19addfd8947"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cV0q9Ft2GODdry1yqXwqHn5xP%2FlmjaGP0IgUzn0eJTzCf6REwaIX0aNfbqjevMe8JIJd7j8qVJ9Nb24hAebkaV0uxXav%2BqfAwhcIt%2F0ceE8EIN24uA22skv6oebfEcs9mlaIuF0%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1658918375991597
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 12021
cf-ray: 73b6b29b4fab72b2-LHR
expires: Mon, 15 Aug 2022 11:03:40 GMT

GET
H2 200 fpdata.js Show response
gaua.hit.gemius.pl/ Frame 0AA3 281 B
353 B 80ms
77ms Script
application/x-javascript 146.59.10.80
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/fpdata.js?href=1plus1.video
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/gemiuslib.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.10.80 , France, ASN16276 (OVH, FR),
Reverse DNS: ip80.ip-146-59-10.eu
Software: GHC /
Resource Hash: 98d0efb40f4752c638f9b559454abcf62ab864a1409911f96fa06e007283fdb9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:38 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
server: GHC
etag: PRIVATE7520710249
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: private, max-age=2592000
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 281
expires: Thu, 15 Sep 2022 02:21:38 GMT

GET
H2 200 lsget.html Show response
ls.hit.gemius.pl/ Frame 5978 5 KB
3 KB 77ms
77ms Document
text/html 146.59.30.108
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ls.hit.gemius.pl/lsget.html
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/gemiuslib.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.30.108 , France, ASN16276 (OVH, FR),
Reverse DNS: ip108.ip-146-59-30.eu
Software: GHC /
Resource Hash: 39c304359e87866845a2f5eb25583249a5e95370d60a7bec5e0f874a4613981a

Request headers

Referer: https://1plus1.video/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: none
cache-control: private, max-age=2592000
content-encoding: gzip
content-length: 2718
content-type: text/html;charset=utf-8
cross-origin-resource-policy: cross-origin
date: Tue, 16 Aug 2022 02:21:38 GMT
etag: PRIVATE7520710249
expires: Thu, 15 Sep 2022 02:21:38 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
p3p: CP="NOI DSP COR NID PSAo OUR IND"
server: GHC
vary: Accept-Encoding,Origin,User-Agent

GET
H3 200 bridge3.525.0_uk.html Show response
imasdk.googleapis.com/js/core/ Frame B7DA 636 KB
206 KB 165ms
56ms Document
text/html 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.525.0_uk.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7334b0214e5ba95603856bc1c5135143f1954893ea7d459c1841ebc7185f09c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1plus1.video/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 430445
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 210434
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Thu, 11 Aug 2022 02:47:33 GMT
expires: Fri, 11 Aug 2023 02:47:33 GMT
last-modified: Thu, 11 Aug 2022 01:58:48 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 0AA3 44 KB
17 KB 179ms
64ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 16 Aug 2022 02:21:38 GMT

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 0AA3 107 B
122 B 64ms
63ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=1plus1.video

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 16 Aug 2022 02:21:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 90ms
90ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220811&jk=1079456314554186&bg=!a2ilaCzNAAa4hXTbmIU7ACkAdvg8WqmhN5y4sbGjGeN6pQZHMR0on2B6PokHfD8tMfUplzWKzIkDHgIAAACdUgAAAARoAQcKAPQuRnYexTHHt1gxNC4xuTB-J4Rw8h5a9x0_zeO5JzSOFpGODQUAAd-L5CDtJgzB6VATaPG_9tpUn33MRI60595ZbrdpnfxHfUnDs4Kw121D8MlpEU8va-niZJoG2SeOCUYuh7NN78qYr4eF8PIQDBslxXwE6daxluXbHB2k7h5Nv95i15SxSh4Hl4P8thId-WloYeoeyYwGrcxraxvLRau7_YWcAdtsQD9y52G-Slld2JkwZJ3CPUkzAvoXbRa7yas_OAc-EjSdvb3b-_ihGPXdWch9coEoaSeyLca46mHd4tk68hqFOgIwfA5LjTuBqXdvkRg9mQKdEsWRCZkRyAhfpEXIhY2BN7Be1bQdZQRugk8iycbxAiIKM75cgbymAWMRaa2o8Ac2p0wY1MOplVuFVoA6qz6oxD0_uFoyGljcjPOBYY0KFcYDEOgJWIJm5bmKLeQ-rBo2S5gXJ2jjK7l9vj-c21u0ueXU8YsKdg6Hyt59e6rASsJIV7vvzhC9DGl70mn8fbsxYuLsJliRa2YgOPpuw502oefTgKlR-rW7zWEUVZqCyHpIvvqoGzYLY3aRqpbJH_eHmQMCYSmBosRsI8BOsZw5BgUjWjCvoEIGJWT63CoY22BFAJqq9i1m6x_WXqdc8e1H3fKE9sgdo-FEUoWLh7hG6wq8BkzkdbHtSKWPNnt2KKgh7BpRKWAIvUX4IFHQdVJwe3f3se9tdyrYBo-ZrCHXkZbUIvpAOSzSwQmeJMyOPEmaLeuiQZBSWymbbF35O7JtXOVuDl8WVoSH4pzy4ZGr6dKtFWrZCs9FAMhWaI_DKUjRxaZWJu5pxT4w9Ii5MFPIzAjObXPaLnqvnLdaZSHnnK5zCsQsTuB2Oxou-IzHcQGJzwlQ4PEEi-nstKiVllJ3FeNF09eWF6ZGYknq340ayjP8TEM7ZHSJALlFZpOioNXy9kkcEJbuepDl_loIWEoxOIuWSkM2vCNHEy9ioSoHeI_pgxXxeH0OPGLAqm5iPJNP5LtoR1KEpMOPv8DIjcfaiwt1-_mYWXOtQyAMKHyxAoYt3SYEWNOL1dk91UGy4GrHyNFB81KwRxdtJbzBVc9b3VQ5FfoXrXMYem9pb4MGZtEsK3Ab75zygVyq9ZMpNeiPQh8_NbP5IpLdpTEJ9D_TIM-VMAfUjyaqh3E1N7hpPK8Ss0ABEE7i_7Ev1jt6KSqHcMSQmQYrgKtuOwiO
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame D816 3 KB
4 KB 165ms
49ms Image
image/png 2606:4700:20::ac43:444e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.21/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date: Tue, 16 Aug 2022 02:21:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 25354628
x-guploader-uploadid: ADPycdvwDjW5jdr3hpmzEGdM6ocYLvnfI4_co9YRT1iPnu4DrEndoW4-i-8zZHwjrNkjFcureZIeUag3rEIRkN6YBG8
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EcRlr9Yz0TQlEqzfzPicZju9a4FzCn6K%2F0FPc36aHR%2FhCv%2BdjXO6Nk2ESi6E2tezbOeZ2TMoSsl2bNaAROo6AFSQhzAEIrf2JUkkbw4pTiIsq5y0g4OgSu0q7QA025EZQQN3UcAriVXDpAP40rtEMGAf"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623242114099744
content-type: image/png
cache-control: public, max-age=31536000, immutable
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 73b6b29cfe5c76ab-LHR
expires: Wed, 26 Oct 2022 15:24:30 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame 69B0 2 KB
2 KB 53ms
52ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 1276553
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 73b6b29c3b327308-LHR
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Tue, 16 Aug 2022 02:21:38 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Tue, 16 Aug 2022 03:21:38 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FyMFDfYllcswssxcfCXZIgm8C3r%2BtBYZKKbZBm6YqlApmdzRwAXkxisAf9Wy9%2FzRFUEmWQACr8D5O0RonK34akrVDPTlDqGTUarB28CT3Q%2BK1UyOdwt%2BLhWy0%2BqPEPzYHlEYng0%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-generation: 1588777770164783
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-meta-
x-goog-metageneration: 3
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
x-guploader-uploadid: ADPycdtPTOxIy8eph3J0dOlqncYRYvyHE33xMwmzBvRZSIV8hC_HVa0oDeW2ie_7JQOxjXeYtyDcUJJOBx1kA_9lxbDZ3mo7yQ

POST
H3 200 rs Show response
ad4m.at/ Frame D816 1 KB
2 KB 83ms
82ms XHR
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f19a81e0193baed876619656d0c3867e85af4a1fa292969fd3928c37af4acedd

Request headers

Referer
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

cf-ray: 73b6b29d6d9f74bd-LHR
date: Tue, 16 Aug 2022 02:21:38 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BzfZYCv8sI%2FsO8go3JeGEr5U%2FSyQmZ0rChvRZMf8Z%2FRpqpjFOT9dszkk4rgwLja1VSbt5aEOBOpy%2FYKww0J6MwSMzwi1bxVoT4yeYCzRtTb7l7dM%2BgewNGJskO2T%2F%2FTvVMkgrhU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: aa-reachservice-group-europe-west1-h8v1

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 110ms
61ms Preflight
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 73b6b29cfd4474bd-LHR
content-length: 24
content-type: text/plain
date: Tue, 16 Aug 2022 02:21:38 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v022kOxEJdL%2BP63jkn5FcF%2FLY%2F3OX8DiintaNkiu%2Fq%2BK%2FaGoCT%2By7q6xdt4LQi5Ed6asbxi4TTVgBF0XZgjJW7rjRP7IlWSQhmA%2BgEYwA%2Fc%2BTfkkvjgqGlhzO7cLFyIrs8fDPKQ%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-h8v1

GET
H2 200 redot.js Show response
gaua.hit.gemius.pl/_1660616498646/ Frame 0AA3 2 B
200 B 77ms
77ms Script
application/x-javascript 146.59.10.80
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/_1660616498646/redot.js?l=107&id=ByA1NmOpnbt8LmYqyjQkWrd8.l0YgocyqLXiHjiJayv.h7&et=data&hsrc=3&extra=_EC%3Dstreamcontent%7C_SPI%3D1660616499141%7C_SP%3DE2fzXbha%7C_SPD%3D1plus1.ua%7C_SPV%3D100%7C_SPR%3D665x400%7C_SC%3DE2fzXbha%7CcurrentDomain%3D1plus1.ua%7CcurrentNetwork%3Dhome%7CprojectID%3D128902%7C_SCV%3D100%7Cmute%3Dfalse%7C_SCR%3D665x400%7C_SCT%3DStarodavni%20tradiciyi%20guculivsirovariv%20ta%20sekreti%20virobnictva%20karpatskih%20tverdih%20siriv%7CvideoType%3D3%7CUserType%3DNotAuthorized%7CCategory%3DENT_AVT_1P1%7C_SCD%3D3189%7C_SCTE%3DVideo%7C_SCPD%3D20210612%7C_SCTY%3D1%2F00%7CcontentType%3Dfun%7C_SCTT%3D1&inner=_ver%3D328&eventid=0&fr=3&tz=0&fv=-&href=https%3A%2F%2F1plus1.video%2Fvideo%2Fembed%2FE2fzXbha%3Fautoplay%3D0%26l%3Dua&ref=https%3A%2F%2F1plus1.ua%2F&screen=1600x1200r1000&col=24&window=665x400&vis=1&lsdata=qefb40NHPsP486KkOTnmMxZmsoWqFO96IiAlWmeP1iT.u7CKlGIzj0n298iUSEEk_0n7DguicLMiWJNTcH0mcd_cm4si/KQFm9ZPqo3_wL/&ltime=131&fpdata=q03aOOOhmbN9uGVLzR0AG76aC7fA89hDC68oV1ATNCz.67&fpcap=&fpsec=1
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/gemiuslib.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.10.80 , France, ASN16276 (OVH, FR),
Reverse DNS: ip80.ip-146-59-10.eu
Software: GHC /
Resource Hash: 75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Aug 2022 02:21:38 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 2
expires: Mon, 15 Aug 2022 02:21:38 GMT

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame EC65 11 KB
5 KB 74ms
73ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=196439%2C24673%2C14019&b=JBeszf5f3drKCBH6H7tptrjQtxSgTbWguX%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=GjeTBfpfXwxkcKHeHGtBC31dHZSYTeA9tE%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=300&d=250&e=&g=a2e3c3a4cd7ec8a80151cbd2bdaf6f68%2F5127987868298825557&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1660616498811&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h7pm4n6aknyf46tfmghqmnpbybyvcq98kynj1tcv8gj6ckkc44na3qvcg2kascf7ynd3n4cjq02w69p9d23x26wshdm5gchp3pwnn04k6bvfcdvpt211kvbkrxkh5py8ekf7x7a77gganjz490b5e8tra0grgwqqqxct8wp9h2g52t4mrzvbsyrrq48bvxcm5xk8cmewyqhkstfq5sxc14ser6nyk186vg2bcb32pst961x8a2jzyk1cjte21scbkrwnwgvyngt8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCGJImMf_6Yv7VHqGxgAeizKfYDJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTEzODI0NzY1Mzc1NDUzM6ABwq7o3QPIAQmpAierLxeVDLE-4AIAqAMBqgTnAU_Q-awj9pOw75K8Wi6bdktPnFaRfL4DMg5vz7vYK8oOEjQZcM2eczUzqK5FtOcABQRR0DaOefhPerk8R1r_Q8hRA_YZ1xl5CgioiMdwpRY0L_mIdov1sfvRC_S_4HkJTyjZyCUEIPiG1qiIHaXg6qvpE7cTTxBjMZZ2FjmV81wReBv7Gn8cUMDz_zFtrpfSDBY4legEn0Z5h_Z38y3Cqb7v9-NO5W9BY01qFavZu7dn0K_4tQMxcdVG5Dx5b1lv7SDO411PECqfJh0LZAhfPy7JC1u1nSu5JQXxSI6yc3vrcMikUIo5VuAEAYAG8bq-wcyDn7X8AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1bHM4yyd5pS3PlUdDrVm25QvEERg%2526client%253Dca-pub-9138247653754533%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf5eae5065557a71ee9ca42b6254571d78f4f6543267d86a024f811ecdb3de26

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1jpq0rctmt21sfjngmr1ens49ehe4z4at5v0mteg5egdpw2a92qm68hn7gje1m2jmbms4e7txceqhrv9p34f7nr87fjavvh53qn2dw0emxs142q7jmnkcn114sp0bb7t08padh2kbe2e81p21cb1fp1z1cpnradyedg35vcgw1jyxmr9fjtq8n8gsgh0274p5p1wnysm64305ap0d0d4qd9chkrx38cc2e2a8nvmdfc2bp7shtda1ctwr1wc1kk9tyvhg81cmtdsf15r5w78yrf3sqwm8an7x84m1b4tvnmpaja6xc75sn27z9ftzvv9k2m64x2rxbtzh5m8638mktpa6bffhgpj2r9328sskwz5885bqkfxr5xt05kv3tqrmdkvgmy57sgvh90bmztbpdbdr3k6s8t008&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGJImMf_6Yv7VHqGxgAeizKfYDJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTEzODI0NzY1Mzc1NDUzM6ABwq7o3QPIAQmpAierLxeVDLE-4AIAqAMBqgTnAU_Q-awj9pOw75K8Wi6bdktPnFaRfL4DMg5vz7vYK8oOEjQZcM2eczUzqK5FtOcABQRR0DaOefhPerk8R1r_Q8hRA_YZ1xl5CgioiMdwpRY0L_mIdov1sfvRC_S_4HkJTyjZyCUEIPiG1qiIHaXg6qvpE7cTTxBjMZZ2FjmV81wReBv7Gn8cUMDz_zFtrpfSDBY4legEn0Z5h_Z38y3Cqb7v9-NO5W9BY01qFavZu7dn0K_4tQMxcdVG5Dx5b1lv7SDO411PECqfJh0LZAhfPy7JC1u1nSu5JQXxSI6yc3vrcMikUIo5VuAEAYAG8bq-wcyDn7X8AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1bHM4yyd5pS3PlUdDrVm25QvEERg%26client%3Dca-pub-9138247653754533%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 73b6b29dece77308-LHR
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Tue, 16 Aug 2022 02:21:38 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ 87 KB
28 KB 191ms
64ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19220/hb_298309_4139.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:39 GMT
content-encoding: gzip
last-modified: Wed, 29 Dec 2021 12:30:46 GMT
server: nginx
etag: W/"61cc54f6-15c19"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 17 Aug 2022 02:21:39 GMT

GET
H/1.1 200
OK / Show response
api.1plus1.video/home/vmap/ Frame B7DA 750 B
1 KB 107ms
107ms XHR
application/xml 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.1plus1.video/home/vmap/?s=1plus1.ua&r=YUhSMGNITTZMeTh4Y0d4MWN6RXVkV0V2&w=665&h=400&c=E2fzXbha&d=web&p1v=0&pid=128902
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.525.0_uk.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: 56bb7a6eac934a6e765adaecd70d164730a7bd811aaad98e63e4a7f0b4f06bb9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 16 Aug 2022 02:21:38 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: application/xml
Access-Control-Allow-Origin: https://imasdk.googleapis.com
Cache-Control: no-store, no-cache, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Keep-Alive: timeout=15
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.21/one-ad/ Frame EC65 84 KB
11 KB 57ms
56ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.21/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196439%2C24673%2C14019&b=JBeszf5f3drKCBH6H7tptrjQtxSgTbWguX%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=GjeTBfpfXwxkcKHeHGtBC31dHZSYTeA9tE%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=300&d=250&e=&g=a2e3c3a4cd7ec8a80151cbd2bdaf6f68%2F5127987868298825557&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1660616498811&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h7pm4n6aknyf46tfmghqmnpbybyvcq98kynj1tcv8gj6ckkc44na3qvcg2kascf7ynd3n4cjq02w69p9d23x26wshdm5gchp3pwnn04k6bvfcdvpt211kvbkrxkh5py8ekf7x7a77gganjz490b5e8tra0grgwqqqxct8wp9h2g52t4mrzvbsyrrq48bvxcm5xk8cmewyqhkstfq5sxc14ser6nyk186vg2bcb32pst961x8a2jzyk1cjte21scbkrwnwgvyngt8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCGJImMf_6Yv7VHqGxgAeizKfYDJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTEzODI0NzY1Mzc1NDUzM6ABwq7o3QPIAQmpAierLxeVDLE-4AIAqAMBqgTnAU_Q-awj9pOw75K8Wi6bdktPnFaRfL4DMg5vz7vYK8oOEjQZcM2eczUzqK5FtOcABQRR0DaOefhPerk8R1r_Q8hRA_YZ1xl5CgioiMdwpRY0L_mIdov1sfvRC_S_4HkJTyjZyCUEIPiG1qiIHaXg6qvpE7cTTxBjMZZ2FjmV81wReBv7Gn8cUMDz_zFtrpfSDBY4legEn0Z5h_Z38y3Cqb7v9-NO5W9BY01qFavZu7dn0K_4tQMxcdVG5Dx5b1lv7SDO411PECqfJh0LZAhfPy7JC1u1nSu5JQXxSI6yc3vrcMikUIo5VuAEAYAG8bq-wcyDn7X8AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1bHM4yyd5pS3PlUdDrVm25QvEERg%2526client%253Dca-pub-9138247653754533%2526adurl%253D&y=1&s=&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a57b918c3515ced748a8b0d297202db9b15fefd82acfddaf11f977761407b2ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=196439%2C24673%2C14019&b=JBeszf5f3drKCBH6H7tptrjQtxSgTbWguX%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=GjeTBfpfXwxkcKHeHGtBC31dHZSYTeA9tE%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=300&d=250&e=&g=a2e3c3a4cd7ec8a80151cbd2bdaf6f68%2F5127987868298825557&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1660616498811&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h7pm4n6aknyf46tfmghqmnpbybyvcq98kynj1tcv8gj6ckkc44na3qvcg2kascf7ynd3n4cjq02w69p9d23x26wshdm5gchp3pwnn04k6bvfcdvpt211kvbkrxkh5py8ekf7x7a77gganjz490b5e8tra0grgwqqqxct8wp9h2g52t4mrzvbsyrrq48bvxcm5xk8cmewyqhkstfq5sxc14ser6nyk186vg2bcb32pst961x8a2jzyk1cjte21scbkrwnwgvyngt8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCGJImMf_6Yv7VHqGxgAeizKfYDJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTEzODI0NzY1Mzc1NDUzM6ABwq7o3QPIAQmpAierLxeVDLE-4AIAqAMBqgTnAU_Q-awj9pOw75K8Wi6bdktPnFaRfL4DMg5vz7vYK8oOEjQZcM2eczUzqK5FtOcABQRR0DaOefhPerk8R1r_Q8hRA_YZ1xl5CgioiMdwpRY0L_mIdov1sfvRC_S_4HkJTyjZyCUEIPiG1qiIHaXg6qvpE7cTTxBjMZZ2FjmV81wReBv7Gn8cUMDz_zFtrpfSDBY4legEn0Z5h_Z38y3Cqb7v9-NO5W9BY01qFavZu7dn0K_4tQMxcdVG5Dx5b1lv7SDO411PECqfJh0LZAhfPy7JC1u1nSu5JQXxSI6yc3vrcMikUIo5VuAEAYAG8bq-wcyDn7X8AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1bHM4yyd5pS3PlUdDrVm25QvEERg%2526client%253Dca-pub-9138247653754533%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:38 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 919432
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=86749
surrogate-control: no-store
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
last-modified: Fri, 05 Aug 2022 10:57:46 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
x-download-options: noopen
content-type: text/css; charset=utf-8
expires: 0
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 73b6b29e6d4d7308-LHR
cf-bgj: minify

GET
H2 200 188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
assets.ad4m.at/logo/ Frame EC65 8 KB
9 KB 116ms
101ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196439%2C24673%2C14019&b=JBeszf5f3drKCBH6H7tptrjQtxSgTbWguX%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=GjeTBfpfXwxkcKHeHGtBC31dHZSYTeA9tE%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=300&d=250&e=&g=a2e3c3a4cd7ec8a80151cbd2bdaf6f68%2F5127987868298825557&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1660616498811&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h7pm4n6aknyf46tfmghqmnpbybyvcq98kynj1tcv8gj6ckkc44na3qvcg2kascf7ynd3n4cjq02w69p9d23x26wshdm5gchp3pwnn04k6bvfcdvpt211kvbkrxkh5py8ekf7x7a77gganjz490b5e8tra0grgwqqqxct8wp9h2g52t4mrzvbsyrrq48bvxcm5xk8cmewyqhkstfq5sxc14ser6nyk186vg2bcb32pst961x8a2jzyk1cjte21scbkrwnwgvyngt8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCGJImMf_6Yv7VHqGxgAeizKfYDJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTEzODI0NzY1Mzc1NDUzM6ABwq7o3QPIAQmpAierLxeVDLE-4AIAqAMBqgTnAU_Q-awj9pOw75K8Wi6bdktPnFaRfL4DMg5vz7vYK8oOEjQZcM2eczUzqK5FtOcABQRR0DaOefhPerk8R1r_Q8hRA_YZ1xl5CgioiMdwpRY0L_mIdov1sfvRC_S_4HkJTyjZyCUEIPiG1qiIHaXg6qvpE7cTTxBjMZZ2FjmV81wReBv7Gn8cUMDz_zFtrpfSDBY4legEn0Z5h_Z38y3Cqb7v9-NO5W9BY01qFavZu7dn0K_4tQMxcdVG5Dx5b1lv7SDO411PECqfJh0LZAhfPy7JC1u1nSu5JQXxSI6yc3vrcMikUIo5VuAEAYAG8bq-wcyDn7X8AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1bHM4yyd5pS3PlUdDrVm25QvEERg%2526client%253Dca-pub-9138247653754533%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash: crc32c=tG7Jcw==, md5=BMt+wgXOo1EVeu/7mY86hQ==
date: Tue, 16 Aug 2022 02:21:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 457752
cf-polished: qual=85, origFmt=jpeg, origSize=16723
x-guploader-uploadid: ADPycdv1wnioSURUDho18aQNfrJ9kBhEtuztHTxMvk1lNJNnJfcM-uji-FkD-4dTuZtUYSrOKdo-4V-KHESLPgtvOOEDNg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8354
last-modified: Wed, 22 Jan 2020 13:13:07 GMT
server: cloudflare
etag: "04cb7ec205cea351157aeffb998f3a85"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ks8Ji%2F5%2B4vXBaCrigVxbPSVhRKmbMxlAJJup2sSDRdHwiT1WHCjs8IEsNBym9TSu2kWavMzjtUsAev3YgLfQJ5RNWdMzffhtZEUu1KGU1KoBNx3kobSrgMegbABylP7ESNYAc6T4QdR1MoSx"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698787150900
content-type: image/webp
expires: Wed, 17 Aug 2022 02:21:38 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 16723
accept-ranges: bytes
cf-ray: 73b6b29e794f72b2-LHR
cf-bgj: imgq:85,h2pri

GET
H2 200 96AA637161FCFF7D0AE42DD0E3CF6E6A33D7A2D96B5FF2BDA5B1A8E0996EEB464D78D8CE114DFCCD8F5FCF559382B5A858EE2F2DD03A6307DB4B399DF7A75EC6
assets.ad4m.at/product_image/ Frame EC65 43 KB
44 KB 114ms
102ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/96AA637161FCFF7D0AE42DD0E3CF6E6A33D7A2D96B5FF2BDA5B1A8E0996EEB464D78D8CE114DFCCD8F5FCF559382B5A858EE2F2DD03A6307DB4B399DF7A75EC6
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196439%2C24673%2C14019&b=JBeszf5f3drKCBH6H7tptrjQtxSgTbWguX%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=GjeTBfpfXwxkcKHeHGtBC31dHZSYTeA9tE%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=300&d=250&e=&g=a2e3c3a4cd7ec8a80151cbd2bdaf6f68%2F5127987868298825557&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1660616498811&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h7pm4n6aknyf46tfmghqmnpbybyvcq98kynj1tcv8gj6ckkc44na3qvcg2kascf7ynd3n4cjq02w69p9d23x26wshdm5gchp3pwnn04k6bvfcdvpt211kvbkrxkh5py8ekf7x7a77gganjz490b5e8tra0grgwqqqxct8wp9h2g52t4mrzvbsyrrq48bvxcm5xk8cmewyqhkstfq5sxc14ser6nyk186vg2bcb32pst961x8a2jzyk1cjte21scbkrwnwgvyngt8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCGJImMf_6Yv7VHqGxgAeizKfYDJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTEzODI0NzY1Mzc1NDUzM6ABwq7o3QPIAQmpAierLxeVDLE-4AIAqAMBqgTnAU_Q-awj9pOw75K8Wi6bdktPnFaRfL4DMg5vz7vYK8oOEjQZcM2eczUzqK5FtOcABQRR0DaOefhPerk8R1r_Q8hRA_YZ1xl5CgioiMdwpRY0L_mIdov1sfvRC_S_4HkJTyjZyCUEIPiG1qiIHaXg6qvpE7cTTxBjMZZ2FjmV81wReBv7Gn8cUMDz_zFtrpfSDBY4legEn0Z5h_Z38y3Cqb7v9-NO5W9BY01qFavZu7dn0K_4tQMxcdVG5Dx5b1lv7SDO411PECqfJh0LZAhfPy7JC1u1nSu5JQXxSI6yc3vrcMikUIo5VuAEAYAG8bq-wcyDn7X8AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1bHM4yyd5pS3PlUdDrVm25QvEERg%2526client%253Dca-pub-9138247653754533%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 426d76224de25de48c22820280fb851e7d9ebc04bfc915b4aec6dfc21821ea37

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash: crc32c=zQoZgw==, md5=7W97OxsEzV94zzVL4JyYGw==
date: Tue, 16 Aug 2022 02:21:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 466401
cf-polished: qual=85, origFmt=jpeg, origSize=72345
x-guploader-uploadid: ADPycdubKcd9WlbVONHXaz_v21bPMlxj27tZzdiP3ub4DlfotmYG6g-NtUHS4fHNt11RMBmGvDXLDDp2bC3EZfMcua0VLw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44118
last-modified: Tue, 14 Jun 2022 09:41:24 GMT
server: cloudflare
etag: "ed6f7b3b1b04cd5f78cf354be09c981b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NTayDix1xFKUuN40M978Jn9Inv7unlIU5vxvru7s1uTjSWPPoDnuox00wsG5G%2F3EBjqh1YPQqVU7x51uQpytZA3Nbn5zL8UUwQk8ApjqyKlvdQew3rCLkDkwEOQAkyw0p1ypN09Sr8OfUvVj"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1655199684180445
content-type: image/webp
expires: Wed, 17 Aug 2022 02:21:38 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 72345
accept-ranges: bytes
cf-ray: 73b6b29e794d72b2-LHR
cf-bgj: imgq:85,h2pri

GET
H/1.1

200

/
banner.congstar.de/cookie/ Frame EC65
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=%3Fhttps%3...
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CLeQpcSmyvkCFZHwuwgdq_cEEg;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_d...
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=pv_oneidJBeszf5f3drKCBH6H7tptrjQtxSgTbWguXoneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1660616499_2904eae0-1d0a-11ed-a34d-22350b028903

0
518 B

212ms
60ms

Image
text/plain

148.251.139.77
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1660616499_2904eae0-1d0a-11ed-a34d-22350b028903
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196439%2C24673%2C14019&b=JBeszf5f3drKCBH6H7tptrjQtxSgTbWguX%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=GjeTBfpfXwxkcKHeHGtBC31dHZSYTeA9tE%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=300&d=250&e=&g=a2e3c3a4cd7ec8a80151cbd2bdaf6f68%2F5127987868298825557&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1660616498811&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h7pm4n6aknyf46tfmghqmnpbybyvcq98kynj1tcv8gj6ckkc44na3qvcg2kascf7ynd3n4cjq02w69p9d23x26wshdm5gchp3pwnn04k6bvfcdvpt211kvbkrxkh5py8ekf7x7a77gganjz490b5e8tra0grgwqqqxct8wp9h2g52t4mrzvbsyrrq48bvxcm5xk8cmewyqhkstfq5sxc14ser6nyk186vg2bcb32pst961x8a2jzyk1cjte21scbkrwnwgvyngt8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCGJImMf_6Yv7VHqGxgAeizKfYDJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTEzODI0NzY1Mzc1NDUzM6ABwq7o3QPIAQmpAierLxeVDLE-4AIAqAMBqgTnAU_Q-awj9pOw75K8Wi6bdktPnFaRfL4DMg5vz7vYK8oOEjQZcM2eczUzqK5FtOcABQRR0DaOefhPerk8R1r_Q8hRA_YZ1xl5CgioiMdwpRY0L_mIdov1sfvRC_S_4HkJTyjZyCUEIPiG1qiIHaXg6qvpE7cTTxBjMZZ2FjmV81wReBv7Gn8cUMDz_zFtrpfSDBY4legEn0Z5h_Z38y3Cqb7v9-NO5W9BY01qFavZu7dn0K_4tQMxcdVG5Dx5b1lv7SDO411PECqfJh0LZAhfPy7JC1u1nSu5JQXxSI6yc3vrcMikUIo5VuAEAYAG8bq-wcyDn7X8AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1bHM4yyd5pS3PlUdDrVm25QvEERg%2526client%253Dca-pub-9138247653754533%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 148.251.139.77 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.77.139.251.148.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 16 Aug 2022 02:21:38 GMT
Server: Apache
P3P: CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 0

Redirect headers

Date: Tue, 16 Aug 2022 02:21:39 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1660616499_2904eae0-1d0a-11ed-a34d-22350b028903
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Length: 0

GET
H2 200 E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
assets.ad4m.at/logo/ Frame EC65 38 KB
38 KB 113ms
102ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196439%2C24673%2C14019&b=JBeszf5f3drKCBH6H7tptrjQtxSgTbWguX%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=GjeTBfpfXwxkcKHeHGtBC31dHZSYTeA9tE%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=300&d=250&e=&g=a2e3c3a4cd7ec8a80151cbd2bdaf6f68%2F5127987868298825557&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1660616498811&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h7pm4n6aknyf46tfmghqmnpbybyvcq98kynj1tcv8gj6ckkc44na3qvcg2kascf7ynd3n4cjq02w69p9d23x26wshdm5gchp3pwnn04k6bvfcdvpt211kvbkrxkh5py8ekf7x7a77gganjz490b5e8tra0grgwqqqxct8wp9h2g52t4mrzvbsyrrq48bvxcm5xk8cmewyqhkstfq5sxc14ser6nyk186vg2bcb32pst961x8a2jzyk1cjte21scbkrwnwgvyngt8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCGJImMf_6Yv7VHqGxgAeizKfYDJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTEzODI0NzY1Mzc1NDUzM6ABwq7o3QPIAQmpAierLxeVDLE-4AIAqAMBqgTnAU_Q-awj9pOw75K8Wi6bdktPnFaRfL4DMg5vz7vYK8oOEjQZcM2eczUzqK5FtOcABQRR0DaOefhPerk8R1r_Q8hRA_YZ1xl5CgioiMdwpRY0L_mIdov1sfvRC_S_4HkJTyjZyCUEIPiG1qiIHaXg6qvpE7cTTxBjMZZ2FjmV81wReBv7Gn8cUMDz_zFtrpfSDBY4legEn0Z5h_Z38y3Cqb7v9-NO5W9BY01qFavZu7dn0K_4tQMxcdVG5Dx5b1lv7SDO411PECqfJh0LZAhfPy7JC1u1nSu5JQXxSI6yc3vrcMikUIo5VuAEAYAG8bq-wcyDn7X8AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1bHM4yyd5pS3PlUdDrVm25QvEERg%2526client%253Dca-pub-9138247653754533%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash: crc32c=RkBJ3g==, md5=Kw4C6d3nfjHTjXjXPcaeTw==
date: Tue, 16 Aug 2022 02:21:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 469016
cf-polished: origFmt=png, origSize=77267
x-guploader-uploadid: ADPycdsuNxfg9HM8a1kD01lF9raioMWnwjxVzRbDIj8-sucitQsSOYA_njz-GCI9X-o7lfahvy62ZUninrSU6LnRi5Hiyw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 38696
last-modified: Wed, 22 Jan 2020 13:11:48 GMT
server: cloudflare
etag: "2b0e02e9dde77e31d38d78d73dc69e4f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=scfvucmO8QVaw0T671%2FUdHsMk3i7%2FF0zqLxOe35zxCRMcWuuexGjdr0ZjAql93nALdmT0IS6Y0LRRRfxEP%2BLX7nTwzPHNGqMRbjnQBdBoC%2BE1IUZXJyxa%2FWVwJ3gH%2BoaT4%2BV5uaZNyl4JAKO"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698708801217
content-type: image/webp
expires: Wed, 17 Aug 2022 02:21:38 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 77267
accept-ranges: bytes
cf-ray: 73b6b29e794a72b2-LHR
cf-bgj: imgq:85,h2pri

GET
H2 200 B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
assets.ad4m.at/ Frame EC65 84 KB
84 KB 114ms
103ms Image
image/jpeg 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196439%2C24673%2C14019&b=JBeszf5f3drKCBH6H7tptrjQtxSgTbWguX%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=GjeTBfpfXwxkcKHeHGtBC31dHZSYTeA9tE%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=300&d=250&e=&g=a2e3c3a4cd7ec8a80151cbd2bdaf6f68%2F5127987868298825557&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1660616498811&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h7pm4n6aknyf46tfmghqmnpbybyvcq98kynj1tcv8gj6ckkc44na3qvcg2kascf7ynd3n4cjq02w69p9d23x26wshdm5gchp3pwnn04k6bvfcdvpt211kvbkrxkh5py8ekf7x7a77gganjz490b5e8tra0grgwqqqxct8wp9h2g52t4mrzvbsyrrq48bvxcm5xk8cmewyqhkstfq5sxc14ser6nyk186vg2bcb32pst961x8a2jzyk1cjte21scbkrwnwgvyngt8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCGJImMf_6Yv7VHqGxgAeizKfYDJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTEzODI0NzY1Mzc1NDUzM6ABwq7o3QPIAQmpAierLxeVDLE-4AIAqAMBqgTnAU_Q-awj9pOw75K8Wi6bdktPnFaRfL4DMg5vz7vYK8oOEjQZcM2eczUzqK5FtOcABQRR0DaOefhPerk8R1r_Q8hRA_YZ1xl5CgioiMdwpRY0L_mIdov1sfvRC_S_4HkJTyjZyCUEIPiG1qiIHaXg6qvpE7cTTxBjMZZ2FjmV81wReBv7Gn8cUMDz_zFtrpfSDBY4legEn0Z5h_Z38y3Cqb7v9-NO5W9BY01qFavZu7dn0K_4tQMxcdVG5Dx5b1lv7SDO411PECqfJh0LZAhfPy7JC1u1nSu5JQXxSI6yc3vrcMikUIo5VuAEAYAG8bq-wcyDn7X8AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1bHM4yyd5pS3PlUdDrVm25QvEERg%2526client%253Dca-pub-9138247653754533%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c3a0321547809818914bf6666db8a6b4f882b487d3e08e334566d25d5d38e55

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash: crc32c=e08Zuw==, md5=psibsHmVB2WUau7aQuE9AQ==
date: Tue, 16 Aug 2022 02:21:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1782009
cf-polished: origSize=90165, status=webp_bigger
x-guploader-uploadid: ADPycdusqPbP08HyPZglqU1h0LHxxLxaVZ4eSQ8L-HDrMWBqwdmIeQPfXvT95EjfDxTUqj_zV7nOd1YGq057l8mBykc
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 85727
last-modified: Wed, 09 Oct 2019 16:06:53 GMT
server: cloudflare
etag: "a6c89bb079950765946aeeda42e13d01"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PRVr1fJ%2Fu%2FosHNmXm2S5kp63Sp5o4Abk%2F%2Fq7hVAsFzN6qcYKWTn9oL8zSh5CSQQtdHGWuOUA%2BXcUliUUCWAzkWXbNdNaKiP%2BApznvixDPAvcL0VOGvq%2Bep9nXSO9759GDKCH6GbFKkuvwHsx"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1570637213281727
content-type: image/jpeg
expires: Wed, 17 Aug 2022 02:21:38 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 90165
accept-ranges: bytes
cf-ray: 73b6b29e794b72b2-LHR
cf-bgj: imgq:85,h2pri

GET
H2 200 CE11F4A269236C0AF074ADB7F1ADA1F8C472CD7AC3290EFBF4A7DADA0100B8792254D4F2CF871D3311E6317269487774B650CDD0B207BED389DBEA35CD2DBC8F
assets.ad4m.at/logo/ Frame EC65 16 KB
16 KB 67ms
57ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/CE11F4A269236C0AF074ADB7F1ADA1F8C472CD7AC3290EFBF4A7DADA0100B8792254D4F2CF871D3311E6317269487774B650CDD0B207BED389DBEA35CD2DBC8F
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196439%2C24673%2C14019&b=JBeszf5f3drKCBH6H7tptrjQtxSgTbWguX%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=GjeTBfpfXwxkcKHeHGtBC31dHZSYTeA9tE%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=300&d=250&e=&g=a2e3c3a4cd7ec8a80151cbd2bdaf6f68%2F5127987868298825557&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1660616498811&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h7pm4n6aknyf46tfmghqmnpbybyvcq98kynj1tcv8gj6ckkc44na3qvcg2kascf7ynd3n4cjq02w69p9d23x26wshdm5gchp3pwnn04k6bvfcdvpt211kvbkrxkh5py8ekf7x7a77gganjz490b5e8tra0grgwqqqxct8wp9h2g52t4mrzvbsyrrq48bvxcm5xk8cmewyqhkstfq5sxc14ser6nyk186vg2bcb32pst961x8a2jzyk1cjte21scbkrwnwgvyngt8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCGJImMf_6Yv7VHqGxgAeizKfYDJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTEzODI0NzY1Mzc1NDUzM6ABwq7o3QPIAQmpAierLxeVDLE-4AIAqAMBqgTnAU_Q-awj9pOw75K8Wi6bdktPnFaRfL4DMg5vz7vYK8oOEjQZcM2eczUzqK5FtOcABQRR0DaOefhPerk8R1r_Q8hRA_YZ1xl5CgioiMdwpRY0L_mIdov1sfvRC_S_4HkJTyjZyCUEIPiG1qiIHaXg6qvpE7cTTxBjMZZ2FjmV81wReBv7Gn8cUMDz_zFtrpfSDBY4legEn0Z5h_Z38y3Cqb7v9-NO5W9BY01qFavZu7dn0K_4tQMxcdVG5Dx5b1lv7SDO411PECqfJh0LZAhfPy7JC1u1nSu5JQXxSI6yc3vrcMikUIo5VuAEAYAG8bq-wcyDn7X8AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1bHM4yyd5pS3PlUdDrVm25QvEERg%2526client%253Dca-pub-9138247653754533%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7024493525030ecd098ce0dcb2f0aea839373775120b40580028137b1d125ac9

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash: crc32c=kzpU3g==, md5=rZM0ZkUU2QCgw7dtF8qWDw==
date: Tue, 16 Aug 2022 02:21:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 469370
cf-polished: origFmt=png, origSize=39979
x-guploader-uploadid: ADPycdt8ybmWdTr7xJ0PFvmq-VQdAr6NkOl4Hrxx2l1ZiVASgwSscV9LgnwXuuscdQY6oobTBkssQVjedh9IHFBzFWJKtUQcHplH
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15996
last-modified: Wed, 22 Jan 2020 13:07:55 GMT
server: cloudflare
etag: "ad9334664514d900a0c3b76d17ca960f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ardncJu4zBsMDp5CtHtyJSChv4h8mbRrB%2Br37AzihjL6OX8%2B8K1PNk4pAmqGrh2dNwSSMxLFRs5wjjZqHtSp%2FJkR0CayUZ6WZ5YmHvJxp0z%2BGGe11pgjK%2BI9TnhZ4CfSA8WsxCRgO8tWtn3x"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698475785088
content-type: image/webp
expires: Wed, 17 Aug 2022 02:21:38 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 39979
accept-ranges: bytes
cf-ray: 73b6b29e794e72b2-LHR
cf-bgj: imgq:85,h2pri

GET
H2 200 EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
assets.ad4m.at/product_image/ Frame EC65 222 KB
222 KB 67ms
56ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196439%2C24673%2C14019&b=JBeszf5f3drKCBH6H7tptrjQtxSgTbWguX%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=GjeTBfpfXwxkcKHeHGtBC31dHZSYTeA9tE%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=300&d=250&e=&g=a2e3c3a4cd7ec8a80151cbd2bdaf6f68%2F5127987868298825557&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1660616498811&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h7pm4n6aknyf46tfmghqmnpbybyvcq98kynj1tcv8gj6ckkc44na3qvcg2kascf7ynd3n4cjq02w69p9d23x26wshdm5gchp3pwnn04k6bvfcdvpt211kvbkrxkh5py8ekf7x7a77gganjz490b5e8tra0grgwqqqxct8wp9h2g52t4mrzvbsyrrq48bvxcm5xk8cmewyqhkstfq5sxc14ser6nyk186vg2bcb32pst961x8a2jzyk1cjte21scbkrwnwgvyngt8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCGJImMf_6Yv7VHqGxgAeizKfYDJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTEzODI0NzY1Mzc1NDUzM6ABwq7o3QPIAQmpAierLxeVDLE-4AIAqAMBqgTnAU_Q-awj9pOw75K8Wi6bdktPnFaRfL4DMg5vz7vYK8oOEjQZcM2eczUzqK5FtOcABQRR0DaOefhPerk8R1r_Q8hRA_YZ1xl5CgioiMdwpRY0L_mIdov1sfvRC_S_4HkJTyjZyCUEIPiG1qiIHaXg6qvpE7cTTxBjMZZ2FjmV81wReBv7Gn8cUMDz_zFtrpfSDBY4legEn0Z5h_Z38y3Cqb7v9-NO5W9BY01qFavZu7dn0K_4tQMxcdVG5Dx5b1lv7SDO411PECqfJh0LZAhfPy7JC1u1nSu5JQXxSI6yc3vrcMikUIo5VuAEAYAG8bq-wcyDn7X8AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1bHM4yyd5pS3PlUdDrVm25QvEERg%2526client%253Dca-pub-9138247653754533%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9bfc7d34cd8bc7df36a984d6f3da50799752e33c48bbf07a4a1ee959b51476d0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash: crc32c=KioGiw==, md5=gsfeD0L/Vf3QrMB3MWZAMQ==
date: Tue, 16 Aug 2022 02:21:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 457136
cf-polished: origFmt=png, origSize=342797
x-guploader-uploadid: ADPycdvOAH1wH0uopXISye1mkJr1JFYZBuN72mJzWShmSfa7kVYOXy3f2ZeupwOCjyQRxNdLU_OAhjDnCvXNIjTuRKuTmw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 226950
last-modified: Wed, 15 Jun 2022 14:01:11 GMT
server: cloudflare
etag: "82c7de0f42ff55fdd0acc07731664031"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WRxOEkHqZr5xdkMb%2B0c8zUGFBlqc0z8OHDwMTwAT6%2FOAUZdN6u6RdW8oE711DQOOR2sT%2FPXiiOo8m8fV%2Fv7ZwKqa4jkfBA7uTbOzng%2FHH5UmkHZnvbawOpjsc3qM6KN9nxhhfeLokl%2F8rvbZ"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1655301671870263
content-type: image/webp
expires: Wed, 17 Aug 2022 02:21:38 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 342797
accept-ranges: bytes
cf-ray: 73b6b29e794c72b2-LHR
cf-bgj: imgq:85,h2pri

GET
H2

200

ztpv.php
www.conrad.de/ Frame EC65
Redirect Chain

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7oneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.zenaps.com/cshow.php?pvr=28e5ca20-1d0a-11ed-a34d-22350b028903&v=11354&r=412871&q=377129&s=2470185&viewref3=oneidRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7oneid__dc_reach_suite02wkz&pv=1&gdpr=0&g...
https://www.conrad.de/ztpv.php?awc=11354_412871_1660616499_28e5ca20-1d0a-11ed-a34d-22350b028903&insert=AW&&gdpr=0&gdpr_consent=

0
1 KB

171ms
65ms

Image
text/html

2606:4700::6812:7f05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.conrad.de/ztpv.php?awc=11354_412871_1660616499_28e5ca20-1d0a-11ed-a34d-22350b028903&insert=AW&&gdpr=0&gdpr_consent=

Requested by

Protocol

Server

2606:4700::6812:7f05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:39 GMT
via: 1.1 varnish (Varnish/6.6)
cf-cache-status: DYNAMIC
age: 0
content-security-policy-report-only: script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=AxQoNlpfteoX.c7zqXzu8K2mUvOOttGysUOTHIAyHuU-1660616499-0-ATXlm9MOnNT78YcORkuCoLHpz_B_mB_DqA3gzyBlgsJS0uG2eqiUWNBZlkf4stLUTejQP1PjaoAD-7rC0rkv4Fo; report-to cf-csp-endpoint
p3p: policyref="http://www.conrad.de/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
server-timing: intid;desc=ab25de0ce79185cf
content-encoding: br
x-varnish: 400588554
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=AxQoNlpfteoX.c7zqXzu8K2mUvOOttGysUOTHIAyHuU-1660616499-0-ATXlm9MOnNT78YcORkuCoLHpz_B_mB_DqA3gzyBlgsJS0uG2eqiUWNBZlkf4stLUTejQP1PjaoAD-7rC0rkv4Fo"}],"group":"cf-csp-endpoint","max_age":86400}
content-type: text/html; charset=UTF-8
cache-control: no-cache
cf-ray: 73b6b2a22ec3718c-LHR
expires: -1

Redirect headers

Date: Tue, 16 Aug 2022 02:21:39 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://www.conrad.de/ztpv.php?awc=11354_412871_1660616499_28e5ca20-1d0a-11ed-a34d-22350b028903&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Length: 0

GET
H2 200 link.html Show response
track.webgains.com/ Frame EC65 2 KB
2 KB 415ms
288ms Script
text/html 18.133.111.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1k8jfsvpm9drc3w4pw7xsda2agna70j7ge7smbmachxkwnccacmr12zrb9zx8wg7zyzf0e3v2xbj5b7zz57v2q9b0ec0se0cq2nmmrebzt39kpgqc9nr4g5crdw1n4v7v3x199rp2x9akhyxsadcnv5nxj0pgv82r2wa9syh56vrm9ej4nkd3e2p81rvpcxdnjsfv2n176ef2zhc8q5sf8dxd54h3ghezq3f15awffn37d52n40e5d7a36dqqxn83w%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h7pm4n6aknyf46tfmghqmnpbybyvcq98kynj1tcv8gj6ckkc44na3qvcg2kascf7ynd3n4cjq02w69p9d23x26wshdm5gchp3pwnn04k6bvfcdvpt211kvbkrxkh5py8ekf7x7a77gganjz490b5e8tra0grgwqqqxct8wp9h2g52t4mrzvbsyrrq48bvxcm5xk8cmewyqhkstfq5sxc14ser6nyk186vg2bcb32pst961x8a2jzyk1cjte21scbkrwnwgvyngt8%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCGJImMf_6Yv7VHqGxgAeizKfYDJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTEzODI0NzY1Mzc1NDUzM6ABwq7o3QPIAQmpAierLxeVDLE-4AIAqAMBqgTnAU_Q-awj9pOw75K8Wi6bdktPnFaRfL4DMg5vz7vYK8oOEjQZcM2eczUzqK5FtOcABQRR0DaOefhPerk8R1r_Q8hRA_YZ1xl5CgioiMdwpRY0L_mIdov1sfvRC_S_4HkJTyjZyCUEIPiG1qiIHaXg6qvpE7cTTxBjMZZ2FjmV81wReBv7Gn8cUMDz_zFtrpfSDBY4legEn0Z5h_Z38y3Cqb7v9-NO5W9BY01qFavZu7dn0K_4tQMxcdVG5Dx5b1lv7SDO411PECqfJh0LZAhfPy7JC1u1nSu5JQXxSI6yc3vrcMikUIo5VuAEAYAG8bq-wcyDn7X8AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_1bHM4yyd5pS3PlUdDrVm25QvEERg%252526client%25253Dca-pub-9138247653754533%252526adurl%25253D&clickref=oneidr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhdoneid__dc_reach_suite02wkz&viewref=oneid4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuKoneid__dc_reach_suite02wkz
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196439%2C24673%2C14019&b=JBeszf5f3drKCBH6H7tptrjQtxSgTbWguX%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=GjeTBfpfXwxkcKHeHGtBC31dHZSYTeA9tE%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=300&d=250&e=&g=a2e3c3a4cd7ec8a80151cbd2bdaf6f68%2F5127987868298825557&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1660616498811&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h7pm4n6aknyf46tfmghqmnpbybyvcq98kynj1tcv8gj6ckkc44na3qvcg2kascf7ynd3n4cjq02w69p9d23x26wshdm5gchp3pwnn04k6bvfcdvpt211kvbkrxkh5py8ekf7x7a77gganjz490b5e8tra0grgwqqqxct8wp9h2g52t4mrzvbsyrrq48bvxcm5xk8cmewyqhkstfq5sxc14ser6nyk186vg2bcb32pst961x8a2jzyk1cjte21scbkrwnwgvyngt8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCGJImMf_6Yv7VHqGxgAeizKfYDJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTEzODI0NzY1Mzc1NDUzM6ABwq7o3QPIAQmpAierLxeVDLE-4AIAqAMBqgTnAU_Q-awj9pOw75K8Wi6bdktPnFaRfL4DMg5vz7vYK8oOEjQZcM2eczUzqK5FtOcABQRR0DaOefhPerk8R1r_Q8hRA_YZ1xl5CgioiMdwpRY0L_mIdov1sfvRC_S_4HkJTyjZyCUEIPiG1qiIHaXg6qvpE7cTTxBjMZZ2FjmV81wReBv7Gn8cUMDz_zFtrpfSDBY4legEn0Z5h_Z38y3Cqb7v9-NO5W9BY01qFavZu7dn0K_4tQMxcdVG5Dx5b1lv7SDO411PECqfJh0LZAhfPy7JC1u1nSu5JQXxSI6yc3vrcMikUIo5VuAEAYAG8bq-wcyDn7X8AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1bHM4yyd5pS3PlUdDrVm25QvEERg%2526client%253Dca-pub-9138247653754533%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.133.111.12 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-133-111-12.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 2cc036c2682a191b5c496cc2556a5a5dd35b3d353ef1c4c53fabbae483ec5588

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:39 GMT
last-modified: Tue, 16 Aug 2022 02:21:39 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Tue, 16 Aug 2022 02:22:39 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 8317 15 KB
6 KB 186ms
62ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=1plus1.ua

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

2b00ce902e9ef9e7031d76c62a72c1cb0054185e6691e9a72757a31cead715a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://1plus1.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-length: 6145
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 16 Aug 2022 02:21:39 GMT
server-processing-duration-in-ticks: 1954
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 87 KB
28 KB 167ms
59ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

aeb925bb204a686701ed5795fc9a381422a479fca1cacbe35de200ac65319988

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 02:21:39 GMT
content-encoding: gzip
last-modified: Tue, 02 Aug 2022 12:51:23 GMT
server: nginx
etag: W/"62e91dcb-15b76"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 17 Aug 2022 02:21:39 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C43C 42 B
64 B 91ms
90ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvRGqnIwXGe-Gx_KkteHsjPLbul8nyfxE1jYzCoj4ZbceZVS9z7a_cKE4I6LLKKnJ98wMdZg8kk9pB-PzP1NbALKC8x4egrsGHCTRnTatusV_av8lHKAahLlmDpasLtJ8wx7AgU52yQthLAMYd79MHkiXKIRE-5rnxuqqAujoyQg9PuH-96ES4otRbMyEqjL_Qc8odWmvVhWnu-mcxG0WaP7DDjH0KouqSoQKpm3t9Ken-Ko18pO8Y1WYhcvSu1UdCXb97V6Z797_8V9o1HgOFd4i_wG-pacZBoXA2OgWqR5eG0_XEp2Fn04d8uJLumyHq_NOQyAoYj35_u&sai=AMfl-YT3l73jfmfSHkOfIYEJywdSR1h3VwqFjkWjd0OPVwTfP8jsPLDBTL5y62TqVDu5r2kwxVrh0aoje8wbWXu5Rq5_DCN7UWiMSnuGrSeBulw48KVXq-Nq6NAP7DGsOA&sig=Cg0ArKJSzGTA4XuJZm7bEAE&id=lidar2&mcvt=1000&p=1020,230,1200,1370&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220810&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=2198103003&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1660616498084&rpt=113&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Aug 2022 02:21:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9C12 42 B
64 B 88ms
88ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssNA1JqEdRNeYdZi3XndBwbYE1TVC_zSV8OJZ9GrrxdFk-xTeQ6VNRl-lSsWdSiFggpohMQhjPjPlWB_HJRkXLa9am_&sig=Cg0ArKJSzItePgzOqTv-EAE&cid=CAASF-RoFFI-D6G6rLxLQ1DKzLeXKXMxnMO8&id=lidar2&mcvt=1000&p=680,299,930,599&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220810&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=695559250&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1660616498125&rpt=216&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Aug 2022 02:21:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 8317
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=1plus1.ua&sn=ChromeSyncframe&so=0&topUrl=1plus1.ua&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=Zmay6HxleGpjQjlTSG5PS2ZwS0lkUlE2ZHIwZTRqeWRVemRMeDlqcTU2WCtTOElabFBGaVF3b1VKUlpBYlBhTmE1c0VxNHFESm1qR0NJZTlLK3UyS0dNbG5ZQUZid081eXhNSnNUQ1V1anZlb0IrSzF1UWZ3dTNOOFZhOG...

433 B
631 B

189ms
52ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=Zmay6HxleGpjQjlTSG5PS2ZwS0lkUlE2ZHIwZTRqeWRVemRMeDlqcTU2WCtTOElabFBGaVF3b1VKUlpBYlBhTmE1c0VxNHFESm1qR0NJZTlLK3UyS0dNbG5ZQUZid081eXhNSnNUQ1V1anZlb0IrSzF1UWZ3dTNOOFZhOG9nSHVIamlEa3ZXYVhzaTNoOHRXTEVBMCt0LzU1TmMxVXhkYmtjWmdHNkplNXlOUEJHNXZwN2swMTdMRTVvMGVDamdZdlZQdkRUMDlwb0FHZ1NYaDZOdXdxTksxTGhvMGFkSW5TaytNQnUvSm1JVXVxTFRRSzJZNVJOTVEyQWYrWVR3SnBSYWJwMXkrYVVDU3lYWjZqajFMZWFCQ3MrUT09fA&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

45fedc8f5c69e9cc52e3d87f0f394eab393bcc04687e4565932670363254d212

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Aug 2022 02:21:38 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 7085
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 16 Aug 2022 02:21:38 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=Zmay6HxleGpjQjlTSG5PS2ZwS0lkUlE2ZHIwZTRqeWRVemRMeDlqcTU2WCtTOElabFBGaVF3b1VKUlpBYlBhTmE1c0VxNHFESm1qR0NJZTlLK3UyS0dNbG5ZQUZid081eXhNSnNUQ1V1anZlb0IrSzF1UWZ3dTNOOFZhOG9nSHVIamlEa3ZXYVhzaTNoOHRXTEVBMCt0LzU1TmMxVXhkYmtjWmdHNkplNXlOUEJHNXZwN2swMTdMRTVvMGVDamdZdlZQdkRUMDlwb0FHZ1NYaDZOdXdxTksxTGhvMGFkSW5TaytNQnUvSm1JVXVxTFRRSzJZNVJOTVEyQWYrWVR3SnBSYWJwMXkrYVVDU3lYWjZqajFMZWFCQ3MrUT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1421
content-length: 541
expires: 0

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame EC65 51 KB
51 KB 225ms
65ms Script
application/javascript 13.225.78.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1k8jfsvpm9drc3w4pw7xsda2agna70j7ge7smbmachxkwnccacmr12zrb9zx8wg7zyzf0e3v2xbj5b7zz57v2q9b0ec0se0cq2nmmrebzt39kpgqc9nr4g5crdw1n4v7v3x199rp2x9akhyxsadcnv5nxj0pgv82r2wa9syh56vrm9ej4nkd3e2p81rvpcxdnjsfv2n176ef2zhc8q5sf8dxd54h3ghezq3f15awffn37d52n40e5d7a36dqqxn83w%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h7pm4n6aknyf46tfmghqmnpbybyvcq98kynj1tcv8gj6ckkc44na3qvcg2kascf7ynd3n4cjq02w69p9d23x26wshdm5gchp3pwnn04k6bvfcdvpt211kvbkrxkh5py8ekf7x7a77gganjz490b5e8tra0grgwqqqxct8wp9h2g52t4mrzvbsyrrq48bvxcm5xk8cmewyqhkstfq5sxc14ser6nyk186vg2bcb32pst961x8a2jzyk1cjte21scbkrwnwgvyngt8%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCGJImMf_6Yv7VHqGxgAeizKfYDJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTEzODI0NzY1Mzc1NDUzM6ABwq7o3QPIAQmpAierLxeVDLE-4AIAqAMBqgTnAU_Q-awj9pOw75K8Wi6bdktPnFaRfL4DMg5vz7vYK8oOEjQZcM2eczUzqK5FtOcABQRR0DaOefhPerk8R1r_Q8hRA_YZ1xl5CgioiMdwpRY0L_mIdov1sfvRC_S_4HkJTyjZyCUEIPiG1qiIHaXg6qvpE7cTTxBjMZZ2FjmV81wReBv7Gn8cUMDz_zFtrpfSDBY4legEn0Z5h_Z38y3Cqb7v9-NO5W9BY01qFavZu7dn0K_4tQMxcdVG5Dx5b1lv7SDO411PECqfJh0LZAhfPy7JC1u1nSu5JQXxSI6yc3vrcMikUIo5VuAEAYAG8bq-wcyDn7X8AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_1bHM4yyd5pS3PlUdDrVm25QvEERg%252526client%25253Dca-pub-9138247653754533%252526adurl%25253D&clickref=oneidr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhdoneid__dc_reach_suite02wkz&viewref=oneid4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuKoneid__dc_reach_suite02wkz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-56.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 332e45bcd4c243a40af8ec861316cafe009c3c5de4366f960d4c6cc2ac92e1d0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: 3_MJXCnMrjiLc9gQ4cSP2UO8QHaqI_KE
via: 1.1 eb1a8c1b1275e33a016e623478052110.cloudfront.net (CloudFront)
last-modified: Tue, 24 May 2022 13:31:25 GMT
server: AmazonS3
age: 67013
etag: "8e0f444d427a5cc08c98fd04087e9847"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Mon, 15 Aug 2022 07:44:47 GMT
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 52117
x-amz-cf-id: G5oSc0iBMqdxe7Bel3hsCpF3uAZqSbeJclrSmj8ehuQ778rZhp7BJQ==

GET
H2 200 Logo%20RGB.png
cdn.track.production.webgains.team/12607/ Frame EC65 85 KB
85 KB 189ms
64ms Image
image/png 18.66.139.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/12607/Logo%20RGB.png?Expires=1660616799&Signature=a9p8HODhcWgFU8mOX3abyhLvvGFRzNNMTI3r-~Qrobr0xLvNmynziEQRnFkXNrcGKI68WOIKzo-axEuDDZ4ovSjzG9cKM1O5j6Ebq7jyLSXrpIeuCFlq1SdhJa2jn~t96-HpsZhL9BV~EWJyS5fvSoZG5XFISedqbyg2Q8tO21AgkDGzjYKQAtWOC7c307FbnSGmrV3f4rqsbv-7t8Qr61KhoAu8h-QvsbhFHGjN0~4Zb9V9C6M-4lWUEdqYwbtZu1FVf4eabmiDON-5cPyl2o1MksvFUJwBmj~saaxOOQpQp3bEUtJCO5BuyeaZHwOMK1l03iftY3JQ0zckwCXrsA__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196439%2C24673%2C14019&b=JBeszf5f3drKCBH6H7tptrjQtxSgTbWguX%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=GjeTBfpfXwxkcKHeHGtBC31dHZSYTeA9tE%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=300&d=250&e=&g=a2e3c3a4cd7ec8a80151cbd2bdaf6f68%2F5127987868298825557&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1660616498811&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h7pm4n6aknyf46tfmghqmnpbybyvcq98kynj1tcv8gj6ckkc44na3qvcg2kascf7ynd3n4cjq02w69p9d23x26wshdm5gchp3pwnn04k6bvfcdvpt211kvbkrxkh5py8ekf7x7a77gganjz490b5e8tra0grgwqqqxct8wp9h2g52t4mrzvbsyrrq48bvxcm5xk8cmewyqhkstfq5sxc14ser6nyk186vg2bcb32pst961x8a2jzyk1cjte21scbkrwnwgvyngt8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCGJImMf_6Yv7VHqGxgAeizKfYDJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTEzODI0NzY1Mzc1NDUzM6ABwq7o3QPIAQmpAierLxeVDLE-4AIAqAMBqgTnAU_Q-awj9pOw75K8Wi6bdktPnFaRfL4DMg5vz7vYK8oOEjQZcM2eczUzqK5FtOcABQRR0DaOefhPerk8R1r_Q8hRA_YZ1xl5CgioiMdwpRY0L_mIdov1sfvRC_S_4HkJTyjZyCUEIPiG1qiIHaXg6qvpE7cTTxBjMZZ2FjmV81wReBv7Gn8cUMDz_zFtrpfSDBY4legEn0Z5h_Z38y3Cqb7v9-NO5W9BY01qFavZu7dn0K_4tQMxcdVG5Dx5b1lv7SDO411PECqfJh0LZAhfPy7JC1u1nSu5JQXxSI6yc3vrcMikUIo5VuAEAYAG8bq-wcyDn7X8AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1bHM4yyd5pS3PlUdDrVm25QvEERg%2526client%253Dca-pub-9138247653754533%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-139-56.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 816b7f4e336674d9d7828ef4700482e8.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 09:41:36 GMT
server: AmazonS3
age: 48656
etag: "92f323c42d6018008b4cf82e90ac9639"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
date: Mon, 15 Aug 2022 12:50:44 GMT
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
content-length: 86991
x-amz-cf-id: oggdiHC2VW7dz_MTnDMSrZyh9eNxnV3ipL1p68fwqcv7dKpg1CksDw==

GET
H2 400 / Show response
graph.facebook.com/v2.2/ 202 B
604 B 199ms
77ms XHR
application/json 2a03:2880:f02d:110:face:b00c:0:2
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://graph.facebook.com/v2.2/?fields=og_object{engagement}&id=https://1plus1.uahttps://1plus1.video/video/embed/E2fzXbha?l=ua

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/build/js/app.js?id=ff35a9d53833cf45c98e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:110:face:b00c:0:2 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

490dd9ddf55f4316cab45b0f87f2fb739a1657d39b8c84f92c693fa193a6925a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
www-authenticate: OAuth "Facebook Platform" "invalid_request" "(#2) Service temporarily unavailable"
x-fb-rev: 1006031579
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 149
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: QFHtz4phYhl2EFOFhVWWjAy2+e1vQ8nImFMfDw5pFMZZCivzdVOVYkC7O18U6Yxbr23jQbsrBK+8rn1fdmVUKA==
x-fb-trace-id: HEvye/Gkywq
date: Tue, 16 Aug 2022 02:21:40 GMT
vary: Origin, Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-fb-request-id: Atp4OF4eFLIPaYLa96OHH9y
cache-control: no-store
facebook-api-version: v8.0
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame EC65 16 B
232 B 113ms
113ms Fetch
application/json 3.8.108.133
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.8.108.133 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-8-108-133.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/7.4.26

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 16 Aug 2022 02:21:40 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.26
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 182ms
44ms Preflight 3.8.108.133
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.8.108.133 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-8-108-133.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Tue, 16 Aug 2022 02:21:40 GMT
server: nginx

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 162ms
55ms Preflight
application/json 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2F1plus1.ua%2F&domain=1plus1.ua&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://1plus1.ua
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://1plus1.ua
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Tue, 16 Aug 2022 02:21:40 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 906
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2F1plus1.ua%2F&domain=1plus1.ua&cw=1&pbt=1&lsw=1
https://mug.criteo.com/sid?cpp=EWNMhXxucERmUGZFMlprYWJ6dmh2N0hrZDRQbTZHZ1dwNU9mT05hNmlsMXFKSVgrZ29CTWRYTlVSaTZQZmMyNDZNTnE4bUtWc1VEUVhJeDFPUDNZWnMyQ2tRTkc1NjBIOG8ybGNmdnV1U0ZOM2J1Y3dGQnFwNys0NW03bE...

406 B
662 B

51ms
50ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=EWNMhXxucERmUGZFMlprYWJ6dmh2N0hrZDRQbTZHZ1dwNU9mT05hNmlsMXFKSVgrZ29CTWRYTlVSaTZQZmMyNDZNTnE4bUtWc1VEUVhJeDFPUDNZWnMyQ2tRTkc1NjBIOG8ybGNmdnV1U0ZOM2J1Y3dGQnFwNys0NW03bExUNTdqQS9jazBIOWtzTmVaVzQvd3RDMnFiRUhFZkxQMFQ0a1c5aDlhNllUTE1UaHRQbnZweXlYQVBLdWlLTEo5anZobVJvZ2t4bUIzMnkzY3BybzVPaVdBalVJWEFuTVM4aHZxWEhnSUU1c241SHRsNmI3REx5L2J6UkVhMXQxOWluVnhiK0NZZWwyaE9TOVkwMlhVQURLL2pON1dRQT09fA&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

d6ea0561bbb9cf46b9519c118f83a4445820cd7c98d92a34ffa810dbe0c53e3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Aug 2022 02:21:40 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 3532
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 16 Aug 2022 02:21:39 GMT
location: https://mug.criteo.com/sid?cpp=EWNMhXxucERmUGZFMlprYWJ6dmh2N0hrZDRQbTZHZ1dwNU9mT05hNmlsMXFKSVgrZ29CTWRYTlVSaTZQZmMyNDZNTnE4bUtWc1VEUVhJeDFPUDNZWnMyQ2tRTkc1NjBIOG8ybGNmdnV1U0ZOM2J1Y3dGQnFwNys0NW03bExUNTdqQS9jazBIOWtzTmVaVzQvd3RDMnFiRUhFZkxQMFQ0a1c5aDlhNllUTE1UaHRQbnZweXlYQVBLdWlLTEo5anZobVJvZ2t4bUIzMnkzY3BybzVPaVdBalVJWEFuTVM4aHZxWEhnSUU1c241SHRsNmI3REx5L2J6UkVhMXQxOWluVnhiK0NZZWwyaE9TOVkwMlhVQURLL2pON1dRQT09fA&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://1plus1.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1347
content-length: 541
expires: 0

POST
H/1.1 200 692.json Show response
id5-sync.com/g/v2/ 213 B
616 B 197ms
61ms XHR
application/json 141.95.98.66
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/692.json

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19220/hb_298309_4139.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.66 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216537.ip-141-95-98.eu

Software

Resource Hash

0a69c40ed5b3241c8df9a85c29b3164062e43c0b721e5ca2934965d1aede3397

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://1plus1.ua
date: Tue, 16 Aug 2022 02:21:39 GMT
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json;charset=UTF-8

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 147ms
50ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Tue, 16 Aug 2022 02:21:40 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 2557
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

POST
H2 200 PageStatEntry Show response
sslpagestat.mmi.bemobile.ua/pagestat/ 36 B
130 B 86ms
85ms XHR
application/json 194.247.175.25
BEMOBILE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sslpagestat.mmi.bemobile.ua/pagestat/PageStatEntry
Requested by: Host: source.mmi.bemobile.ua
URL: https://source.mmi.bemobile.ua/cm/cm.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.247.175.25 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 147b1111edda7e2c2f9d672b5649de2f2dc5d5cb9dda7905198aa883a4273013

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 16 Aug 2022 02:21:41 GMT
server: nginx/1.16.0
content-length: 36
content-type: application/json

GET
H2 200 PageStatEntry Show response
sslpagestat.mmi.bemobile.ua/pagestat/ 36 B
130 B 85ms
85ms XHR
application/json 194.247.175.25
BEMOBILE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sslpagestat.mmi.bemobile.ua/pagestat/PageStatEntry?cookie=BDE9DB9575DD4145A4C8CCFC1B3777FC&time=1660616501190&location=https%3A%2F%2F1plus1.ua%2F&referrer=&is_flash=0&session_id=705497297&version=3.5.337_ua/1.83&sw=1600&sh=1200&scd=24&spd=24&tnscm_adn=inline_cm&param1=~cm_timer~&param2=5&param3=1200&param4=2731&param5=7&vt=d
Requested by: Host: source.mmi.bemobile.ua
URL: https://source.mmi.bemobile.ua/cm/cm.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.247.175.25 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 147b1111edda7e2c2f9d672b5649de2f2dc5d5cb9dda7905198aa883a4273013

Request headers

Accept: application/json
Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 16 Aug 2022 02:21:41 GMT
server: nginx/1.16.0
content-length: 36
content-type: application/json

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Domain: images.1plus1.video
URL: https://images.1plus1.video/playlist-1/5589/580fc007f314b6c7a87ec2f320914a1a.220x330.jpg

Domain: images.1plus1.video
URL: https://images.1plus1.video/playlist-1/101800/fa026e772cfd5e39f5c43fb03bea1247.220x330.jpg

Domain: images.1plus1.video
URL: https://images.1plus1.video/playlist-1/3467/370c2b73c5a49b7670bbcbdc1171051f.220x330.jpg

Domain: images.1plus1.video
URL: https://images.1plus1.video/playlist-1/3093/220x330.jpg

Domain: images.1plus1.video
URL: https://images.1plus1.video/playlist-1/326/08889206d0bc6f22496fd04b86041fed.220x330.jpg

Domain: images.1plus1.video
URL: https://images.1plus1.video/playlist-1/93/e2811c3b984e91c24e364696bb27bc38.220x330.jpg

Domain: images.1plus1.video
URL: https://images.1plus1.video/playlist-1/172/200x335.jpg

Domain: images.1plus1.video
URL: https://images.1plus1.video/playlist-1/118669/f0ee1990bc109bdc1d80ced614848fbe.220x330.jpg

Domain: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/fpdata.js?href=1plus1.video

Domain: ls.hit.gemius.pl
URL: https://ls.hit.gemius.pl/lsget.html

Domain: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/_1660616497331/redot.gif?l=107&vis=2&fpdata=-UNLOAD&lsdata=-UNLOAD&id=ByA1NmOpnbt8LmYqyjQkWrd8.l0YgocyqLXiHjiJayv.h7&et=data&hsrc=3&extra=_EC%3Dstreamcontent%7C_SPI%3D1660616497809%7C_SP%3DE2fzXbha%7C_SPD%3D1plus1.ua%7C_SPV%3D100%7C_SPR%3D665x400%7C_SC%3DE2fzXbha%7CcurrentDomain%3D1plus1.ua%7CcurrentNetwork%3Dhome%7CprojectID%3D128902%7C_SCV%3D100%7Cmute%3Dfalse%7C_SCR%3D665x400%7C_SCT%3DStarodavni%20tradiciyi%20guculivsirovariv%20ta%20sekreti%20virobnictva%20karpatskih%20tverdih%20siriv%7CvideoType%3D3%7CUserType%3DNotAuthorized%7CCategory%3DENT_AVT_1P1%7C_SCD%3D3189%7C_SCTE%3DVideo%7C_SCPD%3D20210612%7C_SCTY%3D1%2F00%7CcontentType%3Dfun%7C_SCTT%3D1&inner=_ver%3D328&eventid=0&fr=3&tz=0&fv=-&href=https%3A%2F%2F1plus1.video%2Fvideo%2Fembed%2FE2fzXbha%3Fl%3Dua&ref=https%3A%2F%2F1plus1.ua%2F&screen=1600x1200r1000&col=24&window=665x400

Verdicts & Comments Add Verdict or Comment

147 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

66 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
1plus1.ua/	1969-12-31 23:59:59	Name: Value: store.test
.1plus1.video/	1970-01-20 14:52:56	Name: _opov_sid_ Value: m2hi8i063vb021pdoap7ngth9b
1plus1.ua/	1970-01-20 14:52:56	Name: _opov_hid_l Value: aa01ec81-bbbf-56cb-9dbc-cd9438d19a75
.1plus1.ua/	1970-01-20 14:52:56	Name: _opov_sid_ Value: m2hi8i063vb021pdoap7ngth9b
1plus1.ua/	1970-01-20 14:42:51	Name: _pk_id.2.1c86 Value: 9a2865db329a0183.1660616496.1.1660616496.1660616496.
1plus1.ua/	1970-01-20 05:16:58	Name: _pk_ses.2.1c86 Value: *
.1plus1.ua/	1970-01-20 14:45:44	Name: __gfp_64b Value: oEdgMO5BQ9A79fP9JFmgByQhd3W07y1YiGWi5TwoyOf.c7\|1660616496
.1plus1.ua/	1970-01-20 14:52:56	Name: _ga Value: GA1.2.1451509079.1660616496
.1plus1.ua/	1970-01-20 05:18:22	Name: _gid Value: GA1.2.1884303810.1660616496
.1plus1.ua/	1970-01-20 05:16:56	Name: _gat_UA-22507043-9 Value: 1
.1plus1.ua/	1970-01-20 05:16:56	Name: _gat_UA-113262294-1 Value: 1
a4p.adpartner.pro/	1970-01-20 06:43:20	Name: apuid Value: bb097895-9d49-4d58-97fc-d812cf2fc971
.1plus1.ua/	1970-01-20 14:02:32	Name: _hjSessionUser_1437498 Value: eyJpZCI6IjZjOTExZmRmLTU4MDItNTZhMC1hNTQ2LTA1N2IwZGU0ZDIzOSIsImNyZWF0ZWQiOjE2NjA2MTY0OTYzNDQsImV4aXN0aW5nIjpmYWxzZX0=
.1plus1.ua/	1970-01-20 05:16:58	Name: _hjFirstSeen Value: 1
1plus1.ua/	1970-01-20 05:16:56	Name: _hjIncludedInSessionSample Value: 0
.1plus1.ua/	1970-01-20 05:16:58	Name: _hjSession_1437498 Value: eyJpZCI6IjlkZTlkNDQ4LTM0ZmUtNDMwNS1iNTNmLTAzMDg4ZWE3YmIyZiIsImNyZWF0ZWQiOjE2NjA2MTY0OTYzNzcsImluU2FtcGxlIjpmYWxzZX0=
.1plus1.ua/	1970-01-20 05:16:58	Name: _hjAbsoluteSessionInProgress Value: 0
1plus1.ua/	1970-01-20 06:00:08	Name: _pbjs_userid_consent_data Value: 2024371239917068
.1plus1.ua/	1970-01-20 14:02:32	Name: _pubcid Value: e3a50f3c-c85a-46f9-8b84-2b684c202fd4
.adtelligent.com/	1970-01-20 06:46:13	Name: vmuid Value: 9f5f360b599052b1
.adtelligent.com/	1970-01-20 06:46:13	Name: a307558 Value: bb097895-9d49-4d58-97fc-d812cf2fc971
pbjs.e-planning.net/	1969-12-31 23:59:59	Name: CT Value: 1
.admixer.net/	1970-01-20 07:26:32	Name: am-uid Value: c678bcdfc412490ca2381fcc583a7d7c
.e-planning.net/	1970-01-20 14:52:56	Name: E Value: AHxSYm0iatSkIAs3
.prebid.a-mo.net/	1970-01-20 14:02:32	Name: __amc Value: 1_1660616497_1660616497
.ads.adnuntius.delivery/	1970-01-20 06:00:08	Name: usi Value: lws1!adnfp69433e3edb9316ec
.ads.adnuntius.delivery/	1969-12-31 23:59:59	Name: sessionId Value: 70f3e7c57fdabafd68b09d38f529398a
.ads.adnuntius.delivery/	1970-01-20 05:29:32	Name: i Value: 0AAAAAQAA
.ads.adnuntius.delivery/	1970-01-20 05:29:32	Name: r Value: 0AAAAAQAA
.ads.adnuntius.delivery/	1970-01-20 05:29:32	Name: s Value: 0AAAAAQAA
.ads.adnuntius.delivery/	1970-01-20 05:29:32	Name: v Value: 0AAAAAQAA
.ads.adnuntius.delivery/	1970-01-20 05:29:32	Name: c Value: 0AAAAAQAA
.adnxs.com/	1970-01-20 07:26:32	Name: icu Value: ChgI4axaEAoYASABKAEwsf7rlwY4AUABSAEQsf7rlwYYAA..
.adnxs.com/	1970-01-20 07:26:32	Name: uuid2 Value: 240746961943242787
.openx.net/	1970-01-20 14:02:32	Name: i Value: e3a50f3c-c85a-46f9-8b84-2b684c202fd4\|1660616497
.rubiconproject.com/	1970-01-20 14:02:32	Name: khaos Value: L6VK6PUA-1S-8M4Y
.rubiconproject.com/	1970-01-20 14:02:32	Name: audit Value: 1\|hLZGFuTafB1J3mogsVeq1K2qEsFCZ0ctSdOhPT1GMTmBH6ymE720AMFHDyS0ldPLfr2w3YCIInLgcRgjl6EitdZeyV7KzLVX3OlDu/ORdD8=
.doubleclick.net/	1970-01-20 14:38:32	Name: IDE Value: AHWqTUl1xrq0iPcNr_B6lrmQWwcPJzmnquoJOFTWApoKdP8gwPcjEn6cJa8hu1xI_Ug
.1plus1.ua/	1970-01-20 14:38:32	Name: __gads Value: ID=6714111e46a8c048:T=1660616496:S=ALNI_MbYB74hy4T41yFJw2o93iQLCFBnsQ
1plus1.video/	1970-01-20 14:52:56	Name: _opov_hid_l Value: ed56eb01-2aa6-57c8-8470-071eaad348ed
.doubleclick.net/	1970-01-20 05:17:00	Name: DSID Value: NO_DATA
.yahoo.com/	1970-01-20 14:02:54	Name: A3 Value: d=AQABBDL_-mICEPfWamgJXzhFHochSk-tWAwFEgEBAQFQ_GIEYwAAAAAA_eMAAA&S=AQAAAk9DmHbKZ5DCAQwO0qk41qA
.360yield.com/	1970-01-20 07:26:32	Name: tuuid Value: 39d34862-f2ed-4137-b8d5-9a07ec6823fa
.360yield.com/	1970-01-20 07:26:32	Name: tuuid_lu Value: 1660616498
.analytics.yahoo.com/	1970-01-20 14:02:32	Name: IDSYNC Value: 18yx~26m2
.ctnsnet.com/	1970-01-20 14:02:32	Name: gid_CAESEDYp1JdnHN6kKE0iABEiZ74 Value: 1
.ctnsnet.com/	1970-01-20 14:02:32	Name: cid_031d3b77af54402491a3d9975518de76 Value: 1
.ctnsnet.com/	1970-01-20 14:02:32	Name: cid_ca1e010ad2ef49f09a356d27e5abc66d Value: 1
.bidswitch.net/	1970-01-20 14:02:32	Name: c Value: 1660616498
.bidswitch.net/	1970-01-20 14:02:32	Name: tuuid_lu Value: 1660616498
.1plus1.video/	1970-01-20 14:45:44	Name: __gfp_s_64b Value: q03aOOOhmbN9uGVLzR0AG76aC7fA89hDC68oV1ATNCz.67\|1660616498
.bidswitch.net/	1970-01-20 14:02:32	Name: tuuid Value: e3620539-6d9b-4ef9-93fe-6245a4552231
.bidswitch.net/	1970-01-20 05:16:56	Name: google_push Value: AehlK4A8vGM-h8cQnJ8EQPY5cnItaHJ-k0Mz_qL4maIl1o08W0VVqiQJ-JLlHdNmri_E8Lc5ZQ1jsx44DBk6vKU8PW9d5tdURjg
.hit.gemius.pl/	1970-01-20 14:45:44	Name: Gdyn Value: KlSHFMaGQMGGn_bJyaPbtT2issGMy1soL6nxmGBck1nLbvaiGsRP0QlGvGGpQF48SsL8RDcGFsCB07l8MG..
.awin1.com/	1970-01-20 05:21:15	Name: awpv11354 Value: 412871\|1660616499\|28e5ca20-1d0a-11ed-a34d-22350b028903
.awin1.com/	1970-01-20 05:27:01	Name: awpv11938 Value: 412871\|1660616499\|2904eae0-1d0a-11ed-a34d-22350b028903
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 367022:2542680
.criteo.com/	1970-01-20 14:38:32	Name: uid Value: 0c7ccaa2-2149-4b47-9845-dc9204768be0
.zenaps.com/	1970-01-20 05:21:15	Name: awpv11354 Value: 412871\|1660616499\|28e5ca20-1d0a-11ed-a34d-22350b028903
.zenaps.com/	1969-12-31 23:59:59	Name: AWSESS Value: 377129:2470185
www.conrad.de/	1970-01-20 05:24:08	Name: HTLP_timestamp Value: 1660616499
www.conrad.de/	1970-01-20 05:24:08	Name: CEAffHA Value: YD
.www.conrad.de/	1970-01-20 05:16:58	Name: __cf_bm Value: 7yP1wzu9YDPD_DMOzlYZA.NFh_hzu_Xj0fwB4LUj4ZQ-1660616499-0-AUvTN+AZ3MyVJ9eEqJ2tVmZNdRIhhd8ak9O6P8PD8+xkwHpGXVJ/0+0SkfIppDBJv7n/TV7XYdtmInuXXPl2NKY=
.congstar.de/	1970-01-20 05:27:08	Name: staticentry Value: %7B%22spfr%22%3A%22412871%22%2C%22awc%22%3A%2211938_412871_1660616499_2904eae0-1d0a-11ed-a34d-22350b028903%22%2C%22sp%22%3A%22awin%22%7D
.1plus1.ua/	1970-01-20 14:38:32	Name: cto_bundle Value: RnHQ5183S0ZKVWNkcDVveGl2cSUyQmJJclo0TlhrcDFBa3hRQVpPWHc0cFNZNmtFSjU2S05VMWw5MGNvSzFwSTdoYkFObXhQYjhjWEE4TmVIRnJoM2FGT2d2cEtQeGJyYzRKJTJCaFRMYllQaEJJcXEwQ2piQ25ZY3ZCa3NnMml6STN6M1VMN2Q0bkJFUUFKRW1iUW5SRUxIcGlzOTF3JTNEJTNE
.1plus1.ua/	1970-01-20 14:38:32	Name: cto_bidid Value: 3JOHL190R2ZiZTZYNUZWUXJMQnJTRFZYZzdMYzhIJTJCT016OWlqcmV4dzFjVjR3dlBvJTJGd1JQZW5CTVBDQ0NRWXZJeDU2YTh0Y1I5anNPcEExVXpzV3YxZE9uZldFa01wckxKODlPMGZWeUo2bTh6JTJGdyUzRA

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://1plus1.ua/(Line 2096) Message: Allow attribute will take precedence over 'allowfullscreen'.
network	error	URL: https://graph.facebook.com/v2.2/?fields=og_object{engagement}&id=https://1plus1.uahttps://1plus1.video/video/embed/E2fzXbha?l=ua Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1plus1.ua
1plus1.video
a4p.adpartner.pro
ad.doubleclick.net
ad4m.at
ads.adnuntius.delivery
adservice.google.com
adservice.google.de
adtelligent-d.openx.net
analytics.webgains.io
api.1plus1.video
api.webgains.io
as.ad4m.at
assay.1plus1.ua
assets.ad4m.at
banner.congstar.de
bidder.criteo.com
c6f2ca2e0f170d385845c58227aca79e.safeframe.googlesyndication.com
cat.nl.eu.criteo.com
cdn.admixer.net
cdn.track.production.webgains.team
cm.g.doubleclick.net
connect.facebook.net
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
gaua.hit.gemius.pl
gcm.ctnsnet.com
ghb.adtelligent.com
ghb1.adtelligent.com
googleads.g.doubleclick.net
graph.facebook.com
gum.criteo.com
hb-api.omnitagjs.com
hbopenbid.pubmatic.com
ib.adnxs.com
id5-sync.com
images.1plus1.ua
images.1plus1.video
imasdk.googleapis.com
inv-nets.admixer.net
ls.hit.gemius.pl
match.360yield.com
match.adsrvr.org
mug.criteo.com
onetag-sys.com
pa.tns-ua.com
pagead2.googlesyndication.com
partner.googleadservices.com
pbjs.e-planning.net
pix.eu.criteo.net
player.adtelligent.com
prebid-eu.creativecdn.com
prebid.a-mo.net
prod-rtb.ad4mat.net
rtb.nl.eu.criteo.com
s.ad.smaato.net
s0.2mdn.net
script.hotjar.com
securepubads.g.doubleclick.net
source.mmi.bemobile.ua
ssbsync.smartadserver.com
sslpagestat.mmi.bemobile.ua
static-de.ad4mat.net
static.criteo.net
static.hotjar.com
stats.g.doubleclick.net
sync.adtelligent.com
sync.pubwise.io
sync.teads.tv
tpc.googlesyndication.com
track.webgains.com
ups.analytics.yahoo.com
vars.hotjar.com
www.awin1.com
www.conrad.de
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.zenaps.com
x.bidswitch.net
gaua.hit.gemius.pl
images.1plus1.video
imasdk.googleapis.com
ls.hit.gemius.pl
104.111.239.217
104.96.128.226
13.224.189.122
13.225.78.56
141.95.98.66
142.250.186.34
142.250.186.70
146.0.227.109
146.59.10.80
146.59.30.108
147.75.198.217
147.75.85.234
148.251.139.77
172.217.18.2
178.250.2.131
178.250.2.135
178.250.2.146
178.250.2.148
18.133.111.12
18.66.139.56
18.66.97.10
185.184.8.90
185.255.84.151
185.64.189.112
185.86.139.94
194.247.175.25
194.247.175.26
194.247.175.38
195.137.240.108
195.137.240.12
195.137.240.20
195.137.240.80
2600:1901:0:76b9::
2600:9000:20eb:8c00:1b:5138:8a40:93a1
2602:803:c004:200::140
2606:4700:20::ac43:444e
2606:4700:20::ac43:4a81
2606:4700:3030::6815:5525
2606:4700::6812:7f05
2a00:1450:4001:800::2002
2a00:1450:4001:800::200e
2a00:1450:4001:803::2002
2a00:1450:4001:803::200a
2a00:1450:4001:806::2008
2a00:1450:4001:809::2003
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::2004
2a00:1450:4001:80f::2001
2a00:1450:4001:810::2002
2a00:1450:4001:812::2002
2a00:1450:4001:813::200a
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2006
2a00:1450:4001:830::2002
2a00:1450:4001:830::2003
2a00:1450:400c:c00::9c
2a02:2638:1::13
2a02:2638:1::2
2a02:2638:1::3
2a03:2880:f007:8:face:b00c:0:1
2a03:2880:f02d:110:face:b00c:0:2
2a03:2880:f12d:181:face:b00c:0:25de
2a03:90c0:41:2801::254
2a0c:5c81:5142::2
3.120.120.86
3.126.56.137
3.33.220.150
3.8.108.133
35.186.193.173
35.244.159.8
37.252.172.123
45.133.44.4
46.249.52.249
51.83.220.94
51.89.9.253
52.222.236.63
62.149.0.72
99.81.70.153
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
010fc49006208426914e70347c6f84561073cba092232280b8901de805071508
03d6145a857d86defd62c2424232241b5f126db974f1d17f4bd8b1a8e678260d
059e09ab2a9506e7809a1d952f005532229db1c89b3fa6bbaaad4292aeddbddd
05cabacfb913494a2aa4a7456edde299adc54abe9e6228748feb849adce9185c
0794b9a67a407f7032a86d5b5db6ab1c2ec16d05118d0aa080c6ef7eeab58412
0a3a92c5307798ca9d5ae76a1db018bbffa8cab6a672c82fde508c7c9536c46a
0a69c40ed5b3241c8df9a85c29b3164062e43c0b721e5ca2934965d1aede3397
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0d90464ee9b1b63f4d25925a108c27f80ab2f2329d0257bfa5332caac8dbc90c
0dc2003f3aa835a39406a88f7f79dae2998de152accf3974efc168bb40839bae
0f88ae63128481eb45ee723fb36c422fcb8df2901050ac7e33987fc80cc89328
0fb1468e01fc61820e905556d9a6bfd354404ea647b17db099f5913efa77658a
0fc2fc5d88d357fa83957e664039e6a19588081e55a215d8d077eed82d43beba
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12048eb039a836906a3a799018735711add81d651a6e111eafbda8e4951c1fa6
131432643e0165e0a7f83cb2265dd8205d737daebd1018baa23f8e9092c873dc
147b1111edda7e2c2f9d672b5649de2f2dc5d5cb9dda7905198aa883a4273013
148a6268f4df5f8b0a298dc702ea68501fed607179676913d080af1525a46405
16aec55d227d15b95ca9a2297e928565f7563468e81b0f92cfaff43c2aede381
16f60a886f27383f8a1fdf605efc175370161962920174e49a2f446b5af172bb
176cec0c0610df2346dd22066f273900fa263f1071814b001d07ffbd654b9eda
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18490029527d0166564d08d77d15347f5c7604cb916606860eb0bf458565ba9f
19efd060fb8e2136420342b8dc60dd738f0dfcffa1704f92a72f902f6748f70a
1a1cbd003f02f0c1712e6de047260a8897034a6966acd5cccf3472fd1637ffb3
2136d5fe89f1ccde0114a6424759b3c69f7c57c1139c0ce88f9d01268a5b2e24
22cadce4f1aad2a4af3657f90efa02d4e3d32217fdf307ff69512771d1fb08ab
2314da4607398a6481be7b838cabed671605b3706f882c5435b677adfe8734b7
272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86
2989d122b428032347ee59214588caa9b61ff760ead0a8d23637af3728222143
2b00ce902e9ef9e7031d76c62a72c1cb0054185e6691e9a72757a31cead715a1
2b7f68582252a22f529528a5bcd334c5d727a7e972d2808677aaee4a4ba20259
2bb92adfe18053c1a9c970e62deb3c731c64dfb05695362668d5bc5bf95a7bcd
2cc036c2682a191b5c496cc2556a5a5dd35b3d353ef1c4c53fabbae483ec5588
2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ed29ecb64c40cba3d32f44c6e17c3e985b9ea42d824bddcbedbd5a39792dc97
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
332e45bcd4c243a40af8ec861316cafe009c3c5de4366f960d4c6cc2ac92e1d0
3395548d12c45b3163fe2231ff03b0ced049771aeae73bacb45b2726e2f61010
3414b58bed1def0f8a1f6eb4d0a00aefe269558f7c83e4991514f7557906d5d8
3825b2a1d4dfe040dfd3b7cbcf55cdac3837bf91457f0b5fcb15e5e0923d3f0f
39c304359e87866845a2f5eb25583249a5e95370d60a7bec5e0f874a4613981a
3ab326af9dc6c82a2117248f99b169c68e64ef429ca3cfb75ddf9aa81e07c3a4
3b0464081ea585a89a02303644ebb231f4cbf5ce95d349a3fcd277b15acbe9f6
3c342cf44bda3d1aa3ffe18e68360b534b97a015eef7ce00cbd7ddf4ed265952
3c3a0321547809818914bf6666db8a6b4f882b487d3e08e334566d25d5d38e55
3dac64a94fcc4eae3c54f1f12824e9b82bebbec1acb3cb8b908f4ecc1f90e578
3fdf445b8cfc96cac2dc15cf848136734465e421404c4af45aa2edf8aac271e1
426d76224de25de48c22820280fb851e7d9ebc04bfc915b4aec6dfc21821ea37
4530df8aee209a327000bc9da93db8a487af0941c3498ce1401f2437be5e6c8f
4596b3d166f6e8609c22c2c710e14944bf6dfdf65b6eb8f8e3106628d390385a
45c8c61dee1fa623f68cb4e37cfc3d2859667d0e3472475e20f81cdb4114bbed
45fedc8f5c69e9cc52e3d87f0f394eab393bcc04687e4565932670363254d212
45fff35851d8c34ef6df7518b3b26356694076eb620c43396638fa12a1edb2aa
47727881bc948609e9e54a1582861ee99343b60c620b4d8b76f8b197bdd93281
47b0f36d04c917e0298fc6b93154020c2091dc5db7210b9db17888230f0541e6
4805c87d89196eff610a6e6adc224e70b01790e9fc7938b24d54abd4f61ec22b
48bd457befd1682d1e21bd4327a12799559ecc1308da5413b21ee60d2e6c0dde
48c780f7e651b6071883d1dbf7a21e38f4b9e9250335487cc846abc0b4cff053
490dd9ddf55f4316cab45b0f87f2fb739a1657d39b8c84f92c693fa193a6925a
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d569e83f62183eeb0feb40de8c366cc3d1664f246279c6c319c72463b949455
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f7fe4a04340c47cf1fa1364dee49a7300b931943b3b84fedce3444e6e664890
517d4417f1918881abb8b87e7be918ca95b9eb50de3a5ef4a46e2e39626aba7b
547acc9e82421e913029cc4fb4e65cf7273c615813c18e504b4ac7847b00658a
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56aa55141d1f2313d6b6eeebc80695337480d63e84f000eca5f1d5fe9054d8d0
56bb7a6eac934a6e765adaecd70d164730a7bd811aaad98e63e4a7f0b4f06bb9
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
59bd288e64c57e034672999e33ebda6eb5ad1575945eb563dbfb5b44f226e1e1
5a4bf6765c70fc79d4a77d75bbd839f0054209a82412b838a05b070141ef0889
5a748bf4e1de84386c5aef3cab3cf7acf1508b099a53dee9915f718a73321230
5b03423b10570e63499ba1bce1661cce400537c6f1202c1e2d750b418227c3a5
5c0c70dc847c4285694bb65e01b295c435620a4c9fef463cf5504ee40d25c821
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d1b56a762d63b6e9bfb8a70552ce75c1c3938c782f8d9de971ecc960836c451
5dc0702dec75bdeb8a67d19957304730cdd4aa53bd1a940ba00ba31b6256a624
5ee00fad2265577bc5be56bc69c1e8c1071a4b201a5b9bd523c7204a54c31a28
5f9ecc527406b9b72bc3a9f4527892dcf842584b7e6aeb7ce816a4c7c8803954
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61d5810d0ad9f0dce3a4aaec9dc4240f5dfeb7e65659f490a4d7891c03a0bcfd
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99
623b8ed926c2eb6436ec5a876949f4986eea52ccb69a6a0064164dd9d6361179
63c8520eb549db1fe0d18ae74dd243b2442c3880b0219bd4635d4b8c9bb4eca7
657e07a55f961a681edb0af46650e3f9def875b0a521e2eafd07405be688ccbc
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
67318e1c9ea0047b035276d21690ea657f781686c5fb857f4f80ba1084ea3671
680f6e9a0e9f9d8c145e11d6937f688ff4299215d44bf0a54368ffc6acdbfc51
6903e81927c3f3e28ae08163d84178c351135f4d0853e83f76ce32aa1117905b
6ace42c213508ccdc1bfd2ce43d508cf8691e6d7591fdd51fe8290ec2ef0dd75
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7024493525030ecd098ce0dcb2f0aea839373775120b40580028137b1d125ac9
714576ef1d7b58980b7658ae9b8b4d74a223fba87934dc442db4098873e179a3
727d017565f60a77f88f8753c1b297bb752bd86fae73e89ae9cff404d5de1902
7334b0214e5ba95603856bc1c5135143f1954893ea7d459c1841ebc7185f09c6
75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070
75bf5c0112a41f871dc47c5e98deef6dc7db8e94178bf0c853f3a09415f6d338
76074bb710aa7fad1e81b7b1bc210e4f5aa7469159da7f3888310e42e1548ee4
77639b450a3179e657341017374b6b46eaa79cf1e02cd816c53feb97db03bf6c
77d48e4f45ee4d8312f0297cc2c1aefd9b638f4e75090ba04f9a2e96228c43f4
792972a6b7f330144c0cf22b9c63f8efaff4665dfb2b43868d0cbbaff721d100
7bb41cb01e8d4beee575e8407d30ea36e35b372e463778e8ad16813236423d53
7c7cd8ca0696fad2662a0b9c3f9daf636a943bddfdfc4b789af9fbd08f47eede
7e6edea54ce8e20a389520d8987ce05d3b0ad269008dd07de7600ed4b8e8d2ae
7f4b62d09dc30ffd1f6943c722fc053199beca02c3a5962264608d05ec583484
7f9a44771c2088ce273d74602d782522125915870f00d6adee316c0504c80de5
7fa72974d5786f991bf53f9bab1a40a1cbfa90dbcab60743c1fbf31850d0dc70
807ff9f64aca022eca6aded14b0aa128abb57266e851445bfe60f9428665b320
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
851ab1d0997cc0dd8c000ccb7d04106aafa3d5586dd097a74a0805301b8ec95d
8594cb2dc9610a76971289bc99a642ef0c8b4fb4746e8c2f65c8f3db5082f3ed
85ed9324626f3a3ef60fd5d14ffc9fa94f572e3aad145af582b3d4b6f4bc6d46
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
87d710f5ddf668c92c4f3d3cc93c7fb8cfec48960b6c9b262d4bb7b378250787
8a224f5666106a0d1c78951d4dfb964ab63183d044119a68404f7c01c19f951d
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8d399297a6cd103e21da435aa516732e7601d03c9c6ea3e3fc83b91419c26181
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7
8ea36d679c5c9dd3d5582d5f55c70ef4d7e3cf8d5360f8c45a637587483f6ee1
8f9e71ad37578a2db5a8e702ba31316a65dc3f36b2883198adab4d8261631483
90438997aa817bad94f49d367b04dbaaaa387493ef5a1f5b5d5f7b953b76c1ac
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
910612fc65208677f4e2fff60558e0f1949138a3696402a17ed5582efe0d2649
922aea1ffbd0cd401297921a9b9b4f24027b3076907d61ebb03e06e18e727963
93b23044262887fc2d7651deb7749b1d5b9dd942922da55a84fec5dfb38e024f
9481bffab8d0c1e52db0f4c992a5626aca0bd573e8e8eb57ce0e489cac7e34c4
978f5fa8b0a82b426c4fd10ce8ea4d9e6729d2892e85116e02f4eeb545e0794e
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
98d0efb40f4752c638f9b559454abcf62ab864a1409911f96fa06e007283fdb9
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b99450717649bd5715ae5cba0e064d8cc879abe705815792d66097163cfb576
9bfc7d34cd8bc7df36a984d6f3da50799752e33c48bbf07a4a1ee959b51476d0
9c5c65b03ca907b7c00d725a83a860c1e4be9d1b970c43b99d025036dc34e81c
9c7c7a2566206579c37d51ff0dcdccada9db6fbc903053184f7f40238bcc3663
9cfc3a96cab0eb315783265b6db554e532e060952d409399cc7dd1d7e775b9a3
9e072ca829803dd367110f3c3af587bfa79e09d975ed534a402ef1b337c17a23
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5511a978a9bbc089e50eb8de309f12fbb9e6e3d6f6585ddda716bec6c827694
a57b918c3515ced748a8b0d297202db9b15fefd82acfddaf11f977761407b2ad
a5af34b74868f58da2483e0ad87af7bfb087d4fc23ee86139a4fba443bb66e5f
a65e12985d44f14398aa11d74fac822e2dd0318b5a02aaf3bf914756d653e98d
a691ce0fb054d5f2128394b9ad9c5961d7c0cdc1804bc83d6760df78ee304d7f
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7a68ee329242c21bb3d781ad909246ee7227ea093accc6f91862b077ea0b30d
a9815a218a8880a5fd082882093e52ac35d40d9a773e854bdd069d8f7bbdd1b9
abb8b186d4a9460e5976f8f6bf7d35344cf80526c73e60fbbc2698066b006713
abee2ab95491ef1e29b65b7c025f035fc075327c87817750d1149ed782780477
ac7d2fe900025cf93204a654c7e4e5d48d595c99f63f3e937a52c37458b738ce
ae0b2fa6956c5bbeab3ebb80e69bc0d313506fbf6d9a75fdd41d3511d8aeb120
aeb925bb204a686701ed5795fc9a381422a479fca1cacbe35de200ac65319988
b243c676027af3bc0d693e59255412a4a2b5ff61bca542e2d23ed1cad8c971a8
b493e2e2fc6205daea36c1339205681e5cbaf2c816401d9d52baf9c30e19c17b
b5d59cabb74825156b2bb79c42dfa9f625e1ea9c99fc1d404acacb4f93314b23
b98dc70933322d9f63a2970ee857ef7a57c1bbf71fea07f9322312b001959ac5
ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10
bbb05b94711d32b94bf45db19a44a6f68bc361a1374016744bfd911dc43c4e3c
bc612c0463c547f2d209aebf6d513fe30242194a0c14739ac81495248c0c4d66
bd9072da49e87b2c3688527532eb51a54a6886366915be497e4e2de0c83e5859
bf3e6b9fd59c73ad7242dd8173dfa89a97b23d59eb62624226c48e7245179964
bfc54f34301ba9211903b66d11c74eba9ef94ef42c48e9bea5f688e706b569f3
c0023c4051ba86e34d4b1cf8ddbc6dc87a3220574b9e8926fcaf677f580ee697
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c550f80f041ce40006bbf0bc592219f5cc31f8ecb7d37241c3a7f5c00c204902
c74ec4606bd3cfca5f069daf66b9d7d5ce9656f0c9aec93bc66a4ee088c5485c
c7c271659388528625f91e9dee25d58198b53c57c451ec10140ed28396ae4019
c82c236f68101d046ca39f124a51791e9287b8f89bae3317c224cd30b5c52c13
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ce7c4b304c61ab6f6bc5bc4d333177a66061d1b84c6ee3b0b322ec360f65dcc4
cedb85b6d519df852b315f5696525e3f1721741b2f385692d88b007c54ac3899
cf5eae5065557a71ee9ca42b6254571d78f4f6543267d86a024f811ecdb3de26
cfd5a04c696bf13721ea7b8d1094c8432135fc5f9d457ecf2c1d80bcf87e2235
d071426c6d2cbed63eeb1df70d8449cb0a0cba82c11deef4f17d5283a570721a
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4
d6ea0561bbb9cf46b9519c118f83a4445820cd7c98d92a34ffa810dbe0c53e3d
d807c12f029f4df6967f2f082f63eee8013a45f2125c9201b368bb4bb37f9361
d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e
d9d78d77ac22738553a7568e8588eaf77e1519d70004b7a3f175a21e8db9c84e
db594b4f38b5bd46f7a1eebe2eac37f61ed967b5ecd61dcd1ad08e71dfa221fc
dbc354859fef7dae46a4e2bf46dd588a370af74891a423c519c8a7708b513f8b
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
ddcede6dc423a82c6a23bcd3624f799da8710d00831dc72a7e8eda1b4aa08f6a
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e2b2134adf52398755a5e6428ee95f6a6f99db6b82530f2b3e964c5be470cfe0
e37124c947efd10b06a9586590d150133cd5a17d85d62f5b37edd00d3bae53bf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4501d959d3638f5749d6687283f31f7fc48d9e37770520cd0f275b632eeb5b4
e52ce9aedd00c17de0baddbfc8112577c1a48f3d1c8aee25953a53feb7281d7c
e8ff2f9c8c431b96699714b654c5f0aa61feb35f247a8a647170b2a47d8074a5
ecd2e45fcd6ed0f17eaefccd72cdb8253be8673636adcbf3f8902aeeed654fe2
ece6c9b1d1c1fa8114b9955322df55bb60c35a2b9ece46af5f3ecac109340c3e
ed5727c5f85ede091e2379abbb49dd4b1f7138e683f889a894ef4e62c7b3ba5d
ee7295cc1684ca82dbf34fbae5c755d532036e40db4581d82e64016532294b25
ee734b7a7a90aca78f134641a456d1887253a2990eba06fd109bea1cb876e0b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f19a81e0193baed876619656d0c3867e85af4a1fa292969fd3928c37af4acedd
f19edd43c8291933b70acf5ce715590f9487488781287063bd91dcc8a23de399
f1f3fd397b3a2fe331f7c691c53f0b577d2cbd2398b84e4c3fc8fcb653570a2a
f304834401b77a8e3f5458cd78e65052aafb28552a5a5f10f3c6fce8a4b995c3
f37d4d26f9adb40c5edb56ade0aa60b59d5f5f7bdacab6d34a13b2a3f8e120fc
f6e598bc78be7182e1eb3692433a25a7fa3706dd0a6b028f48b29bbb9dd952e1
f7d679ac3eacbeb4ab5801b3f1dd63d710fad1c3d44440be04f102adb53a6bcb
f964612ea368ffe1d612a004f0a0e05453155fa7cb27dff624e5ada25c6847fb
f98c3b183a8834fa2303d8c358f62cc42785540dec4bcca3bf682dcd893874bb
fa1e91b87103157f908a9ee3b3c0eab74ab3c71026f7538071c715a009f73b7a
fb28e529eb48422c4f3150357d137cfa2fba6055291e5e75ad8239da66074888
ff3ae49d160812d67552eddd8cde0a5b4bae37c20ebdcf47784a74f6f23be809
ff5784ee41f5d5fae982c0469b9f0029d45cb54e6bd99e9fbfe0ffe2fc5f5170
ff87e6c7dc497671879e3b80393ac9fcc1f02bd296773bbf88936bae324e878f

1plus1.ua Open in urlscan Pro 195.137.240.80 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

325 Requests

91 %HTTPS

41 %IPv6

53 Domains

85 Subdomains

72 IPs

11 Countries

8883 kBTransfer

16003 kBSize

66 Cookies

28 Outgoing links

Page URL History

Redirected requests

325 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

1plus1.ua Open in urlscan Pro
195.137.240.80 Public Scan

Screenshot
Live screenshot

Full Image

325
Requests

91 %
HTTPS

41 %
IPv6

53
Domains

85
Subdomains

72
IPs

11
Countries

8883 kB
Transfer

16003 kB
Size

66
Cookies

325 HTTP transactions
6 data transactions