2plus2.ua Open in urlscan Pro
195.137.240.82 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://2plus2.ua/
Effective URL:
https://2plus2.ua/
Submission: On May 05 via api (May 5th 2022, 10:11:55 am UTC) from GB — Scanned from GB

Summary HTTP 262 Redirects Links 24 Behaviour Indicators

Summary

This website contacted 53 IPs in 9 countries across 38 domains to perform 262 HTTP transactions. The main IP is 195.137.240.82, located in Ukraine and belongs to ASN-UNIAN, UA. The main domain is 2plus2.ua.
TLS certificate: Issued by R3 on March 21st 2022. Valid for: 3 months.

This is the only time 2plus2.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 13	195.137.240.82 195.137.240.82	29389 (ASN-UNIAN) (ASN-UNIAN)
55	195.137.240.21 195.137.240.21	29389 (ASN-UNIAN) (ASN-UNIAN)
4	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
2	2a06:98c1:312... 2a06:98c1:3120::a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
2	195.137.240.12 195.137.240.12	29389 (ASN-UNIAN) (ASN-UNIAN)
10	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
1 8	146.59.10.80 146.59.10.80	16276 (OVH) (OVH)
11	195.137.240.108 195.137.240.108	29389 (ASN-UNIAN) (ASN-UNIAN)
7	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1 8	137.74.6.209 137.74.6.209	16276 (OVH) (OVH)
2	45.133.44.4 45.133.44.4	7018 (ATT-INTER...) (ATT-INTERNET4)
2	146.59.30.104 146.59.30.104	16276 (OVH) (OVH)
7	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1 2	151.139.128.11 151.139.128.11	20446 (STACKPATH...) (STACKPATH-CDN)
1	2606:4700::68... 2606:4700::6813:9308	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2620:1ec:27::... 2620:1ec:27::cafe:1761	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5	2a06:8640:454::2 2a06:8640:454::2	55081 (24SHELLS) (24SHELLS)
4	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c08::9b	15169 (GOOGLE) (GOOGLE)
4	52.167.85.21 52.167.85.21	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 9	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
1	146.0.227.110 146.0.227.110	20773 (GODADDY) (GODADDY)
1	2602:803:c004... 2602:803:c004:200::140	26667 (RUBICONPR...) (RUBICONPROJECT)
1	51.75.86.98 51.75.86.98	16276 (OVH) (OVH)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1 2	46.249.52.248 46.249.52.248	50673 (SERVERIUS-AS) (SERVERIUS-AS)
1	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
2	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	100.25.50.170 100.25.50.170	14618 (AMAZON-AES) (AMAZON-AES)
3	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
1	62.149.0.72 62.149.0.72	15497 (COLOCALL ...) (COLOCALL Internet Data Center ColoCALL)
9	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:811::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:1::2 2a02:2638:1::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638::b 2a02:2638::b	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.0.160 178.250.0.160	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.0.162 178.250.0.162	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1 2	52.142.114.2 52.142.114.2	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 4	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	54.36.109.186 54.36.109.186	16276 (OVH) (OVH)
262	53

13 195.137.240.82 (Ukraine) 1 redirects

ASN29389 (ASN-UNIAN, UA)
PTR: front02.1plus1.ua

2plus2.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

55 195.137.240.21 (Ukraine)

ASN29389 (ASN-UNIAN, UA)
PTR: images.1plus1.ua

images.1plus1.video	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vid4.tsn.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3120::a (United States)

ASN13335 (CLOUDFLARENET, US)

player.adtcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 216.58.212.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.137.240.12 (Ukraine)

ASN29389 (ASN-UNIAN, UA)
PTR: assay.1plus1.ua

assay.1plus1.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 146.59.10.80 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip80.ip-146-59-10.eu

gaua.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 195.137.240.108 (Ukraine)

ASN29389 (ASN-UNIAN, UA)
PTR: front03.1plus1.ua

api.1plus1.video	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
1plus1.video	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 137.74.6.209 (Warsaw, Poland) 1 redirects

ASN16276 (OVH, FR)
PTR: app-ngx-pl-02.adpartner.pro

a4p.adpartner.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.133.44.4 (Philadelphia, United States)

ASN7018 (ATT-INTERNET4, US)

player.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 146.59.30.104 (France)

ASN16276 (OVH, FR)
PTR: ip104.ip-146-59-30.eu

ls.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.139.128.11 (United States) 1 redirects

ASN20446 (STACKPATH-CDN, US)

cdn.mouseflow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9308 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:27::cafe:1761 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a06:8640:454::2 (Piscataway, United States)

ASN55081 (24SHELLS, US)

ghb.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.167.85.21 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

i.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.0.227.110 (Ascension Island)

ASN20773 (GODADDY, DE)

inv-nets.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c004:200::140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.75.86.98 (France)

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

adtelligent-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.249.52.248 (Amsterdam, Netherlands) 1 redirects

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net

pbjs.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 100.25.50.170 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-100-25-50-170.compute-1.amazonaws.com

1x1.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

67ea7742091d4720280b403c9a2c7a23.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c1640cebe3c27285c67f93ff751706fd.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 62.149.0.72 (Ukraine)

ASN15497 (COLOCALL Internet Data Center ColoCALL, UA)
PTR: 0-72.cc86365-03-tmp.cc.colocall.com

sync.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:811::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::b (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.160 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.162 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.142.114.2 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638:1::13 (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.36.109.186 (France)

ASN16276 (OVH, FR)
PTR: p06.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
65	1plus1.video images.1plus1.video — Cisco Umbrella Rank: 285177 api.1plus1.video — Cisco Umbrella Rank: 170009 1plus1.video — Cisco Umbrella Rank: 131457	4 MB
29	googlesyndication.com 67ea7742091d4720280b403c9a2c7a23.safeframe.googlesyndication.com c1640cebe3c27285c67f93ff751706fd.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 119 tpc.googlesyndication.com — Cisco Umbrella Rank: 171	149 KB
16	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 245 stats.g.doubleclick.net — Cisco Umbrella Rank: 175 googleads.g.doubleclick.net — Cisco Umbrella Rank: 65	321 KB
13	2plus2.ua 1 redirects 2plus2.ua	142 KB
12	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 20 adservice.google.com — Cisco Umbrella Rank: 128	3 KB
10	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 316	223 KB
10	criteo.net static.criteo.net — Cisco Umbrella Rank: 760 csm.eu.criteo.net — Cisco Umbrella Rank: 6365	165 KB
10	criteo.com bidder.criteo.com Failed rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 9640 ads.eu.criteo.com — Cisco Umbrella Rank: 6296 cat.fr.eu.criteo.com — Cisco Umbrella Rank: 8670 gum.criteo.com — Cisco Umbrella Rank: 448 mug.criteo.com — Cisco Umbrella Rank: 1931	27 KB
10	gemius.pl 1 redirects gaua.hit.gemius.pl — Cisco Umbrella Rank: 38850 ls.hit.gemius.pl — Cisco Umbrella Rank: 9907	36 KB
10	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 142	213 KB
8	adtelligent.com player.adtelligent.com — Cisco Umbrella Rank: 5069 ghb.adtelligent.com — Cisco Umbrella Rank: 6401 ghb1.adtelligent.com Failed sync.adtelligent.com — Cisco Umbrella Rank: 5011	35 KB
8	adpartner.pro 1 redirects a4p.adpartner.pro — Cisco Umbrella Rank: 8740	19 KB
8	gstatic.com fonts.gstatic.com www.gstatic.com	323 KB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1591 i.clarity.ms — Cisco Umbrella Rank: 2437 c.clarity.ms — Cisco Umbrella Rank: 926	26 KB
7	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 101	40 KB
6	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 338	506 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 111 imasdk.googleapis.com — Cisco Umbrella Rank: 439	335 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 227	129 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 100	428 B
2	e-planning.net 1 redirects pbjs.e-planning.net — Cisco Umbrella Rank: 7978	1 KB
2	google.co.uk www.google.co.uk — Cisco Umbrella Rank: 2633 adservice.google.co.uk — Cisco Umbrella Rank: 3762	1 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 195	114 KB
2	mouseflow.com 1 redirects cdn.mouseflow.com — Cisco Umbrella Rank: 8536	17 KB
2	1plus1.ua assay.1plus1.ua	23 KB
2	adtcdn.com player.adtcdn.com — Cisco Umbrella Rank: 20814	112 KB
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 915	616 B
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 379	553 B
1	creativecdn.com prebid-eu.creativecdn.com — Cisco Umbrella Rank: 5779	171 B
1	openx.net adtelligent-d.openx.net — Cisco Umbrella Rank: 20046	375 B
1	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 1119	356 B
1	rubiconproject.com fastlane.rubiconproject.com — Cisco Umbrella Rank: 663	1 KB
1	a-mo.net prebid.a-mo.net Failed 1x1.a-mo.net — Cisco Umbrella Rank: 4127	89 B
1	admixer.net inv-nets.admixer.net — Cisco Umbrella Rank: 3293	499 B
1	tsn.ua vid4.tsn.ua	712 B
1	crazyegg.com script.crazyegg.com — Cisco Umbrella Rank: 2996
0	pubmatic.com Failed hbopenbid.pubmatic.com Failed
0	adnuntius.delivery Failed ads.adnuntius.delivery Failed
0	adnxs.com Failed ib.adnxs.com Failed
262	38

	Domain	Requested by
54	images.1plus1.video	2plus2.ua 1plus1.video
15	tpc.googlesyndication.com	2plus2.ua securepubads.g.doubleclick.net tpc.googlesyndication.com
13	2plus2.ua	1 redirects 2plus2.ua
11	pagead2.googlesyndication.com	securepubads.g.doubleclick.net 2plus2.ua tpc.googlesyndication.com srcdoc www.googletagservices.com
11	securepubads.g.doubleclick.net	2plus2.ua securepubads.g.doubleclick.net www.googletagservices.com
10	cdn.ampproject.org	securepubads.g.doubleclick.net
10	www.googletagmanager.com	2plus2.ua 1plus1.video www.googletagmanager.com
9	static.criteo.net	player.adtcdn.com static.criteo.net ads.eu.criteo.com
9	www.google.com	2 redirects 2plus2.ua api.1plus1.video securepubads.g.doubleclick.net tpc.googlesyndication.com
8	a4p.adpartner.pro	1 redirects 2plus2.ua a4p.adpartner.pro player.adtcdn.com
8	gaua.hit.gemius.pl	1 redirects 2plus2.ua gaua.hit.gemius.pl 1plus1.video
7	www.google-analytics.com	www.googletagmanager.com a4p.adpartner.pro www.google-analytics.com 2plus2.ua
7	fonts.gstatic.com	fonts.googleapis.com
7	api.1plus1.video	2plus2.ua 1plus1.video api.1plus1.video client imasdk.googleapis.com
6	s0.2mdn.net	2plus2.ua securepubads.g.doubleclick.net cdn.ampproject.org imasdk.googleapis.com
5	ghb.adtelligent.com	player.adtelligent.com player.adtcdn.com
4	gum.criteo.com	2 redirects static.criteo.net
4	googleads.g.doubleclick.net	2plus2.ua
4	i.clarity.ms	www.clarity.ms i.clarity.ms
4	www.googletagservices.com	api.1plus1.video vid4.tsn.ua securepubads.g.doubleclick.net 2plus2.ua
4	1plus1.video	2plus2.ua 1plus1.video
4	fonts.googleapis.com	2plus2.ua api.1plus1.video securepubads.g.doubleclick.net
3	mug.criteo.com
3	adservice.google.com	securepubads.g.doubleclick.net imasdk.googleapis.com
2	c.clarity.ms	1 redirects
2	imasdk.googleapis.com	1plus1.video imasdk.googleapis.com
2	c1640cebe3c27285c67f93ff751706fd.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	www.facebook.com	2plus2.ua
2	pbjs.e-planning.net	1 redirects 2plus2.ua
2	connect.facebook.net	2plus2.ua connect.facebook.net
2	cdn.mouseflow.com	1 redirects 2plus2.ua
2	ls.hit.gemius.pl	gaua.hit.gemius.pl
2	player.adtelligent.com	player.adtcdn.com
2	assay.1plus1.ua	2plus2.ua
2	player.adtcdn.com	2plus2.ua
1	id5-sync.com	player.adtcdn.com
1	c.bing.com	1 redirects
1	csm.eu.criteo.net	ads.eu.criteo.com
1	cat.fr.eu.criteo.com	ads.eu.criteo.com
1	ads.eu.criteo.com	2plus2.ua
1	rtb.nl.eu.criteo.com	2plus2.ua
1	www.gstatic.com	www.google.com
1	adservice.google.co.uk	securepubads.g.doubleclick.net
1	sync.adtelligent.com	2plus2.ua
1	67ea7742091d4720280b403c9a2c7a23.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	1x1.a-mo.net	2plus2.ua
1	prebid-eu.creativecdn.com	player.adtcdn.com
1	adtelligent-d.openx.net	player.adtcdn.com
1	onetag-sys.com	player.adtcdn.com
1	fastlane.rubiconproject.com	player.adtcdn.com
1	inv-nets.admixer.net	player.adtcdn.com
1	www.google.co.uk	2plus2.ua
1	stats.g.doubleclick.net	www.google-analytics.com
1	vid4.tsn.ua	a4p.adpartner.pro
1	www.clarity.ms	2plus2.ua
1	script.crazyegg.com	www.googletagmanager.com
0	hbopenbid.pubmatic.com Failed	player.adtcdn.com
0	ghb1.adtelligent.com Failed	player.adtcdn.com
0	bidder.criteo.com Failed	player.adtcdn.com
0	prebid.a-mo.net Failed	player.adtcdn.com
0	ads.adnuntius.delivery Failed	player.adtcdn.com
0	ib.adnxs.com Failed	player.adtcdn.com
262	62

This site contains links to these domains. Also see Links.

Domain
1plus1.video
1plus1.ua
tsn.ua
plus-plus.tv
tet.tv
1plus1.international
biguditv.com
www.unian.net
paramountcomedy.com.ua
tv.kyivstar.ua
media.1plus1.ua
sales.1plus1.digital
www.facebook.com
www.youtube.com
twitter.com
plus.google.com
vb.me
t.me

Subject Issuer	Validity	Valid
2plus2.ua R3	`2022-03-21` - `2022-06-19`	3 months	crt.sh
*.1plus1.video Go Daddy Secure Certificate Authority - G2	`2021-10-22` - `2022-08-14`	10 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-17` - `2022-07-16`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
assay.1plus1.ua R3	`2022-03-10` - `2022-06-08`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.hit.gemius.pl Sectigo ECC Domain Validation Secure Server CA	`2021-09-08` - `2022-09-25`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
adpartner.pro R3	`2022-03-31` - `2022-06-29`	3 months	crt.sh
player.adtelligent.com R3	`2022-03-21` - `2022-06-19`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-02-11` - `2022-05-12`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-02-27` - `2023-02-27`	a year	crt.sh
ghb.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2022-04-07` - `2022-07-06`	3 months	crt.sh
*.tsn.ua Go Daddy Secure Certificate Authority - G2	`2021-10-11` - `2022-11-12`	a year	crt.sh
a.clarity.ms Microsoft RSA TLS CA 01	`2021-07-27` - `2022-07-27`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
www.google.co.uk GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.admixer.net Sectigo ECC Domain Validation Secure Server CA	`2021-11-16` - `2022-12-17`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-10` - `2023-01-03`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-17` - `2023-04-12`	a year	crt.sh
*.a-mo.net Amazon	`2021-08-10` - `2022-09-08`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-11` - `2022-07-13`	3 months	crt.sh
*.google.co.uk GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-15` - `2022-06-13`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-19` - `2022-06-18`	3 months	crt.sh
*.fr.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-13` - `2022-06-09`	3 months	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-10` - `2022-07-04`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-11` - `2022-07-07`	3 months	crt.sh
*.id5-sync.com R3	`2022-03-08` - `2022-06-06`	3 months	crt.sh

This page contains 24 frames:

Primary Page: https://2plus2.ua/
Frame ID: CC1386B88FD127D633720F133482682C
Requests: 126 HTTP requests in this frame

Frame: https://1plus1.video/video/embed/12XPPTDu?autoplay=0&l=ua&logo=plus2
Frame ID: 814248E3492844E7F896467704D60D51
Requests: 44 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: 7B5AB525D8B983248536F36535C9AD56
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tt?time=0&apuid=undefined&session_pageview=1&session_id=0e936290-8a88-4a05-81af-5ae4387491de&site_visited=1&location=https%3A%2F%2F2plus2.ua%2F&referer=
Frame ID: 81EB9949226F564B7F893A6115E72D45
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/vunit/ls?vunit=1412&bannerNum=3167945504004233&apuid=df40e55d-b86e-4599-bed9-72fdc530c105&session_pageview=1&session_id=0e936290-8a88-4a05-81af-5ae4387491de&site_visited=1&location=https%3A%2F%2F2plus2.ua%2F
Frame ID: 6BD2CE14B1AAB3281426DCF2591D4402
Requests: 3 HTTP requests in this frame

Frame: https://vid4.tsn.ua/adv/Adpartner/2plus2.html?adId=382581&unitId=1412&showId=f0a4a360-811f-4989-97e0-bd45f31f7d96&link=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F1412%2F382581%2Ff0a4a360-811f-4989-97e0-bd45f31f7d96%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjUxNzQ1NTA4LCJzaG93X2lkIjoiZjBhNGEzNjAtODExZi00OTg5LTk3ZTAtYmQ0NWYzMWY3ZDk2IiwiYWRfdW5pdF9pZCI6MTQxMiwicnVsZV9pZCI6MjQ1NjYsImFkX2lkIjozODI1ODEsImRhdGFfc291cmNlIjoiIiwicGxhdGZvcm1faWQiOjEsIm9zX2lkIjo1LCJicm93c2VyX2lkIjoxLCJjdXN0b21lcl9pZCI6ImRmNDBlNTVkLWI4NmUtNDU5OS1iZWQ5LTcyZmRjNTMwYzEwNSIsInJlZ2lvbl9pZCI6MTEyLCJzdWJfcmVnaW9uX2lkIjowLCJjaXR5X2lkIjowLCJpc19yZWZyZXNoIjpmYWxzZX0%3D%26hash%3D1f3b31adf1d2d06084d1524903443ac8&bannerNum=3167945504004233
Frame ID: EA5DC858C2F8AD951DD0811B163C092E
Requests: 9 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522df40e55d-b86e-4599-bed9-72fdc530c105%2522%252C%2522event%2522%253A%2522load%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A382581%252C%2522rule_id%2522%253A24566%252C%2522show_id%2522%253A%2522f0a4a360-811f-4989-97e0-bd45f31f7d96%2522%257D%255D%252C%2522unit_id%2522%253A1412%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522f0a4a360-811f-4989-97e0-bd45f31f7d96%2522%252C%2522url%2522%253A%2522https%25253A%25252F%25252F2plus2.ua%25252F%2522%257D
Frame ID: 967FA288784F4399F621D10819C977CD
Requests: 1 HTTP requests in this frame

Frame: https://67ea7742091d4720280b403c9a2c7a23.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 78A01F99A225E41075917FC19969999C
Requests: 1 HTTP requests in this frame

Frame: https://c1640cebe3c27285c67f93ff751706fd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 3FDDFA207187C26280D1593B7D680A4A
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 7524192B1A5DCDF422DDC4176887C151
Requests: 1 HTTP requests in this frame

Frame: https://c1640cebe3c27285c67f93ff751706fd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 720EFAAA79CA36FA403849C5DD5DBC29
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs
Frame ID: 111E4CE68080A3020FCD27C0232A8BCE
Requests: 15 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs
Frame ID: EA7B972C24FFB8ABC8115A9630B79543
Requests: 20 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvKcaLsUSXkfy0phpshsYN81ZmFQ4NjetyEQOq-cc0CgLgzTNqOglB39anZuNn9sn_HAJOYoErrfuseDmVzNdZi827rqLHx8R-iQDQKa6B14kUHIFZcHivOiOgQK4_hjLRBy5u1YI13YoFd1bLurf_GB_OH25f0KCXofcSz-c39jK_catr9Sm3oLP3jhEgsFFxbopd9j6kloTbZSw-jW-cCN0e0uHikYGH0HZV3nd8Uc59dT5DOWykOVvP-kJt2nhgVCyIjtpWROdI2nnlCtLRrqAgkBi05JUyh7hPz07SnSqzLr6Et8m0_kMBbXMBNT369jxFKUwunGA&sai=AMfl-YSbEx9kyMPJCCB5j38-y8tVc8gHiHyiRiXXtwWA6cCnN8p9XOupcrzBn5IcihMW61fv_N49minzPsG_aXZ3_h_h3HXJs77zcREpy7vSEpKYPXYbECk3IDo_h7lzBxQ&sig=Cg0ArKJSzPLzF333IYurEAE&uach_m=[UACH]&adurl=
Frame ID: D6F482488A5D677D9879F83FF43BB427
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pagead/adview?ai=CmTcp5KJzYrGFO4j23gPYgoPwAeSP0rFcp5LhiIgBwI23ARABIABgu4aAgNAKggEXY2EtcHViLTkxMzgyNDc2NTM3NTQ1MzOgAb3UiOsDyAEJqQLNib5C9g-1PuACAKgDAaoEjwJP0J1nVHtawaqAkohawa_SKhIH0e_MS8_cwGhGefeEGQ635D_fEM9Y-AV9w9PBJFVwwkGBrPryPJTUCfk1_aKXibBIwPr3dNUyUOus3kro3g3Z5PSOItkZ-NkUqzGWdBTSek1sUFyFfPDgP5TYMBHGG3vQtoMsQx66ns4IYXiR0koXTNKzjCdxm2GYttEUPsyIKYy77zrGnWclxY1voS3odcf19UYbJERvrVvG6WoXqbAgz_9ERPs8L4WnPux2kR3BCfYTzunnt_6Fwr13JoXL3P3LLJoAUyqlHMvSzpH4KNFPfq4RneCBnCQbjex-LNl_Ea97tAoP7voIENn38rKmy6wfMg34mHGn-hQ5LJPA4AQBgAbcyIyRkuuory-gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAYAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi05MTM4MjQ3NjUzNzU0NTMzGNXbFg&sigh=Nh1JNP-WcCQ&uach_m=[UACH]&cid=CAQSGwCNIrLMLi_nkd3q1JgidgHPDoipLbj3QLEgDRgB
Frame ID: BA10579BAC7BDE8EC233796669C24BE6
Requests: 7 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YnOi5AAOwrEKd7sIAADBWG7TAIWxHuIwK_h6VQ&u=%7CDHHM39QCX%2BvhCIdtqKzOFJCStUqfH0fV309Szxe5SJc%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA9dFO_bYoBKF4-3YiKKfdu8V59K61oVU1gE1IpgBQzECWALFzzeKo8eJoBDM-b78G3zHj9AQ3l5brjxSUF1tTTNP7hdRjCSD_JFg-_q-kRGj531-yVzHwIflACkjXUrUH4LxuUla_t9Sv0jJLpRR9wHaUfrqOw-qsX7Y2W6USDZShloyIhjvCtj1IGy2wbBMpH-FQiDEvIzOeTL3jdV5dTaD7J371XJZOELua6ki-IvfoZ8uNnD9jeNwTt5UzsYEjMA2wtWIvYBa0js87rRjW3yTSrhMLXOLrSvlDmtHhiDfCFIkfk72ZHSvTPLNEHnCvXJLBtHqjZdCxKF5r8MD1lJ4dWHnzu-Zxfwpmw9q7cInm8YYOREINSZAZINeZNMRwkMX3ULrxgLxdCwWSOqWgX-f5EACPp8X8z&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7tr_5KJzYrGFO4j23gPYgoPwAeSP0rFcp5LhiIgBwI23ARABIABgu4aAgNAKggEXY2EtcHViLTkxMzgyNDc2NTM3NTQ1MzOgAb3UiOsDyAEJqQLNib5C9g-1PuACAKgDAaoEkgJP0J1nVHtawaqAkohawa_SKhIH0e_MS8_cwGhGefeEGQ635D_fEM9Y-AV9w9PBJFVwwkGBrPryPJTUCfk1_aKXibBIwPr3dNUyUOus3kro3g3Z5PSOItkZ-NkUqzGWdBTSek1sUFyFfPDgP5TYMBHGG3vQtoMsQx66ns4IYXiR0koXTNKzjCdxm2GYttEUPsyIKYy77zrGnWclxY1voS3odcf19UYbJERvrVvG6WoXqbAgz_9ERPs8L4WnPux2kR3BCfYTzunnt_6Fwr13JoXL3P3LLJoAUyqlHMvSzpH4KNFPfq4RneCBnGYZrH6tjit6gl10LIlrclELBNNL-Jy-ECKEVpFZJ2-L4sW-xpZTVMVB4AQBgAbcyIyRkuuory-gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1wiJPV1efBfZqYUOoZgzvJnt28mw%26client%3Dca-pub-9138247653754533%26adurl%3D
Frame ID: 56C4A4465E25453EB7839B790CF5F66F
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DF1088E4B44E93650BC849532F0124EA
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 608D98AC8B9E944FA9CFEAEA9521DA98
Requests: 2 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: 3DA208A384E71DFF476F821370B172E2
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.513.0_uk.html
Frame ID: 08F6738C99B667174AF7ADAC3E779A2E
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: E53EBEC3176663D4DD2012F50E608AD3
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=2plus2.ua
Frame ID: 7FB9E538803892B90326532A9952A5D4
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0AAE2BC36104FEB2EE71E940F2565829
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6E7A78B388EDCBA121255E7978A1B949
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

2+2 - Офіційний сайт каналу онлайнKyivstar

Page URL History Show full URLs

http://2plus2.ua/ HTTP 301
https://2plus2.ua/ Page URL

Detected technologies

Crazy Egg (Analytics) Expand

Overall confidence: 100%
Detected patterns

script\.crazyegg\.com/pages/scripts/\d+/\d+\.js

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Gemius (Analytics) Expand

Overall confidence: 100%
Detected patterns

hit\.gemius\.pl/xgemius\.js
hit\.gemius\.pl
xgemius\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Matomo Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

piwik\.js|piwik\.php

Mouse Flow (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.mouseflow\.com

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

owl\.carousel.*\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

262
Requests

93 %
HTTPS

57 %
IPv6

38
Domains

62
Subdomains

53
IPs

9
Countries

6754 kB
Transfer

11713 kB
Size

43
Cookies

24 Outgoing links

These are links going to different origins than the main page.

URL: https://1plus1.video/groshi
Title: Гроші

Search URL Search Domain Scan URL

URL: https://1plus1.video/sekretnye-materialy
Title: Секретні матеріали

Search URL Search Domain Scan URL

URL: https://1plus1.video/speckor
Title: Спецкор

Search URL Search Domain Scan URL

URL: https://1plus1.video/zateryannyj-mir
Title: Загублений світ

Search URL Search Domain Scan URL

URL: https://1plus1.video/dzhedai-voiny-dorog
Title: ДЖЕДАІ

Search URL Search Domain Scan URL

URL: https://1plus1.ua/

Search URL Search Domain Scan URL

URL: https://tsn.ua/

Search URL Search Domain Scan URL

URL: http://plus-plus.tv/

Search URL Search Domain Scan URL

URL: https://tet.tv/

Search URL Search Domain Scan URL

URL: https://1plus1.international/

Search URL Search Domain Scan URL

URL: https://biguditv.com/

Search URL Search Domain Scan URL

URL: https://www.unian.net/

Search URL Search Domain Scan URL

URL: https://1plus1.video/

Search URL Search Domain Scan URL

URL: https://paramountcomedy.com.ua/

Search URL Search Domain Scan URL

URL: https://tv.kyivstar.ua/ua/
Title: Kyivstar

Search URL Search Domain Scan URL

URL: https://media.1plus1.ua/ua/hr
Title: Кар'єра

Search URL Search Domain Scan URL

URL: https://media.1plus1.ua/ua/media/channels/problems
Title: Технічний розділ

Search URL Search Domain Scan URL

URL: https://sales.1plus1.digital/
Title: Реклама

Search URL Search Domain Scan URL

URL: https://www.facebook.com/2plus2.ua

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC0rUcXe-tsu_MA33brxjDNg?sub_confirmation=1#utm_source=1plus1&utm_medium=social-button-header&utm_campaign=youtube

Search URL Search Domain Scan URL

URL: https://twitter.com/2plus2tvchannel

Search URL Search Domain Scan URL

URL: https://plus.google.com/+2plus2TVchannel

Search URL Search Domain Scan URL

URL: https://vb.me/2plus2

Search URL Search Domain Scan URL

URL: https://t.me/channel2plus2

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://2plus2.ua/ HTTP 301
https://2plus2.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 69

https://cdn.mouseflow.com/projects/960ccfd6-74cb-4236-9230-f2f5d1c9d1c7.js HTTP 301
https://cdn.mouseflow.com/projects/960ccfd6-74cb-4236-9230-f2f5d1c9d1c7_eu.js

Request Chain 88

https://gaua.hit.gemius.pl/_1651745508209/rexdot.js?l=100&id=nGhLmYBVmH9lDxK8n6qDIKPertEG4oNkPFAhnpWOfo3.H7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2F2plus2.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=231&lsdata=z.mLSBi3ad_iLLjZqynTDFbkrTMJGKb8WH5yrUIbhGX.37FKm49pxBfRBp66uG2tJv6FkRn8jrQlZYKAF_TSycamuar7/X1CAMYW3LnJ.X/&fpdata=eozQ9NxgOwiBLgZNui22nu4YhV2PhIwTV82G0RtOiZX.b7&vis=1&fpcap= HTTP 301
https://gaua.hit.gemius.pl/__/_1651745508209/rexdot.js?l=100&id=nGhLmYBVmH9lDxK8n6qDIKPertEG4oNkPFAhnpWOfo3.H7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2F2plus2.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=231&lsdata=z.mLSBi3ad_iLLjZqynTDFbkrTMJGKb8WH5yrUIbhGX.37FKm49pxBfRBp66uG2tJv6FkRn8jrQlZYKAF_TSycamuar7/X1CAMYW3LnJ.X/&fpdata=eozQ9NxgOwiBLgZNui22nu4YhV2PhIwTV82G0RtOiZX.b7&vis=1&fpcap=

Request Chain 117

https://pbjs.e-planning.net/pbjs/1/2e43c/1/2plus2.ua/ROS?rnd=0.7640343603964466&e=2000x1300_0%3A2000x1300%2B300x250_0%3A300x250%2B300x600_0%3A300x600%2B1440x180_0%3A1440x180&ur=https%3A%2F%2F2plus2.ua%2F&pbv=6.7.0-pre&ncb=1&vs=FFFF&crs=UTF-8&fr=https%3A%2F%2F2plus2.ua%2F&e_pubcid=0173205c-b247-4248-bf4c-697697c6eda3 HTTP 302
https://pbjs.e-planning.net/hb/1/2e43c/1/2plus2.ua/ROS?ct=1&r=pbjs&rnd=0.7640343603964466&e=2000x1300_0%3A2000x1300%2B300x250_0%3A300x250%2B300x600_0%3A300x600%2B1440x180_0%3A1440x180&ur=https%3A%2F%2F2plus2.ua%2F&pbv=6.7.0-pre&ncb=1&vs=FFFF&crs=UTF-8&fr=https%3A%2F%2F2plus2.ua%2F&e_pubcid=0173205c-b247-4248-bf4c-697697c6eda3

Request Chain 127

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=df40e55d-b86e-4599-bed9-72fdc530c105

Request Chain 192

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 194

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 245

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=591E4CB85A314218A9CB35639ACB1208&RedC=c.clarity.ms&MXFR=21B296F69E206BE9303F876D9A206524 HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=591E4CB85A314218A9CB35639ACB1208&MUID=0CAC3596CB0A639E1504240DCAEA6236

Request Chain 252

https://gum.criteo.com/sid/json?origin=publishertag&domain=2plus2.ua&sn=ChromeSyncframe&so=0&topUrl=2plus2.ua&cw=1&lsw=1&topicsavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=_IUIOHxQUW1uSGsrUm9DQTh3czlySjNQUmNpbEZob0tHdlBBNGhTTEQvVm1zN0N4aDY3TG1kcXg0Z3Vzd3A2ZXVpWThoT3lzc3B5Q2tUQmh3eUpSRFVWb1hUb3dMTDgxSWRhTzBEbW02cCt6LzJST0wyQUtEeHdOdUNPOWZmN3VkWGlGMEFES1dCbUhVcWVhVjN0RHlkYm9aTzAzNHlacy9pV0pETlJJQWl0MDN6ZmZxT1l0aUZwbzdCWGFvZWt5a2NXUzg2OHd4MnE0cEhEcWdpTE5HS1Vtc2VlSm5Mcm5wK0VUSTZCSWhRUHFLaTNvS29xelB5RGlQNUxBbThVMmdpMWJnUmhBSit6TWxTb1dISENUaENCV2ZoUT09fA&cppv=2

Request Chain 262

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2F2plus2.ua%2F&domain=2plus2.ua&cw=1&pbt=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=yCRVhXxIZy9QbC9oK0NMSVUzUGkyZ21TWUZMblUzRUxMVlBPNlFDYkFuWUdDTk50cHYzM1pUZDFOWGpqWDNBWlF1aFE2eEZqN2F6YUJmNHl5THVrMDdtL1VmSkk5aEFTY2JvWDc2SGEzbFl4bW5yN0RwN2U4WVg4WVVTbDcrdEVrRGxjRHpNREI4cVhRQ3NST3FFbnBOZ0JTS0RsV3E1ZmNZd0RSemhMcVo0aVl6RW5GL2liNU0wdFRMRDl5WEUyTkZRL3pVU1lOWXR1OHpBazcxZjdmcU5CQTMwTGJSSlJieVB6Q3ZQaXpRdWR0ZGUxWVcydWc1VVFHZG5LZFpiV2JMb2lsKzJhVnp4clJ3Z3JRV1JXVG1XUkZpdz09fA&cppv=2

262 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
2plus2.ua/
Redirect Chain

http://2plus2.ua/
https://2plus2.ua/

127 KB
30 KB

541ms
318ms

Document
text/html

195.137.240.82
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://2plus2.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.82 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front02.1plus1.ua
Software: nginx /
Resource Hash: 6d32f601c4a70fbe6bef70e5bb4e5de954c403f3c6ddc2a863f5c1dc1cf08096

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Cache-Control: no-cache, private
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Thu, 05 May 2022 10:11:47 GMT
Keep-Alive: timeout=15
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

Redirect headers

Connection: keep-alive
Content-Length: 178
Content-Type: text/html
Date: Thu, 05 May 2022 10:11:46 GMT
Keep-Alive: timeout=15
Location: https://2plus2.ua/
Server: nginx

GET
H/1.1 200
OK app.css
2plus2.ua/css/ 163 KB
34 KB 78ms
78ms Stylesheet
text/css 195.137.240.82
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://2plus2.ua/css/app.css?id=0d35840da3ccf68354bf
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.82 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front02.1plus1.ua
Software: nginx /
Resource Hash: c8c9282bac0c52f3cb2d49215efe8727bb99da2e83220c8c7d40ddac223a39f3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 05 May 2022 10:11:47 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Apr 2022 12:23:46 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=1209600
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Thu, 19 May 2022 10:11:47 GMT

GET
H/1.1 200
OK codes-initialization.js Show response
2plus2.ua/js/ 2 KB
1 KB 153ms
74ms Script
application/javascript 195.137.240.82
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://2plus2.ua/js/codes-initialization.js?id=6995a6db18672037bb0c
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.82 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front02.1plus1.ua
Software: nginx /
Resource Hash: 0504d9f9a134a9acc6d5ffefacd131df9ed5ac7023d3c2aeecd48a4d0419a3e8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 05 May 2022 10:11:47 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Oct 2021 08:57:18 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=1209600
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Thu, 19 May 2022 10:11:47 GMT

GET
H/1.1 200
OK logo.svg
2plus2.ua/img/icons/ 574 B
883 B 214ms
72ms Image
image/svg+xml 195.137.240.82
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2plus2.ua/img/icons/logo.svg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.82 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front02.1plus1.ua
Software: nginx /
Resource Hash: d3fd91ee62256b439f81a02c678e02a4ac665a52642a475e1cec17e5959db19b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 05 May 2022 10:11:47 GMT
Last-Modified: Wed, 19 Sep 2018 09:53:34 GMT
Server: nginx
Content-Type: image/svg+xml
Cache-Control: max-age=1209600
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 574
Expires: Thu, 19 May 2022 10:11:47 GMT

GET
H2 200 8be2db6ae74b495eecb11f20b9f10d21.jpg
images.1plus1.video/other-1/ 88 KB
88 KB 459ms
230ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/other-1/8be2db6ae74b495eecb11f20b9f10d21.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 2f488a23fe332868855dfba61081897ca435847b702c9a574fc5b6392513ab62

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 10:11:47 GMT
last-modified: Fri, 29 Apr 2022 08:10:34 GMT
server: nginx
etag: "8be2db6ae74b495eecb11f20b9f10d21"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 89630
accept-ranges: bytes
x-1p1-cdn: BYPASS; Thu, 05 May 2022 10:11:47 GMT
expires: Thu, 12 May 2022 10:11:47 GMT

GET
H2 200 ca1836bd902c6f0f23393c72cb6421af.jpg
images.1plus1.video/other-1/ 92 KB
92 KB 602ms
373ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/other-1/ca1836bd902c6f0f23393c72cb6421af.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: ffd4dc484943174781bcde95fc3eb8a447c4b210f31db0652aadbe21fae2fbe8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 10:11:47 GMT
last-modified: Fri, 29 Apr 2022 08:09:50 GMT
server: nginx
etag: "ca1836bd902c6f0f23393c72cb6421af"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 93803
accept-ranges: bytes
x-1p1-cdn: BYPASS; Thu, 05 May 2022 10:11:47 GMT
expires: Thu, 12 May 2022 10:11:47 GMT

GET
H2 200 9aed58140ddc43784c1811fb67b52eaa.jpg
images.1plus1.video/other-1/ 90 KB
90 KB 535ms
306ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/other-1/9aed58140ddc43784c1811fb67b52eaa.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 6ffa5fd683a8e61e0a4e754b3e49b86bb60102f2f8a49fe436246fe9f75cc056

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 10:11:47 GMT
last-modified: Fri, 29 Apr 2022 13:07:29 GMT
server: nginx
etag: "9aed58140ddc43784c1811fb67b52eaa"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 91669
accept-ranges: bytes
x-1p1-cdn: BYPASS; Thu, 05 May 2022 10:11:47 GMT
expires: Thu, 12 May 2022 10:11:47 GMT

GET
H2 200 e2861f1619973d76f56ed0df427c3c2d.jpg
images.1plus1.video/other-1/ 92 KB
93 KB 661ms
433ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/other-1/e2861f1619973d76f56ed0df427c3c2d.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 08c321615bfe65e41e8aef06d659058d5bbcf35c9d6e539962337833d7178b8a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 10:11:47 GMT
last-modified: Mon, 14 Mar 2022 09:09:43 GMT
server: nginx
etag: "e2861f1619973d76f56ed0df427c3c2d"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 94507
accept-ranges: bytes
x-1p1-cdn: BYPASS; Thu, 05 May 2022 10:11:47 GMT
expires: Thu, 12 May 2022 10:11:47 GMT

GET
H2 200 1ebf449600f92efe2591f96ba554c138.jpg
images.1plus1.video/other-1/ 16 KB
16 KB 553ms
361ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/other-1/1ebf449600f92efe2591f96ba554c138.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: bf0580d31e1287915cebdeb747e7e7cf1018948bcc1a78e635e8221ac8cb6c1b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 10:11:47 GMT
last-modified: Wed, 04 May 2022 11:50:34 GMT
server: nginx
etag: "11ca0737cd350cfa0419c351b2a19ff2"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 16522
accept-ranges: bytes
x-1p1-cdn: BYPASS; Thu, 05 May 2022 10:11:47 GMT
expires: Thu, 12 May 2022 10:11:47 GMT

GET
H2 200 6de8cd46fafe694d82523077b82fb064.jpg
images.1plus1.video/other-1/ 22 KB
22 KB 625ms
433ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/other-1/6de8cd46fafe694d82523077b82fb064.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 162494aa6881face214d38b96351f874a65216201f50e94761ca21808c0aa93f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 10:11:47 GMT
last-modified: Wed, 13 Apr 2022 17:04:07 GMT
server: nginx
etag: "d4e63aed867ec770d35150e553ced06c"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 22460
accept-ranges: bytes
x-1p1-cdn: BYPASS; Thu, 05 May 2022 10:11:47 GMT
expires: Thu, 12 May 2022 10:11:47 GMT

GET
H2 200 d4ed0d54bfb6e613f8c2969231c5f0a8.315x280.jpg
images.1plus1.video/news-1/43314/ 38 KB
38 KB 350ms
158ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/news-1/43314/d4ed0d54bfb6e613f8c2969231c5f0a8.315x280.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: b8932e55bce97d6d35de8202e904b5e2a193e581de1f9774ee52c30a4855a72f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 10:11:47 GMT
last-modified: Thu, 05 May 2022 08:58:06 GMT
server: nginx
etag: "e52f489f759943e19a4be13aa287b3f7"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 38932
accept-ranges: bytes
x-1p1-cdn: BYPASS; Thu, 05 May 2022 10:11:47 GMT
expires: Thu, 12 May 2022 10:11:47 GMT

GET
H2 200 1c94ea47d97a5939dedd33311c9d087a.315x280.jpg
images.1plus1.video/news-1/43311/ 31 KB
31 KB 623ms
430ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/news-1/43311/1c94ea47d97a5939dedd33311c9d087a.315x280.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: a8d1c57b01007eaa4933afdfbc828a409c8abf496e5ddb0f39a376653578a7ba

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 10:11:47 GMT
last-modified: Thu, 05 May 2022 07:39:51 GMT
server: nginx
etag: "d789dd3aadb4857e266a3e011051b6e8"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 31678
accept-ranges: bytes
x-1p1-cdn: BYPASS; Thu, 05 May 2022 10:11:47 GMT
expires: Thu, 12 May 2022 10:11:47 GMT

GET
H2 200 915ca31d03c74c4d19a319110f65b8e5.315x280.jpg
images.1plus1.video/news-1/43308/ 39 KB
39 KB 441ms
438ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/news-1/43308/915ca31d03c74c4d19a319110f65b8e5.315x280.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 2c6f8514aff1ae9881bafc5480a32f95aa0d897292b1193b8980c240db5b9319

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 10:11:47 GMT
last-modified: Thu, 05 May 2022 05:35:56 GMT
server: nginx
etag: "fab127db3c608aaff70c23cb0f341fe6"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 39793
accept-ranges: bytes
x-1p1-cdn: BYPASS; Thu, 05 May 2022 10:11:47 GMT
expires: Thu, 12 May 2022 10:11:47 GMT

GET
H2 200 009c77f1e8cf2314913b66c27b29ef46.315x280.jpg
images.1plus1.video/news-1/43293/ 16 KB
16 KB 442ms
439ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/news-1/43293/009c77f1e8cf2314913b66c27b29ef46.315x280.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 5bd4028a13823e4cb51c6ed68de8c7caf866e65a3aff354f7f8b825e5162db06

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 10:11:47 GMT
last-modified: Wed, 04 May 2022 18:13:03 GMT
server: nginx
etag: "3847703b3cac6be7d73dc7287c736316"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 16329
accept-ranges: bytes
x-1p1-cdn: BYPASS; Thu, 05 May 2022 10:11:47 GMT
expires: Thu, 12 May 2022 10:11:47 GMT

GET
H2 200 c99c91d97b019d6c6eb8dde20c01c8f8.315x280.jpg
images.1plus1.video/news-1/43290/ 29 KB
29 KB 445ms
442ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/news-1/43290/c99c91d97b019d6c6eb8dde20c01c8f8.315x280.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 45ec126404f27bc9fdaf8459a6031b49e175e642b9271fbe155351dd40c3323a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 10:11:47 GMT
last-modified: Wed, 04 May 2022 15:33:03 GMT
server: nginx
etag: "4de5179bdfcaeb423a128e51ee2bd6dc"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 29224
accept-ranges: bytes
x-1p1-cdn: BYPASS; Thu, 05 May 2022 10:11:47 GMT
expires: Thu, 12 May 2022 10:11:47 GMT

GET
H2 200 fd793c49267550cfbbcc77a2c4b655fc.315x280.jpg
images.1plus1.video/news-1/43269/ 23 KB
23 KB 370ms
367ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/news-1/43269/fd793c49267550cfbbcc77a2c4b655fc.315x280.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 6d42b2dd7915d0fdf5a29856c1d3676a136c81749136fdc5f5982de1b920fcda

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 10:11:47 GMT
last-modified: Wed, 04 May 2022 08:56:58 GMT
server: nginx
etag: "b510f0f779eb473501799ef044f5b5e3"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 23741
accept-ranges: bytes
x-1p1-cdn: BYPASS; Thu, 05 May 2022 10:11:47 GMT
expires: Thu, 12 May 2022 10:11:47 GMT

GET
H2 200 6b4d694202cfe45f2f04b8f41205095b.315x280.jpg
images.1plus1.video/news-1/43287/ 53 KB
53 KB 459ms
456ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/news-1/43287/6b4d694202cfe45f2f04b8f41205095b.315x280.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: a31a5a6210be0318a982c5ff4dbd05d8c4181a45e372c1996e61648b6ec1f8a4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 10:11:47 GMT
last-modified: Wed, 04 May 2022 14:30:42 GMT
server: nginx
etag: "d01435009df63a5ac66d709e126c739b"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 54167
accept-ranges: bytes
x-1p1-cdn: BYPASS; Thu, 05 May 2022 10:11:47 GMT
expires: Thu, 12 May 2022 10:11:47 GMT

GET
H2 200 199dad71dd6043526fd7109d6cf6229e.315x280.jpg
images.1plus1.video/news-1/43263/ 29 KB
30 KB 371ms
368ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/news-1/43263/199dad71dd6043526fd7109d6cf6229e.315x280.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: a691f57079e070b3ea5d9c8216aaa72f97dbb23311be026e34f9fb38e8375a42

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 10:11:47 GMT
last-modified: Tue, 03 May 2022 21:21:38 GMT
server: nginx
etag: "f87ecd7d5517c086f5587ae4caea432d"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 29929
accept-ranges: bytes
x-1p1-cdn: BYPASS; Thu, 05 May 2022 10:11:47 GMT
expires: Thu, 12 May 2022 10:11:47 GMT

GET
H2 200 a4d08bd4994e14c9955313db91f9a5d4.jpg
images.1plus1.video/other-1/ 134 KB
135 KB 442ms
439ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/other-1/a4d08bd4994e14c9955313db91f9a5d4.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 344eccc5f3ea7ebac658c1b57b9b4a21b83405d1065a480bf2bb3d01628e5e20

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 10:11:47 GMT
last-modified: Thu, 14 Apr 2022 11:33:41 GMT
server: nginx
etag: "847844816f7853a633ce073538d91224"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 137706
accept-ranges: bytes
x-1p1-cdn: BYPASS; Thu, 05 May 2022 10:11:47 GMT
expires: Thu, 12 May 2022 10:11:47 GMT

GET
H2 200 0c776be8ccd5367ab0aadcae9171a065.315x280.jpg
images.1plus1.video/news-1/43284/ 21 KB
21 KB 527ms
524ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/news-1/43284/0c776be8ccd5367ab0aadcae9171a065.315x280.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: e5cd340aebdac524f66963419dec2aa5ef62af2e968e9aefbea43c786a5a8dd0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 10:11:47 GMT
last-modified: Wed, 04 May 2022 13:11:50 GMT
server: nginx
etag: "20f217721ac45ace57e340c5b3337ffb"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 21260
accept-ranges: bytes
x-1p1-cdn: BYPASS; Thu, 05 May 2022 10:11:47 GMT
expires: Thu, 12 May 2022 10:11:47 GMT

GET
H2 200 61cfbef6a021afa1ffe2584014cdabf6.315x280.jpg
images.1plus1.video/news-1/43266/ 20 KB
20 KB 441ms
438ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/news-1/43266/61cfbef6a021afa1ffe2584014cdabf6.315x280.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: bebe4fb762f5ea81bc209bf891f5694a01a1972695aa2d37daf097d39265a987

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 10:11:47 GMT
last-modified: Tue, 03 May 2022 22:08:07 GMT
server: nginx
etag: "4bbba20476397b0f80be7402f36be490"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 20163
accept-ranges: bytes
x-1p1-cdn: BYPASS; Thu, 05 May 2022 10:11:47 GMT
expires: Thu, 12 May 2022 10:11:47 GMT

GET
H2 200 4fbd677c78e56cf063fa2fddcd3fb4bd.315x280.jpg
images.1plus1.video/news-1/43281/ 17 KB
17 KB 387ms
385ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/news-1/43281/4fbd677c78e56cf063fa2fddcd3fb4bd.315x280.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 07671695ecbfafd1df80c0c7855d6896fc17025f972748ac410e37ac4e11c88a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 10:11:47 GMT
last-modified: Wed, 04 May 2022 11:41:12 GMT
server: nginx
etag: "c2e583994f137c86a01c53b9fc44a2bb"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 17109
accept-ranges: bytes
x-1p1-cdn: BYPASS; Thu, 05 May 2022 10:11:47 GMT
expires: Thu, 12 May 2022 10:11:47 GMT

GET
H2 200 3c5c29a352791c18019bdcc02ee5fbc7.285x285.jpg
images.1plus1.video/card-5/GRsFFLJ2/ 18 KB
18 KB 386ms
384ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/card-5/GRsFFLJ2/3c5c29a352791c18019bdcc02ee5fbc7.285x285.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: a8cebc2cb04ac75776e861a533e41ea0bd3b69d06f461cb78e086602dac603aa

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 10:11:47 GMT
last-modified: Tue, 22 Feb 2022 17:53:08 GMT
server: nginx
etag: "1fff169ec8591ae472ce69439a5f36a9"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 18118
accept-ranges: bytes
x-1p1-cdn: BYPASS; Thu, 05 May 2022 10:11:47 GMT
expires: Thu, 12 May 2022 10:11:47 GMT

GET
H2 200 9a5058bd954e39305ea3ca42fdcd186a.285x285.jpg
images.1plus1.video/card-5/ktBGOYx2/ 21 KB
21 KB 387ms
384ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/card-5/ktBGOYx2/9a5058bd954e39305ea3ca42fdcd186a.285x285.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 64018c36747d449e570f24cab8b3c9d1e9ea794cf06a288e5adafff3da652ab3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 10:11:47 GMT
last-modified: Fri, 18 Feb 2022 17:38:19 GMT
server: nginx
etag: "e087103a4d5306b33b4a26ca74f46a95"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 21081
accept-ranges: bytes
x-1p1-cdn: BYPASS; Thu, 05 May 2022 10:11:47 GMT
expires: Thu, 12 May 2022 10:11:47 GMT

GET
H2 200 f90d7f24621086ba471318342646e06b.285x285.jpg
images.1plus1.video/card-5/DagrnyGt/ 27 KB
27 KB 371ms
368ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/card-5/DagrnyGt/f90d7f24621086ba471318342646e06b.285x285.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: ab913a87b721b324515eba65e3e6824a4eca503780e9deb7e4d375204c282e95

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 10:11:47 GMT
last-modified: Fri, 18 Feb 2022 17:27:39 GMT
server: nginx
etag: "ca4ef5c2e2792b2dfb7e7787c80e99f6"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 27722
accept-ranges: bytes
x-1p1-cdn: BYPASS; Thu, 05 May 2022 10:11:47 GMT
expires: Thu, 12 May 2022 10:11:47 GMT

GET
H2 200 8e8cb6e0f36b0d85cd8c6981e4eb4b31.285x285.jpg
images.1plus1.video/card-5/nRAVUWV2/ 30 KB
31 KB 445ms
442ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/card-5/nRAVUWV2/8e8cb6e0f36b0d85cd8c6981e4eb4b31.285x285.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 9fc647aa2ef1f6aa26e64231a4f860b77f8e5ca45ddb241de99581e1235df68d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 10:11:47 GMT
last-modified: Wed, 16 Feb 2022 16:37:24 GMT
server: nginx
etag: "da80bf2f888498741dc109276ffe8f47"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 31038
accept-ranges: bytes
x-1p1-cdn: BYPASS; Thu, 05 May 2022 10:11:47 GMT
expires: Thu, 12 May 2022 10:11:47 GMT

GET
H2 200 68536a5f7c4f28c824ac18907f67e6c0.285x285.jpg
images.1plus1.video/card-5/9CmkgJyR/ 25 KB
25 KB 386ms
383ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/card-5/9CmkgJyR/68536a5f7c4f28c824ac18907f67e6c0.285x285.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: bc963544c7b58831207820ca1f6aa75f0265843be105cab7b7c3744155616f3a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 10:11:47 GMT
last-modified: Wed, 16 Feb 2022 16:24:36 GMT
server: nginx
etag: "5bfc6a30c49959728c337dce58dda0a3"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 25395
accept-ranges: bytes
x-1p1-cdn: BYPASS; Thu, 05 May 2022 10:11:47 GMT
expires: Thu, 12 May 2022 10:11:47 GMT

GET
H2 200 cdce52f6d8885ef25314a4977eb592c8.490x300.jpg
images.1plus1.video/playlist-1/140731/ 98 KB
98 KB 444ms
441ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/140731/cdce52f6d8885ef25314a4977eb592c8.490x300.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: cb33386457609ed59866c61e2d9b0d4f4c3c5c6e2c7401c0a0a9fd8f5ff0c951

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 10:11:47 GMT
last-modified: Tue, 18 Jan 2022 14:42:46 GMT
server: nginx
etag: "8bbc0a9d2074e0f2861716372d19b7a8"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 100315
accept-ranges: bytes
x-1p1-cdn: BYPASS; Thu, 05 May 2022 10:11:47 GMT
expires: Thu, 12 May 2022 10:11:47 GMT

GET
H2 200 8789930c322a5a2de04ad202edee81be.490x300.jpg
images.1plus1.video/playlist-1/145042/ 72 KB
72 KB 511ms
508ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/145042/8789930c322a5a2de04ad202edee81be.490x300.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 6da76e0407ac20e5be7f38f73d9eae1ffc3bd492aa79769c9d900613db9b5dd5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 10:11:47 GMT
last-modified: Tue, 18 Jan 2022 14:41:33 GMT
server: nginx
etag: "6fe6cd0165380ba7809f27a4e2029504"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 73347
accept-ranges: bytes
x-1p1-cdn: BYPASS; Thu, 05 May 2022 10:11:47 GMT
expires: Thu, 12 May 2022 10:11:47 GMT

GET
H2 200 5dc777c6a08b8536906fff608805f4ad.490x300.jpg
images.1plus1.video/playlist-1/70286/ 100 KB
100 KB 445ms
442ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/70286/5dc777c6a08b8536906fff608805f4ad.490x300.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: e0f2bfbabb9841847f2a5b6e1a90ea85ed2cda2648ac0ced424a8e9769e38514

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 10:11:47 GMT
last-modified: Wed, 16 Jun 2021 15:26:13 GMT
server: nginx
etag: "61a7a9a574200a699aba40246cff75f8"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 101953
accept-ranges: bytes
x-1p1-cdn: BYPASS; Thu, 05 May 2022 10:11:47 GMT
expires: Thu, 12 May 2022 10:11:47 GMT

GET
H2 200 73f64084c4b6012843a0ad4a723ab950.490x300.jpg
images.1plus1.video/playlist-1/93757/ 84 KB
84 KB 387ms
384ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/93757/73f64084c4b6012843a0ad4a723ab950.490x300.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: f375aaa522232e786256e11ddb093a95c35026397d3967ba0b66dd427d833a2e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 10:11:47 GMT
last-modified: Tue, 22 Jun 2021 07:50:02 GMT
server: nginx
etag: "3fcbb749663669f24ae1bf6426c6776a"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 85576
accept-ranges: bytes
x-1p1-cdn: BYPASS; Thu, 05 May 2022 10:11:47 GMT
expires: Thu, 12 May 2022 10:11:47 GMT

GET
H2 200 d3374a1b77fa3b8ce94d5845e061d8f0.490x300.jpg
images.1plus1.video/playlist-1/4844/ 97 KB
97 KB 527ms
524ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/4844/d3374a1b77fa3b8ce94d5845e061d8f0.490x300.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 373deb961a720e1e159bdafc2ab4e9ad0478f910034025f667c92e21dbd0a044

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 10:11:47 GMT
last-modified: Tue, 18 Jan 2022 14:44:06 GMT
server: nginx
etag: "a8a6b117d153ff197675175afd73848d"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 99044
accept-ranges: bytes
x-1p1-cdn: BYPASS; Thu, 05 May 2022 10:11:47 GMT
expires: Thu, 12 May 2022 10:11:47 GMT

GET
H2 200 512ac948dba8c0ed8ed754631bb4084f.490x300.jpg
images.1plus1.video/playlist-1/5252/ 161 KB
161 KB 527ms
524ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/5252/512ac948dba8c0ed8ed754631bb4084f.490x300.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 10066841bfc9534e75adc9de3c5b8f027a6d4cf60e8cc53debef50491928e60d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 10:11:47 GMT
last-modified: Fri, 18 Jun 2021 07:37:16 GMT
server: nginx
etag: "f3aeeec15e404524760bdf792fd61b50"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 164699
accept-ranges: bytes
x-1p1-cdn: BYPASS; Thu, 05 May 2022 10:11:47 GMT
expires: Thu, 12 May 2022 10:11:47 GMT

GET
H2 200 7685b7308bb44288c4f399496048c4df.220x330.jpg
images.1plus1.video/playlist-1/945/ 59 KB
60 KB 387ms
385ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/945/7685b7308bb44288c4f399496048c4df.220x330.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 143f50225190e7a587d8e43d7504c7645b29f1dfb957eae82f59977a6cc35c98

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 10:11:47 GMT
last-modified: Thu, 20 Jan 2022 12:33:22 GMT
server: nginx
etag: "8bae3cce1b9ac9a8d0dc652c45b532de"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 60741
accept-ranges: bytes
x-1p1-cdn: BYPASS; Thu, 05 May 2022 10:11:47 GMT
expires: Thu, 12 May 2022 10:11:47 GMT

GET
H2 200 74a4f00b1034d1e5de44c52c5afaf1fd.220x330.jpg
images.1plus1.video/playlist-1/5312/ 32 KB
32 KB 444ms
442ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/5312/74a4f00b1034d1e5de44c52c5afaf1fd.220x330.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 564790a34f4bb222b6812e6c32b124320b3ccd5db9a922fcff71f72a4bd02673

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 10:11:47 GMT
last-modified: Wed, 19 Jan 2022 15:44:36 GMT
server: nginx
etag: "051dae29b6412985e0d02f1883f31c84"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 32599
accept-ranges: bytes
x-1p1-cdn: BYPASS; Thu, 05 May 2022 10:11:47 GMT
expires: Thu, 12 May 2022 10:11:47 GMT

GET
H2 200 d3374a1b77fa3b8ce94d5845e061d8f0.220x330.jpg
images.1plus1.video/playlist-1/4844/ 68 KB
68 KB 440ms
438ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/4844/d3374a1b77fa3b8ce94d5845e061d8f0.220x330.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 1ec70c7fb22a0abb4cf77eab8f2b4b3a5c674107b30f1bdf7f4d118a9c61e7da

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 10:11:47 GMT
last-modified: Tue, 18 Jan 2022 14:44:06 GMT
server: nginx
etag: "af334573b8e9890738512cd9a210350e"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 69740
accept-ranges: bytes
x-1p1-cdn: BYPASS; Thu, 05 May 2022 10:11:47 GMT
expires: Thu, 12 May 2022 10:11:47 GMT

GET
H2 200 5ee354d25b6e1328f52453b530bd859f.220x330.jpg
images.1plus1.video/playlist-1/46546/ 18 KB
19 KB 444ms
442ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/46546/5ee354d25b6e1328f52453b530bd859f.220x330.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: e24ce462b090fdbb38af89384909309483db1a66bc0d1ce4a5141c4864467868

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 10:11:47 GMT
last-modified: Wed, 23 Feb 2022 11:06:28 GMT
server: nginx
etag: "7037a4d516fbc5445a7d1a251f1a5c6f"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 18756
accept-ranges: bytes
x-1p1-cdn: BYPASS; Thu, 05 May 2022 10:11:47 GMT
expires: Thu, 12 May 2022 10:11:47 GMT

GET
H2 200 c9b0c9a776f78f3b56b9024ff259bf6d.220x330.jpg
images.1plus1.video/playlist-1/5252/ 86 KB
87 KB 523ms
521ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/5252/c9b0c9a776f78f3b56b9024ff259bf6d.220x330.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: ded40bc9b131ce8d897e8319b65b204d44da586ca44e661f3acc33cb6438b1f4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 10:11:47 GMT
last-modified: Wed, 19 Jan 2022 15:43:20 GMT
server: nginx
etag: "90f688b5780469424dc2f50e497a080f"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 88537
accept-ranges: bytes
x-1p1-cdn: BYPASS; Thu, 05 May 2022 10:11:47 GMT
expires: Thu, 12 May 2022 10:11:47 GMT

GET
H/1.1 200
OK footer-email.png
2plus2.ua/img/ 774 B
1 KB 145ms
73ms Image
image/png 195.137.240.82
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2plus2.ua/img/footer-email.png
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.82 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front02.1plus1.ua
Software: nginx /
Resource Hash: c7571d58fa40f74107002e9991f3b84ca5da3aef2f9f366a7ddc27afb9a90dc0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 05 May 2022 10:11:47 GMT
Last-Modified: Tue, 29 Jan 2019 14:06:43 GMT
Server: nginx
Content-Type: image/png
Cache-Control: max-age=1209600
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 774
Expires: Thu, 19 May 2022 10:11:47 GMT

GET
H/1.1 200
OK ads.js Show response
2plus2.ua/js/ 19 B
351 B 136ms
72ms Script
application/javascript 195.137.240.82
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://2plus2.ua/js/ads.js?id=fb4f4a7ed8a8020a4ad9
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.82 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front02.1plus1.ua
Software: nginx /
Resource Hash: e029f52d3ee7b5d529e43509e78c8aad836f222e32a308e61360e3fddcec6320

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 05 May 2022 10:11:47 GMT
Last-Modified: Tue, 29 Jan 2019 14:06:43 GMT
Server: nginx
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=1209600
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 19
Expires: Thu, 19 May 2022 10:11:47 GMT

GET
H/1.1 200
OK jquery-3.2.1.min.js Show response
2plus2.ua/js/vendor/ 85 KB
35 KB 147ms
147ms Script
application/javascript 195.137.240.82
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://2plus2.ua/js/vendor/jquery-3.2.1.min.js?id=c9f5aeeca3ad37bf2aa0
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.82 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front02.1plus1.ua
Software: nginx /
Resource Hash: 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 05 May 2022 10:11:47 GMT
Content-Encoding: gzip
Last-Modified: Tue, 27 Nov 2018 12:17:34 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=1209600
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Thu, 19 May 2022 10:11:47 GMT

GET
H/1.1 200
OK owl.carousel.min.js Show response
2plus2.ua/js/vendor/ 42 KB
13 KB 76ms
76ms Script
application/javascript 195.137.240.82
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://2plus2.ua/js/vendor/owl.carousel.min.js?id=b7b9c97cd68ec336d01a
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.82 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front02.1plus1.ua
Software: nginx /
Resource Hash: b394d33b2a7ec654a6b037ebfda6618341b3f897a362be624c923c2711b54a43

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 05 May 2022 10:11:47 GMT
Content-Encoding: gzip
Last-Modified: Tue, 27 Nov 2018 12:17:34 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=1209600
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Thu, 19 May 2022 10:11:47 GMT

GET
H/1.1 200
OK jquery.mousewheel.min.js Show response
2plus2.ua/js/vendor/ 3 KB
2 KB 94ms
80ms Script
application/javascript 195.137.240.82
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://2plus2.ua/js/vendor/jquery.mousewheel.min.js?id=d5843dbdc71ff8014a5e
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.82 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front02.1plus1.ua
Software: nginx /
Resource Hash: 8e73a30d35c83ea6a597c3343324d2b7df097ad26e67b62efb5266ee12d317b5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 05 May 2022 10:11:47 GMT
Content-Encoding: gzip
Last-Modified: Tue, 27 Nov 2018 12:17:34 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=1209600
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Thu, 19 May 2022 10:11:47 GMT

GET
H/1.1 200
OK jquery.mCustomScrollbar.concat.min.js Show response
2plus2.ua/js/vendor/ 44 KB
15 KB 148ms
75ms Script
application/javascript 195.137.240.82
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://2plus2.ua/js/vendor/jquery.mCustomScrollbar.concat.min.js?id=42a368e95b4a38989c89
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.82 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front02.1plus1.ua
Software: nginx /
Resource Hash: fd8027b53a97cbd5782e85c5908e563c39776703ff9279f50658e630927b4167

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 05 May 2022 10:11:47 GMT
Content-Encoding: gzip
Last-Modified: Tue, 27 Nov 2018 12:17:34 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=1209600
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Thu, 19 May 2022 10:11:47 GMT

GET
H/1.1 200
OK app.js Show response
2plus2.ua/js/ 20 KB
8 KB 175ms
81ms Script
application/javascript 195.137.240.82
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://2plus2.ua/js/app.js?id=8e88380a7f509a69a305
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.82 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front02.1plus1.ua
Software: nginx /
Resource Hash: 672ace95a9ff08fd4323923191fafd7b76c9ede3ae21cc62724afb4dff985b24

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 05 May 2022 10:11:47 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Apr 2022 12:23:46 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=1209600
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Thu, 19 May 2022 10:11:47 GMT

GET
H2 200 css2
fonts.googleapis.com/ 28 KB
2 KB 139ms
50ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;0,800;1,300;1,400;1,600;1,700;1,800&display=swap

Requested by

Host: 2plus2.ua
URL: https://2plus2.ua/css/app.css?id=0d35840da3ccf68354bf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a72ee3b483fdcb212b243a4e684c497f598916becbe02e14b48fae84ff65504c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 05 May 2022 08:51:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 05 May 2022 10:11:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 05 May 2022 10:11:47 GMT

GET
H2 200 hb_298309_11708.js Show response
player.adtcdn.com/prebidlink/458818/ 374 KB
111 KB 262ms
106ms Script
application/javascript 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtcdn.com/prebidlink/458818/hb_298309_11708.js
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e83fe9975d2dd72d4a583fa4b72114cd7f17941a949a037fb961a11b12713e4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 10:11:47 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 423
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 26 Apr 2022 08:58:07 GMT
server: cloudflare
etag: W/"6267b41f-5d9c4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LXwmY0kRA03Kk7SZChX%2F726btzh8aUvxWm%2FcqhZb2bIwfVqr2CZDxH7bufVNQHKgCYRtI75Zc12bo%2FkjZ3OT7dtSyojFtXPy3pccc8DXgwenSn3nmKBK2zRwvGimc%2BsIkOkmjDcCZPn%2FsExKzwjZwg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=345600
cf-ray: 7068b1affec1f91f-MXP
expires: Thu, 05 May 2022 10:19:44 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 82 KB
28 KB 511ms
49ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: 2plus2.ua
URL: https://2plus2.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

sffe /

Resource Hash

780b234b206f3b9fac169be115b90495b905bbb51398dcb124632189098626ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 10:11:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28449
x-xss-protection: 0
server: sffe
etag: "1205 / 876 of 1000 / last-modified: 1651740135"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 05 May 2022 10:11:48 GMT

GET
H2 200 wrapper_hb_298309_11708.js Show response
player.adtcdn.com/prebidlink/458818/ 787 B
1 KB 168ms
87ms Script
application/javascript 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtcdn.com/prebidlink/458818/wrapper_hb_298309_11708.js
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42d66f023bb368180a0b3fe8fb92af402514a0c335f3c16279c020398e6b9308

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 10:11:47 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 423
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 28 Apr 2022 12:46:22 GMT
server: cloudflare
etag: W/"626a8c9e-313"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tSjOE9%2BtArGR5%2BVOh0OpdMRkLHq%2FL62vS5WiypqezEY6ObfynNzlgNagUDWYpbvCf0IxUHimsKfoDUMBuadgz%2B8OvgUuCpvRlgjBoxYHXhrYoSEWH4RSoWmYrrB6zgdcESrMU43Te5QGywUQf%2F1TQw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=345600
cf-ray: 7068b1affec6f91f-MXP
expires: Thu, 05 May 2022 10:19:44 GMT

GET
H2 200 piwik.js Show response
assay.1plus1.ua/ 57 KB
23 KB 264ms
70ms Script
application/javascript 195.137.240.12
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL

https://assay.1plus1.ua/piwik.js

Requested by

Host: 2plus2.ua
URL: https://2plus2.ua/js/codes-initialization.js?id=6995a6db18672037bb0c

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

195.137.240.12 , Ukraine, ASN29389 (ASN-UNIAN, UA),

Reverse DNS

assay.1plus1.ua

Software

nginx /

Resource Hash

714576ef1d7b58980b7658ae9b8b4d74a223fba87934dc442db4098873e179a3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 10:11:47 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Mon, 03 Jul 2017 15:36:13 GMT
server: nginx
etag: W/"595a646d-e3b1"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 171 KB
60 KB 145ms
57ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W2BBRKX

Requested by

Host: 2plus2.ua
URL: https://2plus2.ua/js/codes-initialization.js?id=6995a6db18672037bb0c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c37ed9f531908e685246b16e07daa1c170118e08ff442d3ed23079a03c424300

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 10:11:47 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61107
x-xss-protection: 0
last-modified: Thu, 05 May 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 05 May 2022 10:11:47 GMT

GET
H2 200 xgemius.js Show response
gaua.hit.gemius.pl/ 43 KB
12 KB 182ms
57ms Script
application/x-javascript 146.59.10.80
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/xgemius.js
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/js/codes-initialization.js?id=6995a6db18672037bb0c
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.10.80 , France, ASN16276 (OVH, FR),
Reverse DNS: ip80.ip-146-59-10.eu
Software: GHC /
Resource Hash: e084c8a87da9ce64e34972a1718ce788ea46bb7898330c73e1a7f2b6c9936d98

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 10:11:47 GMT
content-encoding: gzip
last-modified: Thu, 21 Apr 2022 06:09:03 GMT
server: GHC
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: max-age=43200
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 11715
expires: Thu, 05 May 2022 22:11:47 GMT

GET
H/1.1 200
OK api.gpt.js Show response
api.1plus1.video/static/js/ 12 KB
5 KB 338ms
80ms Script
application/javascript 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.1plus1.video/static/js/api.gpt.js
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: f336a6da2e57a1dd5bcd42f29f901d5252438a16952e4577ebdb6e0871e812a0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 05 May 2022 10:11:48 GMT
Content-Encoding: gzip
Last-Modified: Mon, 26 Jul 2021 13:10:52 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Sat, 04 Jun 2022 10:11:48 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
fonts.gstatic.com/s/opensans/v28/ 24 KB
24 KB 187ms
98ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v28/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;0,800;1,300;1,400;1,600;1,700;1,800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fcbd587432f5e88fc926d1cde0d375084b7f3e711f9ff34571dec52f70fb27cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://2plus2.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 22:47:37 GMT
x-content-type-options: nosniff
age: 127450
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24756
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 22:00:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 May 2023 22:47:37 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v28/ 44 KB
44 KB 130ms
41ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v28/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;0,800;1,300;1,400;1,600;1,700;1,800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://2plus2.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 22:45:07 GMT
x-content-type-options: nosniff
age: 127600
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 22:03:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 May 2023 22:45:07 GMT

GET
H/1.1 200
OK 12XPPTDu Show response
1plus1.video/video/embed/ Frame 8142 10 KB
5 KB 362ms
107ms Document
text/html 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://1plus1.video/video/embed/12XPPTDu?autoplay=0&l=ua&logo=plus2
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: 7cb80600e5a94d1377601ce57410ccecdc6a78a71e3a64f6e89e299469fce7bf

Request headers

Referer: https://2plus2.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Thu, 05 May 2022 10:11:47 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=15
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H2 200 vunit Show response
a4p.adpartner.pro/ 12 KB
3 KB 184ms
60ms Script
text/html 137.74.6.209
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/vunit?id=1412&0.970516047913683
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 137.74.6.209 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-02.adpartner.pro
Software: nginx /
Resource Hash: d64597e0f7fbfca465f7c2c3c9353a29d4746301632781083f45faed2dcc0b51

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 10:11:47 GMT
cache-control: no-store no-transform
server: nginx
content-encoding: br
content-type: text/html; charset=utf-8

GET
H/1.1 200
OK pattern.jpg
2plus2.ua/img/ 1 KB
2 KB 73ms
73ms Image
image/jpeg 195.137.240.82
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2plus2.ua/img/pattern.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/css/app.css?id=0d35840da3ccf68354bf
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.82 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front02.1plus1.ua
Software: nginx /
Resource Hash: db1e8ca32d9160e5a98ebab86225e05e9b7557e38d27b0e30d994d4242aae414

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/css/app.css?id=0d35840da3ccf68354bf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 05 May 2022 10:11:47 GMT
Last-Modified: Wed, 10 Oct 2018 15:20:08 GMT
Server: nginx
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 1355
Expires: Thu, 19 May 2022 10:11:47 GMT

GET
H2 200 c7cdf394dc8482759f9077a41e4abf22.custom.jpg
images.1plus1.video/card-5/12XPPTDu/ 512 KB
512 KB 443ms
441ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/card-5/12XPPTDu/c7cdf394dc8482759f9077a41e4abf22.custom.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 0479c803e597c9eacc35328c18e47b75104c9c67359da67d31fa807de6309663

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 10:11:47 GMT
last-modified: Wed, 23 Feb 2022 17:22:14 GMT
server: nginx
etag: "8cdf6bac6c3c122e283456481462d852"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 523866
accept-ranges: bytes
x-1p1-cdn: BYPASS; Thu, 05 May 2022 10:11:47 GMT
expires: Thu, 12 May 2022 10:11:47 GMT

GET
H2 200 hbw_release_298309_11708.js Show response
player.adtelligent.com/prebidlink/458818/ 138 KB
30 KB 191ms
118ms Script
application/javascript 45.133.44.4
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/prebidlink/458818/hbw_release_298309_11708.js
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/458818/wrapper_hb_298309_11708.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: ab78862b7b55cf304c19ea338fac95cf92f89fb22bf5e1d619fa2a88e1395505

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 10:11:48 GMT
content-encoding: gzip
last-modified: Thu, 28 Apr 2022 12:46:22 GMT
server: nginx
etag: W/"626a8c9e-226e7"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Sat, 07 May 2022 10:11:48 GMT
cache-control: max-age=172800
x-proxy-cache: MISS

GET
H2 200 fpdata.js Show response
gaua.hit.gemius.pl/ 278 B
415 B 58ms
57ms Script
application/x-javascript 146.59.10.80
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/fpdata.js?href=2plus2.ua
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.10.80 , France, ASN16276 (OVH, FR),
Reverse DNS: ip80.ip-146-59-10.eu
Software: GHC /
Resource Hash: 7b4d209e019d525108a428fb8d0e7cb68682773f4727e4ec5b665b9adcdd4ffb

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 10:11:48 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
server: GHC
etag: PRIVATE7520710249
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: private, max-age=2592000
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 278
expires: Sat, 04 Jun 2022 10:11:48 GMT

GET
H2 200 lsget.html Show response
ls.hit.gemius.pl/ Frame 7B5A 5 KB
3 KB 180ms
58ms Document
text/html 146.59.30.104
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ls.hit.gemius.pl/lsget.html
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.30.104 , France, ASN16276 (OVH, FR),
Reverse DNS: ip104.ip-146-59-30.eu
Software: GHC /
Resource Hash: 5386569878747f2828c6208083d18112c85bbbfdd35b3649e39ed092bcb066c6

Request headers

Referer: https://2plus2.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: none
cache-control: private, max-age=2592000
content-encoding: gzip
content-length: 2722
content-type: text/html;charset=utf-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 May 2022 10:11:48 GMT
etag: PRIVATE7520710249
expires: Sat, 04 Jun 2022 10:11:48 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
p3p: CP="NOI DSP COR NID PSAo OUR IND"
server: GHC
vary: Accept-Encoding,Origin,User-Agent

GET
H2 200 vunit.min.js Show response
a4p.adpartner.pro/apstc/ 48 KB
12 KB 60ms
60ms Script
application/javascript 137.74.6.209
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/apstc/vunit.min.js?v=1.1.423
Requested by: Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/vunit?id=1412&0.970516047913683
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 137.74.6.209 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-02.adpartner.pro
Software: nginx /
Resource Hash: dc41a2546e6b5e28ddf2602393ecf0337cf32b46eefecea182a5e3a08f1edaff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 10:11:48 GMT
cache-control: no-store no-transform
last-modified: Tue, 15 Mar 2022 16:47:24 GMT
server: nginx
content-encoding: br
etag: W/"6230c31c-c158"
content-type: application/javascript

GET
H2 204 tt
a4p.adpartner.pro/ Frame 81EB 0
0 1004ms
1004ms Document
text/plain 137.74.6.209
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/tt?time=0&apuid=undefined&session_pageview=1&session_id=0e936290-8a88-4a05-81af-5ae4387491de&site_visited=1&location=https%3A%2F%2F2plus2.ua%2F&referer=
Requested by: Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/vunit?id=1412&0.970516047913683
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 137.74.6.209 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-02.adpartner.pro
Software: nginx /
Resource Hash

Request headers

Referer: https://2plus2.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store no-transform
date: Thu, 05 May 2022 10:11:48 GMT
server: nginx

GET
H2 200 ls Show response
a4p.adpartner.pro/vunit/ Frame 6BD2 5 KB
2 KB 112ms
111ms Document
text/html 137.74.6.209
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/vunit/ls?vunit=1412&bannerNum=3167945504004233&apuid=df40e55d-b86e-4599-bed9-72fdc530c105&session_pageview=1&session_id=0e936290-8a88-4a05-81af-5ae4387491de&site_visited=1&location=https%3A%2F%2F2plus2.ua%2F
Requested by: Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/vunit?id=1412&0.970516047913683
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 137.74.6.209 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-02.adpartner.pro
Software: nginx /
Resource Hash: aca3b34fb99455fa342d4d89856fdf30d43d066085082f51302c500a4117e70b

Request headers

Referer: https://2plus2.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store no-transform
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 05 May 2022 10:11:48 GMT
server: nginx

GET
H/1.1 200
OK ovva.0.3.0.css
1plus1.video/static/player/css/ Frame 8142 171 KB
26 KB 160ms
160ms Stylesheet
text/css 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://1plus1.video/static/player/css/ovva.0.3.0.css?v=e5d7a0e0edee2e1241fd9b3cb5108a742a385aed
Requested by: Host: 1plus1.video
URL: https://1plus1.video/video/embed/12XPPTDu?autoplay=0&l=ua&logo=plus2
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: 3dac64a94fcc4eae3c54f1f12824e9b82bebbec1acb3cb8b908f4ecc1f90e578

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/video/embed/12XPPTDu?autoplay=0&l=ua&logo=plus2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 05 May 2022 10:11:48 GMT
Content-Encoding: gzip
Last-Modified: Mon, 29 Nov 2021 13:08:40 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Sat, 04 Jun 2022 10:11:20 GMT

GET
H/1.1 200
OK ovva.0.3.0.js Show response
1plus1.video/static/player/js/ Frame 8142 198 KB
69 KB 314ms
155ms Script
application/javascript 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=e5d7a0e0edee2e1241fd9b3cb5108a742a385aed
Requested by: Host: 1plus1.video
URL: https://1plus1.video/video/embed/12XPPTDu?autoplay=0&l=ua&logo=plus2
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: 517d4417f1918881abb8b87e7be918ca95b9eb50de3a5ef4a46e2e39626aba7b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/video/embed/12XPPTDu?autoplay=0&l=ua&logo=plus2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 05 May 2022 10:11:48 GMT
Content-Encoding: gzip
Last-Modified: Wed, 12 Jan 2022 10:03:07 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Sat, 04 Jun 2022 10:10:24 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 8142 104 KB
40 KB 50ms
49ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-104502981-1

Requested by

Host: 1plus1.video
URL: https://1plus1.video/video/embed/12XPPTDu?autoplay=0&l=ua&logo=plus2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

445d6e1a25578d69c7d03621b9bc0a520434d7cecbe54d76b4cc1014b91b176c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 10:11:48 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40731
x-xss-protection: 0
last-modified: Thu, 05 May 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 05 May 2022 10:11:48 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 188 KB
68 KB 55ms
55ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-KRRGZR24WG&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W2BBRKX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f91108ecc7b1151d5275520fcd26cb102dcda34f6bbdfdf147128192116f699d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 10:11:48 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69212
x-xss-protection: 0
expires: Thu, 05 May 2022 10:11:48 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 127ms
40ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W2BBRKX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 6759
date: Thu, 05 May 2022 08:19:09 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 05 May 2022 10:19:09 GMT

GET
H2

200

960ccfd6-74cb-4236-9230-f2f5d1c9d1c7_eu.js Show response
cdn.mouseflow.com/projects/
Redirect Chain

https://cdn.mouseflow.com/projects/960ccfd6-74cb-4236-9230-f2f5d1c9d1c7.js
https://cdn.mouseflow.com/projects/960ccfd6-74cb-4236-9230-f2f5d1c9d1c7_eu.js

53 KB
17 KB

33ms
32ms

Script
application/javascript

151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mouseflow.com/projects/960ccfd6-74cb-4236-9230-f2f5d1c9d1c7_eu.js
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 33a45a5a9868fae393389cde23193e59ecadb3a257550ceb3d7499b15d985d10

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 10:11:48 GMT
content-encoding: gzip
last-modified: Wed, 13 Apr 2022 09:09:45 GMT
server: NetDNA-cache/2.2
etag: W/"65602a38164fd81:0"
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-length: 16879
x-hw: 1651745508.cds233.lo4.hn,1651745508.cds035.lo4.c

Redirect headers

date: Thu, 05 May 2022 10:11:48 GMT
content-encoding: gzip
last-modified: Wed, 13 Apr 2022 09:09:44 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: W/"d6788a37164fd81:0"
x-cache: HIT
content-type: application/javascript; charset=utf-8
location: https://cdn.mouseflow.com/projects/960ccfd6-74cb-4236-9230-f2f5d1c9d1c7_eu.js
cache-control: max-age=86400
accept-ranges: bytes
content-length: 16877
x-hw: 1651745508.cds233.lo4.hn,1651745508.cds315.lo4.c

GET
H2 410 3674.js
script.crazyegg.com/pages/scripts/0068/ 0
0 173ms
58ms Script
application/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0068/3674.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W2BBRKX
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 10:11:48 GMT
cf-cache-status: HIT
last-modified: Thu, 05 May 2022 06:45:22 GMT
server: cloudflare
age: 12386
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86400, s-maxage=86400
cf-ray: 7068b1b22a990219-ZRH
content-length: 0

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 121ms
40ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: 2plus2.ua
URL: https://2plus2.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b819b3ac2fe5857b7026a609f9115f0d50a7d6e8085ba5987d70ed6baaa41f4e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26311
x-xss-protection: 0
pragma: public
x-fb-debug: pn2ahYIX5+7HR4bzuvj67aN+UYVRrt9+N7fRuHotB9JIcYGSyJIxgfgB4BIm3Ocz6yWuXXAcWMiwXsB6QzAWbQ==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 05 May 2022 10:11:48 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 al26fychxj Show response
www.clarity.ms/tag/ 1 KB
2 KB 310ms
161ms Script
application/x-javascript 2620:1ec:27::cafe:1761
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/al26fychxj
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:1761 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: b193870accab29b89002aaa58e418b4db56e6e42818331efa382c961f804ebab

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 10:11:47 GMT
x-powered-by: ASP.NET
x-azure-ref: 05KJzYgAAAACPW1fZSfdGTZTDik+A/CpxR1ZBMzBFREdFMDIwNwA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
request-context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
content-length: 1535
expires: -1

GET
H2 200 piwik.php
assay.1plus1.ua/ 43 B
145 B 75ms
75ms Image
image/gif 195.137.240.12
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assay.1plus1.ua/piwik.php?action_name=2%2B2%20-%20%D0%9E%D1%84%D1%96%D1%86%D1%96%D0%B9%D0%BD%D0%B8%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%D1%83%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&idsite=6&rec=1&r=581207&h=10&m=11&s=48&url=https%3A%2F%2F2plus2.ua%2F&_id=e1a6f6062c612d2e&_idts=1651745508&_idvc=1&_idn=0&_refts=0&_viewts=1651745508&send_image=1&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&gt_ms=320

Requested by

Host: 2plus2.ua
URL: https://2plus2.ua/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

195.137.240.12 , Ukraine, ASN29389 (ASN-UNIAN, UA),

Reverse DNS

assay.1plus1.ua

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 10:11:48 GMT
content-encoding: none
server: nginx
content-length: 43
x-frame-options: SAMEORIGIN
content-type: image/gif

GET
H/1.1 200
OK / Show response
ghb.adtelligent.com/geo/ 152 B
417 B 388ms
102ms XHR
application/json 2a06:8640:454::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/geo/
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/458818/hbw_release_298309_11708.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:8640:454::2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 76aca2a3a5554f3302fb8b7bf6db768cdddd1af7bcd81be8766d03528c39c58e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 05 May 2022 10:11:47 GMT
Server: Adtelligent
Content-Type: application/json
Access-Control-Allow-Origin: https://2plus2.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 152

GET
H/1.1 200
OK tracking Show response
ghb.adtelligent.com/adunit/ 43 B
426 B 387ms
102ms XHR
image/gif 2a06:8640:454::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/adunit/tracking?event=11&type=0&client_id=298309&site_id=11708&full_page_url=https%3A%2F%2F2plus2.ua%2F&adid=summto.1g&features=16416&vpbv=R053&lifecycle_tte=1521
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/458818/hbw_release_298309_11708.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:8640:454::2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 05 May 2022 10:11:47 GMT
Server: Adtelligent
Content-Type: image/gif
Access-Control-Allow-Origin: https://2plus2.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 43

GET
H2 200 analytics.js
www.google-analytics.com/ Frame 6BD2 2 KB
0 50ms
50ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/vunit/ls?vunit=1412&bannerNum=3167945504004233&apuid=df40e55d-b86e-4599-bed9-72fdc530c105&session_pageview=1&session_id=0e936290-8a88-4a05-81af-5ae4387491de&site_visited=1&location=https%3A%2F%2F2plus2.ua%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a4p.adpartner.pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 6759
date: Thu, 05 May 2022 08:19:09 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 05 May 2022 10:19:09 GMT

POST
H2 200 vunit Show response
a4p.adpartner.pro/ Frame 6BD2 3 KB
1 KB 62ms
62ms XHR
text/html 137.74.6.209
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/vunit?id=1412&session_id=0e936290-8a88-4a05-81af-5ae4387491de&session_pageview=1&site_visited=1
Requested by: Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/vunit/ls?vunit=1412&bannerNum=3167945504004233&apuid=df40e55d-b86e-4599-bed9-72fdc530c105&session_pageview=1&session_id=0e936290-8a88-4a05-81af-5ae4387491de&site_visited=1&location=https%3A%2F%2F2plus2.ua%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 137.74.6.209 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-02.adpartner.pro
Software: nginx /
Resource Hash: e3183b259c9e857b9698410a6b912450e6d4dc1618853ea757545d4ddfc78ad7

Request headers

Referer: https://a4p.adpartner.pro/vunit/ls?vunit=1412&bannerNum=3167945504004233&apuid=df40e55d-b86e-4599-bed9-72fdc530c105&session_pageview=1&session_id=0e936290-8a88-4a05-81af-5ae4387491de&site_visited=1&location=https%3A%2F%2F2plus2.ua%2F
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type: text/plain

Response headers

date: Thu, 05 May 2022 10:11:48 GMT
cache-control: no-store no-transform
server: nginx
content-encoding: br
content-type: text/html; charset=utf-8

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 82 KB
28 KB 139ms
49ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js?_t=1651745508137

Requested by

Host: api.1plus1.video
URL: https://api.1plus1.video/static/js/api.gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

780b234b206f3b9fac169be115b90495b905bbb51398dcb124632189098626ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 10:11:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28449
x-xss-protection: 0
server: sffe
etag: "1205 / 917 of 1000 / last-modified: 1651740135"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 05 May 2022 10:11:48 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
166 B 70ms
69ms Ping
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-KRRGZR24WG&gtm=2oe540&_p=1212790077&_z=ccd.tbB&cid=1052512619.1651745508&ul=en-us&sr=1600x1200&_s=1&sid=1651745508&sct=1&seg=0&dl=https%3A%2F%2F2plus2.ua%2F&dt=2%2B2%20-%20%D0%9E%D1%84%D1%96%D1%86%D1%96%D0%B9%D0%BD%D0%B8%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%D1%83%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KRRGZR24WG&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 May 2022 10:11:48 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://2plus2.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 a
www.googletagmanager.com/ 0
17 B 56ms
55ms Image
image/gif 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-KRRGZR24WG&cv=1&v=3&t=t&pid=1669321828&rv=540&es=1&e=gtm.init_consent&eid=1&tc=10&z=0

Requested by

Host: 2plus2.ua
URL: https://2plus2.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 May 2022 10:11:48 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 a
www.googletagmanager.com/ 0
17 B 84ms
83ms Image
image/gif 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-KRRGZR24WG&cv=1&v=3&t=t&pid=1669321828&rv=540&es=1&e=gtm.init&eid=2&tc=10&tr=1ccdemoutboundclick.1ccdemdownload.1ccdemvideo.1ccdemsitesearch.1ccdemscroll.1ccdempageview.1ccdconversionmarking.1setproductsettings.1ogtgooglesignals&ti=2ccdemoutboundclick.2ccdemdownload.2ccdemvideo.2ccdemsitesearch.2ccdemscroll.2ccdempageview.2ccdconversionmarking.2setproductsettings.2ogtgooglesignals&z=0

Requested by

Host: 2plus2.ua
URL: https://2plus2.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 May 2022 10:11:48 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 a
www.googletagmanager.com/ 0
17 B 84ms
83ms Image
image/gif 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-KRRGZR24WG&cv=1&v=3&t=t&pid=1669321828&rv=540&es=1&e=gtm.js&eid=3&tc=10&tr=1gct&ti=1gct&z=0

Requested by

Host: 2plus2.ua
URL: https://2plus2.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 May 2022 10:11:48 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 a
www.googletagmanager.com/ 0
17 B 84ms
84ms Image
image/gif 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-KRRGZR24WG&cv=1&v=3&t=t&pid=1669321828&rv=540&es=1&e=gtm.dom&eid=6&tc=10&z=0

Requested by

Host: 2plus2.ua
URL: https://2plus2.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 May 2022 10:11:48 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 a
www.googletagmanager.com/ 0
17 B 84ms
83ms Image
image/gif 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-KRRGZR24WG&cv=1&v=3&t=t&pid=1669321828&rv=540&e=gtm.init&eid=2&tc=10&tr=5ccdemoutboundclick.5ccdemdownload.5ccdemvideo.5ccdemsitesearch.5ccdemscroll.5ccdempageview.5ccdconversionmarking.5setproductsettings.5ogtgooglesignals&ti=2ccdemoutboundclick.2ccdemdownload.2ccdemvideo.2ccdemsitesearch.2ccdemscroll.2ccdempageview.2ccdconversionmarking.2setproductsettings.2ogtgooglesignals&z=0

Requested by

Host: 2plus2.ua
URL: https://2plus2.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 May 2022 10:11:48 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 450887889857312 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 205ms
162ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/450887889857312?v=2.9.58&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

265564711b8fd136d368efb9154e8b2758c252140b92d442bf497e60ceffd01b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: B5mPlxQM8xu3B0BpR2h7GePjtmF5snsSakKUUxDFtXjg53FMYmoqdELgoJVu9EZ6521hgS9U5Q0gExZBGxxywg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 05 May 2022 10:11:48 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1651745508369
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 125ms
46ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1212790077&t=pageview&_s=1&dl=https%3A%2F%2F2plus2.ua%2F&ul=en-us&de=UTF-8&dt=2%2B2%20-%20%D0%9E%D1%84%D1%96%D1%86%D1%96%D0%B9%D0%BD%D0%B8%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%D1%83%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAAABAAAAAC~&jid=1283444878&gjid=867247367&cid=1052512619.1651745508&tid=UA-3838466-26&_gid=1923654488.1651745508&_r=1&gtm=2wg540W2BBRKX&z=839178413

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://2plus2.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 05 May 2022 10:11:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://2plus2.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 122ms
46ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1212790077&t=pageview&_s=1&dl=https%3A%2F%2F2plus2.ua%2F&ul=en-us&de=UTF-8&dt=2%2B2%20-%20%D0%9E%D1%84%D1%96%D1%86%D1%96%D0%B9%D0%BD%D0%B8%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%D1%83%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAAC~&jid=1104523792&gjid=1935533774&cid=1052512619.1651745508&tid=UA-113262294-1&_gid=1923654488.1651745508&_r=1&gtm=2wg540W2BBRKX&z=999485133

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://2plus2.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 05 May 2022 10:11:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://2plus2.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rexdot.js Show response
gaua.hit.gemius.pl/__/_1651745508209/
Redirect Chain

https://gaua.hit.gemius.pl/_1651745508209/rexdot.js?l=100&id=nGhLmYBVmH9lDxK8n6qDIKPertEG4oNkPFAhnpWOfo3.H7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2F2plus2.ua%2...
https://gaua.hit.gemius.pl/__/_1651745508209/rexdot.js?l=100&id=nGhLmYBVmH9lDxK8n6qDIKPertEG4oNkPFAhnpWOfo3.H7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2F2plus2.u...

169 B
423 B

140ms
140ms

Script
application/x-javascript

146.59.10.80
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/__/_1651745508209/rexdot.js?l=100&id=nGhLmYBVmH9lDxK8n6qDIKPertEG4oNkPFAhnpWOfo3.H7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2F2plus2.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=231&lsdata=z.mLSBi3ad_iLLjZqynTDFbkrTMJGKb8WH5yrUIbhGX.37FKm49pxBfRBp66uG2tJv6FkRn8jrQlZYKAF_TSycamuar7/X1CAMYW3LnJ.X/&fpdata=eozQ9NxgOwiBLgZNui22nu4YhV2PhIwTV82G0RtOiZX.b7&vis=1&fpcap=
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Server: 146.59.10.80 , France, ASN16276 (OVH, FR),
Reverse DNS: ip80.ip-146-59-10.eu
Software: GHC /
Resource Hash: 25bba93bc221f1d1e18034ceeb0dc0ecf488bb284e1252f0b6d0933c736f5607

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 May 2022 10:11:48 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 169
expires: Wed, 04 May 2022 10:11:48 GMT

Redirect headers

pragma: no-cache
date: Thu, 05 May 2022 10:11:48 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: /__/_1651745508209/rexdot.js?l=100&id=nGhLmYBVmH9lDxK8n6qDIKPertEG4oNkPFAhnpWOfo3.H7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2F2plus2.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=231&lsdata=z.mLSBi3ad_iLLjZqynTDFbkrTMJGKb8WH5yrUIbhGX.37FKm49pxBfRBp66uG2tJv6FkRn8jrQlZYKAF_TSycamuar7/X1CAMYW3LnJ.X/&fpdata=eozQ9NxgOwiBLgZNui22nu4YhV2PhIwTV82G0RtOiZX.b7&vis=1&fpcap=
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Wed, 04 May 2022 10:11:48 GMT

GET
H2 200 2plus2.html Show response
vid4.tsn.ua/adv/Adpartner/ Frame EA5D 1021 B
712 B 351ms
78ms Document
text/html 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://vid4.tsn.ua/adv/Adpartner/2plus2.html?adId=382581&unitId=1412&showId=f0a4a360-811f-4989-97e0-bd45f31f7d96&link=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F1412%2F382581%2Ff0a4a360-811f-4989-97e0-bd45f31f7d96%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjUxNzQ1NTA4LCJzaG93X2lkIjoiZjBhNGEzNjAtODExZi00OTg5LTk3ZTAtYmQ0NWYzMWY3ZDk2IiwiYWRfdW5pdF9pZCI6MTQxMiwicnVsZV9pZCI6MjQ1NjYsImFkX2lkIjozODI1ODEsImRhdGFfc291cmNlIjoiIiwicGxhdGZvcm1faWQiOjEsIm9zX2lkIjo1LCJicm93c2VyX2lkIjoxLCJjdXN0b21lcl9pZCI6ImRmNDBlNTVkLWI4NmUtNDU5OS1iZWQ5LTcyZmRjNTMwYzEwNSIsInJlZ2lvbl9pZCI6MTEyLCJzdWJfcmVnaW9uX2lkIjowLCJjaXR5X2lkIjowLCJpc19yZWZyZXNoIjpmYWxzZX0%3D%26hash%3D1f3b31adf1d2d06084d1524903443ac8&bannerNum=3167945504004233
Requested by: Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/apstc/vunit.min.js?v=1.1.423
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 10d2a6ea0bf55991c488f4da1a20347f2b8def032d90c361052f981cb1a66aed

Request headers

Referer: https://2plus2.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: max-age=300
content-encoding: gzip
content-type: text/html
date: Thu, 05 May 2022 10:11:48 GMT
expires: Thu, 05 May 2022 10:16:48 GMT
last-modified: Fri, 08 Feb 2019 09:48:54 GMT
server: nginx
vary: Accept-Encoding
x-1p1-cdn: HIT; Thu, 05 May 2022 05:56:17 GMT

GET
H2 200 if Show response
a4p.adpartner.pro/tracker/ Frame 967F 0
139 B 59ms
58ms Document
image/gif 137.74.6.209
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522df40e55d-b86e-4599-bed9-72fdc530c105%2522%252C%2522event%2522%253A%2522load%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A382581%252C%2522rule_id%2522%253A24566%252C%2522show_id%2522%253A%2522f0a4a360-811f-4989-97e0-bd45f31f7d96%2522%257D%255D%252C%2522unit_id%2522%253A1412%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522f0a4a360-811f-4989-97e0-bd45f31f7d96%2522%252C%2522url%2522%253A%2522https%25253A%25252F%25252F2plus2.ua%25252F%2522%257D
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 137.74.6.209 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-02.adpartner.pro
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate no-store no-transform
content-length: 0
content-type: image/gif
date: Thu, 05 May 2022 10:11:48 GMT
expires: 0
pragma: no-cache
server: nginx

GET
H3 200 pubads_impl_2022042801.js Show response
securepubads.g.doubleclick.net/gpt/ 367 KB
125 KB 123ms
40ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042801.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

sffe /

Resource Hash

0b8a17793a0291b59ff3b8553ec9fe1d3cccc8cf1b482a408184d3a2f4d1405f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 09:58:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 787
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127788
x-xss-protection: 0
last-modified: Thu, 28 Apr 2022 08:38:15 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 05 May 2023 09:58:41 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 87 B
108 B 136ms
52ms XHR
application/json 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=2plus2.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

cafe /

Resource Hash

12dce315d1b30fafff70b92232490b5b1996e8bebc262cb96da11399f5101707

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 05 May 2022 10:11:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 83
x-xss-protection: 0
expires: Thu, 05 May 2022 10:11:48 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 7 B
440 B 115ms
35ms XHR
text/plain 2a00:1450:400c:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-3838466-26&cid=1052512619.1651745508&jid=1283444878&gjid=867247367&_gid=1923654488.1651745508&_u=YADAAAAAAAAAAC~&z=477268423

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://2plus2.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 05 May 2022 10:11:48 GMT
content-type: text/plain
access-control-allow-origin: https://2plus2.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 clarity.js Show response
i.clarity.ms/s/0.6.34/ 53 KB
23 KB 329ms
107ms Script
application/javascript 52.167.85.21
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clarity.ms/s/0.6.34/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/al26fychxj
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.167.85.21 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ca63193ce799e4e00c9106349365981dc6e26cb77632ebf5df23dffba2aaccfa

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 10:11:48 GMT
content-encoding: br
etag: "1d85e80e187b254"
last-modified: Tue, 03 May 2022 00:01:04 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
accept-ranges: bytes
request-context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

GET
H/1.1 200
OK l.js Show response
api.1plus1.video/u/ Frame 8142 898 B
2 KB 96ms
96ms Script
application/javascript 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.1plus1.video/u/l.js?p=4844&l=ua&f=0&auth=1&login_profile=1&_t=1651745508423
Requested by: Host: 1plus1.video
URL: https://1plus1.video/video/embed/12XPPTDu?autoplay=0&l=ua&logo=plus2
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: caa3f87a56e40740e19b8dd5c06a604a33307440286aeb16c49e435673b82264

Request headers

Referer: https://1plus1.video/
Origin: https://1plus1.video
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 May 2022 10:11:48 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: https://1plus1.video
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Keep-Alive: timeout=15
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame 8142 124 KB
46 KB 49ms
49ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WPC3Q76

Requested by

Host: 1plus1.video
URL: https://1plus1.video/video/embed/12XPPTDu?autoplay=0&l=ua&logo=plus2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ccf3892e102a8b34779354aa891c86830fb3b0a1a6e147cb6480d0d6a5e0982f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 10:11:48 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46667
x-xss-protection: 0
last-modified: Thu, 05 May 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 05 May 2022 10:11:48 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 8142 49 KB
20 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-104502981-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 6759
date: Thu, 05 May 2022 08:19:09 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 05 May 2022 10:19:09 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 153ms
64ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-3838466-26&cid=1052512619.1651745508&jid=1283444878&_u=YADAAAAAAAAAAC~&z=1438563572

Requested by

Host: 2plus2.ua
URL: https://2plus2.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 May 2022 10:11:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.co.uk/ads/ 42 B
501 B 153ms
64ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-3838466-26&cid=1052512619.1651745508&jid=1283444878&_u=YADAAAAAAAAAAC~&z=1438563572

Requested by

Host: 2plus2.ua
URL: https://2plus2.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 May 2022 10:11:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 config.json Show response
player.adtelligent.com/exchange_rates/298308/ 4 KB
2 KB 84ms
28ms XHR
application/json 45.133.44.4
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/exchange_rates/298308/config.json?cb=https%3A%2F%2F2plus2.ua%2F
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/458818/hb_298309_11708.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: c2b41dcd7776686e96f5297b06b60ce188b7ce8ce7affb7c9e8838acc12c2808

Request headers

Referer: https://2plus2.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 05 May 2022 10:11:48 GMT
content-encoding: gzip
last-modified: Wed, 04 May 2022 00:02:21 GMT
server: nginx
etag: W/"6271c28d-116f"
content-type: application/json
access-control-allow-origin: https://2plus2.ua
expires: Sat, 07 May 2022 10:11:48 GMT
cache-control: max-age=172800
x-proxy-cache: HIT

POST prebid
ib.adnxs.com/ut/v3/ 0
0

POST
H/1.1 200
OK prebid.1.2.aspx Show response
inv-nets.admixer.net/ 42 B
499 B 131ms
41ms XHR
text/javascript 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/prebid.1.2.aspx

Requested by

Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/458818/hb_298309_11708.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://2plus2.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 05 May 2022 10:11:48 GMT
Server: nginx
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: https://2plus2.ua
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Keep-Alive: timeout=25
Content-Length: 42
X-Xss-Protection: 0

POST i
ads.adnuntius.delivery/ 0
0

POST c
prebid.a-mo.net/a/ 0
0

POST prebid
ib.adnxs.com/ut/v3/ 0
0

POST cdb
bidder.criteo.com/ 0
0

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 241 B
1 KB 204ms
77ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2126352&size_id=15&eid_pubcid.org=0173205c-b247-4248-bf4c-697697c6eda3%5E1&rf=https%3A%2F%2F2plus2.ua%2F&tk_flint=pbjs_lite_v6.7.0-pre&x_source.tid=b34ec039-d684-425d-92e6-aa084e3837d7&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8963467478579827
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/458818/hb_298309_11708.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: eb304e313491d5a4d77214f5ce10ebb33835bd94442f4de41e29133df61b00d4

Request headers

Referer: https://2plus2.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 05 May 2022 10:11:48 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://2plus2.ua
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 241
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET fastlane.json
fastlane.rubiconproject.com/a/api/ 0
0

POST
H/1.1 200
OK / Show response
ghb.adtelligent.com/v2/auction/ 3 KB
680 B 103ms
103ms XHR
application/json 2a06:8640:454::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/v2/auction/
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/458818/hb_298309_11708.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:8640:454::2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: eb48a34a91d3fdd3665e2fb56217552b50f9f487542b09baaf3a8c14ebb894f3

Request headers

Referer: https://2plus2.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 05 May 2022 10:11:47 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://2plus2.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 376

POST /
ghb1.adtelligent.com/v2/auction/ 0
0

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
356 B 132ms
41ms XHR
application/json 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/458818/hb_298309_11708.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://2plus2.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://2plus2.ua
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

GET
H2 200 arj Show response
adtelligent-d.openx.net/w/1.0/ 74 B
375 B 208ms
140ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adtelligent-d.openx.net/w/1.0/arj?ju=https%3A%2F%2F2plus2.ua%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=9f6b6db1-21e4-4181-bf8d-63488bd5deea%2Cb34ec039-d684-425d-92e6-aa084e3837d7%2C852a6b8d-a5f7-470f-b90b-e5192be5f913%2Cb98fa7c3-933d-40c7-af32-673e61b3ce0c&nocache=1651745508560&pubcid=0173205c-b247-4248-bf4c-697697c6eda3&schain=1.0%2C1!adtelligent.com%2C298309%2C1%2C%2C%2C&aus=2000x1300%7C300x250%7C300x600%7C1440x180&divids=div-gpt-ad-1563887551234-0%2Cad-slot-1%2Cad-slot-2%2Cgpt-85c4214a-c8cb-4b56-8424-c4f59b96f6d0&aucs=%2C%2C%2C&auid=541177132%2C541177132%2C541177132%2C541177132
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/458818/hb_298309_11708.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/18.1.0 /
Resource Hash: cc20836eb2d5394802aed9567ebeadedd3e71db838445c2c355d722c81cca043

Request headers

Referer: https://2plus2.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 05 May 2022 10:11:48 GMT
content-encoding: gzip
server: OXGW/18.1.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://2plus2.ua
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 80
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST translator
hbopenbid.pubmatic.com/ 0
0

GET fastlane.json
fastlane.rubiconproject.com/a/api/ 0
0

POST
H2 200 bid Show response
a4p.adpartner.pro/hb/ 3 B
250 B 62ms
62ms XHR
application/json 137.74.6.209
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/hb/bid?tag=8047&sizes=1440x180&referer=https%3A%2F%2F2plus2.ua%2F
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/458818/hb_298309_11708.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 137.74.6.209 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-02.adpartner.pro
Software: nginx /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://2plus2.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://2plus2.ua
date: Thu, 05 May 2022 10:11:48 GMT
cache-control: no-store no-transform
access-control-allow-credentials: true
server: nginx
content-length: 3
content-type: application/json

GET
H2

200

ROS Show response
pbjs.e-planning.net/hb/1/2e43c/1/2plus2.ua/
Redirect Chain

https://pbjs.e-planning.net/pbjs/1/2e43c/1/2plus2.ua/ROS?rnd=0.7640343603964466&e=2000x1300_0%3A2000x1300%2B300x250_0%3A300x250%2B300x600_0%3A300x600%2B1440x180_0%3A1440x180&ur=https%3A%2F%2F2plus2...
https://pbjs.e-planning.net/hb/1/2e43c/1/2plus2.ua/ROS?ct=1&r=pbjs&rnd=0.7640343603964466&e=2000x1300_0%3A2000x1300%2B300x250_0%3A300x250%2B300x600_0%3A300x600%2B1440x180_0%3A1440x180&ur=https%3A%2...

433 B
843 B

35ms
35ms

XHR
application/json

46.249.52.248
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pbjs.e-planning.net/hb/1/2e43c/1/2plus2.ua/ROS?ct=1&r=pbjs&rnd=0.7640343603964466&e=2000x1300_0%3A2000x1300%2B300x250_0%3A300x250%2B300x600_0%3A300x600%2B1440x180_0%3A1440x180&ur=https%3A%2F%2F2plus2.ua%2F&pbv=6.7.0-pre&ncb=1&vs=FFFF&crs=UTF-8&fr=https%3A%2F%2F2plus2.ua%2F&e_pubcid=0173205c-b247-4248-bf4c-697697c6eda3
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Server: 46.249.52.248 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: fa6b6e3804d27952e60bba62059b44a9aa470d384da576e1af8499d358733b5d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 10:11:48 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://2plus2.ua
expires: Thu, 05 May 2022 10:11:48 GMT
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 433
x-sid: AMS-745

Redirect headers

date: Thu, 05 May 2022 10:11:48 GMT
server: openresty
access-control-allow-origin: https://2plus2.ua
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location: /hb/1/2e43c/1/2plus2.ua/ROS?ct=1&r=pbjs&rnd=0.7640343603964466&e=2000x1300_0%3A2000x1300%2B300x250_0%3A300x250%2B300x600_0%3A300x600%2B1440x180_0%3A1440x180&ur=https%3A%2F%2F2plus2.ua%2F&pbv=6.7.0-pre&ncb=1&vs=FFFF&crs=UTF-8&fr=https%3A%2F%2F2plus2.ua%2F&e_pubcid=0173205c-b247-4248-bf4c-697697c6eda3
access-control-allow-credentials: true
content-type: text/html; charset=iso-8859-1
x-sid: AMS-745

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
171 B 192ms
65ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/458818/hb_298309_11708.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://2plus2.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://2plus2.ua
date: Thu, 05 May 2022 10:11:48 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

GET
H/1.1 200
OK csyncs Show response
ghb.adtelligent.com/ 302 B
527 B 194ms
102ms XHR
application/json 2a06:8640:454::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/csyncs?aid1=648466&aid2=648467&aid3=undefined
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/458818/hbw_release_298309_11708.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:8640:454::2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e8bc4e2d593bea6f6640df74d4c2be4a6a8a74047c0cfb437f1eb97fe7f48afc

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 05 May 2022 10:11:47 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://2plus2.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 223

GET
H2 200 /
www.facebook.com/tr/ 44 B
410 B 121ms
40ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=450887889857312&ev=PageView&dl=https%3A%2F%2F2plus2.ua%2F&rl=&if=false&ts=1651745508577&sw=1600&sh=1200&v=2.9.58&r=stable&ec=0&o=30&fbp=fb.1.1651745508576.12946635&it=1651745508191&coo=false&rqm=GET

Requested by

Host: 2plus2.ua
URL: https://2plus2.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 10:11:48 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Thu, 05 May 2022 10:11:48 GMT

GET
H/1.1 200
OK api.auth.0.0.5.js Show response
api.1plus1.video/static/js/ Frame 8142 108 KB
33 KB 155ms
155ms Script
application/javascript 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.1plus1.video/static/js/api.auth.0.0.5.js?v=e5d7a0e0edee2e1241fd9b3cb5108a742a385aed
Requested by: Host: api.1plus1.video
URL: https://api.1plus1.video/u/l.js?p=4844&l=ua&f=0&auth=1&login_profile=1&_t=1651745508423
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: 792972a6b7f330144c0cf22b9c63f8efaff4665dfb2b43868d0cbbaff721d100

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 05 May 2022 10:11:48 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Apr 2022 11:59:04 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Sat, 04 Jun 2022 10:07:30 GMT

GET
H3 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame EA5D 82 KB
28 KB 130ms
49ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: vid4.tsn.ua
URL: https://vid4.tsn.ua/adv/Adpartner/2plus2.html?adId=382581&unitId=1412&showId=f0a4a360-811f-4989-97e0-bd45f31f7d96&link=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F1412%2F382581%2Ff0a4a360-811f-4989-97e0-bd45f31f7d96%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjUxNzQ1NTA4LCJzaG93X2lkIjoiZjBhNGEzNjAtODExZi00OTg5LTk3ZTAtYmQ0NWYzMWY3ZDk2IiwiYWRfdW5pdF9pZCI6MTQxMiwicnVsZV9pZCI6MjQ1NjYsImFkX2lkIjozODI1ODEsImRhdGFfc291cmNlIjoiIiwicGxhdGZvcm1faWQiOjEsIm9zX2lkIjo1LCJicm93c2VyX2lkIjoxLCJjdXN0b21lcl9pZCI6ImRmNDBlNTVkLWI4NmUtNDU5OS1iZWQ5LTcyZmRjNTMwYzEwNSIsInJlZ2lvbl9pZCI6MTEyLCJzdWJfcmVnaW9uX2lkIjowLCJjaXR5X2lkIjowLCJpc19yZWZyZXNoIjpmYWxzZX0%3D%26hash%3D1f3b31adf1d2d06084d1524903443ac8&bannerNum=3167945504004233

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db959e63207318d8bfe13549f2b88dfbe7367b2111092e5108c01a02b4f0abd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vid4.tsn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 10:11:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28461
x-xss-protection: 0
server: sffe
etag: "1205 / 441 of 1000 / last-modified: 1651740213"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 05 May 2022 10:11:48 GMT

GET
H2 204 g_pbto
1x1.a-mo.net/hbx/ 0
89 B 356ms
116ms Image
text/plain 100.25.50.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1x1.a-mo.net/hbx/g_pbto?A=undefined&bid=undefined&a=undefined&cn=undefined&aud=undefined&ts=1651745508744&eid=729902831c32f0b
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 100.25.50.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-25-50-170.compute-1.amazonaws.com
Software: MonetEngine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 10:11:49 GMT
cache-control: max-age=0, private, must-revalidate
server: MonetEngine

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 152ms
49ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=2plus2.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 05 May 2022 10:11:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 141 KB
31 KB 336ms
335ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1023514898314542&correlator=396986336227853&eid=31060439%2C31065714%2C31067239%2C31065401%2C31067412&output=ldjh&gdfp_req=1&vrg=2022042801&ptt=17&impl=fifs&iu_parts=82479101%2C2plus2.ua%2CBranding%2C2plus2_300x250%2C2plus2_300x600_2%2Ccatfish&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F5&prev_iu_szs=2000x1300%2C300x250%2C300x600%2C1440x180&ifi=1&adks=3753537382%2C3937908213%2C3276604062%2C3097772190&didk=2018265100~952673874~952673875~1656999092&sfv=1-0-38&ecs=20220505&fsapi=false&prev_scp=Project_2plus2%3DMain%26hb_rfBid%3D0%26excl_cat%3DPREPOST%7CProject_2plus2%3DOther%26hb_rfBid%3D0%26excl_cat%3DPREPOST%7CProject_2plus2%3DMain%26hb_rfBid%3D0%26excl_cat%3DPREPOST%7CProject_2plus2%3DMain%26hb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1651745508765&lmt=1651745508&dlt=1651745507330&idt=1133&biw=1600&bih=1200&adxs=-200%2C992%2C1015%2C-12245933&adys=50%2C645%2C1025%2C-12245933&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2F2plus2.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=2000x-1%7C300x250%7C300x600%7C1600x-1&msz=2000x-1%7C300x0%7C300x0%7C0x-1&fws=516%2C4%2C4%2C644&ohw=1600%2C300%2C300%2C1600&ga_vid=1052512619.1651745508&ga_sid=1651745509&ga_hid=1212790077&ga_fc=true&btvi=0%7C0%7C0%7C-1&topics=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

cafe /

Resource Hash

2a883589d6ea7adecaa145a243b4b000ebed25dfa9409f1f9d194ca78e948655

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 10:11:49 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32105
x-xss-protection: 0
google-lineitem-id: -2,-1,-1,5983119755
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-1,-1,138388036235
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://2plus2.ua
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
67ea7742091d4720280b403c9a2c7a23.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 78A0 6 KB
4 KB 195ms
48ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://67ea7742091d4720280b403c9a2c7a23.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2plus2.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 05 May 2022 10:11:48 GMT
expires: Fri, 05 May 2023 10:11:48 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
OK

csync
sync.adtelligent.com/
Redirect Chain

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=df40e55d-b86e-4599-bed9-72fdc530c105

0
407 B

943ms
351ms

Image
text/plain

62.149.0.72
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=df40e55d-b86e-4599-bed9-72fdc530c105
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: HTTP/1.1
Server: 62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS: 0-72.cc86365-03-tmp.cc.colocall.com
Software: VertaMedia 1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 05 May 2022 10:11:48 GMT
Server: VertaMedia 1.0
Etag: f1178cfb7bb0c4b0
Content-Length: 0

Redirect headers

location: https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=df40e55d-b86e-4599-bed9-72fdc530c105
date: Thu, 05 May 2022 10:11:48 GMT
cache-control: no-store no-transform
server: nginx
content-length: 166
content-type: text/html; charset=utf-8

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ 87 KB
28 KB 137ms
67ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/458818/hb_298309_11708.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 10:11:48 GMT
content-encoding: gzip
last-modified: Wed, 29 Dec 2021 12:30:46 GMT
server: nginx
etag: W/"61cc54f6-15c19"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 06 May 2022 10:11:48 GMT

GET
H3 200 pubads_impl_2022050301.js Show response
securepubads.g.doubleclick.net/gpt/ Frame EA5D 368 KB
125 KB 41ms
41ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050301.js?cb=31067407

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

sffe /

Resource Hash

8cc13350e5c65223229a458ee1986bd13f4914bf953484681d70665643669c02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vid4.tsn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 08:21:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6631
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127789
x-xss-protection: 0
last-modified: Tue, 03 May 2022 08:34:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 05 May 2023 08:21:17 GMT

GET
H/1.1 200
OK api.auth.css
api.1plus1.video/static/css/ Frame 8142 56 KB
9 KB 79ms
79ms Stylesheet
text/css 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.1plus1.video/static/css/api.auth.css?_t297276219384
Requested by: Host: client
URL: about:client
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: a691ce0fb054d5f2128394b9ad9c5961d7c0cdc1804bc83d6760df78ee304d7f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 05 May 2022 10:11:48 GMT
Content-Encoding: gzip
Last-Modified: Tue, 13 Apr 2021 11:47:41 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Sat, 04 Jun 2022 10:11:48 GMT

GET
H3 200 api.js Show response
www.google.com/recaptcha/ Frame 8142 925 B
607 B 136ms
50ms Script
text/javascript 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=__api_auth_recaptcha_on_load__&render=explicit&hl=uk

Requested by

Host: api.1plus1.video
URL: https://api.1plus1.video/static/js/api.auth.0.0.5.js?v=e5d7a0e0edee2e1241fd9b3cb5108a742a385aed

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4dfcc59345601436c5a52aea77795af215ca3cc868f16625e9831bb3436c46b5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 10:11:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 586
x-xss-protection: 1; mode=block
expires: Thu, 05 May 2022 10:11:48 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 8142 5 KB
665 B 134ms
49ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700&subset=cyrillic-ext,latin-ext

Requested by

Host: api.1plus1.video
URL: https://api.1plus1.video/static/css/api.auth.css?_t297276219384

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fa3bcc93d1be83ac7d82cd6182d25741cdef5d016e40436266df12a50abbebc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://api.1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 05 May 2022 08:52:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 05 May 2022 10:11:48 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 05 May 2022 10:11:48 GMT

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ Frame EA5D 107 B
792 B 166ms
49ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=vid4.tsn.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050301.js?cb=31067407

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vid4.tsn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 05 May 2022 10:11:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame EA5D 107 B
165 B 50ms
50ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vid4.tsn.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050301.js?cb=31067407

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vid4.tsn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 05 May 2022 10:11:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame EA5D 30 KB
10 KB 176ms
175ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1901673866264601&correlator=4418745043582565&eid=31067407&output=ldjh&gdfp_req=1&vrg=2022050301&ptt=17&impl=fifs&iu_parts=82479101%2C2plus2.ua%2Ccontent_600x350&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=600x350%7C600x300&ifi=1&adks=3470641489&sfv=1-0-38&ecs=20220505&fsapi=false&eri=4&sc=1&cdm=vid4.tsn.ua&abxe=1&dt=1651745508911&lmt=1549619334&dlt=1651745508586&idt=303&biw=-12245933&bih=-12245933&isw=600&ish=354&adxs=0&adys=0&ucis=nqhnqygoo4qm&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nhd=1&url=https%3A%2F%2Fvid4.tsn.ua%2Fadv%2FAdpartner%2F2plus2.html%3FadId%3D382581%26unitId%3D1412%26showId%3Df0a4a360-811f-4989-97e0-bd45f31f7d96%26link%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1412%252F382581%252Ff0a4a360-811f-4989-97e0-bd45f31f7d96%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjUxNzQ1NTA4LCJzaG93X2lkIjoiZjBhNGEzNjAtODExZi00OTg5LTk3ZTAtYmQ0NWYzMWY3ZDk2IiwiYWRfdW5pdF9pZCI6MTQxMiwicnVsZV9pZCI6MjQ1NjYsImFkX2lkIjozODI1ODEsImRhdGFfc291cmNlIjoiIiwicGxhdGZvcm1faWQiOjEsIm9zX2lkIjo1LCJicm93c2VyX2lkIjoxLCJjdXN0b21lcl9pZCI6ImRmNDBlNTVkLWI4NmUtNDU5OS1iZWQ5LTcyZmRjNTMwYzEwNSIsInJlZ2lvbl9pZCI6MTEyLCJzdWJfcmVnaW9uX2lkIjowLCJjaXR5X2lkIjowLCJpc19yZWZyZXNoIjpmYWxzZX0%253D%2526hash%253D1f3b31adf1d2d06084d1524903443ac8%26bannerNum%3D3167945504004233&ref=https%3A%2F%2F2plus2.ua%2F&top=https%3A%2F%2F2plus2.ua%2F&frm=24&vis=1&scr_x=-12245933&scr_y=-12245933&psz=600x354&msz=600x0&fws=256&ohw=0&ea=0&ga_vid=1220629520.1651745509&ga_sid=1651745509&ga_hid=1132845748&ga_fc=false&topics=1&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050301.js?cb=31067407

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

cafe /

Resource Hash

1131a012ce42c7d356b40916f290389f017f6c0e1c64fa7eec75b6988e9794f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vid4.tsn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 10:11:49 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10536
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://vid4.tsn.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
c1640cebe3c27285c67f93ff751706fd.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3FDD 6 KB
3 KB 75ms
48ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c1640cebe3c27285c67f93ff751706fd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050301.js?cb=31067407

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vid4.tsn.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 05 May 2022 10:11:48 GMT
expires: Fri, 05 May 2023 10:11:48 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect Show response
i.clarity.ms/ 0
65 B 323ms
323ms XHR
text/plain 52.167.85.21
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clarity.ms/collect
Requested by: Host: i.clarity.ms
URL: https://i.clarity.ms/s/0.6.34/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.167.85.21 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://2plus2.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: https://2plus2.ua
date: Thu, 05 May 2022 10:11:48 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 95 KB
31 KB 176ms
60ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8fb8fc201a6f570ebfce0b3504f6da40f0976cd36c20e2983b6e5b172ebf56a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 10:11:49 GMT
content-encoding: gzip
last-modified: Tue, 05 Apr 2022 12:58:03 GMT
server: nginx
etag: W/"624c3cdb-17cf9"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 06 May 2022 10:11:49 GMT

GET
H2 200 recaptcha__uk.js Show response
www.gstatic.com/recaptcha/releases/2W_gRz39xX8G13fM-OdyQPlc/ Frame 8142 394 KB
146 KB 131ms
42ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/2W_gRz39xX8G13fM-OdyQPlc/recaptcha__uk.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=__api_auth_recaptcha_on_load__&render=explicit&hl=uk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70fc6297755708572b6259cc6e6da1bde39fcecf116ae7613812851387ede878

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1plus1.video/
Origin: https://1plus1.video
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 17:53:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 231496
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 148993
x-xss-protection: 0
last-modified: Mon, 25 Apr 2022 04:02:19 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 02 May 2023 17:53:33 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame EA5D 14 KB
11 KB 167ms
54ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022050301&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050301.js?cb=31067407

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f075430c55bc47cc660158d8052f54734e43db2d92056110140205c97d00da2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vid4.tsn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 05 May 2022 10:11:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10536
x-xss-protection: 0

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 7524 0
18 B 83ms
39ms Document
text/plain 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: 2plus2.ua
URL: https://2plus2.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://2plus2.ua
Referer: https://2plus2.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://2plus2.ua
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Thu, 05 May 2022 10:11:49 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H3 200 container.html Show response
c1640cebe3c27285c67f93ff751706fd.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 720E 6 KB
3 KB 126ms
42ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c1640cebe3c27285c67f93ff751706fd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050301.js?cb=31067407

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vid4.tsn.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 05 May 2022 10:11:48 GMT
expires: Fri, 05 May 2023 10:11:48 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012203150226000/ Frame 111E 222 KB
62 KB 131ms
40ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b94ed570e00f5bba0eaed65da67bf6f2fc5e107446a682eb045f20dbd12ab0e8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 1513
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62084
x-xss-protection: 0
server: sffe
date: Thu, 05 May 2022 09:46:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "fa1474a6dd6481f4"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 05 May 2023 09:46:36 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 111E 16 KB
6 KB 234ms
144ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aec5ee5147fdc283bcb601dc6231c234d9bec077d32756aef2a75eeedf78038f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 1513
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5728
x-xss-protection: 0
server: sffe
date: Thu, 05 May 2022 09:46:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "d91e62368f79b48d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 05 May 2023 09:46:36 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 111E 96 KB
29 KB 236ms
146ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

213738a8de7a1e55874dcbc92825c84599256579b64f60f19c2514e61844e6bb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 1513
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29618
x-xss-protection: 0
server: sffe
date: Thu, 05 May 2022 09:46:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9a9baa9802fa29d2"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 05 May 2023 09:46:36 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 111E 5 KB
2 KB 248ms
158ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2eb2a641ec9143273f4f5ba4f1526364fd4b1a040b628b4be54b77dbe362690f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 1513
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1900
x-xss-protection: 0
server: sffe
date: Thu, 05 May 2022 09:46:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "3393210d007db9ca"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 05 May 2023 09:46:36 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 111E 42 KB
13 KB 248ms
159ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b43999f77e447254a78e068f55a6cc9075071b252277337b901e095e607e474

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 1513
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13669
x-xss-protection: 0
server: sffe
date: Thu, 05 May 2022 09:46:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "565eca32a909292d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 05 May 2023 09:46:36 GMT

GET
DATA 200
OK truncated
/ Frame 111E 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fcf4613e913c4da2518bacd91be54f7217fb8df8ae60534a3cdc0e8d315275d8

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 15835154778501525604
s0.2mdn.net/simgad/ Frame 111E 121 KB
121 KB 163ms
47ms Image
image/jpeg 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/15835154778501525604

Requested by

Host: 2plus2.ua
URL: https://2plus2.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7de6dac2fc26f86b23539bc1375a7a1476b7e4710fa89c9d62e2dd91f870ed93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 13:28:08 GMT
x-content-type-options: nosniff
age: 161021
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 123574
x-xss-protection: 0
last-modified: Sun, 12 Dec 2021 05:12:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 03 May 2023 13:28:08 GMT

GET
H2 200 ad
googleads.g.doubleclick.net/dbm/ Frame 111E 42 B
762 B 149ms
61ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D1gWBuOvYHXJYOydwavmKl4aeX-ddTYjLj-y00oBj2-5lIH8dT1n6GVIgY4AyYbo-JCY6_4YKJhuVaYdqifqAiry8mNJvUXwh__ynBGPawM2Fx8gZGbSiddIx5cb4uj_VL7eWF9W169IZ5OqmH9LMLJqU--g&dbm_d=AKAmf-A1wKgwrzpRBWenL8HuIhJdJsNbn7ZS97Sq00Z3byT5AGeA2uafd3DjWy7wmJHBP0TmiaDrudpcD5BFPGYpWtKEXLkssRj0bCIfRISUXXRUE4IF0KIWEIo7D8U26kX2OhNrDKnjfZV_oy6Xi-k8vKH-rQF9Pm9qEp8opu1StPEmCfk3K6LExpGpM1e1T6t9XqM3IdQ_85ed7ZVaNT9Gek6XYXLf6olTlm3U03_Ni9gnplH-hiHC6h1PDYLBlOEvzg655l3yv73rKgCSTvXeYIQVVL3OjGqZSb-2cGr_dnKLjfIWZ_lDVgibUI0A79vuURk0Eaa0lPoaaR8TVomCsteJygtVXvW3RaC7AEzBfmYwlfy0AQiat81P0ld4DdjSwGyU_XGua5H8IQwZbx4J-xCy7R5cbl1T28-1AgvVJf71cVSICcnu16KShYUQ51dzavS_dwAGdWG08NOplvR6eSD-ylM7rGFcw7L-xBTrzTnOc8_VPrn3aR5BN792ehM8fXMygoIfy3iCW28xOdQsDKd6HFEDVinhsNM8eWRQoueGEH64tuwsy9IYvklRx6NjPfJu3y3qhEiC9syvNJqhQ2CCwZESPgnA6S5lpu-M5hpoO3hPgr-6zDSDwt95n5rFMZnZsO9Grpo-yquEU8Z63WYZghpUu0QHJHCc800u5ra2UikH9YaEBaXNKXJPcqIAvym5CMCb3bvntALp_CV9wH_hOuqL8Gcxz193aTVsfSqQ8hir75S1xyKZ46PvOPZwu-TDLhoQYKsfYPfm-1vrod9lE-G1gVIDOQrGI3E9SGEqKQ24IPU-Tt80CjD9HS2QjPmzQXa6SBxuRJp3vWb6UNbQh--vsg_BK7uRGXHB772Bm0tcGyR-LaGyDDpRn5p3Q-FZVapYzkyQ0H4JdMAY_dr585X8RMch9ssAj3guVVjBX9YKrumb04TlKjNlrOR9p8nRdumQRi5Wt1mXmW5qoaSKY-nil2VfmOoBwzCMKhgdGZM2rpqmg9bbWLmGN5lCr2hVF3bJ2UuKRrcdbeYXKD5zfmoMPIRxuaX4iC01YbRzvbztcinaUGaLN4ATFPRUZrNqoclbS_pvF1L4L30aYZnsxANAPevson2T5QzQ-pCnfH1Vy_ZVMiwwBWegm9UzqmknY2JHx0RY4jfnrJN-MWbwWwGJqlux9VoCCLH7LWPDIPowiixeMXuBOV-NgguVf-W91nsSlxHZxZyCaniadidRl4ehYl2w6uaODEolgm3OqzvYm6BciqApel2aB6XkwcPMovwfdLpYHSfZ-OwBvFf4t8qWHhCuCvJelAQ28ILmWEbYID40nZb7-rp387RdhKYXxYekRddTcjfyvlKuvM0qmUt3GS8IQnFQLP6cdC68-BMdI7-rJQxeGjOMAuZkdSaMWtewP1khgTGymj41nHzboBK2lEYjJFz4sg6_QMweBih72f_4kfCafHd-U3HvrRe9g0rVofOk0i7yNxU_r_oWfaQEnb4B0dsETE_0q0ft7y0rF25yF_EM9mR6RULR6hOHwLEVMtdaaq1aJgGcro4I1YnX9caE2p3KDs0nTkUOevy99w5hvE30Ny4yJW8IvlDVgcLHxDnpLEb2529OFlA77PPkdfL_sKv4Q4mS7E-nY9CBXLrxS4CUGKTBn5N3v_5omZwW7P959exNzdwp8AJGYg9lOG4_QKCTMKvA3DH-B0oH1wna_V6qAUkqYO8ThAETTT4IBx6Oy6kj9tEFGI7UF68sWK0lhWCOh99YS257OtYUDTWcIJmc-AROEfNo2bUij8zMOJkEizXe6C5QAH7A5_mXaOlPTcKiV9WdJ3xopUESSPY3O2mcPdCvJKtzU2X9OyBAhXtRns-isy0DETmdNHOTtTUphahYBPOEcW0S1FzidFTTqnphXSBweEVIbk7I_15-qsaLfnjOXimlVF7A4_w_y7ajHu2BDYmNZW7n-tu-QJdoPP3ThOklgJraRPmifEKKHfN5IbZrGNguS_B9H4bxWdQZsWbjvMPVfK4H7Mge4MyjKr4pxoJ_VKHcC3D7WkPI79K8hALzW9Ctnd74HmnRAcL-6c1Oj100B9WXCaovUFrw0gBHKKLifb5HQw2Jv8s00of5VVhGD-6CEc8_98zzoBpN3AeXDC9XOP0YX2zPgCk4t2s4VIKOzVv0aL76fz-O19PyLZyH-ySff3ycNE8Xj7noDus9c2nvyQdfCIi-827elITXzTaTk_J9ttZDLG-qHgjcQNmGmhwF35TfQqTUZBWgsxD6IfIQifbs2OK0ovH0b1Bf686DexP5H8o15c89haa6dRZYY48JQv5M4UJG6F-pt3yasvOPzReX5C5Sss0PPm7MYHUnjNNYRnNZVjdr-D38Ttk-dy-UIdtt3_yvXPY5oC28bNMzwNmeR3lPgSiezP7bvs5d7JeV_uyXp26eIuz73jnLgFLc4EUZIHTDVXHKb0YgTETreKpTLmIW2ZcbfBI-_xRjyXmQ3DRMpSQEriV902-2T3UyYEL6df8enZdLUedSY5yxD3dKjDIyQ1oNOdZoQESTrTaNG1XpmefIw-dMa3nDuVSr9eGaQzk0Y46H3uKPVJKxY_kbTFPq2-wkF_3MoI2fKnLtdGiZLy4ax1GFyFQeHeVjeL6zk-xb0QfM_YCdDrBnBeNlQ5dArsekBm8qcYTDEP223v1n_JeaxMFW2I8k1EPYEeIyLvxrMJa6NjHx5Xj9j5XSdyp2k-cEtK0SRQu9MOcKcrw8mc-N5txdPMBrkRHxIG5zgALdmdUe-NiTOJHkWUh2ebvzesRUVZ0OwiKBnVUdcWPm-b57p2fovsP0UMMEEtA3kPBcAQz1aG34cWoZryv5BYplwzvRAY4GokcSlph-BEr39BCNsX3oJj5EcN_pRwB2SQIdpPyztfsEKSssBv3fp0RyXe85O-iwZgug1nj059WKpOrjrW8p0CUP32Utx0AcaGHYxeGGitZfOpeeKaW0j_EFDqcDjvK8-YeconIZWaTx4_1FJo1qopTf-_aUoRvdHVE9QGxO6fOroSp31Hn2gyvdMVCfW7d_U0mDtjZClGz_nnwTTA7Q_DMj7_6kC-14DczGYlsMRpGp2L_Ol7zYRTvkoUwGb8EuBbfkEQnk_W-krE5ImVolcs1rwEC7EB8FX7fvRBhMMIKwbGpbKWITvtUnenC5QPGu6FN5a_dvffYD-iMG8B1hTpQ_EW_5Y4ESHwQMHXZYy5LRCdaIiwJYV26zl1NDvMk1hyOAU3O-IqWy1dkFtTHaFWJLqlAT9mDgo7zpCT_FFDfM7kT5C3efXgOZL9shls14E7gl2aO_CXJBSaZ_KlOFk2u4rQcOLFJiz6zdLH5eCSRu0eLTPp6xj9ERRKIZPx6tgAafD8N1Sz1Mwj8SG6HfxRNKWtEpXtAqurREeVl2N2BYe_D-Qj3xudBkrWx6Puu1zgRSw4S6xL3tLqQ2Bebkh5qVHEJSGiJDtADbayxCwczUEmY2orii9z4VMYDXrISj9WbieCUbLGRpbmt-LWWi2ulLw8ib-OL8n27HcPvtSUdYqSHvU2wS9cKcwpY&cid=CAASJ-RotsfetUvNVJTgwbIljXHdJuoBL9D5ehc3NyJyXo4uSA8yREdCgA

Requested by

Host: 2plus2.ua
URL: https://2plus2.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 May 2022 10:11:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 111E 0
0 80ms
79ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CVJEs5KJzYoSYM8uqx_AP8Pa-yArwia-OZ96ugp_2DvAuEAEg_f-FI2C7hoCA0ArIAQaoAwGqBPoBT9BlXyWNh0jioi5LRzzlF9q8QZSZkLlBViy4N_uO5BYfUA1urCkOmE3MggpPr8IVy4y5ppK-jDUrFYX23vG7A97lmFFj9PqFyMUKvaqpaKrPJcgvgAIiLXJgyyntFxvpPK72qd0s__iLnmd01eEyT3ORvBfulSpbyZw4KfKA3JDYzEh3x_LYlb6gh43BmLLEVJS5aKqZP57Z-5O7mRyb0XwOAEHdmJi816NwK_obH8nwZYrt4c5lpF_2s5vYhT06kprrk9GWPR-LMG3olUjTBcTpi1vDwOvTvPASlyGsQA34EFlwT8dxMGsqr9QJQJGeV5XYgPe8lqN8F8AEwaHnqPID4AQDiAXT9p3xOZIFBAgDGAGSBQYIGxABGAGSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBjeAB6HLyoUDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwoQoL8BGNKBy70B0ggJCIjhgBAQARgdgAoDyAsBsBPantQNyBPKo-zeA9ATANgTEIgUAdgUAdAVAYAXAbIXHgocCAASFHB1Yi05MTM4MjQ3NjUzNzU0NTMzGNXbFg&sigh=1mIBHaurw4w&uach_m=[UACH]&cid=CAQSPgCNIrLMsGiD4U9vS-csy1ojk1VsM-LGv_NG93CymQtVqHk5Ws4uTBPIJwMV0I-a8NAm51BrdL9l1RCVkqJi&template_id=509&vt=10
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s01-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 204 l
www.google.com/ads/measurement/ Frame 111E 0
0 48ms
47ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTtQJllc883iY88FVFDBGIkkhBmIkqT1RBADOl1DcLl2Kp-bRps304Wy0JFs9hiSZJqDPNdrSAdwduWm_3ivA2fVxggVQ
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 uk.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 111E 3 KB
3 KB 194ms
88ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/uk.png

Requested by

Host: 2plus2.ua
URL: https://2plus2.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3877a009c29d6544113f27118f4d44385da6d6703ff8d53ed031e6da71825888

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 07:29:49 GMT
x-content-type-options: nosniff
server: cafe
age: 9720
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14587847488922671356
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3073
x-xss-protection: 0
expires: Fri, 06 May 2022 07:29:49 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 111E 344 B
449 B 200ms
94ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: 2plus2.ua
URL: https://2plus2.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 04 May 2022 16:59:05 GMT
x-content-type-options: nosniff
server: cafe
age: 61964
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 6766994032117382215
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Thu, 05 May 2022 16:59:05 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012203150226000/ Frame EA7B 222 KB
61 KB 160ms
85ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b94ed570e00f5bba0eaed65da67bf6f2fc5e107446a682eb045f20dbd12ab0e8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 1513
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62084
x-xss-protection: 0
server: sffe
date: Thu, 05 May 2022 09:46:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "fa1474a6dd6481f4"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 05 May 2023 09:46:36 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame EA7B 16 KB
6 KB 154ms
154ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aec5ee5147fdc283bcb601dc6231c234d9bec077d32756aef2a75eeedf78038f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 1513
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5728
x-xss-protection: 0
server: sffe
date: Thu, 05 May 2022 09:46:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "d91e62368f79b48d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 05 May 2023 09:46:36 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame EA7B 96 KB
29 KB 156ms
155ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

213738a8de7a1e55874dcbc92825c84599256579b64f60f19c2514e61844e6bb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 1513
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29618
x-xss-protection: 0
server: sffe
date: Thu, 05 May 2022 09:46:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9a9baa9802fa29d2"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 05 May 2023 09:46:36 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame EA7B 5 KB
2 KB 164ms
163ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2eb2a641ec9143273f4f5ba4f1526364fd4b1a040b628b4be54b77dbe362690f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 1513
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1900
x-xss-protection: 0
server: sffe
date: Thu, 05 May 2022 09:46:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "3393210d007db9ca"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 05 May 2023 09:46:36 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame EA7B 42 KB
13 KB 164ms
164ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b43999f77e447254a78e068f55a6cc9075071b252277337b901e095e607e474

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 1513
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13669
x-xss-protection: 0
server: sffe
date: Thu, 05 May 2022 09:46:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "565eca32a909292d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 05 May 2023 09:46:36 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame EA7B 6 KB
669 B 52ms
51ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300|Roboto:400,500&lang=uk

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2ddefcdc9f260c5ffeb93fed110fe9d929028226f9a2d8a4934ea52b546e9640

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 05 May 2022 10:02:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 05 May 2022 10:11:49 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 05 May 2022 10:11:49 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame EA7B 4 KB
618 B 50ms
49ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500&text=

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2e8fa2037c41372ddc72ea1e08a477ba37998b54b5416b8cff0554fa5b865e27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 05 May 2022 08:52:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 05 May 2022 10:11:49 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 05 May 2022 10:11:49 GMT

GET
H2 200 15835154778501525604
s0.2mdn.net/simgad/ Frame EA7B 121 KB
121 KB 199ms
93ms Image
image/jpeg 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/15835154778501525604

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7de6dac2fc26f86b23539bc1375a7a1476b7e4710fa89c9d62e2dd91f870ed93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 13:28:08 GMT
x-content-type-options: nosniff
age: 161021
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 123574
x-xss-protection: 0
last-modified: Sun, 12 Dec 2021 05:12:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 03 May 2023 13:28:08 GMT

GET
H2 200 uk.png
tpc.googlesyndication.com/pagead/images/abg/ Frame EA7B 3 KB
3 KB 187ms
91ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/uk.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3877a009c29d6544113f27118f4d44385da6d6703ff8d53ed031e6da71825888

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 07:29:49 GMT
x-content-type-options: nosniff
server: cafe
age: 9720
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14587847488922671356
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3073
x-xss-protection: 0
expires: Fri, 06 May 2022 07:29:49 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame EA7B 344 B
402 B 171ms
95ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 04 May 2022 16:59:05 GMT
x-content-type-options: nosniff
server: cafe
age: 61964
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 6766994032117382215
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Thu, 05 May 2022 16:59:05 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D6F4 0
0 76ms
76ms Fetch
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvKcaLsUSXkfy0phpshsYN81ZmFQ4NjetyEQOq-cc0CgLgzTNqOglB39anZuNn9sn_HAJOYoErrfuseDmVzNdZi827rqLHx8R-iQDQKa6B14kUHIFZcHivOiOgQK4_hjLRBy5u1YI13YoFd1bLurf_GB_OH25f0KCXofcSz-c39jK_catr9Sm3oLP3jhEgsFFxbopd9j6kloTbZSw-jW-cCN0e0uHikYGH0HZV3nd8Uc59dT5DOWykOVvP-kJt2nhgVCyIjtpWROdI2nnlCtLRrqAgkBi05JUyh7hPz07SnSqzLr6Et8m0_kMBbXMBNT369jxFKUwunGA&sai=AMfl-YSbEx9kyMPJCCB5j38-y8tVc8gHiHyiRiXXtwWA6cCnN8p9XOupcrzBn5IcihMW61fv_N49minzPsG_aXZ3_h_h3HXJs77zcREpy7vSEpKYPXYbECk3IDo_h7lzBxQ&sig=Cg0ArKJSzPLzF333IYurEAE&uach_m=[UACH]&adurl=

Requested by

Host: 2plus2.ua
URL: https://2plus2.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 05 May 2022 10:11:49 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 05 May 2022 10:11:49 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220503/r20110914/client/ Frame D6F4 3 KB
2 KB 116ms
40ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220503/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 10:10:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 56
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 May 2022 10:10:53 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D6F4 120 KB
37 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1b2415f02c89234a4b94896afa68c68db82465563711b8b05f0c1b8b3ba580b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 10:11:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37409
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1651664140737961"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 05 May 2022 10:11:49 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame D6F4 0
0 47ms
46ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTXLkOz31o03GY1VemGzbx1ILPLGloOWybhbT3QHeYR_2v_oeHingxpcYsQg2qAjUfVlpKWX0G-eC_zNFim9CMuY3IWaQ
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042801.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 8469205965052367727
tpc.googlesyndication.com/simgad/ Frame D6F4 32 KB
33 KB 117ms
40ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8469205965052367727

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

43a7239809c6cfc3947c71e51994028cfa0c2e677e9b145f5268ceeeee44058a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 14:25:03 GMT
x-content-type-options: nosniff
age: 244006
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33228
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 13:37:35 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 02 May 2023 14:25:03 GMT

GET
H2 200 13913269592427657433
s0.2mdn.net/simgad/ Frame EA7B 6 KB
7 KB 129ms
43ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/13913269592427657433

Requested by

Host: 2plus2.ua
URL: https://2plus2.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09dc81d8f75325db9496418bc7ace8f7cbe3a58486ae220e7a3477f0d3a46a1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 04 May 2022 13:43:35 GMT
x-content-type-options: nosniff
age: 73694
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6418
x-xss-protection: 0
last-modified: Tue, 30 Nov 2021 21:28:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 04 May 2023 13:43:35 GMT

GET
H2 200 ad
googleads.g.doubleclick.net/dbm/ Frame EA7B 42 B
107 B 66ms
66ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AiB5WRO-oYWd3AyhIHAZ1NKwypPL677f4VJkNH-b6deo9y6eP4fexM_YrJLkVdlBQWeQa0fdfhHg7yagjDiQvkfi6rHchqJCznKJbuJId98FKo5n1HqKjptthvIrjYhw-Rw8RWIFXqdgyTT4QS_MzO_vSfSA&dbm_d=AKAmf-C1p14hx8Po0jjsh1cXgOxu8hZsg_hQIQBZE_I75VxhFT4394ixgWRRhxyj0XuKNsRFni8AuM1kypRgEU2CriBFQyjdFqTYtqQ_YBDoylcHa17AaVe4wPFaeuBT6T9V3n1lL_FHY7Bw3KoXr8J9KCDUdoLOGedxKRlvQbpu2xHEfTnLYHS5F41zzn2Tre9CkuzSbwSFv4w6BmWTW-PLhISkkYbz9vKpxHaNEACJ3EN0tlL7ZurldFtmqNf_weIsKRQRO3aWuQiZa84ow0-hnJpjZhMP8rOrwWh68VNyYa5LW-7pYvpevYqF_gWx1D-OaaMPIgh2lB_Tq6lwVJP5sUC1qs1RK-2KMElKlDlm07OxwjUsR9nqfj_y5L_SFZDSq5OI9ExxbZKah-a0fpMQLo1mkJcU4xJAvg8neFznt7m0b6lrI-L50QgUpslI_rAIhdJDj2epPYb_5uT-ih_xyr7ickIt1tZaAY0LM6Tb4NQGWupdXAnf1xrtqp23uQnNYN5h0G2lojiGbadtDm8W5RVmEh6q78RXdtLXHf5uTyAMJQNHV4xq7bUGX3YfUq_GcLpDhaFOBN9huWfa5-zHAz0vMWR86SJXWh1qAFuXdnyQ1XolAD9bZGFL_gKeDBN-OB3hhQ_VIJZjQ1oBa_fTs9k_jyMPXhOUC81g3s97E_97EpyBEgnBb_1VFyp6eM1heVG-X6MXvny37MqYNWW2BofNQOjBorAMQD429_bXXCCLjxdd70hs--OVzgCfR6XQwmF-i_FicKsf91PCZ7TXESe2MkY4zE_s3lfrISGEbx3a0gy8hFrh43afNrlmRtR6B6C7weRP6ZJeaJQLLOoQiCKs7XnszFX7cuCdHNHuEmUjZkHl3v9X111EaWkbyWmCwMD7S3OWwphYwUnVu8YHZopIY-CZWDR9OSoPXFesLktLpsBAE8sjGeC9LA8xz1uzEK3UCwyL-iRU5y1BjD3FFtdVDXf16EXXnwrEzi6teSin_sJ2CHXskG7l4WXYKVed6QnP-eAJiI3QBbFWhEGofqZhoS4mAB512GSLLx7NiZJGpTsMj36hwOwytlA5S_RAcr9pRR7DckGMQGJkaFNMqH2203yY_m_B4e4YTBPJidjQvan_aBafp85d_-v3ZfmcVdipYC_fCYjZYSat5HjktBgBrYjA7eB3PN_fWj2dWELZcMMyRjgZqF9gvHfByQ02yDKE_miDGkb41f9rqtsyDSrayPBfhdGwtfd9ij-SktklfCCipYmox3kKbj84gu-eatQ8ex2lZ2549p6zd4kWN0QHeuBIvyLjrctsOkNyCR3E8VuxMoPnGnXqlyttb1mmkLZeZZ_7GC8qh-GWqr7JWpPT2L2ZFjDi77Da6C5JK4aa_6CDliqFxVZCQVk92F1b9YSVTUeyx373RSvj9yMD5UUivBzupJhZqFLsAnvyC_Sj08CjYQ7SFRB3J43UsufSqMD2-eFJgAajWEdNncaqRJPpT0wUWob2FqRM7szWLHPm0UFCXPMxfufUKWeUbdUNOIzfiTWT3tTBGiYf2l5Y5gtat3lWFpXmcNpwIj66i1WPGD_k0lV_NbnsSwte57wXcv7gaZilhqIH_g8GMjhBFLS8l6hCPxy7ODs9cGretH2NOGguyPoqJC9NuZk7ShVPDTbTgOUEVtU-Og2wvm8V-7VSOgB_PayX-MEl9MrXkfZdZufGOQmWEArxA60yjmsdeDROHI7M_UTU5yaEhoStM6ktSlFJGvKFUiS8h921c5zeHMrLL0FZeJFhRajG5VGdSOABmFbe2Q95eszV_3SZKvY-3jzQrFWzo_KV2hEnWwESuyJV-y3cCjgnH4COLM8yoYPSfTd5xa2i4hKMy5-ABGulrR2JDa7hA-hYfC6TT9rmL_H8Ox--mGMXVaMO8kPlerc2cpLyiBiWEWTd2mbcGNGoUF2N0udFCVp8y1kZAGTjJ9MZFt1br0wTyr55SK-kl536rlQDykiQmf6N6JtxXVNb0Jwmau3-fveOgTPe-GqL-ebm1cPM2Q21Uf0WcHWvWx2vCjjYIr6ycqhDQAZOEAjJNUfgPjZMJ7psp6qTsXmjtDxy0ObfyXVhUvfmDdN3yBxSrQnI5LFr_pxq2zLu_e12eLykL7XZjHMbm_xTl3brvZCo55yWLD1hRJ47VCKUWr3LkcDOA6UuPrdoAbq5wvEs2FD8APOWJLroRINCtnEpf_LomCtAdxzPVBPYr8xD6hGi3vqj2t8cUuBaiz2EsbfpCUcQPqmIHEvH6H3rpXqpkotC3HAcF8wpRXhBWQCmE5IOpy9W3r8pjQlccVZL7OX_SWchHjN72T7H_tyr7eJkXImj8T0ARhV_xU3FySK8bj4Y07SD0JkVwr9uyw_DT7WNgwxMPO2xEDRN9UA_Bu5S8MHU9T3Fa6Cwn2XWfYSymXoc452g0ceCZxtRMTn7SUf-igrSiMUCZBm4JdCGlS1aIwYe3f9Sug1hgvrEoGxLaph2DGlHB8t1Y7bDbSCyCdATnWA05NKoF6g09lo_S2eFEKvKaKuUYASq5Q9K6JTChAqXp_4p-6rOZgiMuCrJ3fIEznKq8JXabOKd4mHiMqeDuOZhatQOmPDOfqUKf_olR3VamnRuineuW1J8hSTPqdmWQvMbYp6KP7Rf02BuEnzDLarNFp7mUFzWHbr79n17j0P2qo6V1-lra1_G6YQ8RLflnVd4rpNCjrJ6Rn8MednbtZkqOuYA_yfLlbR9bdfWyV0_vLsMQfumAUTORyyBzJtEfRj1HHHT8zFeSjngptQYA1t3Am5QJSiRwEIWfKcfysX68gNGIFOxdF7Ua-0A06bawcgFMBsWOyWYXK7Nk0oXZRB2VuoSjkNMYmf81BbDQOLHgqaYYAuDABceU2e1ajlpw0h0OVV9NKHYKuZtbVKWlOAMGPguXn_mjBR2H1tN7uKJiaDPuDTNpYKukf3DaotvTLAsSMtIrfiJeWSl_Ss06IdWpFYyehz9h8OXZWmR1vZEPvT5BJU-t9LSa-Cv8i3zIW_pDhOALJY9rseuPO9cKMiE_6UH7KErFLMuX7bK-Ca40svOP3RVSH4SdLRw24URCrphih48frH5z0T7bLm7jUBgOSOAUmS8c_sNvdlVu-JkGjumWnhAoD7hNDzje0JWLhZmBxKZ0QWgEaPseyxTsVZOjLtVmuRWvcMyBt1taXDxuEzO65IUkv7XLesout_Xecj10q6VRaBPNFPlqH2kQ-3YE0-TFSU0CHxnwyJxYwr87PV8I_YwAmNhFUlgRBKf0QCCfpXRxntKoqEPJjFftkv2C5JDnnnEXvxSWzrdvQHSShBgVg1SM5GpEE9y-HFpsHTQSz7lHUJzt4kkjGCsYP-lzTnCSv9h161_U_EHqzD0b8ws6ValaUXAWk_QoWlVjfDuf6LqiH-nGoB891uhaVf8iL_eezASzNPXSsptpwIoSaW6KMq6kI4LO9YexLf3FOEjva9dDAAEaFQ-HDTdcUk6n_tXNNIlcao3DFdeUCNzSkKKtLmp8RXJlRlV-PCe0b3Uj5n7jpBJNmnMc5q5Jt4GyK0&cid=CAASJ-Ro4bOLo_7aIZw2HWggzFFkisk6cHY9agIMbXhxAHH8ZMfbWvwKmw

Requested by

Host: 2plus2.ua
URL: https://2plus2.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 May 2022 10:11:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame EA7B 0
0 78ms
78ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CdmPK5KJzYoWYM8uqx_AP8Pa-yArwia-OZ96ugp_2DvAuEAEg_f-FI2C7hoCA0ArIAQaoAwGqBPcBT9CET5aLrlDcFYBkXw7RvlKZIbSm5CjoYg1gh6Aq4_7ummgFbnHnkUC_byuxzZMnbkNAAdmDBQTeoIkU7kBTJyTGVcKl8s5MrUzKJzuT76YFbkBjMdx2RgY1uysHeqO3azJlz0OLPsGsSjLVqEp81b2PiZUv4xEgSTtkZv182BEHVd-lCpnszh28bEysDMAUBuP8wXu-falbbkFXvG4kpKOo1r4pr8ybr-iosWBNpB3Fokr4Y4aqn2zSic2gadF4rVEYDv_1BJQm3YGeD32Scqe0-VXe-h5QAVN8gtw1x1OvVaxYmbLHzw5tdPF96cEcfv5qgeP9QsAEwaHnqPID4AQDiAXT9p3xOZIFBAgDGAGSBQYIGxABGAGSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBjeAB6HLyoUDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwoQ8ZIBGNKBy70B0ggJCIjhgBAQARgdgAoDyAsBsBPantQNyBPKo-zeA9ATANgTEIgUAdgUAdAVAYAXAbIXHgocCAASFHB1Yi05MTM4MjQ3NjUzNzU0NTMzGNXbFg&sigh=m0VbbvlqtOE&uach_m=[UACH]&cid=CAQSPgCNIrLMsGiD4U9vS-csy1ojk1VsM-LGv_NG93CymQtVqHk5Ws4uTBPIJwMV0I-a8NAm51BrdL9l1RCVkqJi&template_id=509&vt=10
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s01-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 204 l
www.google.com/ads/measurement/ Frame EA7B 0
0 47ms
47ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR3is1L4mjXFw6vRZwRdJrTpj0S7ls0H84uRFrJDMZ1dHkgWZnivceIIrXzY6bkpqW5gXInOMZYHqFBo5D63AryRf0_Iw
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame EA7B 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dab4780998aad7a03561182c6b44eab31e6c5c862385789768f90aaf6ca341a5

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v29/ Frame EA7B 9 KB
9 KB 124ms
43ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300|Roboto:400,500&lang=uk

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8dd3b91ca60e6a0486326c5c275590dd1d753240c2efa9f94730815813997fee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://2plus2.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 07:29:47 GMT
x-content-type-options: nosniff
age: 528122
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 29 Apr 2023 07:29:47 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame EA7B 16 KB
16 KB 119ms
40ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300|Roboto:400,500&lang=uk

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://2plus2.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 14:02:01 GMT
x-content-type-options: nosniff
age: 158988
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 03 May 2023 14:02:01 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame EA7B 15 KB
15 KB 130ms
50ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300|Roboto:400,500&lang=uk

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://2plus2.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 01:46:21 GMT
x-content-type-options: nosniff
age: 548728
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 29 Apr 2023 01:46:21 GMT

GET
DATA 200
OK truncated
/ Frame D6F4 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: edeb614d625875ae12208e175cbc8fa1be018781b9ea9a7938263fd843246556

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame EA5D 17 KB
7 KB 66ms
66ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050301.js?cb=31067407

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vid4.tsn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 10:11:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 05 May 2022 10:11:49 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 39ms
38ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1212790077&t=event&ni=1&_s=2&dl=https%3A%2F%2F2plus2.ua%2F&ul=en-us&de=UTF-8&dt=2%2B2%20-%20%D0%9E%D1%84%D1%96%D1%86%D1%96%D0%B9%D0%BD%D0%B8%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%D1%83%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Clarity&ea=1790146&_u=aDDAAEABAAAAAC~&jid=&gjid=&cid=1052512619.1651745508&tid=UA-3838466-26&_gid=1923654488.1651745508&gtm=2wg540W2BBRKX&cd1=https%3A%2F%2Fclarity.microsoft.com%2Fga%2Fal26fychxj%2Fnj83nb%2F1790146&z=1549836285

Requested by

Host: 2plus2.ua
URL: https://2plus2.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 May 2022 20:03:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 50925
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame BA10 0
0 83ms
82ms Fetch
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CmTcp5KJzYrGFO4j23gPYgoPwAeSP0rFcp5LhiIgBwI23ARABIABgu4aAgNAKggEXY2EtcHViLTkxMzgyNDc2NTM3NTQ1MzOgAb3UiOsDyAEJqQLNib5C9g-1PuACAKgDAaoEjwJP0J1nVHtawaqAkohawa_SKhIH0e_MS8_cwGhGefeEGQ635D_fEM9Y-AV9w9PBJFVwwkGBrPryPJTUCfk1_aKXibBIwPr3dNUyUOus3kro3g3Z5PSOItkZ-NkUqzGWdBTSek1sUFyFfPDgP5TYMBHGG3vQtoMsQx66ns4IYXiR0koXTNKzjCdxm2GYttEUPsyIKYy77zrGnWclxY1voS3odcf19UYbJERvrVvG6WoXqbAgz_9ERPs8L4WnPux2kR3BCfYTzunnt_6Fwr13JoXL3P3LLJoAUyqlHMvSzpH4KNFPfq4RneCBnCQbjex-LNl_Ea97tAoP7voIENn38rKmy6wfMg34mHGn-hQ5LJPA4AQBgAbcyIyRkuuory-gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAYAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi05MTM4MjQ3NjUzNzU0NTMzGNXbFg&sigh=Nh1JNP-WcCQ&uach_m=[UACH]&cid=CAQSGwCNIrLMLi_nkd3q1JgidgHPDoipLbj3QLEgDRgB
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s01-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c1640cebe3c27285c67f93ff751706fd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame BA10 0
0 194ms
60ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kqSYEZ2-E-ADwAKH-lcYAgAAAGGIjMX1iysr8BYCLRDkonNiNGLsLGDT0aHiOgEAEgAA&wp=YnOi5AAOwrEKd7sIAADBWG7TAIWxHuIwK_h6VQ

Requested by

Host: 2plus2.ua
URL: https://2plus2.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c1640cebe3c27285c67f93ff751706fd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 10:11:48 GMT
server: Kestrel
server-processing-duration-in-ticks: 236745
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 56C4 45 KB
18 KB 186ms
57ms Document
text/html 2a02:2638::b
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=YnOi5AAOwrEKd7sIAADBWG7TAIWxHuIwK_h6VQ&u=%7CDHHM39QCX%2BvhCIdtqKzOFJCStUqfH0fV309Szxe5SJc%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA9dFO_bYoBKF4-3YiKKfdu8V59K61oVU1gE1IpgBQzECWALFzzeKo8eJoBDM-b78G3zHj9AQ3l5brjxSUF1tTTNP7hdRjCSD_JFg-_q-kRGj531-yVzHwIflACkjXUrUH4LxuUla_t9Sv0jJLpRR9wHaUfrqOw-qsX7Y2W6USDZShloyIhjvCtj1IGy2wbBMpH-FQiDEvIzOeTL3jdV5dTaD7J371XJZOELua6ki-IvfoZ8uNnD9jeNwTt5UzsYEjMA2wtWIvYBa0js87rRjW3yTSrhMLXOLrSvlDmtHhiDfCFIkfk72ZHSvTPLNEHnCvXJLBtHqjZdCxKF5r8MD1lJ4dWHnzu-Zxfwpmw9q7cInm8YYOREINSZAZINeZNMRwkMX3ULrxgLxdCwWSOqWgX-f5EACPp8X8z&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7tr_5KJzYrGFO4j23gPYgoPwAeSP0rFcp5LhiIgBwI23ARABIABgu4aAgNAKggEXY2EtcHViLTkxMzgyNDc2NTM3NTQ1MzOgAb3UiOsDyAEJqQLNib5C9g-1PuACAKgDAaoEkgJP0J1nVHtawaqAkohawa_SKhIH0e_MS8_cwGhGefeEGQ635D_fEM9Y-AV9w9PBJFVwwkGBrPryPJTUCfk1_aKXibBIwPr3dNUyUOus3kro3g3Z5PSOItkZ-NkUqzGWdBTSek1sUFyFfPDgP5TYMBHGG3vQtoMsQx66ns4IYXiR0koXTNKzjCdxm2GYttEUPsyIKYy77zrGnWclxY1voS3odcf19UYbJERvrVvG6WoXqbAgz_9ERPs8L4WnPux2kR3BCfYTzunnt_6Fwr13JoXL3P3LLJoAUyqlHMvSzpH4KNFPfq4RneCBnGYZrH6tjit6gl10LIlrclELBNNL-Jy-ECKEVpFZJ2-L4sW-xpZTVMVB4AQBgAbcyIyRkuuory-gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1wiJPV1efBfZqYUOoZgzvJnt28mw%26client%3Dca-pub-9138247653754533%26adurl%3D

Requested by

Host: 2plus2.ua
URL: https://2plus2.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4db0db1b0ec61d70f51453277619507174ed6a80abaf674f823ea98afe7ccc76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://c1640cebe3c27285c67f93ff751706fd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Thu, 05 May 2022 10:11:49 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=G-C8YChfackCs-EsHpfujjbVzFbdPXAUNYxJcwJYu3Rx1TpJdLUfRLpw_SRZlrVHyN0R30eZPgs8F5N56izQ226pUvXTu8er-SyQ1Few4hfV1Kag9z3h1H5r_Pih9pE3_KWl49qzeo65pBKuFpylmtwkjHz21bVWgTQzXSRIMMHk9dwT4GDayZe-MzFd_E--swXONIINSltFyHfcZaWGCsVlkGsqZACqjJpdaNepNTgkiiy-BbMU9jS9HUxOek1FvocKeA"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 3170059
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220503/r20110914/client/ Frame BA10 3 KB
1 KB 139ms
57ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220503/r20110914/client/window_focus_fy2019.js

Requested by

Host: 2plus2.ua
URL: https://2plus2.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c1640cebe3c27285c67f93ff751706fd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 10:10:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 56
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 May 2022 10:10:53 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BA10 120 KB
37 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 2plus2.ua
URL: https://2plus2.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1b2415f02c89234a4b94896afa68c68db82465563711b8b05f0c1b8b3ba580b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c1640cebe3c27285c67f93ff751706fd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 10:11:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37409
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1651664140737961"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 05 May 2022 10:11:49 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220503/r20110914/client/ Frame BA10 15 KB
6 KB 126ms
45ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220503/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 2plus2.ua
URL: https://2plus2.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c1640cebe3c27285c67f93ff751706fd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 10:09:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 111
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 567849196274905959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 May 2022 10:09:58 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame BA10 22 KB
7 KB 127ms
46ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 2plus2.ua
URL: https://2plus2.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c1640cebe3c27285c67f93ff751706fd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 04 May 2022 10:18:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 86024
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 04 May 2023 10:18:05 GMT

GET
H/1.1 200
OK hls.light.min.js Show response
1plus1.video/static/player/js/ Frame 8142 153 KB
53 KB 78ms
78ms Script
application/javascript 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://1plus1.video/static/player/js/hls.light.min.js
Requested by: Host: 1plus1.video
URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=e5d7a0e0edee2e1241fd9b3cb5108a742a385aed
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: bd9072da49e87b2c3688527532eb51a54a6886366915be497e4e2de0c83e5859

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/video/embed/12XPPTDu?autoplay=0&l=ua&logo=plus2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 05 May 2022 10:11:49 GMT
Content-Encoding: gzip
Last-Modified: Tue, 05 Mar 2019 13:06:09 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Sat, 04 Jun 2022 10:11:16 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D6F4 0
0 77ms
76ms Fetch
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssmWqkn8TmQG0Hgx-3eer51xt30s3f82DxMBj1MYbVZqmMXEvD1MXHqwDttsaIZKgp_nqEkyLjEjSd9a6ZQkgCQ1snxVpTpjuTEFNfSvrvib0Lo57as3KpoRKk2pHiw1_6I7wCxQnZ2IlVLN0uCeKW0pa14YDVEXarUOmj1marssdhJBrAMqfSDAfKYJrL4GgTlKtZAjHYFkarKfFFCYBO2xQr1iNIiGfQv9YkKzIDGsPCF6TSdGxtwfzx2E2x1_8DU6rlNK-w35wQDbOc2qu2PxfMHSEAj7mi9UfloLrH8Scm6V_jMO6Bk-RBzCw&sai=AMfl-YSKYRDjlXHCNkDjCtiY3J9nUDw2R3sp5U8rGRw5snFWAWlbk6s43a1ZwXtuKAd1RBU1KAhgtumaX9RDf3I21TrSIIAuEM5IFFAzbE40HfJNPjIRmXpWQo3jh9AieTc&sig=Cg0ArKJSzI_0P3JkObTBEAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 05 May 2022 10:11:49 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 05 May 2022 10:11:49 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DF10 13 KB
5 KB 78ms
45ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vid4.tsn.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 85
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 05 May 2022 10:10:24 GMT
expires: Fri, 05 May 2023 10:10:24 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 608D 783 B
534 B 49ms
49ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a4c79b989a211b44504ad668ce4735034f136a4844cf4e218def8abed6e3f52d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-zpTwAvCyshEvtN3RhYp6yg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://vid4.tsn.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-zpTwAvCyshEvtN3RhYp6yg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 05 May 2022 10:11:49 GMT
expires: Thu, 05 May 2022 10:11:49 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 111E
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

372ms
199ms

Image
text/html

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H3
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

date: Thu, 05 May 2022 10:11:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 15835154778501525604
s0.2mdn.net/simgad/ Frame 111E 121 KB
121 KB 124ms
41ms Image
image/jpeg 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/15835154778501525604

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7de6dac2fc26f86b23539bc1375a7a1476b7e4710fa89c9d62e2dd91f870ed93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 13:28:08 GMT
x-content-type-options: nosniff
age: 161021
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 123574
x-xss-protection: 0
last-modified: Sun, 12 Dec 2021 05:12:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 03 May 2023 13:28:08 GMT

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame EA7B
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

215ms
110ms

Image
text/html

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H3
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

date: Thu, 05 May 2022 10:11:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 15835154778501525604
s0.2mdn.net/simgad/ Frame EA7B 121 KB
121 KB 95ms
43ms Image
image/jpeg 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/15835154778501525604

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7de6dac2fc26f86b23539bc1375a7a1476b7e4710fa89c9d62e2dd91f870ed93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 13:28:08 GMT
x-content-type-options: nosniff
age: 161021
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 123574
x-xss-protection: 0
last-modified: Sun, 12 Dec 2021 05:12:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 03 May 2023 13:28:08 GMT

GET
H2 200 c7cdf394dc8482759f9077a41e4abf22.custom.jpg
images.1plus1.video/card-5/12XPPTDu/ Frame 8142 512 KB
512 KB 102ms
102ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/card-5/12XPPTDu/c7cdf394dc8482759f9077a41e4abf22.custom.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 0479c803e597c9eacc35328c18e47b75104c9c67359da67d31fa807de6309663

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 10:11:49 GMT
last-modified: Wed, 23 Feb 2022 17:22:14 GMT
server: nginx
etag: "8cdf6bac6c3c122e283456481462d852"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 523866
accept-ranges: bytes
x-1p1-cdn: BYPASS; Thu, 05 May 2022 10:11:49 GMT
expires: Thu, 12 May 2022 10:11:49 GMT

GET
DATA 200
OK truncated
/ Frame 8142 369 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5f9ecc527406b9b72bc3a9f4527892dcf842584b7e6aeb7ce816a4c7c8803954

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
fonts.gstatic.com/s/opensans/v28/ Frame 8142 24 KB
24 KB 41ms
41ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v28/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700&subset=cyrillic-ext,latin-ext

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fcbd587432f5e88fc926d1cde0d375084b7f3e711f9ff34571dec52f70fb27cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://1plus1.video
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 22:47:37 GMT
x-content-type-options: nosniff
age: 127452
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24756
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 22:00:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 May 2023 22:47:37 GMT

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v28/ Frame 8142 44 KB
44 KB 46ms
46ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v28/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700&subset=cyrillic-ext,latin-ext

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://1plus1.video
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 22:45:07 GMT
x-content-type-options: nosniff
age: 127602
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 22:03:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 May 2023 22:45:07 GMT

GET
H2 200 gplayer.js Show response
gaua.hit.gemius.pl/ Frame 8142 22 KB
6 KB 57ms
57ms Script
application/x-javascript 146.59.10.80
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/gplayer.js
Requested by: Host: 1plus1.video
URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=e5d7a0e0edee2e1241fd9b3cb5108a742a385aed
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.10.80 , France, ASN16276 (OVH, FR),
Reverse DNS: ip80.ip-146-59-10.eu
Software: GHC /
Resource Hash: 8ea36d679c5c9dd3d5582d5f55c70ef4d7e3cf8d5360f8c45a637587483f6ee1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 10:11:49 GMT
content-encoding: gzip
last-modified: Thu, 21 Apr 2022 06:09:03 GMT
server: GHC
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: max-age=43200
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 5978
expires: Thu, 05 May 2022 22:11:49 GMT

GET
DATA 200
OK truncated
/ Frame BA10 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7474ecc7d60f03269d15b705fbb693e21b99cf3e49cfe205851a2a8e78ced8f3

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK 4844 Show response
api.1plus1.video/v2/ua/recommendation_projects/ Frame 8142 5 KB
2 KB 99ms
99ms XHR
application/json 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.1plus1.video/v2/ua/recommendation_projects/4844?cid=12XPPTDu&vct=3&_t869136442377
Requested by: Host: 1plus1.video
URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=e5d7a0e0edee2e1241fd9b3cb5108a742a385aed
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: f92fcd99c137555750ef914dff1bf0f52073044fc89d95f304771eaf02d33b9f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 May 2022 10:11:49 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://1plus1.video
Cache-Control: no-store, no-cache, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Keep-Alive: timeout=15
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 56C4 2 KB
1 KB 34ms
33ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YnOi5AAOwrEKd7sIAADBWG7TAIWxHuIwK_h6VQ&u=%7CDHHM39QCX%2BvhCIdtqKzOFJCStUqfH0fV309Szxe5SJc%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA9dFO_bYoBKF4-3YiKKfdu8V59K61oVU1gE1IpgBQzECWALFzzeKo8eJoBDM-b78G3zHj9AQ3l5brjxSUF1tTTNP7hdRjCSD_JFg-_q-kRGj531-yVzHwIflACkjXUrUH4LxuUla_t9Sv0jJLpRR9wHaUfrqOw-qsX7Y2W6USDZShloyIhjvCtj1IGy2wbBMpH-FQiDEvIzOeTL3jdV5dTaD7J371XJZOELua6ki-IvfoZ8uNnD9jeNwTt5UzsYEjMA2wtWIvYBa0js87rRjW3yTSrhMLXOLrSvlDmtHhiDfCFIkfk72ZHSvTPLNEHnCvXJLBtHqjZdCxKF5r8MD1lJ4dWHnzu-Zxfwpmw9q7cInm8YYOREINSZAZINeZNMRwkMX3ULrxgLxdCwWSOqWgX-f5EACPp8X8z&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7tr_5KJzYrGFO4j23gPYgoPwAeSP0rFcp5LhiIgBwI23ARABIABgu4aAgNAKggEXY2EtcHViLTkxMzgyNDc2NTM3NTQ1MzOgAb3UiOsDyAEJqQLNib5C9g-1PuACAKgDAaoEkgJP0J1nVHtawaqAkohawa_SKhIH0e_MS8_cwGhGefeEGQ635D_fEM9Y-AV9w9PBJFVwwkGBrPryPJTUCfk1_aKXibBIwPr3dNUyUOus3kro3g3Z5PSOItkZ-NkUqzGWdBTSek1sUFyFfPDgP5TYMBHGG3vQtoMsQx66ns4IYXiR0koXTNKzjCdxm2GYttEUPsyIKYy77zrGnWclxY1voS3odcf19UYbJERvrVvG6WoXqbAgz_9ERPs8L4WnPux2kR3BCfYTzunnt_6Fwr13JoXL3P3LLJoAUyqlHMvSzpH4KNFPfq4RneCBnGYZrH6tjit6gl10LIlrclELBNNL-Jy-ECKEVpFZJ2-L4sW-xpZTVMVB4AQBgAbcyIyRkuuory-gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1wiJPV1efBfZqYUOoZgzvJnt28mw%26client%3Dca-pub-9138247653754533%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 10:11:49 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 30 Apr 2023 10:11:49 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame 56C4 2 KB
1 KB 38ms
37ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 10:11:49 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 30 Apr 2023 10:11:49 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 56C4 308 B
636 B 33ms
33ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 10:11:49 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sun, 30 Apr 2023 10:11:49 GMT

GET
H2 200 back_button.svg
static.criteo.net/flash/icon/ Frame 56C4 507 B
835 B 91ms
91ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 10:11:49 GMT
last-modified: Thu, 01 Apr 2021 14:03:13 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6065d2a1-1fb"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 507
expires: Sun, 30 Apr 2023 10:11:49 GMT

GET
H2 200 lg.php
cat.fr.eu.criteo.com/delivery/ Frame 56C4 43 B
348 B 361ms
38ms Image
image/gif 178.250.0.160
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=7BzgZj07cdzY3pSDbvgHk_nsgNQy1Kdes6IDBrAaVQ_TSr2LYoqp0lk_vXmijDAlZsXCmhoD61U_5vkSVoP53oq45ZfF986MWp8G_7ZIL0nPmYvSr5XAsgYISbWuJrHym-84Wyz7K18vJI9QLyh2GwBaabhMuAQvpnCxBfcQMQrIkSPjRHYhOrElgGvQ6qF4DQz6EWnyfV96XusOayzLEJDmlvdCOwZ2FylNuPzKZ4tHSO1Mgji_WyTBcI2bbDcl5e-8iumu9zo3lsUcfIMFIlF1c4gXGs7D6ofCVth0ogVH3cHwX_S6w7GDYhzVVuU1VAVN9niLdNs8syVjANWHlBeiz4Awq_RO_n5MTM3Hq45Lx_ptpkV2Yh9jkwMxvTm8rhv7a4RPtArdANegqMVi95D55sIWt7CUCdKUWvomDk-Av8eMztiXwZpP2tPawnSDupDrUw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 May 2022 10:11:49 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3539449
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 760e9d2c37004fcb868cd7526a2355b7_image_ad_480x320.jpeg
static.criteo.net/design/dt/3547/220503/ Frame 56C4 99 KB
99 KB 39ms
38ms Image
image/jpeg 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/design/dt/3547/220503/760e9d2c37004fcb868cd7526a2355b7_image_ad_480x320.jpeg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ed9485b6127bcfe9b62b355abca05225978a6d01a05c25b4711f7e1e33e54102

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 10:11:49 GMT
last-modified: Tue, 03 May 2022 12:14:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "62711ca8-18b71"
strict-transport-security: max-age=31536000; preload;
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 101233
expires: Sun, 30 Apr 2023 10:11:49 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 608D 0
0 187ms
106ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022050301&jk=1901673866264601&rc=
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

POST
H2 200 all
csm.eu.criteo.net/ Frame 56C4 0
128 B 119ms
35ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=G-C8YChfackCs-EsHpfujjbVzFbdPXAUNYxJcwJYu3Rx1TpJdLUfRLpw_SRZlrVHyN0R30eZPgs8F5N56izQ226pUvXTu8er-SyQ1Few4hfV1Kag9z3h1H5r_Pih9pE3_KWl49qzeo65pBKuFpylmtwkjHz21bVWgTQzXSRIMMHk9dwT4GDayZe-MzFd_E--swXONIINSltFyHfcZaWGCsVlkGsqZACqjJpdaNepNTgkiiy-BbMU9jS9HUxOek1FvocKeA&sds=2&rev=81391&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 05 May 2022 10:11:49 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 56C4 2 KB
1 KB 62ms
61ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 10:11:49 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 30 Apr 2023 10:11:49 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 56C4 2 KB
1 KB 61ms
61ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 10:11:49 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 30 Apr 2023 10:11:49 GMT

GET
H3 200 dFqp3r-NjKYIiZFGuMjg27V2y58JRdrnPk3CKLoufA4.js Show response
pagead2.googlesyndication.com/bg/ Frame DF10 35 KB
13 KB 82ms
41ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/dFqp3r-NjKYIiZFGuMjg27V2y58JRdrnPk3CKLoufA4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

745aa9debf8d8ca608899146b8c8e0dbb576cb9f0945dae73e4dc228ba2e7c0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 09:58:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 778
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13694
x-xss-protection: 0
last-modified: Mon, 02 May 2022 13:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 05 May 2023 09:58:51 GMT

GET
H2 200 gemiuslib.js Show response
gaua.hit.gemius.pl/ Frame 8142 41 KB
11 KB 66ms
65ms Script
application/x-javascript 146.59.10.80
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/gemiuslib.js
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/gplayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.10.80 , France, ASN16276 (OVH, FR),
Reverse DNS: ip80.ip-146-59-10.eu
Software: GHC /
Resource Hash: c4a648b90b933da069c2324f7919ea7e313922f846864276c5f33bcc95506103

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 10:11:49 GMT
content-encoding: gzip
last-modified: Thu, 21 Apr 2022 06:09:03 GMT
server: GHC
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: max-age=43200
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 11182
expires: Thu, 05 May 2022 22:11:49 GMT

GET
H/1.1 200
OK api.chat.0.0.1.js Show response
api.1plus1.video/static/js/ Frame 8142 33 KB
13 KB 112ms
80ms Script
application/javascript 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.1plus1.video/static/js/api.chat.0.0.1.js
Requested by: Host: 1plus1.video
URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=e5d7a0e0edee2e1241fd9b3cb5108a742a385aed
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: e2b2134adf52398755a5e6428ee95f6a6f99db6b82530f2b3e964c5be470cfe0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 05 May 2022 10:11:49 GMT
Content-Encoding: gzip
Last-Modified: Wed, 23 Feb 2022 14:15:45 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Sat, 04 Jun 2022 10:08:33 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 8142 377 KB
126 KB 165ms
52ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: 1plus1.video
URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=e5d7a0e0edee2e1241fd9b3cb5108a742a385aed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

260561a7eb727dcab19e6a6fcf626183fb3abe0b46a122d7cdae9c6d6dca97b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 10:11:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 128643
x-xss-protection: 0
expires: Thu, 05 May 2022 10:11:49 GMT

GET
H2 200 c9b0c9a776f78f3b56b9024ff259bf6d.220x330.jpg
images.1plus1.video/playlist-1/5252/ Frame 8142 86 KB
87 KB 227ms
226ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/5252/c9b0c9a776f78f3b56b9024ff259bf6d.220x330.jpg
Requested by: Host: 1plus1.video
URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=e5d7a0e0edee2e1241fd9b3cb5108a742a385aed
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: ded40bc9b131ce8d897e8319b65b204d44da586ca44e661f3acc33cb6438b1f4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 10:11:49 GMT
last-modified: Wed, 19 Jan 2022 15:43:20 GMT
server: nginx
etag: "90f688b5780469424dc2f50e497a080f"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 88537
accept-ranges: bytes
x-1p1-cdn: BYPASS; Thu, 05 May 2022 10:11:49 GMT
expires: Thu, 12 May 2022 10:11:49 GMT

GET
H2 200 7685b7308bb44288c4f399496048c4df.220x330.jpg
images.1plus1.video/playlist-1/945/ Frame 8142 59 KB
60 KB 222ms
221ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/945/7685b7308bb44288c4f399496048c4df.220x330.jpg
Requested by: Host: 1plus1.video
URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=e5d7a0e0edee2e1241fd9b3cb5108a742a385aed
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 143f50225190e7a587d8e43d7504c7645b29f1dfb957eae82f59977a6cc35c98

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 10:11:49 GMT
last-modified: Thu, 20 Jan 2022 12:33:22 GMT
server: nginx
etag: "8bae3cce1b9ac9a8d0dc652c45b532de"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 60741
accept-ranges: bytes
x-1p1-cdn: BYPASS; Thu, 05 May 2022 10:11:49 GMT
expires: Thu, 12 May 2022 10:11:49 GMT

GET
H2 200 74a4f00b1034d1e5de44c52c5afaf1fd.220x330.jpg
images.1plus1.video/playlist-1/5312/ Frame 8142 32 KB
32 KB 221ms
221ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/5312/74a4f00b1034d1e5de44c52c5afaf1fd.220x330.jpg
Requested by: Host: 1plus1.video
URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=e5d7a0e0edee2e1241fd9b3cb5108a742a385aed
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 564790a34f4bb222b6812e6c32b124320b3ccd5db9a922fcff71f72a4bd02673

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 10:11:49 GMT
last-modified: Wed, 19 Jan 2022 15:44:36 GMT
server: nginx
etag: "051dae29b6412985e0d02f1883f31c84"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 32599
accept-ranges: bytes
x-1p1-cdn: BYPASS; Thu, 05 May 2022 10:11:49 GMT
expires: Thu, 12 May 2022 10:11:49 GMT

GET
H2 200 200x335.jpg
images.1plus1.video/playlist-1/10772/ Frame 8142 14 KB
14 KB 221ms
220ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/10772/200x335.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 3e50ec9bf9cd0bd36e6893758780613e45003ce16354ba6d3efff6e51edb6ef6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 10:11:49 GMT
last-modified: Fri, 27 Oct 2017 07:02:21 GMT
server: nginx
etag: "26ad09546b4e87969d932db4f3ddc063"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 13879
accept-ranges: bytes
x-1p1-cdn: BYPASS; Thu, 05 May 2022 10:11:49 GMT
expires: Thu, 12 May 2022 10:11:49 GMT

GET
H2 200 200x335.jpg
images.1plus1.video/playlist-1/41551/ Frame 8142 9 KB
9 KB 220ms
219ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/41551/200x335.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: aff66da2e24f7833ec3ac1e7136c44b55c3ed0118957894c77eca728bd5fac50

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 10:11:49 GMT
last-modified: Fri, 27 Oct 2017 07:17:24 GMT
server: nginx
etag: "c6748e2cfd7e4055f74da8f1ff19ffa4"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 8833
accept-ranges: bytes
x-1p1-cdn: BYPASS; Thu, 05 May 2022 10:11:49 GMT
expires: Thu, 12 May 2022 10:11:49 GMT

GET
H2 200 200x335.jpg
images.1plus1.video/playlist-1/48/ Frame 8142 12 KB
12 KB 218ms
217ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/48/200x335.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 0a79e4b9555c24441d9c72f0c51a7793442ecb15b2b801a802fefca592b91c65

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 10:11:49 GMT
last-modified: Fri, 27 Oct 2017 06:54:58 GMT
server: nginx
etag: "2fc219c3f164ac38c04373b9337a23ee"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 11853
accept-ranges: bytes
x-1p1-cdn: BYPASS; Thu, 05 May 2022 10:11:49 GMT
expires: Thu, 12 May 2022 10:11:49 GMT

GET
H2 200 59c27a9e093f1ea64707f67133bcd71f.220x330.jpg
images.1plus1.video/playlist-1/7441/ Frame 8142 43 KB
43 KB 270ms
268ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/7441/59c27a9e093f1ea64707f67133bcd71f.220x330.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 7aaa78bc1b01f0a951224964358a71ff90abc02b7492f64c88980a13f73dbf95

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 10:11:49 GMT
last-modified: Wed, 26 Aug 2020 15:55:10 GMT
server: nginx
etag: "2a81b5e2906718ff87f0cab7caa5818e"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 44174
accept-ranges: bytes
x-1p1-cdn: BYPASS; Thu, 05 May 2022 10:11:49 GMT
expires: Thu, 12 May 2022 10:11:49 GMT

GET
H2 200 55f1bedc694d3cc5486c48c37f4c37cc.220x330.jpg
images.1plus1.video/playlist-1/103957/ Frame 8142 74 KB
74 KB 267ms
265ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/103957/55f1bedc694d3cc5486c48c37f4c37cc.220x330.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: d6a2db3e79fe9b07cd3d639778ab7a14c6b84fb1b8adb4bb7c4148a0ab070de0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 10:11:49 GMT
last-modified: Wed, 03 Feb 2021 13:04:39 GMT
server: nginx
etag: "f6b24d693a392d33eccdd561badd41d4"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 75576
accept-ranges: bytes
x-1p1-cdn: BYPASS; Thu, 05 May 2022 10:11:49 GMT
expires: Thu, 12 May 2022 10:11:49 GMT

GET
H2 200 6377a284bdacb578df4878bc8331958f.220x330.jpg
images.1plus1.video/playlist-1/7444/ Frame 8142 42 KB
43 KB 221ms
218ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/7444/6377a284bdacb578df4878bc8331958f.220x330.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 1494d2b38bdef6a3475b947ca1d5f10a402a0005b5ac0e1f052e689219dfd703

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 10:11:49 GMT
last-modified: Wed, 26 Aug 2020 15:52:34 GMT
server: nginx
etag: "ffb806c41dc466bdf688de555519a6ee"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 43433
accept-ranges: bytes
x-1p1-cdn: BYPASS; Thu, 05 May 2022 10:11:49 GMT
expires: Thu, 12 May 2022 10:11:49 GMT

GET
H2 200 12b3926bb861a8b9a74c7c08aa0b50c5.220x330.jpg
images.1plus1.video/playlist-1/659/ Frame 8142 37 KB
38 KB 220ms
217ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/659/12b3926bb861a8b9a74c7c08aa0b50c5.220x330.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: b2e6c00a45288868369ef6ac73eebb20af2b8a404f13a7a6d2ad2f3854282116

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 10:11:49 GMT
last-modified: Fri, 26 Jun 2020 10:56:32 GMT
server: nginx
etag: "e245ad3d562db3f3947df4042e215baa"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 38340
accept-ranges: bytes
x-1p1-cdn: BYPASS; Thu, 05 May 2022 10:11:49 GMT
expires: Thu, 12 May 2022 10:11:49 GMT

GET
H2 200 56bed3dbc2477b78fa6cf738a9952f4e.220x330.jpg
images.1plus1.video/playlist-1/126226/ Frame 8142 47 KB
47 KB 283ms
280ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/126226/56bed3dbc2477b78fa6cf738a9952f4e.220x330.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 47e0d362a8eaa14f412baa47e2e6be04c9c65e479e6de1281fdb511611ac917e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 10:11:49 GMT
last-modified: Tue, 09 Mar 2021 11:43:06 GMT
server: nginx
etag: "63d497ab8c8f34bcf71c318a6f3101bb"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 48068
accept-ranges: bytes
x-1p1-cdn: BYPASS; Thu, 05 May 2022 10:11:49 GMT
expires: Thu, 12 May 2022 10:11:49 GMT

GET
H2 200 220x330.jpg
images.1plus1.video/playlist-1/46079/ Frame 8142 16 KB
17 KB 283ms
280ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/46079/220x330.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: ce43847a09e5b32264fd405cadb39468fa323414fb98a57cf90ca100ecc3f365

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 10:11:49 GMT
last-modified: Fri, 27 Oct 2017 07:19:12 GMT
server: nginx
etag: "49f87d8676cf58992125d43f8dfe90bd"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 16618
accept-ranges: bytes
x-1p1-cdn: BYPASS; Thu, 05 May 2022 10:11:49 GMT
expires: Thu, 12 May 2022 10:11:49 GMT

GET
H2 200 c86c98626e6650b7cc45b9399ba831a7.220x330.jpg
images.1plus1.video/playlist-1/7442/ Frame 8142 53 KB
53 KB 269ms
267ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/7442/c86c98626e6650b7cc45b9399ba831a7.220x330.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 79bfb57ae767aa4d6ff454d85780b53b8b3c9c3c5407efa9a423e1d4b3a57603

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 10:11:49 GMT
last-modified: Wed, 23 Oct 2019 08:24:22 GMT
server: nginx
etag: "05c80966c5cb92f8fc27ec548a7ea448"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 54238
accept-ranges: bytes
x-1p1-cdn: BYPASS; Thu, 05 May 2022 10:11:49 GMT
expires: Thu, 12 May 2022 10:11:49 GMT

GET
H2 200 228b454045e09c310f5527498a6a5ce1.220x330.jpg
images.1plus1.video/playlist-1/120214/ Frame 8142 81 KB
82 KB 344ms
342ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/120214/228b454045e09c310f5527498a6a5ce1.220x330.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: bf4b80d75d372b22fefb1daed5d5d5113b8895af5d6f876a67dfaa07b6593c30

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 10:11:49 GMT
last-modified: Mon, 08 Nov 2021 14:27:00 GMT
server: nginx
etag: "71bf4a961435d1e5ba11acad363e4916"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 83351
accept-ranges: bytes
x-1p1-cdn: BYPASS; Thu, 05 May 2022 10:11:49 GMT
expires: Thu, 12 May 2022 10:11:49 GMT

GET
H2 200 200x335.jpg
images.1plus1.video/playlist-1/9960/ Frame 8142 14 KB
14 KB 270ms
269ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/9960/200x335.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 5767504edc32715193265cf5d3b599a76184ee3dc0856d90915fff2474ee1b24

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 10:11:49 GMT
last-modified: Fri, 27 Oct 2017 07:02:02 GMT
server: nginx
etag: "d341bae25e9d8c82ed89d493016581f7"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 14487
accept-ranges: bytes
x-1p1-cdn: BYPASS; Thu, 05 May 2022 10:11:49 GMT
expires: Thu, 12 May 2022 10:11:49 GMT

GET
H2 200 1757fcb6a34daa11f893254fee0138b4.220x330.jpg
images.1plus1.video/playlist-1/7446/ Frame 8142 42 KB
43 KB 271ms
269ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/7446/1757fcb6a34daa11f893254fee0138b4.220x330.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 7f573b2edce0b3073451c72bda43d4ae913c43a4ce64d90e69ae2897aa89c1b1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 10:11:49 GMT
last-modified: Wed, 26 Aug 2020 15:50:23 GMT
server: nginx
etag: "f2333e2ee23e5c2e678d7020c404c167"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 43372
accept-ranges: bytes
x-1p1-cdn: BYPASS; Thu, 05 May 2022 10:11:49 GMT
expires: Thu, 12 May 2022 10:11:49 GMT

GET
H2 200 200x335.jpg
images.1plus1.video/playlist-1/41106/ Frame 8142 13 KB
14 KB 271ms
270ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/41106/200x335.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 6aa5844ad135353e46dc232fe26175ca0b49c9b5ae0fca001f03c06496c05c1a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 10:11:49 GMT
last-modified: Fri, 27 Oct 2017 07:17:14 GMT
server: nginx
etag: "0320d58c71f341a6792beac800431198"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 13823
accept-ranges: bytes
x-1p1-cdn: BYPASS; Thu, 05 May 2022 10:11:49 GMT
expires: Thu, 12 May 2022 10:11:49 GMT

GET
H2 200 220x330.jpg
images.1plus1.video/playlist-1/44376/ Frame 8142 14 KB
14 KB 269ms
268ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/44376/220x330.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: e907d3f2e9ab46e2d2959431618413d3cbe722b9761e406bf765d156b154f90b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 10:11:49 GMT
last-modified: Fri, 27 Oct 2017 07:18:50 GMT
server: nginx
etag: "396db528b829a5251e8fc08d8ff63368"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 14386
accept-ranges: bytes
x-1p1-cdn: BYPASS; Thu, 05 May 2022 10:11:49 GMT
expires: Thu, 12 May 2022 10:11:49 GMT

GET
H2 200 fpdata.js Show response
gaua.hit.gemius.pl/ Frame 8142 281 B
353 B 57ms
57ms Script
application/x-javascript 146.59.10.80
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/fpdata.js?href=1plus1.video
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/gemiuslib.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.10.80 , France, ASN16276 (OVH, FR),
Reverse DNS: ip80.ip-146-59-10.eu
Software: GHC /
Resource Hash: 509b63890da97962bcb4475da88e5062f2525abf34371eceb1c6874b6a647d3a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 10:11:49 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
server: GHC
etag: PRIVATE7520710249
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: private, max-age=2592000
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 281
expires: Sat, 04 Jun 2022 10:11:49 GMT

GET
H2 200 lsget.html Show response
ls.hit.gemius.pl/ Frame 3DA2 5 KB
3 KB 57ms
57ms Document
text/html 146.59.30.104
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ls.hit.gemius.pl/lsget.html
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/gemiuslib.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.30.104 , France, ASN16276 (OVH, FR),
Reverse DNS: ip104.ip-146-59-30.eu
Software: GHC /
Resource Hash: e41bbf58a738d2b82107fc966db47daf150e94e62b0d612ad4a004d2ee6166ba

Request headers

Referer: https://1plus1.video/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: none
cache-control: private, max-age=2592000
content-encoding: gzip
content-length: 2724
content-type: text/html;charset=utf-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 May 2022 10:11:49 GMT
etag: PRIVATE7520710249
expires: Sat, 04 Jun 2022 10:11:49 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
p3p: CP="NOI DSP COR NID PSAo OUR IND"
server: GHC
vary: Accept-Encoding,Origin,User-Agent

POST
H/1.1 204
No Content multitracking Show response
ghb.adtelligent.com/adunit/ 0
220 B 205ms
205ms XHR
text/plain 2a06:8640:454::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/adunit/multitracking
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/458818/hbw_release_298309_11708.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:8640:454::2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://2plus2.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://2plus2.ua
Date: Thu, 05 May 2022 10:11:49 GMT
Access-Control-Allow-Credentials: true
Server: Adtelligent
Connection: Keep-Alive
X-Robots-Tag: noindex

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame DF10 0
9 B 40ms
40ms Image
text/plain 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?VTe0jA
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 10:11:49 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 redot.js Show response
gaua.hit.gemius.pl/_1651745509787/ Frame 8142 2 B
201 B 57ms
57ms Script
application/x-javascript 146.59.10.80
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/_1651745509787/redot.js?l=107&id=ByA1NmOpnbt8LmYqyjQkWrd8.l0YgocyqLXiHjiJayv.h7&et=data&hsrc=3&extra=_EC%3Dstreamcontent%7C_SPI%3D1651745510579%7C_SP%3D12XPPTDu%7C_SPD%3D2plus2.ua%7C_SPV%3D100%7C_SPR%3D655x370%7C_SC%3D12XPPTDu%7CcurrentDomain%3D2plus2.ua%7CcurrentNetwork%3Dhome%7CprojectID%3D4844%7C_SCV%3D100%7Cmute%3Dfalse%7C_SCR%3D655x370%7C_SCT%3DChomu%20ne%20varto%20vikladati%20fotografiyi%20ukrayinskoyi%20tehniki%20ta%20vijskovih%20v%20internet%7CvideoType%3D3%7CUserType%3DNotAuthorized%7CCategory%3DNWS_2P2%7C_SCD%3D210%7C_SCTE%3DVideo%7C_SCPD%3D20220223%7C_SCTY%3D12%2F00%7CcontentType%3Dnegative%7C_SCTT%3D1&eventid=0&fr=3&tz=0&fv=-&href=https%3A%2F%2F1plus1.video%2Fvideo%2Fembed%2F12XPPTDu%3Fautoplay%3D0%26l%3Dua%26logo%3Dplus2&ref=https%3A%2F%2F2plus2.ua%2F&screen=1600x1200r1000&col=24&window=655x370&ltime=81&lsdata=8CZ7HRoPgVfpPltx2Lr6yiNNkB7NBHLburOt2YsMkYz.671eR9Q9sp.0Igv5q0Y.ElwDoJ0l8xei6vRty_gXDAhWcouq/WYRt8UOMaPjUi/&fpdata=-TURNEDOFF&vis=1
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/gemiuslib.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.10.80 , France, ASN16276 (OVH, FR),
Reverse DNS: ip80.ip-146-59-10.eu
Software: GHC /
Resource Hash: 75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 May 2022 10:11:49 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 2
expires: Wed, 04 May 2022 10:11:49 GMT

GET
H3 200 bridge3.513.0_uk.html Show response
imasdk.googleapis.com/js/core/ Frame 08F6 634 KB
205 KB 125ms
42ms Document
text/html 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.513.0_uk.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fee16498329c5bddfecef53ed162e76233403438a486a5e8bb8176cd16fcd87a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1plus1.video/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 465388
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 210012
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Sat, 30 Apr 2022 00:55:22 GMT
expires: Sun, 30 Apr 2023 00:55:22 GMT
last-modified: Sat, 30 Apr 2022 00:40:54 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 8142 44 KB
16 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 10:11:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 05 May 2022 10:11:49 GMT

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 8142 107 B
122 B 130ms
49ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=1plus1.video

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 05 May 2022 10:11:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame E53E 37 KB
13 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 09:17:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3253
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Thu, 05 May 2022 10:17:36 GMT

POST
H2 204 collect Show response
i.clarity.ms/ 0
48 B 323ms
322ms XHR
text/plain 52.167.85.21
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clarity.ms/collect
Requested by: Host: i.clarity.ms
URL: https://i.clarity.ms/s/0.6.34/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.167.85.21 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://2plus2.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: https://2plus2.ua
date: Thu, 05 May 2022 10:11:49 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=591E4CB85A314218A9CB35639ACB1208&RedC=c.clarity.ms&MXFR=21B296F69E206BE9303F876D9A206524
https://c.clarity.ms/c.gif?CtsSyncId=591E4CB85A314218A9CB35639ACB1208&MUID=0CAC3596CB0A639E1504240DCAEA6236

42 B
368 B

38ms
38ms

Image
image/gif

52.142.114.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=591E4CB85A314218A9CB35639ACB1208&MUID=0CAC3596CB0A639E1504240DCAEA6236
Protocol: H2
Server: 52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 May 2022 10:11:49 GMT
last-modified: Fri, 18 Mar 2022 19:39:54 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "8120eaf0ff3ad81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Thu, 05 May 2022 10:11:50 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7FE7A92C110144BB94F6201112FE2AA2 Ref B: LON04EDGE1115 Ref C: 2022-05-05T10:11:50Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=591E4CB85A314218A9CB35639ACB1208&MUID=0CAC3596CB0A639E1504240DCAEA6236
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 138ms
56ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022042801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61a801bc565be6c9c5d431566c22aab339f5e7f287d0935f6c533e4db3bd5f34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 05 May 2022 10:11:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10596
x-xss-protection: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 7FB9 14 KB
6 KB 176ms
58ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=2plus2.ua

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

67b5149e118833c325f62559db1efb40d9047c5f6ea3e8e12685e28a2545f717

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://2plus2.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-length: 5883
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 05 May 2022 10:11:49 GMT
server-processing-duration-in-ticks: 1582
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H/1.1 200
OK / Show response
api.1plus1.video/home/vmap/ Frame 08F6 753 B
1 KB 108ms
108ms XHR
application/xml 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.1plus1.video/home/vmap/?s=2plus2.ua&r=YUhSMGNITTZMeTh5Y0d4MWN6SXVkV0V2&w=655&h=370&c=12XPPTDu&d=web&p1v=0&pid=4844
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.513.0_uk.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: 545c03490456c9777a1df86643bd7c6640ac6920e61c5d729ddbd0befea5a39e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 May 2022 10:11:50 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: application/xml
Access-Control-Allow-Origin: https://imasdk.googleapis.com
Cache-Control: no-store, no-cache, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Keep-Alive: timeout=15
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame EA5D 0
0 108ms
108ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022050301&jk=1901673866264601&bg=!h4SlhMDNAAZX5TVhd-U7ACkAdvg8Wjgs6_SzgdvPNXpdbTpaRwqa7x2M9vpeV69vyt_h7n_gMKc3tgIAAABsUgAAAAJoAQeZAqgbEynwsw8WQr9vxYD0KYT4WXeyxoaAdUrrSjEjM-9VVqcpNFGbeji6WJ7EyOgInugontzM65WlKc6kMeGKLRqy7pksU4g4P01hqRXP5zPvOGUGlUkVdlc0zcH3QBAV5zpF6ZzLeU4HrwX5Gl8mnw9PYbsfHAn7e1nRBhy39b7_Hga1SC-ENTgrdisCEZvhKqZjwoWGsU4e2UUe38rDO74dw0f1E8cTYl2bg5Mm8X_pcIPv27CEbspn8fLHxeWbRcrqW_FGSh_HsU95JKrvtq-ZAcRTxzpxsy1a1_-Z6vfs0mkGPC_yPxTcoLughb1hU9UZW5ZjwYx7AcjPcU1Af3wEwmeWCbsbzUfmJjktb5tfNhN37xpmqDCk1-XkUYZqF0pznP436nyB2a8sGqScZ88YFUVnqu8ODosFQzcJgn1Eh7RlK51oL6qLG2tNL_6LV5_U4c4pHbPVf8xCtTzs62UQA24Y46yemiaw1hqKeaDiLDCT83mccEb10kW4G5lTP_O_iGPcY0UAE3RgwX7bN_1bNpAni0t6O0fkCVyLLDqPgbIcn8qLsz8rPfp11qVyDFzvcT5IzwdLwvTdGiVMUPS7MOMOt2PbpuX9PUjdSlirkw5W9D_7rXdkZEvWm1PRw1lVTcHGuNlT-RkKvPg1joJOkIwO6V0lEvWym3hP5Cv7B_6B5dEFQ47kfftdhrfRV1pvYEBHqyGbe-2FlUEISVvXISBC8WqXPzMBPDtfswk5UZ3xYr8kyy3_VVKZ1FaDr1hlj2fLDWRK49BVpAsZsjjmlENMb1jLObXcFkoHr39FeydxoX36ksm-clXRsQ48z7T9r_HfxYZHq9wNI0-BBF9N4iLIUorexPt0c_5M-iIPO-Gt_zcW3lVnxrY2dN22V9tbmVSAd8Dd4g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vid4.tsn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D6F4 42 B
64 B 74ms
73ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvRWukIBbtzCTdC1G_g5CVstAmZaYRiBQqwK-v-j49IogHG61KDVG1g4zb_Opu5DBnN8D5y0x3gL-tAn2rY-_xqimD6__wj81aJnz-uEZtVc7kpones&sig=Cg0ArKJSzM5js6wGdUNiEAE&id=lidar2&mcvt=1000&p=1020,80,1200,1520&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220504&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=3097772190&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1651745509140&rpt=187&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 May 2022 10:11:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 51ms
51ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 10:11:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 05 May 2022 10:11:50 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 7FB9
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=2plus2.ua&sn=ChromeSyncframe&so=0&topUrl=2plus2.ua&cw=1&lsw=1&topicsavail=0
https://mug.criteo.com/sid?cpp=_IUIOHxQUW1uSGsrUm9DQTh3czlySjNQUmNpbEZob0tHdlBBNGhTTEQvVm1zN0N4aDY3TG1kcXg0Z3Vzd3A2ZXVpWThoT3lzc3B5Q2tUQmh3eUpSRFVWb1hUb3dMTDgxSWRhTzBEbW02cCt6LzJST0wyQUtEeHdOdUNPOW...

433 B
630 B

129ms
39ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=_IUIOHxQUW1uSGsrUm9DQTh3czlySjNQUmNpbEZob0tHdlBBNGhTTEQvVm1zN0N4aDY3TG1kcXg0Z3Vzd3A2ZXVpWThoT3lzc3B5Q2tUQmh3eUpSRFVWb1hUb3dMTDgxSWRhTzBEbW02cCt6LzJST0wyQUtEeHdOdUNPOWZmN3VkWGlGMEFES1dCbUhVcWVhVjN0RHlkYm9aTzAzNHlacy9pV0pETlJJQWl0MDN6ZmZxT1l0aUZwbzdCWGFvZWt5a2NXUzg2OHd4MnE0cEhEcWdpTE5HS1Vtc2VlSm5Mcm5wK0VUSTZCSWhRUHFLaTNvS29xelB5RGlQNUxBbThVMmdpMWJnUmhBSit6TWxTb1dISENUaENCV2ZoUT09fA&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

5aec4f8e93021dd69334832eeb40bfd6c2fd11170c097a7386aa957d724b80ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 May 2022 10:11:49 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 5021
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 05 May 2022 10:11:49 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=_IUIOHxQUW1uSGsrUm9DQTh3czlySjNQUmNpbEZob0tHdlBBNGhTTEQvVm1zN0N4aDY3TG1kcXg0Z3Vzd3A2ZXVpWThoT3lzc3B5Q2tUQmh3eUpSRFVWb1hUb3dMTDgxSWRhTzBEbW02cCt6LzJST0wyQUtEeHdOdUNPOWZmN3VkWGlGMEFES1dCbUhVcWVhVjN0RHlkYm9aTzAzNHlacy9pV0pETlJJQWl0MDN6ZmZxT1l0aUZwbzdCWGFvZWt5a2NXUzg2OHd4MnE0cEhEcWdpTE5HS1Vtc2VlSm5Mcm5wK0VUSTZCSWhRUHFLaTNvS29xelB5RGlQNUxBbThVMmdpMWJnUmhBSit6TWxTb1dISENUaENCV2ZoUT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1348
content-length: 541
expires: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0AAE 13 KB
5 KB 40ms
40ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2plus2.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 86
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 05 May 2022 10:10:24 GMT
expires: Fri, 05 May 2023 10:10:24 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6E7A 783 B
534 B 50ms
50ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

df19e156a8b83249e567db79bc08d5bfcd0056cb5ffa5e93f6380c99b43c6d31

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-LFcMMrkFHYYoy9pCBNu9gw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://2plus2.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-LFcMMrkFHYYoy9pCBNu9gw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 05 May 2022 10:11:50 GMT
expires: Thu, 05 May 2022 10:11:50 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 dFqp3r-NjKYIiZFGuMjg27V2y58JRdrnPk3CKLoufA4.js Show response
pagead2.googlesyndication.com/bg/ Frame 0AAE 35 KB
13 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/dFqp3r-NjKYIiZFGuMjg27V2y58JRdrnPk3CKLoufA4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

745aa9debf8d8ca608899146b8c8e0dbb576cb9f0945dae73e4dc228ba2e7c0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 09:58:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 779
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13694
x-xss-protection: 0
last-modified: Mon, 02 May 2022 13:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 05 May 2023 09:58:51 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6E7A 0
0 105ms
105ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022042801&jk=1023514898314542&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 0AAE 0
9 B 40ms
40ms Image
text/plain 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?p17a3Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 10:11:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 a
www.googletagmanager.com/ 0
17 B 57ms
57ms Image
image/gif 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-KRRGZR24WG&cv=1&v=3&t=t&pid=1669321828&rv=540&es=1&e=gtm.load&eid=12&u=C&tc=10&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 May 2022 10:11:50 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 111E 42 B
64 B 75ms
75ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss-gxcRiQUEN2GmfbJl6sczW7GiGbakgF_NMdnMyzV73Wx4PBz5cNjw0tYTeee8OSUAz1j5sgGW2yIHFHrXmKXtc8jcPeXL75fbJcnFG31GgRU&sai=AMfl-YTGxycLAHud6Aym8DwRz_sdBIvb85bO2plmD8hyapHnUq6aSSW2SBpnIBG184NwE-LiQezCyymWRRZok8aIk1wVLe0Rbe1RlxDGMAzf5-fiGHMfyy9MXZqMWJb0EJE&sig=Cg0ArKJSzKEyIV-WvxInEAE&cid=CAASJ-RotsfetUvNVJTgwbIljXHdJuoBL9D5ehc3NyJyXo4uSA8yREdCgA&id=ampim&o=992,645&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=613&tls=1613&g=99.95833039283752&h=99.95833039283752&tt=1613&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=3937908213

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 May 2022 10:11:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 92ms
92ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022042801&jk=1023514898314542&bg=!7e6l7qrNAAZX5TVhd-U7ACkAdvg8WkBn9UZ5STzDiPm0JUn607EOT-2Hq2iEXeg0ieINpcbkQnFTCgIAAABPUgAAAANoAQcKANcYQjWlnVCXTiOTJXKvLG49C9d8gQqqnr-Vz9Wggme-Luz2R9r8Z_1NxVxfAzKglJm2lMwPqgszSVwe28pN74WKRc60USs7HO8GgmlXV_Bvxwfq7kxFlVEDhVNd7x2er5OquAirMtCJ2k08QHmKQtlPTAVBYAP9AkpX9LHXDx_NQW563F9BzVpgoG6lv0ImNWnAvKELyZczzWDT0iVu6Ligl-aY8EZfNfdTU0Qn2UFW6N7qSWTNGaKrbH989ZDLKqsCdGgtT1Pyplnf_MkZ6o31f-m438FNypkCpqM_EhfEFJ67Oz5Dbc4J8aj4iZYOxahiLrEDToGqdTO-L9zlsFUNKiaOEA77DbFZ0N-dmMWELkWwvPkAp8_X9xfDcrd2eNQssgfnQmtoS8GmdYrLBoOB8UxXbwJz7kBqjAdv5Jsf7-LDdoTh_cJdlXQ_p7UX8cWjzy3-VacddxNQx-bgXF_4wTF8-26kgiTYbeyPf_Uif-kHay2t3Jee25U0DW0hBcWHPVlPrUKlJQQJxw6p9zusVpQ-pGVyiNhn94mb6Y8TxCip18QTa6EmeVUod2Uj6ZJh57tFSRrQ6IgljT8_s4nxA2jwdyaTPFQ_dS0kNMqPt1sqPQoHIff7kMwj2mgdq0Us3dmvSlCO4b6tAe7Nr6PuawLehcW8M2KwomfaXLSvjvcYTllDnQjrKngrkD88f80CGDuUc70_LcA_oOnkBlilp22Eq4uIfwUD4YIcpvPuAQXEBHnID1rr4Fbsl_x8u9WFuiAZ5JMy2aCYKR6r0HrstIeWQjPxgakEX3FwX_MJEOmUA75KtCIfbI85POKuxOX8qbh5G6dHK_MfarCQ1T2DwlLe-E3O8CyZlHmJVRfWsDqmgLgBQ9ZR-w2cKFmz02NbVI6kNCLx319UugeUOwu0SPWanv8CkozQKgyv2plTjcLCGrnHm0-HfYVu2vh0JZX-IAsMaI-eempGVO1R5fRO5HIs4hnPQC2_ky4cNiLz9U_tIcl5y7K9Y29eNLGQwdy0Z6Mci8puiZiOe47CKZkKFWesQJuWzQX03rJbX2aEC5lGMOPZEnBkwfWa83H24i6yQ1PunFrsrAj6BtOXwf8NuOGYEkZRi-Q209nB1qDGmlzkRaejI7YkzVEC8IZlNO6wR3Drw2-NAHQq-PzAclyG3hwugpX8L38FAiF2J_ojQg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 179ms
60ms Preflight
application/json 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2F2plus2.ua%2F&domain=2plus2.ua&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://2plus2.ua
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://2plus2.ua
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Thu, 05 May 2022 10:11:50 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 1197
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2F2plus2.ua%2F&domain=2plus2.ua&cw=1&pbt=1&lsw=1
https://mug.criteo.com/sid?cpp=yCRVhXxIZy9QbC9oK0NMSVUzUGkyZ21TWUZMblUzRUxMVlBPNlFDYkFuWUdDTk50cHYzM1pUZDFOWGpqWDNBWlF1aFE2eEZqN2F6YUJmNHl5THVrMDdtL1VmSkk5aEFTY2JvWDc2SGEzbFl4bW5yN0RwN2U4WVg4WVVTbD...

412 B
664 B

39ms
38ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=yCRVhXxIZy9QbC9oK0NMSVUzUGkyZ21TWUZMblUzRUxMVlBPNlFDYkFuWUdDTk50cHYzM1pUZDFOWGpqWDNBWlF1aFE2eEZqN2F6YUJmNHl5THVrMDdtL1VmSkk5aEFTY2JvWDc2SGEzbFl4bW5yN0RwN2U4WVg4WVVTbDcrdEVrRGxjRHpNREI4cVhRQ3NST3FFbnBOZ0JTS0RsV3E1ZmNZd0RSemhMcVo0aVl6RW5GL2liNU0wdFRMRDl5WEUyTkZRL3pVU1lOWXR1OHpBazcxZjdmcU5CQTMwTGJSSlJieVB6Q3ZQaXpRdWR0ZGUxWVcydWc1VVFHZG5LZFpiV2JMb2lsKzJhVnp4clJ3Z3JRV1JXVG1XUkZpdz09fA&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

09c0a9a02fdc704410847fa8a9d97afccc66a3e6192d67b1110af4a4f2d7f439

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 May 2022 10:11:51 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 3552
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 05 May 2022 10:11:51 GMT
location: https://mug.criteo.com/sid?cpp=yCRVhXxIZy9QbC9oK0NMSVUzUGkyZ21TWUZMblUzRUxMVlBPNlFDYkFuWUdDTk50cHYzM1pUZDFOWGpqWDNBWlF1aFE2eEZqN2F6YUJmNHl5THVrMDdtL1VmSkk5aEFTY2JvWDc2SGEzbFl4bW5yN0RwN2U4WVg4WVVTbDcrdEVrRGxjRHpNREI4cVhRQ3NST3FFbnBOZ0JTS0RsV3E1ZmNZd0RSemhMcVo0aVl6RW5GL2liNU0wdFRMRDl5WEUyTkZRL3pVU1lOWXR1OHpBazcxZjdmcU5CQTMwTGJSSlJieVB6Q3ZQaXpRdWR0ZGUxWVcydWc1VVFHZG5LZFpiV2JMb2lsKzJhVnp4clJ3Z3JRV1JXVG1XUkZpdz09fA&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://2plus2.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1090
content-length: 541
expires: 0

POST
H/1.1 200 692.json Show response
id5-sync.com/g/v2/ 213 B
616 B 177ms
42ms XHR
application/json 54.36.109.186
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/692.json

Requested by

Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/458818/hb_298309_11708.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.36.109.186 , France, ASN16276 (OVH, FR),

Reverse DNS

p06.id5-sync.com

Software

Resource Hash

0acc069e271360967c13cbe45605fe16cc38e975cd639740afae4ed382c4d1f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://2plus2.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://2plus2.ua
Date: Thu, 05 May 2022 10:11:51 GMT
Access-Control-Allow-Credentials: true
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: application/json;charset=UTF-8

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 108ms
37ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Thu, 05 May 2022 10:11:52 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 1690
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

POST
H2 204 collect Show response
i.clarity.ms/ 0
48 B 106ms
105ms XHR
text/plain 52.167.85.21
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clarity.ms/collect
Requested by: Host: i.clarity.ms
URL: https://i.clarity.ms/s/0.6.34/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.167.85.21 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://2plus2.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: https://2plus2.ua
date: Thu, 05 May 2022 10:11:51 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ib.adnxs.com
URL: https://ib.adnxs.com/ut/v3/prebid

Domain: ads.adnuntius.delivery
URL: https://ads.adnuntius.delivery/i?tzo=0&format=json

Domain: prebid.a-mo.net
URL: https://prebid.a-mo.net/a/c

Domain: ib.adnxs.com
URL: https://ib.adnxs.com/ut/v3/prebid

Domain: bidder.criteo.com
URL: https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.7.0-pre&cb=7985437254

Domain: fastlane.rubiconproject.com
URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2126352&size_id=10&eid_pubcid.org=0173205c-b247-4248-bf4c-697697c6eda3%5E1&rf=https%3A%2F%2F2plus2.ua%2F&tk_flint=pbjs_lite_v6.7.0-pre&x_source.tid=852a6b8d-a5f7-470f-b90b-e5192be5f913&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5955337777035268

Domain: ghb1.adtelligent.com
URL: https://ghb1.adtelligent.com/v2/auction/

Domain: hbopenbid.pubmatic.com
URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client

Domain: fastlane.rubiconproject.com
URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48106&zone_id=2153570&size_id=15&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=0173205c-b247-4248-bf4c-697697c6eda3%5E1&rf=https%3A%2F%2F2plus2.ua%2F&tk_flint=pbjs_lite_v6.7.0-pre&x_source.tid=b34ec039-d684-425d-92e6-aa084e3837d7&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.15486769129218358

Domain: fastlane.rubiconproject.com
URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48106&zone_id=2153570&size_id=10&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=0173205c-b247-4248-bf4c-697697c6eda3%5E1&rf=https%3A%2F%2F2plus2.ua%2F&tk_flint=pbjs_lite_v6.7.0-pre&x_source.tid=852a6b8d-a5f7-470f-b90b-e5192be5f913&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.4444144731768638

Verdicts & Comments Add Verdict or Comment

98 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

43 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
2plus2.ua/	1970-01-20 02:49:12	Name: XSRF-TOKEN Value: eyJpdiI6InpOTE4ySndFQmJrMU5BXC9qRmtueVhRPT0iLCJ2YWx1ZSI6IlNoUnNLamxGdHh3TVlHaExocU1acThRVkhRc3YxZk80VXhSU25OMHptK3RvQmpzY2dhVkRiSjdwa2ltTE9TT2UiLCJtYWMiOiJjZmZlY2I2YTk4NTYxZmRiNDk4NDc4NWIzODQ1MWZhN2VmMGE0MzI2ODUyMDQ1YWZlMzdmYWI0MmM2OTliYjZlIn0%3D
2plus2.ua/	1970-01-20 02:49:12	Name: 2plus2_session Value: eyJpdiI6Ill1SWlJandrY085aDVnWU83SDRqRUE9PSIsInZhbHVlIjoicUhaVmMyWE15MnlmMkhndytvVVlLUUpnMklURTBKaldMSWxaNmliYzBEbHZQTWdpUUNuOW1vdXBndFZSbG4rVCIsIm1hYyI6IjE4MDk1MDAxZDA2MmJmNzMyYTk1MWI5NGE4OWM4OGU0MWRmZjVlYzQyZTU0YmI1YTIxNzc1Y2RhYTkxMGNlMTcifQ%3D%3D
.1plus1.video/	1970-01-20 20:20:17	Name: _opov_sid_ Value: itgkerlbbe9jt6ordo3jai0i3r
2plus2.ua/	1970-01-20 02:49:07	Name: session_id Value: 0e936290-8a88-4a05-81af-5ae4387491de
2plus2.ua/	1970-01-20 02:49:07	Name: session_pageview Value: 1651745508.1
2plus2.ua/	1970-01-20 03:32:17	Name: site_visited Value: 1651831908.1
2plus2.ua/	1970-01-21 06:35:45	Name: lapuid Value: df40e55d-b86e-4599-bed9-72fdc530c105
2plus2.ua/	1970-01-20 12:15:00	Name: _pk_id.6.87d8 Value: e1a6f6062c612d2e.1651745508.1.1651745508.1651745508.
2plus2.ua/	1970-01-20 02:49:07	Name: _pk_ses.6.87d8 Value: *
.2plus2.ua/	1970-01-20 12:17:53	Name: __gfp_64b Value: eozQ9NxgOwiBLgZNui22nu4YhV2PhIwTV82G0RtOiZX.b7\|1651745508
a4p.adpartner.pro/	1970-01-20 04:15:29	Name: apuid Value: df40e55d-b86e-4599-bed9-72fdc530c105
a4p.adpartner.pro/	1970-01-21 06:35:45	Name: apudmg Value: 1
.2plus2.ua/	1970-01-20 20:20:17	Name: _ga_KRRGZR24WG Value: GS1.1.1651745508.1.0.1651745508.0
.2plus2.ua/	1970-01-20 20:20:17	Name: _ga Value: GA1.2.1052512619.1651745508
.2plus2.ua/	1970-01-20 02:50:31	Name: _gid Value: GA1.2.1923654488.1651745508
.2plus2.ua/	1970-01-20 02:49:05	Name: _gat_UA-3838466-26 Value: 1
.2plus2.ua/	1970-01-20 02:49:05	Name: _gat_UA-113262294-1 Value: 1
www.clarity.ms/	1970-01-20 11:34:41	Name: CLID Value: 2e7155939c2d418f833748b9343d24fd.20220505.20230505
2plus2.ua/	1970-01-20 03:32:17	Name: _pbjs_userid_consent_data Value: 3524755945110770
.2plus2.ua/	1970-01-20 11:34:41	Name: _pubcid Value: 0173205c-b247-4248-bf4c-697697c6eda3
.2plus2.ua/	1970-01-20 04:58:41	Name: _fbp Value: fb.1.1651745508576.12946635
1plus1.video/	1970-01-21 05:05:53	Name: _opov_hid_l Value: 325815ad-6ae4-54a5-8fba-3c18da334889
.admixer.net/	1970-01-20 04:58:41	Name: am-uid Value: 60adc0c61cda4a8185ce4a3e2d2f78b1
pbjs.e-planning.net/	1969-12-31 23:59:59	Name: CT Value: 1
.facebook.com/	1970-01-20 04:58:41	Name: fr Value: 0flSd2y50NcT6XY13..Bic6Lk...1.0.Bic6Lk.
.e-planning.net/	1970-01-22 16:08:17	Name: E Value: AP3Yovxf0tLCTcJV
.rubiconproject.com/	1970-01-20 11:34:41	Name: khaos Value: L2SUMNA7-1-LYAI
.rubiconproject.com/	1970-01-20 11:34:41	Name: audit Value: 1\|hLZGFuTafB1NWpcQ9nIPVlqbBgMWySGKoH1GQZR6kugsjeDKZpe5AFN5Ga6T60TUYQYf3MpFfFvgcRgjl6EitdZeyV7KzLVX3OlDu/ORdD8=
.2plus2.ua/	1970-01-20 11:34:41	Name: _clck Value: nj83nb\|1\|f17\|0
.2plus2.ua/	1970-01-20 12:10:41	Name: __gads Value: ID=0293a191cd994ff6-22ea262b8dcd003f:T=1651745508:S=ALNI_MaJR4yj6f2rAjkHfmIW8q751MYzEw
.2plus2.ua/	1970-01-20 02:50:31	Name: _clsk Value: 1790146\|1651745509271\|1\|1\|i.clarity.ms/collect
.doubleclick.net/	1970-01-20 12:10:41	Name: IDE Value: AHWqTUkZ0fCo3QDvXcqVmF3XATasHHiUkBGgqzyVOMDubnCi1SqEI5HI-Piod13bxpU
.adtelligent.com/	1970-01-20 04:18:22	Name: vmuid Value: f1178cfb7bb0c4b0
.adtelligent.com/	1970-01-20 04:18:22	Name: a307558 Value: df40e55d-b86e-4599-bed9-72fdc530c105
.doubleclick.net/	1970-01-20 02:49:09	Name: DSID Value: NO_DATA
.hit.gemius.pl/	1970-01-20 12:17:53	Name: Gdyn Value: KlSSQRaGQMGGE9vjYQXhvocissGMD19oL6nxmGBpu7C7weaiGsRP0QlGvGQpIFg8SLS8RgTSFsCB0788MG..
.criteo.com/	1970-01-20 12:10:41	Name: uid Value: a018fb5a-c972-4315-9ea7-7a4959572dc3
.c.bing.com/	1970-01-20 12:10:41	Name: SRM_B Value: 0CAC3596CB0A639E1504240DCAEA6236
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 12:10:41	Name: MUID Value: 0CAC3596CB0A639E1504240DCAEA6236
.c.clarity.ms/	1970-01-20 02:49:06	Name: ANONCHK Value: 0
.2plus2.ua/	1970-01-20 12:10:41	Name: cto_bundle Value: -BKqUV9ieEdEOWdmUE1GbDc3UURkcFZnQ1hOWjFzOXdSWlBwcDdpU2xFUlVaSmNZS1czY05mY2Mzajh3eUpTb3l2RTd0JTJCdjhCWXN1dGF1SlVjZFIlMkZqTjhOWnYlMkJpQ0MxZ21hOTJMaHEyQTRLb3liJTJGNHB0NjU1dkNSUmNuU3ZNbWNQYTlxeGNBdzNmemFmSFpScWs0cW1rUThzdyUzRCUzRA
.2plus2.ua/	1970-01-20 12:10:41	Name: cto_bidid Value: 0OrXoF9VWlBWRElrNCUyQlNrVGV2V0pid1E2QmJDakhXaFFhWVAwZnNFJTJCMnE3Y3JOQWI5bWZRSUhENDVrU0t5M04lMkI4eGQ5MUlWUEk3dVczQ3RMOWtvVFZGMUhpWmhDeDdZZmFVdE1UenlPbWhmaEhnayUzRA

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://script.crazyegg.com/pages/scripts/0068/3674.js Message: Failed to load resource: the server responded with a status of 410 ()
other	warning	URL: https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1plus1.video
1x1.a-mo.net
2plus2.ua
67ea7742091d4720280b403c9a2c7a23.safeframe.googlesyndication.com
a4p.adpartner.pro
ads.adnuntius.delivery
ads.eu.criteo.com
adservice.google.co.uk
adservice.google.com
adtelligent-d.openx.net
api.1plus1.video
assay.1plus1.ua
bidder.criteo.com
c.bing.com
c.clarity.ms
c1640cebe3c27285c67f93ff751706fd.safeframe.googlesyndication.com
cat.fr.eu.criteo.com
cdn.ampproject.org
cdn.mouseflow.com
connect.facebook.net
csm.eu.criteo.net
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
gaua.hit.gemius.pl
ghb.adtelligent.com
ghb1.adtelligent.com
googleads.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
i.clarity.ms
ib.adnxs.com
id5-sync.com
images.1plus1.video
imasdk.googleapis.com
inv-nets.admixer.net
ls.hit.gemius.pl
mug.criteo.com
onetag-sys.com
pagead2.googlesyndication.com
pbjs.e-planning.net
player.adtcdn.com
player.adtelligent.com
prebid-eu.creativecdn.com
prebid.a-mo.net
rtb.nl.eu.criteo.com
s0.2mdn.net
script.crazyegg.com
securepubads.g.doubleclick.net
static.criteo.net
stats.g.doubleclick.net
sync.adtelligent.com
tpc.googlesyndication.com
vid4.tsn.ua
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.co.uk
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
ads.adnuntius.delivery
bidder.criteo.com
fastlane.rubiconproject.com
ghb1.adtelligent.com
hbopenbid.pubmatic.com
ib.adnxs.com
prebid.a-mo.net
100.25.50.170
137.74.6.209
146.0.227.110
146.59.10.80
146.59.30.104
151.139.128.11
178.250.0.157
178.250.0.160
178.250.0.162
185.184.8.90
195.137.240.108
195.137.240.12
195.137.240.21
195.137.240.82
216.58.212.162
2602:803:c004:200::140
2606:4700::6813:9308
2620:1ec:27::cafe:1761
2620:1ec:c11::200
2a00:1450:4001:803::2001
2a00:1450:4001:808::2002
2a00:1450:4001:808::2003
2a00:1450:4001:80e::200a
2a00:1450:4001:810::2002
2a00:1450:4001:811::2001
2a00:1450:4001:811::2003
2a00:1450:4001:811::2006
2a00:1450:4001:812::200a
2a00:1450:4001:813::2002
2a00:1450:4001:827::2008
2a00:1450:4001:828::2003
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2004
2a00:1450:4001:831::2002
2a00:1450:400c:c08::9b
2a02:2638:1::13
2a02:2638:1::2
2a02:2638:1::3
2a02:2638::b
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
2a06:8640:454::2
2a06:98c1:3120::a
35.244.159.8
45.133.44.4
46.249.52.248
51.75.86.98
52.142.114.2
52.167.85.21
54.36.109.186
62.149.0.72
0479c803e597c9eacc35328c18e47b75104c9c67359da67d31fa807de6309663
0504d9f9a134a9acc6d5ffefacd131df9ed5ac7023d3c2aeecd48a4d0419a3e8
07671695ecbfafd1df80c0c7855d6896fc17025f972748ac410e37ac4e11c88a
08c321615bfe65e41e8aef06d659058d5bbcf35c9d6e539962337833d7178b8a
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
09c0a9a02fdc704410847fa8a9d97afccc66a3e6192d67b1110af4a4f2d7f439
09dc81d8f75325db9496418bc7ace8f7cbe3a58486ae220e7a3477f0d3a46a1a
0a79e4b9555c24441d9c72f0c51a7793442ecb15b2b801a802fefca592b91c65
0acc069e271360967c13cbe45605fe16cc38e975cd639740afae4ed382c4d1f9
0b43999f77e447254a78e068f55a6cc9075071b252277337b901e095e607e474
0b8a17793a0291b59ff3b8553ec9fe1d3cccc8cf1b482a408184d3a2f4d1405f
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
10066841bfc9534e75adc9de3c5b8f027a6d4cf60e8cc53debef50491928e60d
10d2a6ea0bf55991c488f4da1a20347f2b8def032d90c361052f981cb1a66aed
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1131a012ce42c7d356b40916f290389f017f6c0e1c64fa7eec75b6988e9794f3
12dce315d1b30fafff70b92232490b5b1996e8bebc262cb96da11399f5101707
143f50225190e7a587d8e43d7504c7645b29f1dfb957eae82f59977a6cc35c98
1494d2b38bdef6a3475b947ca1d5f10a402a0005b5ac0e1f052e689219dfd703
162494aa6881face214d38b96351f874a65216201f50e94761ca21808c0aa93f
1ec70c7fb22a0abb4cf77eab8f2b4b3a5c674107b30f1bdf7f4d118a9c61e7da
213738a8de7a1e55874dcbc92825c84599256579b64f60f19c2514e61844e6bb
25bba93bc221f1d1e18034ceeb0dc0ecf488bb284e1252f0b6d0933c736f5607
260561a7eb727dcab19e6a6fcf626183fb3abe0b46a122d7cdae9c6d6dca97b4
265564711b8fd136d368efb9154e8b2758c252140b92d442bf497e60ceffd01b
2a883589d6ea7adecaa145a243b4b000ebed25dfa9409f1f9d194ca78e948655
2c6f8514aff1ae9881bafc5480a32f95aa0d897292b1193b8980c240db5b9319
2ddefcdc9f260c5ffeb93fed110fe9d929028226f9a2d8a4934ea52b546e9640
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e8fa2037c41372ddc72ea1e08a477ba37998b54b5416b8cff0554fa5b865e27
2eb2a641ec9143273f4f5ba4f1526364fd4b1a040b628b4be54b77dbe362690f
2f488a23fe332868855dfba61081897ca435847b702c9a574fc5b6392513ab62
33a45a5a9868fae393389cde23193e59ecadb3a257550ceb3d7499b15d985d10
344eccc5f3ea7ebac658c1b57b9b4a21b83405d1065a480bf2bb3d01628e5e20
373deb961a720e1e159bdafc2ab4e9ad0478f910034025f667c92e21dbd0a044
3877a009c29d6544113f27118f4d44385da6d6703ff8d53ed031e6da71825888
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
3dac64a94fcc4eae3c54f1f12824e9b82bebbec1acb3cb8b908f4ecc1f90e578
3e50ec9bf9cd0bd36e6893758780613e45003ce16354ba6d3efff6e51edb6ef6
42d66f023bb368180a0b3fe8fb92af402514a0c335f3c16279c020398e6b9308
43a7239809c6cfc3947c71e51994028cfa0c2e677e9b145f5268ceeeee44058a
445d6e1a25578d69c7d03621b9bc0a520434d7cecbe54d76b4cc1014b91b176c
45ec126404f27bc9fdaf8459a6031b49e175e642b9271fbe155351dd40c3323a
47e0d362a8eaa14f412baa47e2e6be04c9c65e479e6de1281fdb511611ac917e
4db0db1b0ec61d70f51453277619507174ed6a80abaf674f823ea98afe7ccc76
4dfcc59345601436c5a52aea77795af215ca3cc868f16625e9831bb3436c46b5
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
509b63890da97962bcb4475da88e5062f2525abf34371eceb1c6874b6a647d3a
517d4417f1918881abb8b87e7be918ca95b9eb50de3a5ef4a46e2e39626aba7b
5386569878747f2828c6208083d18112c85bbbfdd35b3649e39ed092bcb066c6
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
545c03490456c9777a1df86643bd7c6640ac6920e61c5d729ddbd0befea5a39e
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
564790a34f4bb222b6812e6c32b124320b3ccd5db9a922fcff71f72a4bd02673
5767504edc32715193265cf5d3b599a76184ee3dc0856d90915fff2474ee1b24
5aec4f8e93021dd69334832eeb40bfd6c2fd11170c097a7386aa957d724b80ba
5bd4028a13823e4cb51c6ed68de8c7caf866e65a3aff354f7f8b825e5162db06
5f9ecc527406b9b72bc3a9f4527892dcf842584b7e6aeb7ce816a4c7c8803954
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
61a801bc565be6c9c5d431566c22aab339f5e7f287d0935f6c533e4db3bd5f34
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64018c36747d449e570f24cab8b3c9d1e9ea794cf06a288e5adafff3da652ab3
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
672ace95a9ff08fd4323923191fafd7b76c9ede3ae21cc62724afb4dff985b24
67b5149e118833c325f62559db1efb40d9047c5f6ea3e8e12685e28a2545f717
6aa5844ad135353e46dc232fe26175ca0b49c9b5ae0fca001f03c06496c05c1a
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d32f601c4a70fbe6bef70e5bb4e5de954c403f3c6ddc2a863f5c1dc1cf08096
6d42b2dd7915d0fdf5a29856c1d3676a136c81749136fdc5f5982de1b920fcda
6da76e0407ac20e5be7f38f73d9eae1ffc3bd492aa79769c9d900613db9b5dd5
6ffa5fd683a8e61e0a4e754b3e49b86bb60102f2f8a49fe436246fe9f75cc056
70fc6297755708572b6259cc6e6da1bde39fcecf116ae7613812851387ede878
714576ef1d7b58980b7658ae9b8b4d74a223fba87934dc442db4098873e179a3
745aa9debf8d8ca608899146b8c8e0dbb576cb9f0945dae73e4dc228ba2e7c0e
7474ecc7d60f03269d15b705fbb693e21b99cf3e49cfe205851a2a8e78ced8f3
75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070
76aca2a3a5554f3302fb8b7bf6db768cdddd1af7bcd81be8766d03528c39c58e
780b234b206f3b9fac169be115b90495b905bbb51398dcb124632189098626ba
792972a6b7f330144c0cf22b9c63f8efaff4665dfb2b43868d0cbbaff721d100
79bfb57ae767aa4d6ff454d85780b53b8b3c9c3c5407efa9a423e1d4b3a57603
7aaa78bc1b01f0a951224964358a71ff90abc02b7492f64c88980a13f73dbf95
7b4d209e019d525108a428fb8d0e7cb68682773f4727e4ec5b665b9adcdd4ffb
7cb80600e5a94d1377601ce57410ccecdc6a78a71e3a64f6e89e299469fce7bf
7de6dac2fc26f86b23539bc1375a7a1476b7e4710fa89c9d62e2dd91f870ed93
7e83fe9975d2dd72d4a583fa4b72114cd7f17941a949a037fb961a11b12713e4
7f573b2edce0b3073451c72bda43d4ae913c43a4ce64d90e69ae2897aa89c1b1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8cc13350e5c65223229a458ee1986bd13f4914bf953484681d70665643669c02
8dd3b91ca60e6a0486326c5c275590dd1d753240c2efa9f94730815813997fee
8e73a30d35c83ea6a597c3343324d2b7df097ad26e67b62efb5266ee12d317b5
8ea36d679c5c9dd3d5582d5f55c70ef4d7e3cf8d5360f8c45a637587483f6ee1
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
8fb8fc201a6f570ebfce0b3504f6da40f0976cd36c20e2983b6e5b172ebf56a0
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9fc647aa2ef1f6aa26e64231a4f860b77f8e5ca45ddb241de99581e1235df68d
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a31a5a6210be0318a982c5ff4dbd05d8c4181a45e372c1996e61648b6ec1f8a4
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4c79b989a211b44504ad668ce4735034f136a4844cf4e218def8abed6e3f52d
a691ce0fb054d5f2128394b9ad9c5961d7c0cdc1804bc83d6760df78ee304d7f
a691f57079e070b3ea5d9c8216aaa72f97dbb23311be026e34f9fb38e8375a42
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a72ee3b483fdcb212b243a4e684c497f598916becbe02e14b48fae84ff65504c
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a8cebc2cb04ac75776e861a533e41ea0bd3b69d06f461cb78e086602dac603aa
a8d1c57b01007eaa4933afdfbc828a409c8abf496e5ddb0f39a376653578a7ba
ab78862b7b55cf304c19ea338fac95cf92f89fb22bf5e1d619fa2a88e1395505
ab913a87b721b324515eba65e3e6824a4eca503780e9deb7e4d375204c282e95
aca3b34fb99455fa342d4d89856fdf30d43d066085082f51302c500a4117e70b
aec5ee5147fdc283bcb601dc6231c234d9bec077d32756aef2a75eeedf78038f
aff66da2e24f7833ec3ac1e7136c44b55c3ed0118957894c77eca728bd5fac50
b193870accab29b89002aaa58e418b4db56e6e42818331efa382c961f804ebab
b2e6c00a45288868369ef6ac73eebb20af2b8a404f13a7a6d2ad2f3854282116
b394d33b2a7ec654a6b037ebfda6618341b3f897a362be624c923c2711b54a43
b819b3ac2fe5857b7026a609f9115f0d50a7d6e8085ba5987d70ed6baaa41f4e
b8932e55bce97d6d35de8202e904b5e2a193e581de1f9774ee52c30a4855a72f
b94ed570e00f5bba0eaed65da67bf6f2fc5e107446a682eb045f20dbd12ab0e8
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bc963544c7b58831207820ca1f6aa75f0265843be105cab7b7c3744155616f3a
bd9072da49e87b2c3688527532eb51a54a6886366915be497e4e2de0c83e5859
bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f
bebe4fb762f5ea81bc209bf891f5694a01a1972695aa2d37daf097d39265a987
bf0580d31e1287915cebdeb747e7e7cf1018948bcc1a78e635e8221ac8cb6c1b
bf4b80d75d372b22fefb1daed5d5d5113b8895af5d6f876a67dfaa07b6593c30
c2b41dcd7776686e96f5297b06b60ce188b7ce8ce7affb7c9e8838acc12c2808
c37ed9f531908e685246b16e07daa1c170118e08ff442d3ed23079a03c424300
c4a648b90b933da069c2324f7919ea7e313922f846864276c5f33bcc95506103
c7571d58fa40f74107002e9991f3b84ca5da3aef2f9f366a7ddc27afb9a90dc0
c8c9282bac0c52f3cb2d49215efe8727bb99da2e83220c8c7d40ddac223a39f3
c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca63193ce799e4e00c9106349365981dc6e26cb77632ebf5df23dffba2aaccfa
caa3f87a56e40740e19b8dd5c06a604a33307440286aeb16c49e435673b82264
cb33386457609ed59866c61e2d9b0d4f4c3c5c6e2c7401c0a0a9fd8f5ff0c951
cc20836eb2d5394802aed9567ebeadedd3e71db838445c2c355d722c81cca043
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ccf3892e102a8b34779354aa891c86830fb3b0a1a6e147cb6480d0d6a5e0982f
ce43847a09e5b32264fd405cadb39468fa323414fb98a57cf90ca100ecc3f365
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d3fd91ee62256b439f81a02c678e02a4ac665a52642a475e1cec17e5959db19b
d64597e0f7fbfca465f7c2c3c9353a29d4746301632781083f45faed2dcc0b51
d6a2db3e79fe9b07cd3d639778ab7a14c6b84fb1b8adb4bb7c4148a0ab070de0
dab4780998aad7a03561182c6b44eab31e6c5c862385789768f90aaf6ca341a5
db1e8ca32d9160e5a98ebab86225e05e9b7557e38d27b0e30d994d4242aae414
db959e63207318d8bfe13549f2b88dfbe7367b2111092e5108c01a02b4f0abd8
dc41a2546e6b5e28ddf2602393ecf0337cf32b46eefecea182a5e3a08f1edaff
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
ded40bc9b131ce8d897e8319b65b204d44da586ca44e661f3acc33cb6438b1f4
df19e156a8b83249e567db79bc08d5bfcd0056cb5ffa5e93f6380c99b43c6d31
e029f52d3ee7b5d529e43509e78c8aad836f222e32a308e61360e3fddcec6320
e084c8a87da9ce64e34972a1718ce788ea46bb7898330c73e1a7f2b6c9936d98
e0f2bfbabb9841847f2a5b6e1a90ea85ed2cda2648ac0ced424a8e9769e38514
e24ce462b090fdbb38af89384909309483db1a66bc0d1ce4a5141c4864467868
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e2b2134adf52398755a5e6428ee95f6a6f99db6b82530f2b3e964c5be470cfe0
e3183b259c9e857b9698410a6b912450e6d4dc1618853ea757545d4ddfc78ad7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41bbf58a738d2b82107fc966db47daf150e94e62b0d612ad4a004d2ee6166ba
e5cd340aebdac524f66963419dec2aa5ef62af2e968e9aefbea43c786a5a8dd0
e8bc4e2d593bea6f6640df74d4c2be4a6a8a74047c0cfb437f1eb97fe7f48afc
e907d3f2e9ab46e2d2959431618413d3cbe722b9761e406bf765d156b154f90b
eb304e313491d5a4d77214f5ce10ebb33835bd94442f4de41e29133df61b00d4
eb48a34a91d3fdd3665e2fb56217552b50f9f487542b09baaf3a8c14ebb894f3
ed9485b6127bcfe9b62b355abca05225978a6d01a05c25b4711f7e1e33e54102
edeb614d625875ae12208e175cbc8fa1be018781b9ea9a7938263fd843246556
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f075430c55bc47cc660158d8052f54734e43db2d92056110140205c97d00da2b
f1b2415f02c89234a4b94896afa68c68db82465563711b8b05f0c1b8b3ba580b
f336a6da2e57a1dd5bcd42f29f901d5252438a16952e4577ebdb6e0871e812a0
f375aaa522232e786256e11ddb093a95c35026397d3967ba0b66dd427d833a2e
f91108ecc7b1151d5275520fcd26cb102dcda34f6bbdfdf147128192116f699d
f92fcd99c137555750ef914dff1bf0f52073044fc89d95f304771eaf02d33b9f
fa3bcc93d1be83ac7d82cd6182d25741cdef5d016e40436266df12a50abbebc3
fa6b6e3804d27952e60bba62059b44a9aa470d384da576e1af8499d358733b5d
fcbd587432f5e88fc926d1cde0d375084b7f3e711f9ff34571dec52f70fb27cf
fcf4613e913c4da2518bacd91be54f7217fb8df8ae60534a3cdc0e8d315275d8
fd8027b53a97cbd5782e85c5908e563c39776703ff9279f50658e630927b4167
fee16498329c5bddfecef53ed162e76233403438a486a5e8bb8176cd16fcd87a
ffd4dc484943174781bcde95fc3eb8a447c4b210f31db0652aadbe21fae2fbe8

2plus2.ua Open in urlscan Pro 195.137.240.82 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

262 Requests

93 %HTTPS

57 %IPv6

38 Domains

62 Subdomains

53 IPs

9 Countries

6754 kBTransfer

11713 kBSize

43 Cookies

24 Outgoing links

Page URL History

Redirected requests

262 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

2plus2.ua Open in urlscan Pro
195.137.240.82 Public Scan

Screenshot
Live screenshot

Full Image

262
Requests

93 %
HTTPS

57 %
IPv6

38
Domains

62
Subdomains

53
IPs

9
Countries

6754 kB
Transfer

11713 kB
Size

43
Cookies

262 HTTP transactions
5 data transactions