1plus1.ua Open in urlscan Pro
195.137.240.80 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://1plus1.ua/
Effective URL:
https://1plus1.ua/
Submission: On November 01 via api (November 1st 2022, 12:27:14 am UTC) from GB — Scanned from GB

Summary HTTP 344 Redirects Links 32 Behaviour Indicators

Summary

This website contacted 82 IPs in 12 countries across 70 domains to perform 344 HTTP transactions. The main IP is 195.137.240.80, located in Ukraine and belongs to ASN-UNIAN, UA. The main domain is 1plus1.ua. The Cisco Umbrella rank of the primary domain is 606088.
TLS certificate: Issued by R3 on September 12th 2022. Valid for: 3 months.

This is the only time 1plus1.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 10	195.137.240.80 195.137.240.80	29389 (ASN-UNIAN) (ASN-UNIAN)
24	195.137.240.108 195.137.240.108	29389 (ASN-UNIAN) (ASN-UNIAN)
13	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
40	195.137.240.21 195.137.240.21	29389 (ASN-UNIAN) (ASN-UNIAN)
5	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
4	45.133.44.3 45.133.44.3	7018 (ATT-INTER...) (ATT-INTERNET4)
2	195.137.240.12 195.137.240.12	29389 (ASN-UNIAN) (ASN-UNIAN)
4	2a03:90c0:41:... 2a03:90c0:41:2801::254	199524 (GCORE) (GCORE)
1	18.66.97.10 18.66.97.10	16509 (AMAZON-02) (AMAZON-02)
22	195.137.240.20 195.137.240.20	29389 (ASN-UNIAN) (ASN-UNIAN)
1 11	54.37.238.28 54.37.238.28	16276 (OVH) (OVH)
1	194.247.175.38 194.247.175.38	196831 (BEMOBILE-AS) (BEMOBILE-AS)
7	194.247.175.26 194.247.175.26	196831 (BEMOBILE-AS) (BEMOBILE-AS)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	52.222.236.43 52.222.236.43	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
7	2a0c:5c81:514... 2a0c:5c81:5142::2	55081 (24SHELLS) (24SHELLS)
1	18.66.147.62 18.66.147.62	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	35.214.236.176 35.214.236.176	15169 (GOOGLE) (GOOGLE)
2 2	3.123.58.204 3.123.58.204	16509 (AMAZON-02) (AMAZON-02)
2	62.149.1.122 62.149.1.122	15497 (COLOCALL ...) (COLOCALL Internet Data Center ColoCALL)
1 2	54.38.197.123 54.38.197.123	16276 (OVH) (OVH)
1	72.251.249.9 72.251.249.9	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
3	146.59.30.96 146.59.30.96	16276 (OVH) (OVH)
3 11	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
6	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
2	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	147.75.85.234 147.75.85.234	54825 (PACKET) (PACKET)
2	2a02:2638::24 2a02:2638::24	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	185.172.90.252 185.172.90.252	49981 (WORLDSTREAM) (WORLDSTREAM)
1	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	185.255.84.150 185.255.84.150	200271 (IGUANE-) (IGUANE-)
1 3	51.75.86.98 51.75.86.98	16276 (OVH) (OVH)
1	146.0.227.109 146.0.227.109	20773 (GODADDY) (GODADDY)
8	2602:803:c004... 2602:803:c004:200::141	26667 (RUBICONPR...) (RUBICONPROJECT)
1	172.67.137.15 172.67.137.15	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2006	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
1 2	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	35.204.74.118 35.204.74.118	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 10	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
4 4	3.123.63.102 3.123.63.102	16509 (AMAZON-02) (AMAZON-02)
2 2	3.127.109.147 3.127.109.147	16509 (AMAZON-02) (AMAZON-02)
1	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
2 2	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
1 2	184.24.1.49 184.24.1.49	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 4	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	162.19.138.118 162.19.138.118	16276 (OVH) (OVH)
2	23.35.236.201 23.35.236.201	16625 (AKAMAI-AS) (AKAMAI-AS)
2	23.203.77.3 23.203.77.3	16625 (AKAMAI-AS) (AKAMAI-AS)
17	2606:4700:10:... 2606:4700:10::6816:1857	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	37.252.173.38 37.252.173.38	29990 (ASN-APPNEX) (ASN-APPNEX)
3 4	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
1	37.157.4.29 37.157.4.29	198622 (ADFORM) (ADFORM)
2	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:400... 2a04:4e42:400::300	54113 (FASTLY) (FASTLY)
1	2600:1f18:659... 2600:1f18:6593:f602:8bd3:480b:a39:d536	14618 (AMAZON-AES) (AMAZON-AES)
2	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	2a05:d018:24:... 2a05:d018:24:b002:eb7b:3a65:f7da:a48f	16509 (AMAZON-02) (AMAZON-02)
2 2	52.18.158.197 52.18.158.197	16509 (AMAZON-02) (AMAZON-02)
1	18.198.69.109 18.198.69.109	16509 (AMAZON-02) (AMAZON-02)
1 1	151.1.205.165 151.1.205.165	3242 (ASN-ITNET) (ASN-ITNET)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	34.111.131.239 34.111.131.239	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	185.15.245.83 185.15.245.83	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	99.81.33.254 99.81.33.254	16509 (AMAZON-02) (AMAZON-02)
1 1	212.82.100.182 212.82.100.182	34010 (YAHOO-IRD) (YAHOO-IRD)
1 1	52.58.224.147 52.58.224.147	16509 (AMAZON-02) (AMAZON-02)
1	34.98.67.61 34.98.67.61	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	54.72.167.131 54.72.167.131	16509 (AMAZON-02) (AMAZON-02)
1	162.55.236.225 162.55.236.225	24940 (HETZNER-AS) (HETZNER-AS)
2 2	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
1 1	104.79.88.164 104.79.88.164	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	52.45.193.237 52.45.193.237	14618 (AMAZON-AES) (AMAZON-AES)
3 5	52.95.122.74 52.95.122.74	16509 (AMAZON-02) (AMAZON-02)
1	104.76.200.221 104.76.200.221	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	52.50.73.154 52.50.73.154	16509 (AMAZON-02) (AMAZON-02)
7 9	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	141.95.98.65 141.95.98.65	16276 (OVH) (OVH)
1 1	2a05:d018:d29... 2a05:d018:d29:3602:6ee:8b56:8f25:1314	16509 (AMAZON-02) (AMAZON-02)
1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 3	52.46.130.91 52.46.130.91	16509 (AMAZON-02) (AMAZON-02)
1	2a03:2880:f02... 2a03:2880:f02d:e:face:b00c:0:2	32934 (FACEBOOK) (FACEBOOK)
344	82

10 195.137.240.80 (Ukraine) 1 redirects

ASN29389 (ASN-UNIAN, UA)
PTR: front02.1plus1.ua

1plus1.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 195.137.240.108 (Ukraine)

ASN29389 (ASN-UNIAN, UA)
PTR: front03.1plus1.ua

1plus1.video	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.1plus1.video	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 195.137.240.21 (Ukraine)

ASN29389 (ASN-UNIAN, UA)
PTR: images.1plus1.ua

images.1plus1.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 45.133.44.3 (Philadelphia, United States)

ASN7018 (ATT-INTERNET4, US)

player.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.137.240.12 (Ukraine)

ASN29389 (ASN-UNIAN, UA)
PTR: assay.1plus1.ua

assay.1plus1.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:90c0:41:2801::254 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)

cdn.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-10.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 195.137.240.20 (Ukraine)

ASN29389 (ASN-UNIAN, UA)
PTR: images.1plus1.ua

images.1plus1.video	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 54.37.238.28 (Poland) 1 redirects

ASN16276 (OVH, FR)
PTR: ip28.ip-54-37-238.eu

gaua.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 194.247.175.38 (Ukraine)

ASN196831 (BEMOBILE-AS, UA)

source.mmi.bemobile.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 194.247.175.26 (Ukraine)

ASN196831 (BEMOBILE-AS, UA)

pa.tns-ua.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sslpagestat.mmi.bemobile.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-43.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a0c:5c81:5142::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)

ghb.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ghb1.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ghb2.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.62 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-62.fra60.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.214.236.176 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 176.236.214.35.bc.googleusercontent.com

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.123.58.204 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-58-204.eu-central-1.compute.amazonaws.com

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 62.149.1.122 (Ukraine)

ASN15497 (COLOCALL Internet Data Center ColoCALL, UA)

sync.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.38.197.123 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: app-ngx-pl-01.adpartner.pro

a4p.adpartner.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.251.249.9 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 146.59.30.96 (France)

ASN16276 (OVH, FR)
PTR: ip96.ip-146-59-30.eu

ls.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

05bba7976c30603a03eda28442e0f28c.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.85.234 (Schiphol, Netherlands)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::24 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.172.90.252 (Naaldwijk, Netherlands) 1 redirects

ASN49981 (WORLDSTREAM, NL)
PTR: ads.us.e-planning.net

pbjs.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.150 (France)

ASN200271 (IGUANE-, FR)

hb-api.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.75.86.98 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.0.227.109 (Ascension Island)

ASN20773 (GODADDY, DE)

inv-nets.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2602:803:c004:200::141 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.137.15 (United States)

ASN13335 (CLOUDFLARENET, US)

ads.adnuntius.delivery	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

adtelligent-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:18ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.74.118 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 172.217.16.194 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f194.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.123.63.102 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-63-102.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.127.109.147 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-109-147.eu-central-1.compute.amazonaws.com

ads.creative-serving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.56.137 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.24.1.49 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-24-1-49.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638::1c (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.19.138.118 (France)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.203.77.3 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-77-3.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.173.38 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.227.248.159 (Kansas City, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.4.29 (Denmark)

ASN198622 (ADFORM, DK)

dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::300 (United States)

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:6593:f602:8bd3:480b:a39:d536 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dmp.v.fwmrm.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:24:b002:eb7b:3a65:f7da:a48f (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

sync.tidaltv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.18.158.197 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-158-197.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.198.69.109 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com

loadeu.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.1.205.165 (Rogeno, Italy) 1 redirects

ASN3242 (ASN-ITNET, IT)

bn01.er.bemail.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Schopfheim, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.131.239 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com

idsync.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.15.245.83 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

dmp.theadex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.81.33.254 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-33-254.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.182 (Dublin, Ireland) 1 redirects

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.58.224.147 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-224-147.eu-central-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.72.167.131 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-167-131.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.55.236.225 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.225.236.55.162.clients.your-server.de

sync.richaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.194.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.79.88.164 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-79-88-164.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.45.193.237 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-193-237.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.95.122.74 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.76.200.221 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-76-200-221.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.50.73.154 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-73-154.eu-west-1.compute.amazonaws.com

obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 69.173.144.165 (Frankfurt am Main, Germany) 7 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3602:6ee:8b56:8f25:1314 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.46.130.91 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f02d:e:face:b00c:0:2 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

graph.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
52	1plus1.ua 1 redirects 1plus1.ua — Cisco Umbrella Rank: 606088 images.1plus1.ua — Cisco Umbrella Rank: 994357 assay.1plus1.ua	3 MB
46	1plus1.video 1plus1.video — Cisco Umbrella Rank: 244707 api.1plus1.video — Cisco Umbrella Rank: 291177 images.1plus1.video — Cisco Umbrella Rank: 574477	2 MB
32	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 100 05bba7976c30603a03eda28442e0f28c.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 135	331 KB
24	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 182 stats.g.doubleclick.net — Cisco Umbrella Rank: 76 cm.g.doubleclick.net — Cisco Umbrella Rank: 213	242 KB
19	rubiconproject.com 7 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 450 eus.rubiconproject.com — Cisco Umbrella Rank: 573 pixel.rubiconproject.com — Cisco Umbrella Rank: 338 token.rubiconproject.com — Cisco Umbrella Rank: 657	27 KB
17	zeotap.com spl.zeotap.com — Cisco Umbrella Rank: 3061 mwzeom.zeotap.com — Cisco Umbrella Rank: 2495	5 KB
16	google.com 3 redirects adservice.google.com — Cisco Umbrella Rank: 71 www.google.com — Cisco Umbrella Rank: 2	4 KB
15	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 383	326 KB
14	gemius.pl 1 redirects gaua.hit.gemius.pl — Cisco Umbrella Rank: 65651 ls.hit.gemius.pl — Cisco Umbrella Rank: 13765	69 KB
13	adtelligent.com player.adtelligent.com — Cisco Umbrella Rank: 6136 ghb.adtelligent.com — Cisco Umbrella Rank: 5906 sync.adtelligent.com — Cisco Umbrella Rank: 4125 ghb1.adtelligent.com — Cisco Umbrella Rank: 6671 ghb2.adtelligent.com — Cisco Umbrella Rank: 8892	149 KB
10	gstatic.com www.gstatic.com fonts.gstatic.com	640 KB
9	criteo.com 2 redirects bidder.criteo.com — Cisco Umbrella Rank: 735 gum.criteo.com — Cisco Umbrella Rank: 408 mug.criteo.com — Cisco Umbrella Rank: 3300	9 KB
9	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 36 imasdk.googleapis.com — Cisco Umbrella Rank: 417	696 KB
8	amazon-adsystem.com 5 redirects aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1241 s.amazon-adsystem.com — Cisco Umbrella Rank: 289	6 KB
6	pubmatic.com hbopenbid.pubmatic.com — Cisco Umbrella Rank: 431 ads.pubmatic.com — Cisco Umbrella Rank: 463 image6.pubmatic.com — Cisco Umbrella Rank: 668	12 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 29	59 KB
5	admixer.net cdn.admixer.net — Cisco Umbrella Rank: 41593 inv-nets.admixer.net — Cisco Umbrella Rank: 2506	85 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 51	237 KB
4	tapad.com 3 redirects pixel.tapad.com — Cisco Umbrella Rank: 424	1 KB
4	yahoo.com 4 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 286 cms.analytics.yahoo.com — Cisco Umbrella Rank: 848 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 419	2 KB
4	bidswitch.net 4 redirects x.bidswitch.net — Cisco Umbrella Rank: 291	3 KB
4	google.de adservice.google.de — Cisco Umbrella Rank: 9167 www.google.de — Cisco Umbrella Rank: 6364	2 KB
4	tns-ua.com pa.tns-ua.com — Cisco Umbrella Rank: 126315	4 KB
4	bemobile.ua source.mmi.bemobile.ua — Cisco Umbrella Rank: 404865 sslpagestat.mmi.bemobile.ua — Cisco Umbrella Rank: 419891	20 KB
3	krxd.net 1 redirects beacon.krxd.net — Cisco Umbrella Rank: 555 usermatch.krxd.net — Cisco Umbrella Rank: 1364	942 B
3	openx.net adtelligent-d.openx.net — Cisco Umbrella Rank: 27350 rtb.openx.net — Cisco Umbrella Rank: 1413 u.openx.net — Cisco Umbrella Rank: 681	814 B
3	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 750	693 B
3	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 616 script.hotjar.com — Cisco Umbrella Rank: 771 vars.hotjar.com — Cisco Umbrella Rank: 882	69 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 551	854 B
2	crwdcntrl.net 2 redirects bcp.crwdcntrl.net — Cisco Umbrella Rank: 748	1 KB
2	weborama.fr 2 redirects idsync.frontend.weborama.fr — Cisco Umbrella Rank: 27555	681 B
2	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 202	2 KB
2	tidaltv.com 2 redirects sync.tidaltv.com — Cisco Umbrella Rank: 1338	752 B
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 353	529 B
2	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 484	1 KB
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 658	57 KB
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1238	458 B
2	creative-serving.com 2 redirects ads.creative-serving.com — Cisco Umbrella Rank: 3983	1 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 822 s.tribalfusion.com — Cisco Umbrella Rank: 2171	1 KB
2	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 257	33 KB
2	e-planning.net 1 redirects pbjs.e-planning.net — Cisco Umbrella Rank: 7298	2 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 106 graph.facebook.com — Cisco Umbrella Rank: 126	770 B
2	adpartner.pro 1 redirects a4p.adpartner.pro — Cisco Umbrella Rank: 8196	506 B
2	mfadsrvr.com 2 redirects rtb.mfadsrvr.com — Cisco Umbrella Rank: 920	1 KB
2	loopme.me csync.loopme.me — Cisco Umbrella Rank: 879
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 190	74 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 145	89 KB
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 373	707 B
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1187	396 B
1	imrworldwide.com 1 redirects obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com — Cisco Umbrella Rank: 16214	214 B
1	bluekai.com tags.bluekai.com — Cisco Umbrella Rank: 514	145 B
1	mathtag.com 1 redirects pixel.mathtag.com — Cisco Umbrella Rank: 937	770 B
1	richaudience.com sync.richaudience.com — Cisco Umbrella Rank: 2108	359 B
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 944	356 B
1	agkn.com 1 redirects aa.agkn.com — Cisco Umbrella Rank: 467	528 B
1	theadex.com dmp.theadex.com — Cisco Umbrella Rank: 23742	84 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1615	596 B
1	bemail.it 1 redirects bn01.er.bemail.it — Cisco Umbrella Rank: 146154	659 B
1	exelator.com loadeu.exelator.com — Cisco Umbrella Rank: 7143	324 B
1	fwmrm.net dmp.v.fwmrm.net — Cisco Umbrella Rank: 11451	411 B
1	taboola.com trc.taboola.com — Cisco Umbrella Rank: 631	161 B
1	adform.net dmp.adform.net — Cisco Umbrella Rank: 3683	331 B
1	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 210
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 812	714 B
1	adnuntius.delivery ads.adnuntius.delivery — Cisco Umbrella Rank: 39185	2 KB
1	omnitagjs.com hb-api.omnitagjs.com — Cisco Umbrella Rank: 3906	524 B
1	creativecdn.com prebid-eu.creativecdn.com — Cisco Umbrella Rank: 6188	171 B
1	a-mo.net prebid.a-mo.net — Cisco Umbrella Rank: 932	271 B
1	lijit.com ap.lijit.com — Cisco Umbrella Rank: 594	277 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 869	695 B
344	70

	Domain	Requested by
40	images.1plus1.ua	1plus1.ua
22	images.1plus1.video	1plus1.ua 1plus1.video
17	tpc.googlesyndication.com	1plus1.ua 05bba7976c30603a03eda28442e0f28c.safeframe.googlesyndication.com securepubads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
15	cdn.ampproject.org	securepubads.g.doubleclick.net
15	api.1plus1.video	1plus1.ua api.1plus1.video 1plus1.video client imasdk.googleapis.com
14	mwzeom.zeotap.com
13	pagead2.googlesyndication.com	1plus1.ua pagead2.googlesyndication.com 05bba7976c30603a03eda28442e0f28c.safeframe.googlesyndication.com tpc.googlesyndication.com imasdk.googleapis.com
11	www.google.com	3 redirects api.1plus1.video 1plus1.ua tpc.googlesyndication.com
11	gaua.hit.gemius.pl	1 redirects 1plus1.ua gaua.hit.gemius.pl 1plus1.video
10	cm.g.doubleclick.net	2 redirects 1plus1.ua 05bba7976c30603a03eda28442e0f28c.safeframe.googlesyndication.com spl.zeotap.com
10	1plus1.ua	1 redirects 1plus1.ua
9	1plus1.video	1plus1.ua 1plus1.video
8	fastlane.rubiconproject.com	player.adtelligent.com
8	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net 1plus1.ua
6	www.gstatic.com	www.google.com 1plus1.ua 05bba7976c30603a03eda28442e0f28c.safeframe.googlesyndication.com
5	pixel.rubiconproject.com	3 redirects
5	aax-eu.amazon-adsystem.com	3 redirects
5	fonts.googleapis.com	api.1plus1.video 05bba7976c30603a03eda28442e0f28c.safeframe.googlesyndication.com 1plus1.ua
5	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net imasdk.googleapis.com
5	ghb.adtelligent.com	player.adtelligent.com
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com 1plus1.ua
5	www.googletagmanager.com	1plus1.ua 1plus1.video
4	token.rubiconproject.com	4 redirects
4	pixel.tapad.com	3 redirects
4	gum.criteo.com	2 redirects static.criteo.net
4	x.bidswitch.net	4 redirects
4	imasdk.googleapis.com	1plus1.video imasdk.googleapis.com
4	fonts.gstatic.com	fonts.googleapis.com
4	pa.tns-ua.com	1plus1.ua source.mmi.bemobile.ua pa.tns-ua.com
4	cdn.admixer.net	1plus1.ua cdn.admixer.net
4	player.adtelligent.com	1plus1.ua player.adtelligent.com
3	s.amazon-adsystem.com	2 redirects
3	spl.zeotap.com	player.adtelligent.com spl.zeotap.com
3	mug.criteo.com
3	onetag-sys.com	1 redirects player.adtelligent.com
3	sslpagestat.mmi.bemobile.ua	source.mmi.bemobile.ua
3	ls.hit.gemius.pl	gaua.hit.gemius.pl
3	adservice.google.de	pagead2.googlesyndication.com securepubads.g.doubleclick.net
2	sync-tm.everesttech.net	2 redirects
2	beacon.krxd.net	spl.zeotap.com
2	bcp.crwdcntrl.net	2 redirects
2	idsync.frontend.weborama.fr	2 redirects
2	dpm.demdex.net	2 redirects
2	sync.tidaltv.com	2 redirects
2	image6.pubmatic.com	spl.zeotap.com ads.pubmatic.com
2	match.adsrvr.org	spl.zeotap.com
2	eus.rubiconproject.com	player.adtelligent.com eus.rubiconproject.com
2	ads.pubmatic.com	player.adtelligent.com
2	id5-sync.com	player.adtelligent.com
2	static.criteo.net	player.adtelligent.com static.criteo.net
2	sync.teads.tv	1 redirects 1plus1.ua
2	ups.analytics.yahoo.com	2 redirects
2	ads.creative-serving.com	2 redirects
2	s0.2mdn.net	imasdk.googleapis.com
2	pbjs.e-planning.net	1 redirects 1plus1.ua
2	bidder.criteo.com	player.adtelligent.com
2	hbopenbid.pubmatic.com	player.adtelligent.com
2	05bba7976c30603a03eda28442e0f28c.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	a4p.adpartner.pro	1 redirects player.adtelligent.com
2	sync.adtelligent.com	player.adtelligent.com 1plus1.ua
2	rtb.mfadsrvr.com	2 redirects
2	csync.loopme.me	player.adtelligent.com
2	www.googletagservices.com	1plus1.ua
2	connect.facebook.net	1plus1.ua connect.facebook.net
2	assay.1plus1.ua	1plus1.ua
1	graph.facebook.com	1plus1.ua
1	px.ads.linkedin.com
1	pr-bh.ybp.yahoo.com	1 redirects
1	lb.eu-1-id5-sync.com	player.adtelligent.com
1	obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com	1 redirects
1	tags.bluekai.com	spl.zeotap.com
1	usermatch.krxd.net	1 redirects
1	pixel.mathtag.com	1 redirects
1	sync.richaudience.com	spl.zeotap.com
1	odr.mookie1.com	spl.zeotap.com
1	aa.agkn.com	1 redirects
1	cms.analytics.yahoo.com	1 redirects
1	dmp.theadex.com	spl.zeotap.com
1	dsp.adfarm1.adition.com	1 redirects
1	bn01.er.bemail.it	1 redirects
1	loadeu.exelator.com	spl.zeotap.com
1	dmp.v.fwmrm.net	spl.zeotap.com
1	trc.taboola.com	spl.zeotap.com
1	dmp.adform.net	spl.zeotap.com
1	ib.adnxs.com	spl.zeotap.com
1	u.openx.net	player.adtelligent.com
1	rtb.openx.net	05bba7976c30603a03eda28442e0f28c.safeframe.googlesyndication.com
1	um.simpli.fi	1 redirects
1	s.tribalfusion.com	1plus1.ua
1	a.tribalfusion.com	1 redirects
1	adtelligent-d.openx.net	player.adtelligent.com
1	ads.adnuntius.delivery	player.adtelligent.com
1	ghb2.adtelligent.com	player.adtelligent.com
1	ghb1.adtelligent.com	player.adtelligent.com
1	inv-nets.admixer.net	player.adtelligent.com
1	hb-api.omnitagjs.com	player.adtelligent.com
1	prebid-eu.creativecdn.com	player.adtelligent.com
1	prebid.a-mo.net	player.adtelligent.com
1	www.google.de	1plus1.ua
1	www.facebook.com	1plus1.ua
1	stats.g.doubleclick.net	www.google-analytics.com
1	ap.lijit.com	1plus1.ua
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	source.mmi.bemobile.ua	1plus1.ua
1	static.hotjar.com	1plus1.ua
344	108

This site contains links to these domains. Also see Links.

Domain
1plus1.video
www.facebook.com
t.me
instagram.com
poshuk.1plus1.ua
dovgadoba.1plus1.ua
images.1plus1.ua
tsn.ua
plus-plus.tv
2plus2.ua
tet.tv
1plus1.international
bigudi.tv
www.unian.net
paramountcomedy.com.ua
tv.kyivstar.ua
media.1plus1.ua
sales.1plus1.digital

Subject Issuer	Validity	Valid
1plus1.ua R3	`2022-09-12` - `2022-12-11`	3 months	crt.sh
*.1plus1.video Go Daddy Secure Certificate Authority - G2	`2022-07-13` - `2023-08-14`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
images.1plus1.ua R3	`2022-10-14` - `2023-01-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
player.adtelligent.com R3	`2022-09-18` - `2022-12-17`	3 months	crt.sh
assay.1plus1.ua R3	`2022-09-10` - `2022-12-09`	3 months	crt.sh
*.admixer.net Sectigo RSA Domain Validation Secure Server CA	`2022-06-08` - `2023-06-21`	a year	crt.sh
*.hotjar.com Amazon	`2022-10-25` - `2023-11-23`	a year	crt.sh
*.hit.gemius.pl Sectigo ECC Domain Validation Secure Server CA	`2022-09-13` - `2023-09-25`	a year	crt.sh
*.mmi.bemobile.ua Sectigo RSA Domain Validation Secure Server CA	`2022-01-14` - `2023-02-03`	a year	crt.sh
juke.mmi.tns-ua.com R3	`2022-10-03` - `2023-01-01`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-08-10` - `2022-11-08`	3 months	crt.sh
ghb.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2022-10-04` - `2023-01-02`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
loopme.com R3	`2022-09-26` - `2022-12-25`	3 months	crt.sh
sync.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2022-09-26` - `2022-12-25`	3 months	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2022-06-27` - `2023-06-05`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.a-mo.net R3	`2022-09-05` - `2022-12-04`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-31` - `2023-01-26`	3 months	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-17` - `2023-04-12`	a year	crt.sh
adpartner.pro R3	`2022-09-04` - `2022-12-03`	3 months	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-21` - `2023-07-21`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-10` - `2023-01-03`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
ghb1.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2022-10-07` - `2023-01-05`	3 months	crt.sh
ghb2.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2022-10-07` - `2023-01-05`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-30` - `2023-05-30`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-01` - `2022-11-30`	3 months	crt.sh
*.id5-sync.com R3	`2022-08-18` - `2022-11-16`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
*.v.fwmrm.net DigiCert TLS RSA SHA256 2020 CA1	`2021-11-29` - `2022-12-30`	a year	crt.sh
*.exelator.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-08` - `2023-06-10`	a year	crt.sh
dmp.theadex.com R3	`2022-10-26` - `2023-01-24`	3 months	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-24` - `2023-03-27`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2022-10-20` - `2023-10-19`	a year	crt.sh
*.richaudience.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-11` - `2023-03-10`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-26` - `2023-03-01`	a year	crt.sh
*.eu-1-id5-sync.com R3	`2022-08-18` - `2022-11-16`	3 months	crt.sh

This page contains 32 frames:

Primary Page: https://1plus1.ua/
Frame ID: 17FA5DB39720510B5074C981ED75A588
Requests: 154 HTTP requests in this frame

Frame: https://1plus1.video/video/embed/E2fzXbha?autoplay=0&l=ua
Frame ID: 766DAFA046AA26AFFF5372EB879EE376
Requests: 62 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221027/r20190131/zrt_lookup.html
Frame ID: 9F31441D59F6301BC7A8D3DF8E3F7B1F
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/49044/c.html?b=49044
Frame ID: 8EDC7A9E8EDC02069B589268D699C5B9
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-c1417f7b48595d0dbca01c86f95d6dbb.html
Frame ID: 72AF26527DA5D905C3EC2601E25824CB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9111367348737651&output=html&adk=1812271804&adf=3025194257&lmt=1667262426&plat=1%3A16777216%2C2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2F1plus1.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667262426287&bpp=3&bdt=673&idt=176&shv=r20221027&mjsv=m202210260101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5895525732207&frm=20&pv=2&ga_vid=597971806.1667262426&ga_sid=1667262426&ga_hid=735077822&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31070591%2C44770881%2C44775017&oid=2&pvsid=1227449208457138&tmod=1051790005&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=194
Frame ID: 70C8EBEECBDE82EF1118E01B27663CD2
Requests: 1 HTTP requests in this frame

Frame: https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D%26pubid%3D11378
Frame ID: 34C93B85A1DBA6D54B4CFA52AE6E69CD
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=736011&extuid=7b230a4d-f150-49ae-9c8c-dea6b5193477
Frame ID: 9CB8F187A99FDE9B71A2884CA0FEA088
Requests: 1 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: 2284B66A2F033A8E9C0EA9A69CEB04CE
Requests: 1 HTTP requests in this frame

Frame: https://pa.tns-ua.com/viewability/cm.html
Frame ID: 16EEAB9484247C96D2A62D83A1E0C22E
Requests: 1 HTTP requests in this frame

Frame: https://05bba7976c30603a03eda28442e0f28c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 56EC5C301FD73DE70D080529CD5D8148
Requests: 1 HTTP requests in this frame

Frame: https://05bba7976c30603a03eda28442e0f28c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2F85B0828AD73E22837245CD3F0B1089
Requests: 5 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: 15174BEFE4A8555BB66AF19CBAA669EB
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: EED415E02DB815795F10A6F6BD11BF72
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0DC536BAC338F8BC2C74F842FFB1FAEC
Requests: 9 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.542.0_uk.html
Frame ID: 56BEFE317B107CBE5BFB45E2EFAFF382
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012210191347000/amp4ads-v0.mjs
Frame ID: 91B8C8878AF48D35A0607B63846CDAC1
Requests: 13 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012210191347000/amp4ads-v0.mjs
Frame ID: 5102A220A97A964D5D3D4B023F2B8DFD
Requests: 12 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012210191347000/amp4ads-v0.mjs
Frame ID: 03F57C40B0C696703657A0EA029A05BD
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/yBpsGyrbw-0ekNfFbDofVV3UtCeaMQwd_FuZQ5DuPuw.js
Frame ID: 656D2342A05D5F712E16F82BA08ED54A
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=1plus1.ua
Frame ID: 59DC5A7721AF232C3D00085CC25D3964
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F5D6B7F0FFFA877450D88B69F16F0738
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F22CFF44D9F0AF8459339A6C555D6045
Requests: 2 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: 684432490A5AFA041AE7486A13C60B47
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.542.0_uk.html
Frame ID: 029D10E91956D4E1E7A0D64CFE5B6EBC
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161562
Frame ID: DA471E0E5D4FB3AEAB3796498EAE5DB9
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 7A3C11BDA5586230AADEB9F0CC07B392
Requests: 10 HTTP requests in this frame

Frame: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc2bec3a-868c-48f0-6de7-81e696dbe01f&reqId=f264e52d-7c47-4542-451f-9c78eb019b5b&zdid=1361&cmp=0
Frame ID: 484820FF5192886BAC245C37C72D37D0
Requests: 33 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1667262427412
Frame ID: 2801E28A9B59011ADD52F1F9BA3F7EE9
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: E87D01D5870E00983E861D3487677998
Requests: 1 HTTP requests in this frame

Frame: https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D%26pubid%3D11378
Frame ID: 6DBB09EF7AE8A6BBAC297585D7C9B3C3
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161562
Frame ID: 71DF55F3EF95DF30E19AC65EC0F7136F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Офіційний сайт каналу 1+1Kyivstar

Page URL History Show full URLs

http://1plus1.ua/ HTTP 301
https://1plus1.ua/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Gemius (Analytics) Expand

Overall confidence: 100%
Detected patterns

hit\.gemius\.pl/xgemius\.js
hit\.gemius\.pl
xgemius\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Matomo Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

piwik\.js|piwik\.php

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

344
Requests

89 %
HTTPS

35 %
IPv6

70
Domains

108
Subdomains

82
IPs

12
Countries

8520 kB
Transfer

16343 kB
Size

85
Cookies

32 Outgoing links

These are links going to different origins than the main page.

URL: https://1plus1.video/
Title: Відео

Search URL Search Domain Scan URL

URL: https://www.facebook.com/1plus1.ua/

Search URL Search Domain Scan URL

URL: https://t.me/OnePlusOneChannel

Search URL Search Domain Scan URL

URL: https://instagram.com/1plus1_ua?utm_medium=copy_link

Search URL Search Domain Scan URL

URL: https://poshuk.1plus1.ua/
Title: Знайти своїх

Search URL Search Domain Scan URL

URL: https://dovgadoba.1plus1.ua/
Title: Довга доба

Search URL Search Domain Scan URL

URL: https://1plus1.video/tancy-so-zvezdami/
Title: Всі відео

Search URL Search Domain Scan URL

URL: https://1plus1.video/golos-strany/12-sezon
Title: Голос країни 12 сезон 9 випуск. Бої 12 сезон 9 випуск

Search URL Search Domain Scan URL

URL: https://images.1plus1.ua/uploads/gallery/000/861/427/52e43f15d2888e2bea1a412d1f3df3f4.jpg?v=1645557776

Search URL Search Domain Scan URL

URL: https://images.1plus1.ua/uploads/gallery/001/079/440/240de918a00b0e609c0e7b5c81bbf561.jpg?v=1661864391

Search URL Search Domain Scan URL

URL: https://images.1plus1.ua/uploads/gallery/001/079/449/3b2dafe0170389d730ee64edf0bc44c0.png?v=1661864454

Search URL Search Domain Scan URL

URL: https://images.1plus1.ua/uploads/gallery/001/079/413/8fbf1d1fdc445434595ab6c4eb997491.jpg?v=1661864350

Search URL Search Domain Scan URL

URL: https://images.1plus1.ua/uploads/gallery/001/079/431/2cb1a102d69eac6570896b3c56145979.jpg?v=1661864431

Search URL Search Domain Scan URL

URL: https://images.1plus1.ua/uploads/gallery/000/860/641/337329a5e3fec02712e8d60b21e1412b.jpg?v=1645529997

Search URL Search Domain Scan URL

URL: https://images.1plus1.ua/uploads/gallery/001/084/672/28171d2034538ff08ebe1197f24baf19.jpg?v=1661866087

Search URL Search Domain Scan URL

URL: https://images.1plus1.ua/uploads/gallery/000/860/668/6476cab202c46a67552db7f8e6293399.jpg?v=1645530090

Search URL Search Domain Scan URL

URL: https://images.1plus1.ua/uploads/gallery/001/084/663/efc721c85ede23339e4a80e809a772a9.jpg?v=1661866127

Search URL Search Domain Scan URL

URL: https://images.1plus1.ua/uploads/gallery/000/860/659/b179b1a345011da2f620df40a3fba89a.jpg?v=1645530060

Search URL Search Domain Scan URL

URL: https://1plus1.video/video/embed/E2fzXbha?l=ua
Title: Стародавні традиції гуцулів-сироварів та секрети виробництва карпатських твердих сирів

Search URL Search Domain Scan URL

URL: https://tsn.ua/

Search URL Search Domain Scan URL

URL: https://plus-plus.tv/

Search URL Search Domain Scan URL

URL: https://2plus2.ua/

Search URL Search Domain Scan URL

URL: https://tet.tv/

Search URL Search Domain Scan URL

URL: https://1plus1.international/

Search URL Search Domain Scan URL

URL: https://bigudi.tv/

Search URL Search Domain Scan URL

URL: https://www.unian.net/

Search URL Search Domain Scan URL

URL: https://paramountcomedy.com.ua/

Search URL Search Domain Scan URL

URL: https://tv.kyivstar.ua/
Title: Kyivstar

Search URL Search Domain Scan URL

URL: https://media.1plus1.ua/ua/media/channels/1plus1
Title: ПРО КАНАЛ

Search URL Search Domain Scan URL

URL: https://sales.1plus1.digital/
Title: РЕКЛАМА

Search URL Search Domain Scan URL

URL: https://media.1plus1.ua/ua/media/channels/problems
Title: ПРОБЛЕМИ З ПРИЙОМОМ КАНАЛУ 1+1

Search URL Search Domain Scan URL

URL: https://media.1plus1.ua/ua/hr
Title: КАР’ЄРА

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://1plus1.ua/ HTTP 301
https://1plus1.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 95

https://rtb.mfadsrvr.com/sync?ssp=adtelligent&ssp_user_id={} HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=adtelligent&ssp_user_id={} HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=736011&extuid=7b230a4d-f150-49ae-9c8c-dea6b5193477

Request Chain 96

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=51099579-03a4-4233-a003-f27fec6d79e1

Request Chain 114

https://gaua.hit.gemius.pl/_1667262426902/rexdot.js?l=100&sendf=8&id=AjrqKCOxP8PKBji0fzFPYcU1XmENAbtLwaFZEcN9oWn.27&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2F1plus1.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=UohxqwoqZgQONEmI_1fN9NcMX1Jqc6VHxQnROfiWBc3.g7FxvRHVyhyO4FaHB55xdXunwB3RM3onrtyHpMTCsc09Vbk8/zaYAbMs1e2cgX/&ltime=270&fpdata=-TURNEDOFF&inner=_ver%3D330%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D HTTP 301
https://gaua.hit.gemius.pl/__/_1667262426902/rexdot.js?l=100&sendf=8&id=AjrqKCOxP8PKBji0fzFPYcU1XmENAbtLwaFZEcN9oWn.27&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2F1plus1.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=UohxqwoqZgQONEmI_1fN9NcMX1Jqc6VHxQnROfiWBc3.g7FxvRHVyhyO4FaHB55xdXunwB3RM3onrtyHpMTCsc09Vbk8/zaYAbMs1e2cgX/&ltime=270&fpdata=-TURNEDOFF&inner=_ver%3D330%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D

Request Chain 134

https://pbjs.e-planning.net/pbjs/1/2e43c/1/1plus1.ua/ROS?rnd=0.20107060748753902&e=300x250_0%3A300x250%2B300x250_1%3A300x250%2C300x600%2B300x250_2%3A300x250%2C300x600%2B970x250_0%3A970x250%2C750x250%2B1440x180_0%3A1440x180&ur=https%3A%2F%2F1plus1.ua%2F&pbv=6.25.1-d&ncb=1&vs=FFFFF&crs=UTF-8&fr=https%3A%2F%2F1plus1.ua%2F&e_pubcid=408f6601-ecb6-4af4-bbcc-a6d761b8f936 HTTP 302
https://pbjs.e-planning.net/hb/1/2e43c/1/1plus1.ua/ROS?ct=1&r=pbjs&rnd=0.20107060748753902&e=300x250_0%3A300x250%2B300x250_1%3A300x250%2C300x600%2B300x250_2%3A300x250%2C300x600%2B970x250_0%3A970x250%2C750x250%2B1440x180_0%3A1440x180&ur=https%3A%2F%2F1plus1.ua%2F&pbv=6.25.1-d&ncb=1&vs=FFFFF&crs=UTF-8&fr=https%3A%2F%2F1plus1.ua%2F&e_pubcid=408f6601-ecb6-4af4-bbcc-a6d761b8f936

Request Chain 226

https://a.tribalfusion.com/i.match?p=b6&u=CAESENxHdOJ5g7l_PwJlIc1Xa4U&google_cver=1&google_push=AZmPxg8_3tKeU-vqd0PAygNb-_20VyamRo5imPasWwfXNoO9WULqllvHZ8DOb4AIo5DA0-indocwZdaVF3uUA0n2TkkOOMq9QbkPIw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg8_3tKeU-vqd0PAygNb-_20VyamRo5imPasWwfXNoO9WULqllvHZ8DOb4AIo5DA0-indocwZdaVF3uUA0n2TkkOOMq9QbkPIw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENxHdOJ5g7l_PwJlIc1Xa4U&google_cver=1&google_push=AZmPxg8_3tKeU-vqd0PAygNb-_20VyamRo5imPasWwfXNoO9WULqllvHZ8DOb4AIo5DA0-indocwZdaVF3uUA0n2TkkOOMq9QbkPIw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg8_3tKeU-vqd0PAygNb-_20VyamRo5imPasWwfXNoO9WULqllvHZ8DOb4AIo5DA0-indocwZdaVF3uUA0n2TkkOOMq9QbkPIw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 227

https://um.simpli.fi/gp_match?google_gid=CAESEPQmBy8aW1NIy5TqMHs2Hdg&google_cver=1&google_push=AZmPxg8lRF1Io4UvOWKvTFuxzGp13WPUyHdjTNGGk0cDQvFDmbZVhlUkxXCM_KpoqttNWDr-10oJfahaC3tzpClzq6_2e4COF-0VnA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=3940C19166EF48EFB4C2388CC09A2372&google_push=AZmPxg8lRF1Io4UvOWKvTFuxzGp13WPUyHdjTNGGk0cDQvFDmbZVhlUkxXCM_KpoqttNWDr-10oJfahaC3tzpClzq6_2e4COF-0VnA

Request Chain 228

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEBC3ZhOcFTZiZ7w5N6MK5AE&google_cver=1&google_push=AZmPxg-LHWUKwilnJrGoT3-av6DxZyjM5k-GVWloSsQ-LKrkeIoLMkW6TXSYP8xZ1g2ryouqxLrL84jVt7Y8Kx4RYy37MEhnWLxxqQ HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEBC3ZhOcFTZiZ7w5N6MK5AE&google_cver=1&google_push=AZmPxg-LHWUKwilnJrGoT3-av6DxZyjM5k-GVWloSsQ-LKrkeIoLMkW6TXSYP8xZ1g2ryouqxLrL84jVt7Y8Kx4RYy37MEhnWLxxqQ HTTP 302
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=5c20d163-e387-4022-88cd-18eddc027341 HTTP 302
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=5c20d163-e387-4022-88cd-18eddc027341 HTTP 302
https://x.bidswitch.net/sync?dsp_id=4&user_id=9149a057-df59-456e-b70f-46038b45f18b&ssp=google&expires=30&user_group=5&bsw_param=5c20d163-e387-4022-88cd-18eddc027341 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AZmPxg-LHWUKwilnJrGoT3-av6DxZyjM5k-GVWloSsQ-LKrkeIoLMkW6TXSYP8xZ1g2ryouqxLrL84jVt7Y8Kx4RYy37MEhnWLxxqQ&google_hm=XCDRY-OHQCKIzRjt3AJzQQ==

Request Chain 230

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEKnIMwksKYPBi52-bZkShro&google_cver=1&google_push=AZmPxg88hl41vDlz76FlO1gvsuHGqnx_6FDuJiOBeQR1fjg83u80gmuEnNzSdA_KsOah_WohRxF3Kugds0snvJuXUOCBUPbE36UhXA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg88hl41vDlz76FlO1gvsuHGqnx_6FDuJiOBeQR1fjg83u80gmuEnNzSdA_KsOah_WohRxF3Kugds0snvJuXUOCBUPbE36UhXA

Request Chain 231

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEOjfS9FBwrrh22pWRuAS0Wg&google_cver=1&google_push=AZmPxg-PZ1tq5cOY2dM2pzzj0iQcphEV0h4l_OsCd_qqtcttwDYQad-4VcEkUifxJoLhR62ABB4vGNPLPY-4eeX9PptwIkzuAkgQpdY HTTP 302
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEOjfS9FBwrrh22pWRuAS0Wg&google_cver=1&google_push=AZmPxg-PZ1tq5cOY2dM2pzzj0iQcphEV0h4l_OsCd_qqtcttwDYQad-4VcEkUifxJoLhR62ABB4vGNPLPY-4eeX9PptwIkzuAkgQpdY&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1MT0FPTDlGRTJ1R28uREkzXzBzR25rd0gwcEhtQ2RlMH5B&google_push=AZmPxg-PZ1tq5cOY2dM2pzzj0iQcphEV0h4l_OsCd_qqtcttwDYQad-4VcEkUifxJoLhR62ABB4vGNPLPY-4eeX9PptwIkzuAkgQpdY

Request Chain 232

https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESECj8Kil4cpgl8vo9XXugXo0&google_cver=1&google_push=AZmPxg-5HT5IezY2TpaVTixtLT7U98nH9SBpJp60tK5Oo5Jq513Oedz_R4GJch29Z_uuknfZhneoqHY-qb0tyxduJnYnX7qf-hQ1Vw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AZmPxg-5HT5IezY2TpaVTixtLT7U98nH9SBpJp60tK5Oo5Jq513Oedz_R4GJch29Z_uuknfZhneoqHY-qb0tyxduJnYnX7qf-hQ1Vw HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 235

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 237

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 238

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 251

https://gum.criteo.com/sid/json?origin=publishertag&domain=1plus1.ua&sn=ChromeSyncframe&so=0&topUrl=1plus1.ua&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=NdplynxSN3NETnIxcHFESUxlOXBIYi9tZmQvV1pCbGdTNDk1MkZkN1NQa0RCSFBEZnRtaTdjTDBvb2VRRVBFRUFSUHRwYkdjM1ZHL1V0THd1ck9lVGlNT3NYZXJscE9nNWJtSEtqWG1YV2hCTGphdjl4dGhQcExkdm1jS3hPM1g4bGpxcEVFdldtd0hQZWhXcDFRMXRSY0FiL0N3ckRCcWJjZzdsVXRNd1N1enAwSWFjUVlMeUJ0U0tESDMyQy9BamhtLzdvRlArZEp6RS9ERmlXY0xjZ0NWV0Q1Qmkxd1c4bEhBUVE4L1pOKzBKNytiMnUzckUwVmpVcXNJalMrOFE1RDVybEUxZXVSRGFPNXV2Q05ieXlZRzFUdz09fA&cppv=2

Request Chain 291

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2F1plus1.ua%2F&domain=1plus1.ua&cw=1&pbt=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=e-Ha23x6eDljUVFDVy9Ub3ZUekZYL0FyN0hhVWJ1VnBpK3JRM1NsUGtEeVRGMzVsQXdWWWp1UVI0SmQ5Ni9kdTFxenZ2U3djYy9RSGRrUGYxTXQxZmdBQk82WWNwczRCeDMvWU43dENmaDc3ejQrNW9rMzE2UW1lWTlqeEpGK0c3cVFJYXBEanVuNng2S2tFMDRkR2hCOUpSRWtINm1odzNUckx6cllndFo4TS8rOVc4SFN2VU9SY2sxWFJ0RnpJU0JYMk5WcHU2UVFzVlJ4eTgzNnlIS05LSitibDBLL2tWOEZnUDk5NGhidnBXcVc2dlQrM3dhaTlySUc2RmZ4UU9Qa2JoUlRmd2VCK09KSXpldnlaK1dkQldIUT09fA&cppv=2

Request Chain 302

https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dcc2bec3a-868c-48f0-6de7-81e696dbe01f%26reqId%3Df264e52d-7c47-4542-451f-9c78eb019b5b%26zdid%3D1361 HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dcc2bec3a-868c-48f0-6de7-81e696dbe01f%26reqId%3Df264e52d-7c47-4542-451f-9c78eb019b5b%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=45ca3c74-678b-4918-95e6-c8ef028dd655&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc2bec3a-868c-48f0-6de7-81e696dbe01f&reqId=f264e52d-7c47-4542-451f-9c78eb019b5b&zdid=1361

Request Chain 308

https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc2bec3a-868c-48f0-6de7-81e696dbe01f&reqId=f264e52d-7c47-4542-451f-9c78eb019b5b&zdid=1361 HTTP 302
https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc2bec3a-868c-48f0-6de7-81e696dbe01f&reqId=f264e52d-7c47-4542-451f-9c78eb019b5b&zdid=1361&s_h=1 HTTP 302
https://mwzeom.zeotap.com/mw?cid=d38ac7c2-fe8b-4d8e-a0b5-0a840d5d7bbf&zpartnerid=317&gdpr=1&gdpr_consent=

Request Chain 309

https://dpm.demdex.net/ibs:dpid=199624&dpuuid=cc2bec3a-868c-48f0-6de7-81e696dbe01f&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dcc2bec3a-868c-48f0-6de7-81e696dbe01f%26reqId%3Df264e52d-7c47-4542-451f-9c78eb019b5b%26zdid%3D1361 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=cc2bec3a-868c-48f0-6de7-81e696dbe01f&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dcc2bec3a-868c-48f0-6de7-81e696dbe01f%26reqId%3Df264e52d-7c47-4542-451f-9c78eb019b5b%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=54194878889895715481239663005364081405&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc2bec3a-868c-48f0-6de7-81e696dbe01f&reqId=f264e52d-7c47-4542-451f-9c78eb019b5b&zdid=1361

Request Chain 311

https://bn01.er.bemail.it/zeotap.php?_bid=cc2bec3a-868c-48f0-6de7-81e696dbe01f&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc2bec3a-868c-48f0-6de7-81e696dbe01f&reqId=f264e52d-7c47-4542-451f-9c78eb019b5b&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=BE1-2022110103-96008-0.644184001667268194-34302ddcf438d7446f283721ff1017bf&zdid=533&env=mWeb

Request Chain 312

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dcc2bec3a-868c-48f0-6de7-81e696dbe01f%26reqId%3Df264e52d-7c47-4542-451f-9c78eb019b5b%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=7160837614998714514&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc2bec3a-868c-48f0-6de7-81e696dbe01f&reqId=f264e52d-7c47-4542-451f-9c78eb019b5b&zdid=1361

Request Chain 313

https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=cc2bec3a-868c-48f0-6de7-81e696dbe01f HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=cc2bec3a-868c-48f0-6de7-81e696dbe01f

Request Chain 314

https://idsync.frontend.weborama.fr/ids?key=zeotap&value=cc2bec3a-868c-48f0-6de7-81e696dbe01f&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dcc2bec3a-868c-48f0-6de7-81e696dbe01f%26reqId%3Df264e52d-7c47-4542-451f-9c78eb019b5b%26zdid%3D1361 HTTP 302
https://idsync.frontend.weborama.fr/ids?key=zeotap&value=cc2bec3a-868c-48f0-6de7-81e696dbe01f&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dcc2bec3a-868c-48f0-6de7-81e696dbe01f%26reqId%3Df264e52d-7c47-4542-451f-9c78eb019b5b%26zdid%3D1361&bounce=1&random=3922461127 HTTP 302
https://mwzeom.zeotap.com/mw?webouuid=vaSgT7zyOvEIl861PdNG0.&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc2bec3a-868c-48f0-6de7-81e696dbe01f&reqId=f264e52d-7c47-4542-451f-9c78eb019b5b&zdid=1361

Request Chain 316

https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=cc2bec3a-868c-48f0-6de7-81e696dbe01f?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc2bec3a-868c-48f0-6de7-81e696dbe01f&reqId=f264e52d-7c47-4542-451f-9c78eb019b5b&zdid=1361 HTTP 302
https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=cc2bec3a-868c-48f0-6de7-81e696dbe01f?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc2bec3a-868c-48f0-6de7-81e696dbe01f&reqId=f264e52d-7c47-4542-451f-9c78eb019b5b&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?pid=815229a04c1d919d6733a65ed3cf76df&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc2bec3a-868c-48f0-6de7-81e696dbe01f&reqId=f264e52d-7c47-4542-451f-9c78eb019b5b&zdid=1361

Request Chain 317

https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
https://mwzeom.zeotap.com/mw?cid=y-QLGZZJZE2orARm31IllLCmFmDw0FTobBqA--~A&zpartnerid=570&env=mWeb

Request Chain 318

https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc2bec3a-868c-48f0-6de7-81e696dbe01f&reqId=f264e52d-7c47-4542-451f-9c78eb019b5b&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=QKedJaQzZjTZTvmiQ52Zfnsb7yzzgCWp%2BS41iYitP1U%3D

Request Chain 322

https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dcc2bec3a-868c-48f0-6de7-81e696dbe01f%26reqId%3Df264e52d-7c47-4542-451f-9c78eb019b5b%26zdid%3D1361 HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dcc2bec3a-868c-48f0-6de7-81e696dbe01f%26reqId%3Df264e52d-7c47-4542-451f-9c78eb019b5b%26zdid%3D1361&_test=Y2Bn3wAEpV5TEwAT HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=Y2Bn3wAEpV5TEwAT&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc2bec3a-868c-48f0-6de7-81e696dbe01f&reqId=f264e52d-7c47-4542-451f-9c78eb019b5b&zdid=1361&_test=Y2Bn3wAEpV5TEwAT

Request Chain 323

https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dcc2bec3a-868c-48f0-6de7-81e696dbe01f%26reqId%3Df264e52d-7c47-4542-451f-9c78eb019b5b%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=7ac96360-67df-4e00-bf7c-50dadb31b451&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc2bec3a-868c-48f0-6de7-81e696dbe01f&reqId=f264e52d-7c47-4542-451f-9c78eb019b5b&zdid=1361

Request Chain 324

https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc2bec3a-868c-48f0-6de7-81e696dbe01f&reqId=f264e52d-7c47-4542-451f-9c78eb019b5b&zdid=1361 HTTP 302
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc2bec3a-868c-48f0-6de7-81e696dbe01f&reqId=f264e52d-7c47-4542-451f-9c78eb019b5b&zdid=1361

Request Chain 325

https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=cc2bec3a-868c-48f0-6de7-81e696dbe01f&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc2bec3a-868c-48f0-6de7-81e696dbe01f&reqId=f264e52d-7c47-4542-451f-9c78eb019b5b&zdid=1361 HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=cc2bec3a-868c-48f0-6de7-81e696dbe01f&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc2bec3a-868c-48f0-6de7-81e696dbe01f&reqId=f264e52d-7c47-4542-451f-9c78eb019b5b&zdid=1361&dcc=t

Request Chain 327

https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dcc2bec3a-868c-48f0-6de7-81e696dbe01f%26reqId%3Df264e52d-7c47-4542-451f-9c78eb019b5b%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc2bec3a-868c-48f0-6de7-81e696dbe01f&reqId=f264e52d-7c47-4542-451f-9c78eb019b5b&zdid=1361

Request Chain 328

https://pixel.rubiconproject.com/token?pid=41544&puid=cc2bec3a-868c-48f0-6de7-81e696dbe01f&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc2bec3a-868c-48f0-6de7-81e696dbe01f&reqId=f264e52d-7c47-4542-451f-9c78eb019b5b&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=L9XH02IL-I-DLJF&env=mWeb&zpartnerid=1770&gdpr=1

Request Chain 329

https://x.bidswitch.net/syncd?dsp_id=461&user_group=1&expires=5&user_id=cc2bec3a-868c-48f0-6de7-81e696dbe01f&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BBBSW_UUID%7D%26cookie_age%3D%24%7BCOOKIE_AGE%7D%26env%3DmWeb%26zpartnerid%3D1771%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dcc2bec3a-868c-48f0-6de7-81e696dbe01f%26reqId%3Df264e52d-7c47-4542-451f-9c78eb019b5b%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=${BBSW_UUID}&cookie_age=${COOKIE_AGE}&env=mWeb&zpartnerid=1771&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc2bec3a-868c-48f0-6de7-81e696dbe01f&reqId=f264e52d-7c47-4542-451f-9c78eb019b5b&zdid=1361

Request Chain 336

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIvLrVNgBaSjY-s5zlnkoG8&google_cver=1

Request Chain 337

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlYSDAySUwtSS1ETEpG

Request Chain 338

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/LoHyztzcthogfysm-LCOZg?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=69833414504542492

Request Chain 340

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=8oPHZuFZS_2wh-Rct2WbLw&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=8oPHZuFZS_2wh-Rct2WbLw

Request Chain 341

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L9XH02IL-I-DLJF

Request Chain 342

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Al5AVSFBQLe9BCC8yVkt7g&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Al5AVSFBQLe9BCC8yVkt7g

Request Chain 343

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NzVjY2NhODc3YTc5ZTFiZTIyZGFlNTBkY2ZkMWQyNGY4NDhjN2VmOQ

344 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
1plus1.ua/
Redirect Chain

http://1plus1.ua/
https://1plus1.ua/

299 KB
68 KB

422ms
161ms

Document
text/html

195.137.240.80
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://1plus1.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.80 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front02.1plus1.ua
Software: nginx /
Resource Hash: e20727837a0d7fc6f004043d1bb7149b41aabd4916c2df92e8063166f96999ea

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Cache-Control: no-cache, private
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Tue, 01 Nov 2022 00:27:05 GMT
Keep-Alive: timeout=15
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

Redirect headers

Connection: keep-alive
Content-Length: 178
Content-Type: text/html
Date: Tue, 01 Nov 2022 00:27:03 GMT
Keep-Alive: timeout=15
Location: https://1plus1.ua/
Server: nginx

GET
H/1.1 200
OK desktop.css
1plus1.ua/build/css/ 136 KB
33 KB 160ms
83ms Stylesheet
text/css 195.137.240.80
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://1plus1.ua/build/css/desktop.css?id=c39a6fec71f6f36b6aef
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.80 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front02.1plus1.ua
Software: nginx /
Resource Hash: 2b7f68582252a22f529528a5bcd334c5d727a7e972d2808677aaee4a4ba20259

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 01 Nov 2022 00:27:05 GMT
Content-Encoding: gzip
Last-Modified: Mon, 27 Jun 2022 13:34:00 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Tue, 08 Nov 2022 00:27:05 GMT

GET
H/1.1 200
OK api.0.3.0.js Show response
1plus1.video/static/player/js/ 7 KB
3 KB 357ms
80ms Script
application/javascript 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://1plus1.video/static/player/js/api.0.3.0.js
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: a5af34b74868f58da2483e0ad87af7bfb087d4fc23ee86139a4fba443bb66e5f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 01 Nov 2022 00:27:05 GMT
Content-Encoding: gzip
Last-Modified: Thu, 27 Jun 2019 14:17:47 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Thu, 01 Dec 2022 00:26:38 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 168 KB
55 KB 200ms
80ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

510a67c7668f715cc21c67f0e77b8c97a373cfa9607af40c4845368d0ab96451

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55322
x-xss-protection: 0
server: cafe
etag: 18352042743712497735
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 01 Nov 2022 00:27:06 GMT

GET
H2 200 1d79fee5c596a263ba344458793c4fa7_1050x960.jpg
images.1plus1.ua/uploads/articles/001/136/941/ 110 KB
110 KB 687ms
402ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/136/941/1d79fee5c596a263ba344458793c4fa7_1050x960.jpg?v=1666691319
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 9159428bbdf94520eb34b62eb8386900f829235ae8ff000ce0e98d67ab510144

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:06 GMT
last-modified: Tue, 25 Oct 2022 10:00:43 GMT
server: nginx
etag: "21c2dcc23fdd0f9a4f6201abab63d3c1"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 112568
x-1p1-cdn: HIT; Mon, 31 Oct 2022 23:39:03 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 e68384d983370cd82746164228c403c0_1050x960.jpg
images.1plus1.ua/uploads/articles/001/142/062/ 120 KB
120 KB 813ms
528ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/142/062/e68384d983370cd82746164228c403c0_1050x960.jpg?v=1666957553
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: dab13a8cb17fa9d4b5efdefdf72482ab876af6d2fca8a385be5522ada4351f06

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:06 GMT
last-modified: Fri, 28 Oct 2022 11:45:56 GMT
server: nginx
etag: "96849bab93b41c67e555e1d2f318d385"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 122510
x-1p1-cdn: HIT; Mon, 31 Oct 2022 23:39:03 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 d6798335e91c19f074b05ddcc5200b9f_1050x960.jpg
images.1plus1.ua/uploads/articles/001/137/496/ 82 KB
82 KB 690ms
406ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/137/496/d6798335e91c19f074b05ddcc5200b9f_1050x960.jpg?v=1666711843
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: f97db90ab0f9f02be24766a9115e2267615d33fdbb33c11a7adfa93e073997bc

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:06 GMT
last-modified: Tue, 25 Oct 2022 15:30:40 GMT
server: nginx
etag: "c7e69b2a83da9a6f61997ec9bc74b456"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 83562
x-1p1-cdn: HIT; Mon, 31 Oct 2022 23:39:03 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 764b171687ae0471836b03bfd7b9dece_1050x960.png
images.1plus1.ua/uploads/articles/001/058/107/ 825 KB
826 KB 814ms
529ms Image
image/png 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/058/107/764b171687ae0471836b03bfd7b9dece_1050x960.png?v=1659528510
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 9ca9ad42bb70335f6b682f2b753b9841e5b6cb16e2f947329ac804e79642b52d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:06 GMT
last-modified: Wed, 03 Aug 2022 17:55:49 GMT
server: nginx
etag: "c3037ff9b3eadaa02dca17194e4454d3"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 844759
x-1p1-cdn: HIT; Mon, 31 Oct 2022 23:39:03 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 10a0d3f0e24ef3aa2a34ff913f690a6e_210x150.jpg
images.1plus1.ua/uploads/articles/001/119/553/ 6 KB
6 KB 689ms
405ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/119/553/10a0d3f0e24ef3aa2a34ff913f690a6e_210x150.jpg?v=1665417312
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 06117d058031007e84bc9e484f9f2628a9b19ace9b540db2c4698135b422599f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:06 GMT
last-modified: Mon, 10 Oct 2022 15:55:13 GMT
server: nginx
etag: "bbc7d1321bf7013b34b414858b4ffd9b"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 5959
x-1p1-cdn: HIT; Mon, 31 Oct 2022 23:39:03 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 30ae8195becb9b5763fff538674c2f99_210x150.png
images.1plus1.ua/uploads/articles/001/118/455/ 54 KB
54 KB 811ms
527ms Image
image/png 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/118/455/30ae8195becb9b5763fff538674c2f99_210x150.png?v=1665175012
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: ea8035cf546e48d6dbe535872b317ab8b18da59f06c6d4e3c5c55385e5290c01

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:06 GMT
last-modified: Fri, 07 Oct 2022 20:36:52 GMT
server: nginx
etag: "d3661ee220c0d3690a15b25b1146ae21"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 55515
x-1p1-cdn: HIT; Mon, 31 Oct 2022 23:39:03 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 5cf5911719a01aa7ffdb03c3a02ca9c2_210x150.jpg
images.1plus1.ua/uploads/articles/001/072/726/ 6 KB
6 KB 574ms
367ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/072/726/5cf5911719a01aa7ffdb03c3a02ca9c2_210x150.jpg?v=1660812928
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 000964868ff810134e60f5aa3193aabf2f64e9b090a68b033478e8bab34b4fde

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:06 GMT
last-modified: Thu, 18 Aug 2022 08:55:28 GMT
server: nginx
etag: "de48efea1a5b0277db6d00c9881a645c"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 6285
x-1p1-cdn: HIT; Mon, 31 Oct 2022 23:39:03 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 a28986ebd9efe66d30e6196ccacb4816_210x150.jpeg
images.1plus1.ua/uploads/articles/001/043/788/ 5 KB
5 KB 367ms
160ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/043/788/a28986ebd9efe66d30e6196ccacb4816_210x150.jpeg?v=1658391779
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 9af5074bc329f07b6df160aa97c505a31bdf72b72f8d7eca5ce99df3d18a3e42

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:06 GMT
last-modified: Thu, 21 Jul 2022 08:23:01 GMT
server: nginx
etag: "93b9f6213bec6caf200c62aa1d201f63"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 4973
x-1p1-cdn: HIT; Mon, 31 Oct 2022 23:39:03 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 a4dbdc94bb8eddd9a19c927f8593753c_210x150.jpg
images.1plus1.ua/uploads/articles/001/105/324/ 6 KB
7 KB 366ms
160ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/105/324/a4dbdc94bb8eddd9a19c927f8593753c_210x150.jpg?v=1664109633
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 8268cc4eade211432e35f62d594ee59ff26f6f6021b64538c8489a186047dc49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:06 GMT
last-modified: Sun, 25 Sep 2022 12:40:34 GMT
server: nginx
etag: "73145cc1e8ffdd7879f80ae2746727bf"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 6590
x-1p1-cdn: HIT; Mon, 31 Oct 2022 23:39:03 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 a2baf6cfc7516cfc2e4de61e71015b66_210x150.jpg
images.1plus1.ua/uploads/articles/001/143/481/ 7 KB
7 KB 608ms
401ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/143/481/a2baf6cfc7516cfc2e4de61e71015b66_210x150.jpg?v=1667136044
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: e2f8f0706f69f653a48b540af3378965cb4f0fbbf874e5f791b33b7c0bbc592e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:06 GMT
last-modified: Sun, 30 Oct 2022 13:20:46 GMT
server: nginx
etag: "41a4bd0f40cb6d1168c1925428b4f6df"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 7364
x-1p1-cdn: HIT; Mon, 31 Oct 2022 23:39:03 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 c0ac7884033142e94b4b80cbd0ad22cf_210x150.jpg
images.1plus1.ua/uploads/articles/001/143/634/ 8 KB
8 KB 447ms
241ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/143/634/c0ac7884033142e94b4b80cbd0ad22cf_210x150.jpg?v=1667151585
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 89d04c60a83b0e4062f5ddeea8a2c3d6cb3ff5e60fff3fbf006d80e86342b102

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:06 GMT
last-modified: Sun, 30 Oct 2022 17:39:33 GMT
server: nginx
etag: "16e90d278b35b6499ba60259a5def972"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 8408
x-1p1-cdn: HIT; Mon, 31 Oct 2022 23:39:03 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 efce6c130323f336106b86e14c3bc6d3_210x150.webp
images.1plus1.ua/uploads/articles/000/878/017/ 8 KB
8 KB 447ms
240ms Image
image/webp 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/000/878/017/efce6c130323f336106b86e14c3bc6d3_210x150.webp?v=1647092992
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 01fbf116f5bcf490079e6333880123c8cd746c42ef44fc2b1bb240d311d9dff9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:06 GMT
last-modified: Sat, 12 Mar 2022 13:49:52 GMT
server: nginx
etag: "91eecbe58b3d02429956a53b107e07cd"
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 8314
x-1p1-cdn: HIT; Mon, 31 Oct 2022 23:39:03 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 a92a0a9fe2be8bc171c9cfd612c2c536_210x150.jpg
images.1plus1.ua/uploads/articles/001/144/660/ 7 KB
7 KB 3035ms
2828ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/144/660/a92a0a9fe2be8bc171c9cfd612c2c536_210x150.jpg?v=1667250067
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: d67ab679cc0597d1507ab7e3ca380654c0c1703e7b7f23bb64e2aeb7334e35e0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:06 GMT
last-modified: Mon, 31 Oct 2022 21:41:46 GMT
server: nginx
etag: "55017566d6901b5ec9e4851105282c98"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 7210
x-1p1-cdn: REVALIDATED; Mon, 31 Oct 2022 23:31:24 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 778408260d4011f04faa01937b007905_210x150.jpg
images.1plus1.ua/uploads/articles/001/144/477/ 5 KB
6 KB 367ms
161ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/144/477/778408260d4011f04faa01937b007905_210x150.jpg?v=1667237939
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 1d5c04551ea614f318af19f413651ec2757a876b3f8b37ff044b36f8f4bb8a82

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:06 GMT
last-modified: Mon, 31 Oct 2022 17:39:01 GMT
server: nginx
etag: "97270e34418c50e436f5490cad33e1e2"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 5609
x-1p1-cdn: HIT; Mon, 31 Oct 2022 23:39:03 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 f7596b4c313fe7057393c809f9f47cbb_210x150.jpg
images.1plus1.ua/uploads/articles/001/144/387/ 7 KB
7 KB 287ms
80ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/144/387/f7596b4c313fe7057393c809f9f47cbb_210x150.jpg?v=1667231268
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 3040f740229748b61c5290a2c1ec05f26bc8faab8420c6c7d665207d8f6ebdd2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:06 GMT
last-modified: Mon, 31 Oct 2022 15:47:50 GMT
server: nginx
etag: "8236313aa88e9e9e9f36680db4241d44"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 7432
x-1p1-cdn: HIT; Mon, 31 Oct 2022 23:39:03 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 67d7acde842e8e13c0dfe8736498de32_210x150.jpg
images.1plus1.ua/uploads/articles/001/144/204/ 4 KB
4 KB 368ms
161ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/144/204/67d7acde842e8e13c0dfe8736498de32_210x150.jpg?v=1667224005
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 6c7a677511c0dd0ce9ec2e8d21319c91509a51ad6324583cf9d81d4f5612a9c8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:06 GMT
last-modified: Mon, 31 Oct 2022 13:46:45 GMT
server: nginx
etag: "13229a01e0bb39deea942a0f5b85721e"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 4343
x-1p1-cdn: HIT; Mon, 31 Oct 2022 23:39:03 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 146 KB
52 KB 187ms
70ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PWKM5Z

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

74f028a8bd902293c6b88b3b8881a0e4bdee455d6dd6b242595c29287f7afd47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52341
x-xss-protection: 0
last-modified: Tue, 01 Nov 2022 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 01 Nov 2022 00:27:06 GMT

GET
H/1.1 200
OK app.js Show response
1plus1.ua/build/js/ 315 KB
112 KB 85ms
85ms Script
application/javascript 195.137.240.80
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://1plus1.ua/build/js/app.js?id=ff35a9d53833cf45c98e
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.80 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front02.1plus1.ua
Software: nginx /
Resource Hash: 3fdf445b8cfc96cac2dc15cf848136734465e421404c4af45aa2edf8aac271e1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 01 Nov 2022 00:27:05 GMT
Content-Encoding: gzip
Last-Modified: Thu, 20 Jan 2022 11:37:07 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=604800
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Tue, 08 Nov 2022 00:27:05 GMT

GET
H/1.1 200
OK l.js Show response
api.1plus1.video/u/ 895 B
2 KB 360ms
99ms Script
application/javascript 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.1plus1.video/u/l.js?p=&l=ua&f=0&auth=1&login_profile=1
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: 2b54c7afbe0d946052c89c8413695163241374312b089f176b0f1ec360624445

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 01 Nov 2022 00:27:06 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: https://1plus1.ua
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 wrapper_hb_298309_4139.js Show response
player.adtelligent.com/prebid/ 2 KB
1 KB 185ms
57ms Script
application/javascript 45.133.44.3
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/prebid/wrapper_hb_298309_4139.js?cb=19297
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: 1d09013d3a41d98fb51611338090332b2513522dde37404c17e1c809878e97f3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires: Thu, 03 Nov 2022 00:27:06 GMT
date: Tue, 01 Nov 2022 00:27:06 GMT
content-encoding: gzip
last-modified: Sat, 29 Oct 2022 21:37:23 GMT
server: nginx
etag: W/"635d9d13-6c4"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=172800
x-proxy-cache: HIT

GET
H2 200 piwik.js Show response
assay.1plus1.ua/ 57 KB
23 KB 263ms
80ms Script
application/javascript 195.137.240.12
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL

https://assay.1plus1.ua/piwik.js

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

195.137.240.12 , Ukraine, ASN29389 (ASN-UNIAN, UA),

Reverse DNS

assay.1plus1.ua

Software

nginx /

Resource Hash

714576ef1d7b58980b7658ae9b8b4d74a223fba87934dc442db4098873e179a3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:06 GMT
content-encoding: gzip
last-modified: Tue, 08 Jan 2019 00:15:41 GMT
server: nginx
etag: W/"5c33ebad-e3b1"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 loader2.js Show response
cdn.admixer.net/scripts3/ 176 KB
55 KB 204ms
63ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/loader2.js
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 9784d739d5c17552246ac97886dd2455b93bd36df81741e57d408a20c827364e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc17
date: Tue, 01 Nov 2022 00:27:06 GMT
content-encoding: gzip
last-modified: Tue, 23 Aug 2022 09:34:39 GMT
server: nginx
etag: W/"63049f2f-2c101"
x-cached-since: 2022-11-01T00:23:33+00:00
content-type: application/javascript
cache-control: max-age=600
cache: HIT
expires: Tue, 23 Aug 2022 09:45:58 GMT

GET
H2 200 hotjar-1437498.js Show response
static.hotjar.com/c/ 4 KB
3 KB 170ms
53ms Script
application/javascript 18.66.97.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1437498.js?sv=6

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.10 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-10.fra56.r.cloudfront.net

Software

Resource Hash

1820cd4440179ec4ef016c7a8aed551449d2c9416e2b059cf9e0db182b97c876

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:26:51 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 4d0ae7ca3bb5e2d6eaa1450e1906adb4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 15
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/83459b792c29dad5966f6c4eca5744f8
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
x-amz-cf-id: Nuz3ZfB-pAtNDcvKWkfGJdZZrj-9T3PswbGiCOAguDiWivGEsmbLjw==

GET
H/1.1 200
OK 1plus1_2020-Bold.woff2
1plus1.ua/build/fonts/ 40 KB
40 KB 82ms
82ms Font
font/woff2 195.137.240.80
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://1plus1.ua/build/fonts/1plus1_2020-Bold.woff2?162ea61293c1251c9d38ebfbb41955e8
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/build/css/desktop.css?id=c39a6fec71f6f36b6aef
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.80 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front02.1plus1.ua
Software: nginx /
Resource Hash: f7d679ac3eacbeb4ab5801b3f1dd63d710fad1c3d44440be04f102adb53a6bcb

Request headers

Referer: https://1plus1.ua/build/css/desktop.css?id=c39a6fec71f6f36b6aef
Origin: https://1plus1.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 01 Nov 2022 00:27:06 GMT
Last-Modified: Tue, 12 Oct 2021 22:31:59 GMT
Server: nginx
Content-Type: font/woff2
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 40500
Expires: Tue, 08 Nov 2022 00:27:06 GMT

GET
H/1.1 200
OK 1plus1_2020-Regular.woff2
1plus1.ua/build/fonts/ 38 KB
39 KB 162ms
162ms Font
font/woff2 195.137.240.80
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://1plus1.ua/build/fonts/1plus1_2020-Regular.woff2?90bfe5ae3558a09fc8e59e35be273ed8
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/build/css/desktop.css?id=c39a6fec71f6f36b6aef
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.80 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front02.1plus1.ua
Software: nginx /
Resource Hash: fa1e91b87103157f908a9ee3b3c0eab74ab3c71026f7538071c715a009f73b7a

Request headers

Referer: https://1plus1.ua/build/css/desktop.css?id=c39a6fec71f6f36b6aef
Origin: https://1plus1.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 01 Nov 2022 00:27:06 GMT
Last-Modified: Tue, 12 Oct 2021 22:31:59 GMT
Server: nginx
Content-Type: font/woff2
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 39364
Expires: Tue, 08 Nov 2022 00:27:06 GMT

GET
H/1.1 200
OK 1plus1_2020-Light.woff2
1plus1.ua/build/fonts/ 40 KB
40 KB 159ms
82ms Font
font/woff2 195.137.240.80
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://1plus1.ua/build/fonts/1plus1_2020-Light.woff2?cfb0332de68c76eefb11f8e7b649bf5b
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/build/css/desktop.css?id=c39a6fec71f6f36b6aef
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.80 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front02.1plus1.ua
Software: nginx /
Resource Hash: ff3ae49d160812d67552eddd8cde0a5b4bae37c20ebdcf47784a74f6f23be809

Request headers

Referer: https://1plus1.ua/build/css/desktop.css?id=c39a6fec71f6f36b6aef
Origin: https://1plus1.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 01 Nov 2022 00:27:06 GMT
Last-Modified: Tue, 12 Oct 2021 22:31:59 GMT
Server: nginx
Content-Type: font/woff2
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 40576
Expires: Tue, 08 Nov 2022 00:27:06 GMT

GET
H/1.1 200
OK dancingStars__slide.jpg
1plus1.ua/build/images/ 33 KB
34 KB 322ms
162ms Image
image/jpeg 195.137.240.80
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1plus1.ua/build/images/dancingStars__slide.jpg?c8c69a3b3ba47ad12f574e642cd8ff97
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/build/css/desktop.css?id=c39a6fec71f6f36b6aef
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.80 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front02.1plus1.ua
Software: nginx /
Resource Hash: 77639b450a3179e657341017374b6b46eaa79cf1e02cd816c53feb97db03bf6c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/build/css/desktop.css?id=c39a6fec71f6f36b6aef
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 01 Nov 2022 00:27:06 GMT
Last-Modified: Tue, 09 Nov 2021 09:53:25 GMT
Server: nginx
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 34003
Expires: Tue, 08 Nov 2022 00:27:06 GMT

GET
H/1.1 200
OK 1plus1_2020-Black.woff2
1plus1.ua/build/fonts/ 38 KB
38 KB 198ms
82ms Font
font/woff2 195.137.240.80
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://1plus1.ua/build/fonts/1plus1_2020-Black.woff2?7d9bb787c86f7fe8b7258cdeee70c3bd
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/build/css/desktop.css?id=c39a6fec71f6f36b6aef
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.80 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front02.1plus1.ua
Software: nginx /
Resource Hash: fb28e529eb48422c4f3150357d137cfa2fba6055291e5e75ad8239da66074888

Request headers

Referer: https://1plus1.ua/build/css/desktop.css?id=c39a6fec71f6f36b6aef
Origin: https://1plus1.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 01 Nov 2022 00:27:06 GMT
Last-Modified: Tue, 12 Oct 2021 22:31:59 GMT
Server: nginx
Content-Type: font/woff2
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 38848
Expires: Tue, 08 Nov 2022 00:27:06 GMT

GET
H/1.1 200
OK 1plus1_2020-RegularOblique.woff2
1plus1.ua/build/fonts/ 43 KB
43 KB 278ms
161ms Font
font/woff2 195.137.240.80
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://1plus1.ua/build/fonts/1plus1_2020-RegularOblique.woff2?c64da9994c0baf83a13910fe8cea8652
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/build/css/desktop.css?id=c39a6fec71f6f36b6aef
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.80 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front02.1plus1.ua
Software: nginx /
Resource Hash: 67318e1c9ea0047b035276d21690ea657f781686c5fb857f4f80ba1084ea3671

Request headers

Referer: https://1plus1.ua/build/css/desktop.css?id=c39a6fec71f6f36b6aef
Origin: https://1plus1.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 01 Nov 2022 00:27:06 GMT
Last-Modified: Tue, 12 Oct 2021 22:31:59 GMT
Server: nginx
Content-Type: font/woff2
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 43528
Expires: Tue, 08 Nov 2022 00:27:06 GMT

GET
H2 200 9476628aa8f3aec77169149edb23192d.190x105.jpg
images.1plus1.video/card-6/oRGs5fDC/ 12 KB
12 KB 521ms
255ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/card-6/oRGs5fDC/9476628aa8f3aec77169149edb23192d.190x105.jpg
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: d6b49756d33011a4890d6987aa02c915e192b7b241627bb179fb38154aa6f963

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:06 GMT
last-modified: Sun, 30 Oct 2022 19:17:52 GMT
server: nginx
etag: "cbc9b8fe7616565197c3780b28c5ed67"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 12419
x-1p1-cdn: BYPASS; Tue, 01 Nov 2022 00:27:06 GMT
expires: Tue, 08 Nov 2022 00:27:06 GMT

GET
H2 200 6a42bf816f07e23224977bc63de9c2ae.190x105.jpg
images.1plus1.video/card-6/H2qwU8P2/ 12 KB
12 KB 430ms
243ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/card-6/H2qwU8P2/6a42bf816f07e23224977bc63de9c2ae.190x105.jpg
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: d6b49756d33011a4890d6987aa02c915e192b7b241627bb179fb38154aa6f963

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:06 GMT
last-modified: Sun, 23 Oct 2022 18:47:38 GMT
server: nginx
etag: "cbc9b8fe7616565197c3780b28c5ed67"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 12419
x-1p1-cdn: BYPASS; Tue, 01 Nov 2022 00:27:06 GMT
expires: Tue, 08 Nov 2022 00:27:06 GMT

GET
H2 200 29a1581579575c25a7e1bcd10bcee847.190x105.jpg
images.1plus1.video/card-6/qC0UAIp2/ 12 KB
12 KB 287ms
161ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/card-6/qC0UAIp2/29a1581579575c25a7e1bcd10bcee847.190x105.jpg
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: d6b49756d33011a4890d6987aa02c915e192b7b241627bb179fb38154aa6f963

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:06 GMT
last-modified: Sun, 16 Oct 2022 20:08:26 GMT
server: nginx
etag: "cbc9b8fe7616565197c3780b28c5ed67"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 12419
x-1p1-cdn: BYPASS; Tue, 01 Nov 2022 00:27:06 GMT
expires: Tue, 08 Nov 2022 00:27:06 GMT

GET
H2 200 4d5c7bb606c713935392ea609d5b1c3c.190x105.jpg
images.1plus1.video/card-6/ItKVh082/ 11 KB
11 KB 278ms
175ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/card-6/ItKVh082/4d5c7bb606c713935392ea609d5b1c3c.190x105.jpg
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 9fd50ff5adfa6980aa1fc237090f90dd8896a569ae5ca746b8f3dda0141e9c85

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:06 GMT
last-modified: Mon, 12 Sep 2022 07:14:53 GMT
server: nginx
etag: "5ef9b9c3f8b58fde2d3206a697ac6d92"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 11238
x-1p1-cdn: BYPASS; Tue, 01 Nov 2022 00:27:06 GMT
expires: Tue, 08 Nov 2022 00:27:06 GMT

GET
H2 200 518f4bdd4e9919ebfbe5f39cf4fc6e68.190x105.jpg
images.1plus1.video/card-6/nRAVAl42/ 12 KB
12 KB 347ms
256ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/card-6/nRAVAl42/518f4bdd4e9919ebfbe5f39cf4fc6e68.190x105.jpg
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: ca6a9cd72673dc0ae21f623d3c5dd391e9e7bea54a3c97aeff7bf3cd07a79baf

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:06 GMT
last-modified: Sun, 09 Oct 2022 15:08:50 GMT
server: nginx
etag: "03bde8c8f9be5f5c007bb30926df48a8"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 12432
x-1p1-cdn: BYPASS; Tue, 01 Nov 2022 00:27:06 GMT
expires: Tue, 08 Nov 2022 00:27:06 GMT

GET
H2 200 52e43f15d2888e2bea1a412d1f3df3f4_755x500.jpg
images.1plus1.ua/uploads/gallery/000/861/427/ 34 KB
34 KB 1856ms
1855ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/gallery/000/861/427/52e43f15d2888e2bea1a412d1f3df3f4_755x500.jpg?v=1645557790
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 1a1cbd003f02f0c1712e6de047260a8897034a6966acd5cccf3472fd1637ffb3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:06 GMT
last-modified: Tue, 22 Feb 2022 19:23:10 GMT
server: nginx
etag: "83a5e65aa6e0b9abe0e1d35df7ad25b8"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 35041
x-1p1-cdn: HIT; Mon, 31 Oct 2022 23:28:14 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 240de918a00b0e609c0e7b5c81bbf561_755x500.jpg
images.1plus1.ua/uploads/gallery/001/079/440/ 47 KB
47 KB 1936ms
1935ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/gallery/001/079/440/240de918a00b0e609c0e7b5c81bbf561_755x500.jpg?v=1661864391
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: cde44a1b2c04c5994bfc3e877d8ddc4ab44760347955af9c8fd370b10bea35a0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:06 GMT
last-modified: Wed, 24 Aug 2022 13:50:30 GMT
server: nginx
etag: "9744b481d651c3f3984cba0f7a3e6af8"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 48053
x-1p1-cdn: HIT; Mon, 31 Oct 2022 23:28:14 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 3b2dafe0170389d730ee64edf0bc44c0_755x500.png
images.1plus1.ua/uploads/gallery/001/079/449/ 487 KB
487 KB 2017ms
2016ms Image
image/png 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/gallery/001/079/449/3b2dafe0170389d730ee64edf0bc44c0_755x500.png?v=1661864454
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: d3031ee72a364aeaffd991044ce55281db1a614ef5fb84ec49fa991e9b547ca8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:06 GMT
last-modified: Wed, 24 Aug 2022 13:51:32 GMT
server: nginx
etag: "2b6d874276e6f9a3ad3348d97c110928"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 498264
x-1p1-cdn: HIT; Mon, 31 Oct 2022 23:39:05 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 8fbf1d1fdc445434595ab6c4eb997491_755x500.jpg
images.1plus1.ua/uploads/gallery/001/079/413/ 57 KB
57 KB 2827ms
2826ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/gallery/001/079/413/8fbf1d1fdc445434595ab6c4eb997491_755x500.jpg?v=1661864350
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: bda7622ec772fb96ea5b3200a730601a3f51749850cf93d0030acaac24f7e729

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:06 GMT
last-modified: Wed, 24 Aug 2022 13:47:57 GMT
server: nginx
etag: "7ca762a988131f5bcbcf50a820b85dc4"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 58142
x-1p1-cdn: HIT; Mon, 31 Oct 2022 23:39:05 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 2cb1a102d69eac6570896b3c56145979_755x500.jpg
images.1plus1.ua/uploads/gallery/001/079/431/ 40 KB
41 KB 2828ms
2827ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/gallery/001/079/431/2cb1a102d69eac6570896b3c56145979_755x500.jpg?v=1661864431
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 70b59bb9497e5e0c1e576f5efc2048b1135d82312ac4a023b82f5d93d06a0451

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:06 GMT
last-modified: Wed, 24 Aug 2022 13:49:58 GMT
server: nginx
etag: "8a5cbe7c5cff07959609f169fdd6dfe6"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 41463
x-1p1-cdn: HIT; Mon, 31 Oct 2022 23:39:05 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 337329a5e3fec02712e8d60b21e1412b_755x500.jpg
images.1plus1.ua/uploads/gallery/000/860/641/ 30 KB
30 KB 2828ms
2827ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/gallery/000/860/641/337329a5e3fec02712e8d60b21e1412b_755x500.jpg?v=1645530002
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: abee2ab95491ef1e29b65b7c025f035fc075327c87817750d1149ed782780477

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:06 GMT
last-modified: Tue, 22 Feb 2022 11:40:02 GMT
server: nginx
etag: "cde866112b4b81b54aa1bd45cc67011d"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 30780
x-1p1-cdn: HIT; Mon, 31 Oct 2022 23:39:05 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 28171d2034538ff08ebe1197f24baf19_755x500.jpg
images.1plus1.ua/uploads/gallery/001/084/672/ 27 KB
27 KB 2828ms
2827ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/gallery/001/084/672/28171d2034538ff08ebe1197f24baf19_755x500.jpg?v=1661866110
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: cf78db9ae428d32c1d7f8704bd9f3a48d20f97cb961c4558fc124ca7c91730f9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:06 GMT
last-modified: Tue, 30 Aug 2022 13:28:32 GMT
server: nginx
etag: "d9d3829ea7bc2f7aab70e5ad16f7984f"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 27756
x-1p1-cdn: HIT; Mon, 31 Oct 2022 23:39:05 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 6476cab202c46a67552db7f8e6293399_755x500.jpg
images.1plus1.ua/uploads/gallery/000/860/668/ 26 KB
26 KB 2828ms
2828ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/gallery/000/860/668/6476cab202c46a67552db7f8e6293399_755x500.jpg?v=1645530093
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: bbb05b94711d32b94bf45db19a44a6f68bc361a1374016744bfd911dc43c4e3c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:06 GMT
last-modified: Tue, 22 Feb 2022 11:41:33 GMT
server: nginx
etag: "1aa71e70bddf3967c0297a3b71f6dbc7"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 26725
x-1p1-cdn: HIT; Mon, 31 Oct 2022 23:39:05 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 xgemius.js Show response
gaua.hit.gemius.pl/ 59 KB
16 KB 240ms
80ms Script
application/x-javascript 54.37.238.28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/xgemius.js
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.37.238.28 , Poland, ASN16276 (OVH, FR),
Reverse DNS: ip28.ip-54-37-238.eu
Software: GHC /
Resource Hash: b4f62bf20a3f0808f3fcbf15652faf6d62a407e40a5d90b064cac4483987de93

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:06 GMT
content-encoding: gzip
last-modified: Fri, 30 Sep 2022 13:21:50 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: max-age=43200
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 15975
expires: Tue, 01 Nov 2022 12:27:06 GMT

GET
H2 200 cm.js Show response
source.mmi.bemobile.ua/cm/ 52 KB
20 KB 279ms
80ms Script
application/javascript 194.247.175.38
BEMOBILE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://source.mmi.bemobile.ua/cm/cm.js
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.247.175.38 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software: nginx/1.13.0 /
Resource Hash: 5d1b56a762d63b6e9bfb8a70552ce75c1c3938c782f8d9de971ecc960836c451

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:06 GMT
content-encoding: gzip
last-modified: Wed, 06 Nov 2019 07:55:53 GMT
server: nginx/1.13.0
etag: W/"5dc27c89-d0f6"
content-type: application/javascript; charset=utf-8
cache-control: no-cache
expires: Thu, 07 Nov 2019 07:55:53 GMT

GET
H2 200 pic.gif
pa.tns-ua.com/bug/ 56 B
139 B 257ms
80ms Image
image/gif 194.247.175.26
BEMOBILE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pa.tns-ua.com/bug/pic.gif?siteid=1plus1.ua&j=1&nocache=0.34996396509536054
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.247.175.26 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:06 GMT
cache-control: no-cache
server: nginx/1.18.0
expires: -1

GET
H2 200 sdk.js Show response
connect.facebook.net/uk_UA/ 3 KB
2 KB 176ms
58ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/uk_UA/sdk.js

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

956d0cd637f8a1f31b4c91fcfa396bf8c715bb4f48607fca3e8f7486ff405811

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 01 Nov 2022 00:27:06 GMT
content-md5: NnUXb+Kl1n74lxQNORvVnA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: c3exK60RLGeueiKR6cuq4flxfuT89DGcEKXZKLWrvIJJcF7XSFRNlRFUUOm4pVO+wO9aDmzO5gFQW/L48s5pjw==
x-fb-trip-id: 917726464
x-fb-content-md5: 30e2ee5541325d08ed9416c5b5c65883
cross-origin-opener-policy: same-origin-allow-popups
etag: "f2562a76ba180676305333409eac3927"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 01 Nov 2022 00:42:19 GMT

GET
H/1.1 200
OK E2fzXbha Show response
1plus1.video/video/embed/ Frame 766D 11 KB
6 KB 125ms
121ms Document
text/html 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://1plus1.video/video/embed/E2fzXbha?l=ua
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: ac386cc8192b5599a915edd828489b18d42b9e172a7a8767593dbd1010ee0d6a

Request headers

Referer: https://1plus1.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Tue, 01 Nov 2022 00:27:06 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=15
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H2 200 a92a0a9fe2be8bc171c9cfd612c2c536_770x420.jpg
images.1plus1.ua/uploads/articles/001/144/660/ 31 KB
31 KB 464ms
321ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/144/660/a92a0a9fe2be8bc171c9cfd612c2c536_770x420.jpg?v=1667250068
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 2313205280cfdb0e1efe40a5ca027634e9bb129bc9d0bbdae1d29270d12610c5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:06 GMT
last-modified: Mon, 31 Oct 2022 21:42:03 GMT
server: nginx
etag: "e8809b406d77ec6791bb80ea18f690ba"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 31990
x-1p1-cdn: HIT; Mon, 31 Oct 2022 23:21:10 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 778408260d4011f04faa01937b007905_490x1050.jpg
images.1plus1.ua/uploads/articles/001/144/477/ 51 KB
52 KB 384ms
241ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/144/477/778408260d4011f04faa01937b007905_490x1050.jpg?v=1667237941
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: fd8dbe0bbdcfc386ee8757b7eaa6ba2c04666ff77be23c2b56f587fca3eb2c5c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:06 GMT
last-modified: Mon, 31 Oct 2022 17:39:04 GMT
server: nginx
etag: "9e684cc1da9bedb69e943f9243ec6fca"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 52605
x-1p1-cdn: HIT; Mon, 31 Oct 2022 23:22:37 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 f7596b4c313fe7057393c809f9f47cbb_770x420.jpg
images.1plus1.ua/uploads/articles/001/144/387/ 46 KB
46 KB 465ms
322ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/144/387/f7596b4c313fe7057393c809f9f47cbb_770x420.jpg?v=1667231272
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: a32df95e0fa3d1b8880aa6b059b9ce90a6c38da623bcf3a66e3c09db8e89f9fe

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:06 GMT
last-modified: Mon, 31 Oct 2022 15:47:53 GMT
server: nginx
etag: "6641bbcdafa1ba1a61acd4e8f0bb9700"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 47138
x-1p1-cdn: HIT; Mon, 31 Oct 2022 23:39:04 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 67d7acde842e8e13c0dfe8736498de32_770x420.jpg
images.1plus1.ua/uploads/articles/001/144/204/ 24 KB
24 KB 548ms
405ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/144/204/67d7acde842e8e13c0dfe8736498de32_770x420.jpg?v=1667224006
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 9303fdeadc44a4a62adfe5ab47832aedf8eefcb904e2424f732e437d0972204b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:06 GMT
last-modified: Mon, 31 Oct 2022 13:46:46 GMT
server: nginx
etag: "3fdaa574a50e3da5d919f5be0e66b679"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 24314
x-1p1-cdn: HIT; Mon, 31 Oct 2022 23:39:04 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 2a9b9ae8c1874a906d0bcb255fa74b7b_490x1050.jpg
images.1plus1.ua/uploads/articles/000/963/235/ 66 KB
67 KB 2577ms
2575ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/000/963/235/2a9b9ae8c1874a906d0bcb255fa74b7b_490x1050.jpg?v=1652181813
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 5a4bf6765c70fc79d4a77d75bbd839f0054209a82412b838a05b070141ef0889

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:06 GMT
last-modified: Tue, 10 May 2022 11:23:34 GMT
server: nginx
etag: "fc7e2658bd1f9868a872f0295e5ecce9"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 67985
x-1p1-cdn: REVALIDATED; Mon, 31 Oct 2022 23:57:16 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 b634e95cb4e072767b2c9faaa2728477_350x350.jpg
images.1plus1.ua/uploads/articles/000/859/720/ 13 KB
14 KB 2577ms
2575ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/000/859/720/b634e95cb4e072767b2c9faaa2728477_350x350.jpg?v=1645456207
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 8a224f5666106a0d1c78951d4dfb964ab63183d044119a68404f7c01c19f951d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:06 GMT
last-modified: Mon, 21 Feb 2022 15:10:07 GMT
server: nginx
etag: "b9d33f76e570821d980e3a7595b7f15a"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 13745
x-1p1-cdn: REVALIDATED; Mon, 31 Oct 2022 23:57:16 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 3ef0edcf9a05d7422edf32bfc5510bc4_350x350.jpg
images.1plus1.ua/uploads/articles/000/841/054/ 13 KB
13 KB 2576ms
2574ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/000/841/054/3ef0edcf9a05d7422edf32bfc5510bc4_350x350.jpg?v=1644229512
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: f1f3fd397b3a2fe331f7c691c53f0b577d2cbd2398b84e4c3fc8fcb653570a2a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:06 GMT
last-modified: Mon, 07 Feb 2022 10:25:12 GMT
server: nginx
etag: "1e490b3e02de4533a0e0d3577347d4e7"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 13088
x-1p1-cdn: REVALIDATED; Mon, 31 Oct 2022 23:57:16 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 96fb4455b12c0e0bfb8c5cee42aea643_350x350.jpg
images.1plus1.ua/uploads/articles/000/841/327/ 24 KB
25 KB 2576ms
2575ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/000/841/327/96fb4455b12c0e0bfb8c5cee42aea643_350x350.jpg?v=1644239449
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: ce7c4b304c61ab6f6bc5bc4d333177a66061d1b84c6ee3b0b322ec360f65dcc4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:06 GMT
last-modified: Mon, 07 Feb 2022 13:10:49 GMT
server: nginx
etag: "3b63edeebc085c7329eb132a56399239"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 25029
x-1p1-cdn: REVALIDATED; Mon, 31 Oct 2022 23:57:18 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 d1734693cb79dbe3fefcf84fba0c63f0_350x350.jpg
images.1plus1.ua/uploads/articles/000/840/793/ 29 KB
29 KB 2576ms
2575ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/000/840/793/d1734693cb79dbe3fefcf84fba0c63f0_350x350.jpg?v=1644225067
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 16aec55d227d15b95ca9a2297e928565f7563468e81b0f92cfaff43c2aede381

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:06 GMT
last-modified: Mon, 07 Feb 2022 09:11:08 GMT
server: nginx
etag: "a679dc9f06348d06073cc07e617ecdc8"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 29355
x-1p1-cdn: REVALIDATED; Mon, 31 Oct 2022 23:57:18 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 10c087244f4c6e30bfb2f60aff192542_140x140.jpg
images.1plus1.ua/uploads/articles/000/861/010/ 4 KB
4 KB 2576ms
2574ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/000/861/010/10c087244f4c6e30bfb2f60aff192542_140x140.jpg?v=1645539114
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: d807c12f029f4df6967f2f082f63eee8013a45f2125c9201b368bb4bb37f9361

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:06 GMT
last-modified: Tue, 22 Feb 2022 14:11:56 GMT
server: nginx
etag: "f4a4cdc50a9738d9bf7bef45569acf60"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 3652
x-1p1-cdn: HIT; Mon, 31 Oct 2022 23:53:24 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 9da3f01e570b8a62d591bb08b3891fd5_140x140.png
images.1plus1.ua/uploads/articles/001/133/830/ 24 KB
24 KB 2576ms
2574ms Image
image/png 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/133/830/9da3f01e570b8a62d591bb08b3891fd5_140x140.png?v=1666378682
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 92041182fcc3c5360775d050db26696d325f66110658bcf563a4d1046ba0125f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:06 GMT
last-modified: Fri, 21 Oct 2022 18:58:02 GMT
server: nginx
etag: "464c857a9953e9f8e069a81472c26686"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 24216
x-1p1-cdn: HIT; Wed, 26 Oct 2022 01:36:35 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 3c1e1d9fce7e48a3524cbcf47dad1346_140x140.jpg
images.1plus1.ua/uploads/articles/001/097/878/ 4 KB
4 KB 2577ms
2575ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/097/878/3c1e1d9fce7e48a3524cbcf47dad1346_140x140.jpg?v=1663315728
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 47548feea43cf88831b574cabfc5b7df371388a1e78856f9fb7ed81de4676d22

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:06 GMT
last-modified: Fri, 16 Sep 2022 08:08:48 GMT
server: nginx
etag: "b4913e8e033cc5b9ac53b225d1b3edba"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 3766
x-1p1-cdn: REVALIDATED; Mon, 31 Oct 2022 23:57:21 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 f8e670099b35be64983f9897f4e6bdb6_140x140.jpg
images.1plus1.ua/uploads/articles/001/037/671/ 5 KB
5 KB 2577ms
2575ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/037/671/f8e670099b35be64983f9897f4e6bdb6_140x140.jpg?v=1657801679
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 4596b3d166f6e8609c22c2c710e14944bf6dfdf65b6eb8f8e3106628d390385a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:06 GMT
last-modified: Thu, 14 Jul 2022 12:27:59 GMT
server: nginx
etag: "fa8d98c12377f81bc679bc80f4f69816"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 4707
x-1p1-cdn: REVALIDATED; Mon, 31 Oct 2022 23:57:21 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 e0986beb47e21ded981cc0f92685e782_140x140.jpg
images.1plus1.ua/uploads/articles/001/029/724/ 5 KB
5 KB 2577ms
2575ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/029/724/e0986beb47e21ded981cc0f92685e782_140x140.jpg?v=1657181867
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 3b0464081ea585a89a02303644ebb231f4cbf5ce95d349a3fcd277b15acbe9f6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:06 GMT
last-modified: Thu, 07 Jul 2022 08:17:48 GMT
server: nginx
etag: "97395a5ea5b286a352afe6c2cef41eef"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 5025
x-1p1-cdn: REVALIDATED; Mon, 31 Oct 2022 23:57:21 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 92d3195f325a4d45ee303ab9d892d5b3.190x105.jpg
images.1plus1.video/card-5/E2fzXbha/ 13 KB
13 KB 492ms
241ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/card-5/E2fzXbha/92d3195f325a4d45ee303ab9d892d5b3.190x105.jpg
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 18490029527d0166564d08d77d15347f5c7604cb916606860eb0bf458565ba9f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:06 GMT
last-modified: Tue, 15 Jun 2021 14:24:39 GMT
server: nginx
etag: "a87fa4df91a2dc0e28d9c245f9b31a56"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 13066
x-1p1-cdn: BYPASS; Tue, 01 Nov 2022 00:27:06 GMT
expires: Tue, 08 Nov 2022 00:27:06 GMT

GET
H2 200 9fef5ac5c02b786d294d1ec518d81257.190x105.jpg
images.1plus1.video/card-5/IRHSLdka/ 11 KB
12 KB 160ms
158ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/card-5/IRHSLdka/9fef5ac5c02b786d294d1ec518d81257.190x105.jpg
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 8f9e71ad37578a2db5a8e702ba31316a65dc3f36b2883198adab4d8261631483

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:06 GMT
last-modified: Tue, 15 Jun 2021 14:24:45 GMT
server: nginx
etag: "2e74435d3edf5310a445de62177853fb"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 11649
x-1p1-cdn: BYPASS; Tue, 01 Nov 2022 00:27:06 GMT
expires: Tue, 08 Nov 2022 00:27:06 GMT

GET
H2 200 9a92952634e23723a23e420e15b6f09d.190x105.jpg
images.1plus1.video/card-5/NCkBenm2/ 9 KB
9 KB 162ms
160ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/card-5/NCkBenm2/9a92952634e23723a23e420e15b6f09d.190x105.jpg
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 0fc2fc5d88d357fa83957e664039e6a19588081e55a215d8d077eed82d43beba

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:06 GMT
last-modified: Tue, 01 Jun 2021 10:56:33 GMT
server: nginx
etag: "5df517d83b1757de3cf407fdcd55b5a0"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 9392
x-1p1-cdn: BYPASS; Tue, 01 Nov 2022 00:27:06 GMT
expires: Tue, 08 Nov 2022 00:27:06 GMT

GET
H2 200 9556af606060a6b58f92630ea068995e.190x105.jpg
images.1plus1.video/card-5/hu7lAxSR/ 8 KB
8 KB 161ms
159ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/card-5/hu7lAxSR/9556af606060a6b58f92630ea068995e.190x105.jpg
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: f98c3b183a8834fa2303d8c358f62cc42785540dec4bcca3bf682dcd893874bb

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:06 GMT
last-modified: Tue, 01 Jun 2021 10:56:41 GMT
server: nginx
etag: "7ea4a7d31c835975e1e8be8db6f4f88c"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 8104
x-1p1-cdn: BYPASS; Tue, 01 Nov 2022 00:27:06 GMT
expires: Tue, 08 Nov 2022 00:27:06 GMT

GET
H2 200 1eda3950d64f35c64203c53fd9a9a786.190x105.jpg
images.1plus1.video/card-5/lCJAkGEa/ 10 KB
10 KB 161ms
160ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/card-5/lCJAkGEa/1eda3950d64f35c64203c53fd9a9a786.190x105.jpg
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 851ab1d0997cc0dd8c000ccb7d04106aafa3d5586dd097a74a0805301b8ec95d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:06 GMT
last-modified: Tue, 01 Jun 2021 10:56:28 GMT
server: nginx
etag: "c134988e94035ff0ee6cd435dde2c1e3"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 10297
x-1p1-cdn: BYPASS; Tue, 01 Nov 2022 00:27:06 GMT
expires: Tue, 08 Nov 2022 00:27:06 GMT

GET
H2 200 hbw_master_298309_4139.js Show response
player.adtelligent.com/prebidlink/19297/ 126 KB
32 KB 81ms
81ms Script
application/javascript 45.133.44.3
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/prebidlink/19297/hbw_master_298309_4139.js
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebid/wrapper_hb_298309_4139.js?cb=19297
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: 5db6b320697dc25d8ecd8bf7c14ba9ecdc862c2f2861e4b0e4c57c1095ff4123

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires: Thu, 03 Nov 2022 00:27:06 GMT
date: Tue, 01 Nov 2022 00:27:06 GMT
content-encoding: gzip
last-modified: Mon, 31 Oct 2022 22:32:55 GMT
server: nginx
etag: W/"63604d17-1f971"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=172800
x-proxy-cache: HIT

GET
H2 200 hb_298309_4139.js Show response
player.adtelligent.com/prebidlink/19297/ 352 KB
109 KB 144ms
144ms Script
application/javascript 45.133.44.3
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/prebidlink/19297/hb_298309_4139.js
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebid/wrapper_hb_298309_4139.js?cb=19297
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: 866c1245aa992a1f895635f3205d94b8ac5489d00d5cff179a028818ea9a9422

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires: Thu, 03 Nov 2022 00:27:06 GMT
date: Tue, 01 Nov 2022 00:27:06 GMT
content-encoding: gzip
last-modified: Mon, 31 Oct 2022 12:05:27 GMT
server: nginx
etag: W/"635fba07-580bf"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=172800
x-proxy-cache: HIT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 79 KB
27 KB 191ms
62ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

faaa1e6ed6644a1d0f2e847214536e9a7743d5967265095806f2a2c875f021a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27362
x-xss-protection: 0
server: sffe
etag: "1380 / 971 of 1000 / last-modified: 1667254048"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 01 Nov 2022 00:27:06 GMT

GET
H/1.1 200
OK ovva.0.3.0.css
1plus1.video/static/player/css/ Frame 766D 171 KB
26 KB 161ms
160ms Stylesheet
text/css 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://1plus1.video/static/player/css/ovva.0.3.0.css?v=704f1bf8100dcad41f29c14adca06bf8df2c5c76
Requested by: Host: 1plus1.video
URL: https://1plus1.video/video/embed/E2fzXbha?l=ua
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: 3dac64a94fcc4eae3c54f1f12824e9b82bebbec1acb3cb8b908f4ecc1f90e578

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/video/embed/E2fzXbha?l=ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 01 Nov 2022 00:27:06 GMT
Content-Encoding: gzip
Last-Modified: Mon, 29 Nov 2021 13:05:56 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Thu, 01 Dec 2022 00:26:09 GMT

GET
H/1.1 200
OK ovva.0.3.0.js Show response
1plus1.video/static/player/js/ Frame 766D 198 KB
69 KB 323ms
161ms Script
application/javascript 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=704f1bf8100dcad41f29c14adca06bf8df2c5c76
Requested by: Host: 1plus1.video
URL: https://1plus1.video/video/embed/E2fzXbha?l=ua
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: 517d4417f1918881abb8b87e7be918ca95b9eb50de3a5ef4a46e2e39626aba7b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/video/embed/E2fzXbha?l=ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 01 Nov 2022 00:27:06 GMT
Content-Encoding: gzip
Last-Modified: Wed, 12 Jan 2022 10:03:07 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Thu, 01 Dec 2022 00:22:54 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 766D 109 KB
43 KB 171ms
63ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-104502981-1

Requested by

Host: 1plus1.video
URL: https://1plus1.video/video/embed/E2fzXbha?l=ua

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c9ac329fa423fec0dafb06ca2338461247df25ca15d472629042140c4b4494a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43657
x-xss-protection: 0
last-modified: Tue, 01 Nov 2022 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 01 Nov 2022 00:27:06 GMT

GET
H2 200 modules.5a17f10e21dd3fd3b841.js Show response
script.hotjar.com/ 254 KB
65 KB 189ms
61ms Script
application/javascript 52.222.236.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.5a17f10e21dd3fd3b841.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1437498.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.43 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-43.fra56.r.cloudfront.net

Software

Resource Hash

6ff8873c5c7e5ddfdd65675936d186a8822ec5a7f51401eed3c06723166b43bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 11:38:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 9987fa8ab620895e83d1d8f10c40f6d2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 478140
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 66091
last-modified: Wed, 26 Oct 2022 11:37:54 GMT
etag: "f784e2f70f455f7e613fcb9f757607c4"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: rH0mz2GKWBDTnseIBjc2hPdbkPWm9GfeAUOUEqW1bVDgzEby7eQymQ==

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210260101/ 354 KB
116 KB 89ms
88ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9111367348737651&plah=1plus1.ua&bust=31070591

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d7642cae4647b8595bc8fefc8dfe9b7b33ddc5e1f0656145391684f33e7e91a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119027
x-xss-protection: 0
server: cafe
etag: 16591537464812586840
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 01 Nov 2022 00:27:06 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221027/r20190131/ Frame 9F31 10 KB
5 KB 172ms
53ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221027/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1plus1.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 15493
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4270
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 31 Oct 2022 20:08:53 GMT
etag: 9671129459699598864
expires: Mon, 14 Nov 2022 20:08:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 169ms
54ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PWKM5Z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 31 Oct 2022 23:15:54 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 4272
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Tue, 01 Nov 2022 01:15:54 GMT

GET
H/1.1 200
OK api.auth.0.0.5.js Show response
api.1plus1.video/static/js/ 108 KB
33 KB 160ms
160ms Script
application/javascript 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.1plus1.video/static/js/api.auth.0.0.5.js?v=704f1bf8100dcad41f29c14adca06bf8df2c5c76
Requested by: Host: api.1plus1.video
URL: https://api.1plus1.video/u/l.js?p=&l=ua&f=0&auth=1&login_profile=1
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: 792972a6b7f330144c0cf22b9c63f8efaff4665dfb2b43868d0cbbaff721d100

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 01 Nov 2022 00:27:06 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Apr 2022 11:58:30 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Thu, 01 Dec 2022 00:26:26 GMT

GET
H2 200 c.html Show response
cdn.admixer.net/scripts3/49044/ Frame 8EDC 738 B
519 B 58ms
57ms Document
text/html 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/49044/c.html?b=49044
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer: https://1plus1.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache: HIT
cache-control: max-age=31622400
content-encoding: gzip
content-type: text/html
date: Tue, 01 Nov 2022 00:27:06 GMT
etag: W/"63049f42-2e2"
expires: Thu, 28 Sep 2023 18:10:45 GMT
last-modified: Tue, 23 Aug 2022 09:34:58 GMT
server: nginx
vary: Accept-Encoding
x-cached-since: 2022-09-27T18:10:45+00:00
x-id: fr5-up-gc17

GET
H2 200 a21031c0f6a0994b3314.b.js Show response
cdn.admixer.net/scripts3/49044/ 23 KB
8 KB 60ms
60ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/49044/a21031c0f6a0994b3314.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 680f6e9a0e9f9d8c145e11d6937f688ff4299215d44bf0a54368ffc6acdbfc51

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc17
date: Tue, 01 Nov 2022 00:27:06 GMT
content-encoding: gzip
last-modified: Tue, 23 Aug 2022 09:34:56 GMT
server: nginx
etag: W/"63049f40-5d41"
vary: Accept-Encoding
x-cached-since: 2022-10-24T15:54:38+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Wed, 25 Oct 2023 15:54:38 GMT

GET
H2 200 0a75d04ce9f53a1a35b6.b.js Show response
cdn.admixer.net/scripts3/49044/ 75 KB
20 KB 66ms
66ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/49044/0a75d04ce9f53a1a35b6.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: ecd2e45fcd6ed0f17eaefccd72cdb8253be8673636adcbf3f8902aeeed654fe2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc17
date: Tue, 01 Nov 2022 00:27:06 GMT
content-encoding: gzip
last-modified: Tue, 23 Aug 2022 09:34:45 GMT
server: nginx
etag: W/"63049f35-12c39"
vary: Accept-Encoding
x-cached-since: 2022-10-10T16:02:08+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Wed, 11 Oct 2023 16:02:08 GMT

GET
H/1.1 200
OK / Show response
ghb.adtelligent.com/geo/ 156 B
421 B 168ms
44ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/geo/
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19297/hbw_master_298309_4139.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 8aadc28b0ec405daf1cbb1351e19deb8febabe27bf62dcf1a6a3610558bcc7b9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 01 Nov 2022 00:27:05 GMT
Server: Adtelligent
Content-Type: application/json
Access-Control-Allow-Origin: https://1plus1.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 156

GET
H/1.1 200
OK tracking Show response
ghb.adtelligent.com/adunit/ 43 B
426 B 168ms
44ms XHR
image/gif 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/adunit/tracking?event=11&type=0&client_id=298309&site_id=4139&full_page_url=https%3A%2F%2F1plus1.ua%2F&adid=xh01jm.dz&features=147488&vpbv=G094&tte=189&lifecycle_tte=2623
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19297/hbw_master_298309_4139.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 01 Nov 2022 00:27:05 GMT
Server: Adtelligent
Content-Type: image/gif
Access-Control-Allow-Origin: https://1plus1.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 43

GET
H2 200 box-c1417f7b48595d0dbca01c86f95d6dbb.html Show response
vars.hotjar.com/ Frame 72AF 2 KB
1 KB 189ms
56ms Document
text/html 18.66.147.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vars.hotjar.com/box-c1417f7b48595d0dbca01c86f95d6dbb.html

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1437498.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.62 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-62.fra60.r.cloudfront.net

Software

Resource Hash

c0a4830af55fb7faabcbe34e804d186959aac83e6832495817e0e62122d2748f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://1plus1.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 1178100
cache-control: max-age=31536000
content-encoding: br
content-length: 1035
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 18 Oct 2022 09:12:06 GMT
etag: "d2c298a660a1ee92f094a3d504e3e2e6"
last-modified: Tue, 18 Oct 2022 09:11:19 GMT
strict-transport-security: max-age=2592000; includeSubDomains
vary: Accept-Encoding
via: 1.1 da78abc509aafffb42eec33ca2dc60d4.cloudfront.net (CloudFront)
x-amz-cf-id: Tc92krc4c0BMAIwM7r4zjGbTYV7qLsrKjB-GXfZyROC33A-GiVPbkQ==
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
x-robots-tag: none

GET
H2 200 piwik.php
assay.1plus1.ua/ 43 B
145 B 86ms
85ms Image
image/gif 195.137.240.12
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assay.1plus1.ua/piwik.php?action_name=%D0%9E%D1%84%D1%96%D1%86%D1%96%D0%B9%D0%BD%D0%B8%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%D1%83%201%2B1&idsite=2&rec=1&r=019505&h=0&m=27&s=6&url=https%3A%2F%2F1plus1.ua%2F&_id=f350f20af2a28801&_idts=1667262426&_idvc=1&_idn=0&_refts=0&_viewts=1667262426&send_image=1&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&gt_ms=242

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

195.137.240.12 , Ukraine, ASN29389 (ASN-UNIAN, UA),

Reverse DNS

assay.1plus1.ua

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:06 GMT
content-encoding: none
server: nginx
content-length: 43
x-frame-options: SAMEORIGIN
content-type: image/gif

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 385 B
695 B 177ms
62ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=1plus1.ua&callback=_gfp_s_&client=ca-pub-9111367348737651&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9111367348737651&plah=1plus1.ua&bust=31070591

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ac9e7a910eb3c1e04b1e33f6eb96658cf89201ec223486602a9f43067b9999c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 251
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 192ms
63ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=1plus1.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 184ms
62ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=1plus1.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 88ms
87ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2F1plus1.ua%2F&tn=DIV&cls=cookies%20open&ign=false&pw=1600&ph=1200&x=1575&y=1175

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Nov 2022 00:27:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 88ms
87ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2F1plus1.ua%2F&tn=HEADER&cls=header&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Nov 2022 00:27:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 70C8 603 B
68 B 185ms
75ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9111367348737651&output=html&adk=1812271804&adf=3025194257&lmt=1667262426&plat=1%3A16777216%2C2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2F1plus1.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667262426287&bpp=3&bdt=673&idt=176&shv=r20221027&mjsv=m202210260101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5895525732207&frm=20&pv=2&ga_vid=597971806.1667262426&ga_sid=1667262426&ga_hid=735077822&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31070591%2C44770881%2C44775017&oid=2&pvsid=1227449208457138&tmod=1051790005&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=194

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1plus1.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 01 Nov 2022 00:27:06 GMT
expires: Tue, 01 Nov 2022 00:27:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK csyncs Show response
ghb.adtelligent.com/ 647 B
655 B 44ms
44ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/csyncs?aid1=437381&aid2=638043
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19297/hbw_master_298309_4139.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 69b16b648d02a645b4aad53a7eb20a8638158fafd0b0554bc2757fd488c20ef9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 01 Nov 2022 00:27:05 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://1plus1.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 351

GET
H2 204 /
csync.loopme.me/ Frame 34C9 0
0 240ms
61ms Document
text/plain 35.214.236.176
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D%26pubid%3D11378
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19297/hbw_master_298309_4139.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.214.236.176 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS: 176.236.214.35.bc.googleusercontent.com
Software: _ /
Resource Hash

Request headers

Referer: https://1plus1.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

date: Tue, 01 Nov 2022 00:27:06 GMT
server: _

GET
H/1.1

200
OK

csync Show response
sync.adtelligent.com/ Frame 9CB8
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=adtelligent&ssp_user_id={}
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=adtelligent&ssp_user_id={}
https://sync.adtelligent.com/csync?t=a&ep=736011&extuid=7b230a4d-f150-49ae-9c8c-dea6b5193477

0
404 B

348ms
190ms

Document
text/plain

62.149.1.122
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=736011&extuid=7b230a4d-f150-49ae-9c8c-dea6b5193477
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19297/hbw_master_298309_4139.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 62.149.1.122 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://1plus1.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Content-Length: 0
Date: Tue, 01 Nov 2022 00:27:06 GMT
Etag: 34fa9bb1250860b7
Server: Adtelligent

Redirect headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Date: Tue, 01 Nov 2022 00:27:07 GMT
Location: //sync.adtelligent.com/csync?t=a&ep=736011&extuid=7b230a4d-f150-49ae-9c8c-dea6b5193477

GET
H/1.1

200
OK

csync
sync.adtelligent.com/
Redirect Chain

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=51099579-03a4-4233-a003-f27fec6d79e1

0
404 B

409ms
189ms

Image
text/plain

62.149.1.122
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=51099579-03a4-4233-a003-f27fec6d79e1
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: HTTP/1.1
Server: 62.149.1.122 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 01 Nov 2022 00:27:06 GMT
Server: Adtelligent
Etag: 34fa9bb1250860b7
Content-Length: 0

Redirect headers

location: https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=51099579-03a4-4233-a003-f27fec6d79e1
date: Tue, 01 Nov 2022 00:27:06 GMT
cache-control: no-store no-transform
server: nginx
content-length: 166
content-type: text/html; charset=utf-8

GET
H/1.1 204
No Content pixel
ap.lijit.com/ 0
277 B 166ms
55ms Image
text/plain 72.251.249.9
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.9 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 01 Nov 2022 00:27:06 GMT
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT

GET
H2 200 fpdata.js Show response
gaua.hit.gemius.pl/ 278 B
393 B 76ms
75ms Script
application/x-javascript 54.37.238.28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/fpdata.js?href=1plus1.ua
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.37.238.28 , Poland, ASN16276 (OVH, FR),
Reverse DNS: ip28.ip-54-37-238.eu
Software: GHC /
Resource Hash: 3d7c1ec30fd8a803e1b0a4982741effc2ef61bb2ef1027d7dc6e9f40ef1c6821

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:06 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag: PRIVATE7520710249
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: private, max-age=2592000
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 278
expires: Thu, 01 Dec 2022 00:27:06 GMT

GET
H2 200 lsget.html Show response
ls.hit.gemius.pl/ Frame 2284 5 KB
3 KB 243ms
77ms Document
text/html 146.59.30.96
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ls.hit.gemius.pl/lsget.html
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.30.96 , France, ASN16276 (OVH, FR),
Reverse DNS: ip96.ip-146-59-30.eu
Software: GHC /
Resource Hash: 0556670f2e246937b87a4a5d3e555ed5a84e1fae9b00b64cf163e62b651a3273

Request headers

Referer: https://1plus1.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
accept-ranges: none
cache-control: private, max-age=2592000
content-encoding: gzip
content-length: 2715
content-type: text/html;charset=utf-8
cross-origin-resource-policy: cross-origin
date: Tue, 01 Nov 2022 00:27:06 GMT
etag: PRIVATE7520710249
expires: Thu, 01 Dec 2022 00:27:06 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
p3p: CP="NOI DSP COR NID PSAo OUR IND"
server: GHC
vary: Accept-Encoding,Origin,User-Agent

GET
H/1.1 200
OK l.js Show response
api.1plus1.video/u/ Frame 766D 898 B
2 KB 211ms
93ms Script
application/javascript 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.1plus1.video/u/l.js?p=128902&l=ua&f=0&auth=1&login_profile=1&_t=1667262426650
Requested by: Host: 1plus1.video
URL: https://1plus1.video/video/embed/E2fzXbha?l=ua
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: dff77cfb9ac7c3a3909dfc65176f8b1882d9dead5bbdea9442520101a41d4d11

Request headers

Referer: https://1plus1.video/
Origin: https://1plus1.video
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 01 Nov 2022 00:27:06 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: https://1plus1.video
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame 766D 134 KB
50 KB 63ms
62ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WPC3Q76

Requested by

Host: 1plus1.video
URL: https://1plus1.video/video/embed/E2fzXbha?l=ua

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7ad588d3ad3a602e78de01339111071be57aa24e237a1954114cdc91e406d0f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51044
x-xss-protection: 0
last-modified: Tue, 01 Nov 2022 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 01 Nov 2022 00:27:06 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 766D 49 KB
20 KB 119ms
72ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-104502981-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 31 Oct 2022 23:15:54 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 4272
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Tue, 01 Nov 2022 01:15:54 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/uk_UA/ 306 KB
86 KB 118ms
58ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/uk_UA/sdk.js?hash=f8e3a5f11f35c992168f50ba318e7f62

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/uk_UA/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5e3d6bd30950156d2002981b0cde40ae548239fbe542c8c78d306a6855808c41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://1plus1.ua/
Origin: https://1plus1.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 01 Nov 2022 00:27:06 GMT
content-md5: K8DYbHvpgn2ydc5Zrk0miw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88521
x-fb-rlafr: 0
x-fb-debug: bYUk+z6Xz0VbEb0YQtEul98dwE1Z+dEtPV3RARyaWjdM4d6IglT9wfov5UYoez/2zpzDK+UnzbTrg19fOSCXlg==
x-fb-content-md5: 9ac333d40d690fa2224f19f4fa15afc0
cross-origin-opener-policy: same-origin-allow-popups
etag: "58fff97e3fd525ad89d60abafeb59327"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 31 Oct 2023 22:22:13 GMT

GET
H2 200 cds.js Show response
pa.tns-ua.com/viewability/ 2 KB
3 KB 81ms
80ms Script
application/javascript 194.247.175.26
BEMOBILE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pa.tns-ua.com/viewability/cds.js
Requested by: Host: source.mmi.bemobile.ua
URL: https://source.mmi.bemobile.ua/cm/cm.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.247.175.26 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 9cfc3a96cab0eb315783265b6db554e532e060952d409399cc7dd1d7e775b9a3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:06 GMT
last-modified: Mon, 02 Jul 2018 17:27:00 GMT
server: nginx/1.18.0
accept-ranges: bytes
etag: "5b3a6064-9c3"
content-length: 2499
content-type: application/javascript; charset=utf-8

GET
H/1.1 200
OK api.auth.css
api.1plus1.video/static/css/ 56 KB
9 KB 119ms
82ms Stylesheet
text/css 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.1plus1.video/static/css/api.auth.css?_t800211606630
Requested by: Host: client
URL: about:client
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: a691ce0fb054d5f2128394b9ad9c5961d7c0cdc1804bc83d6760df78ee304d7f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 01 Nov 2022 00:27:06 GMT
Content-Encoding: gzip
Last-Modified: Mon, 03 Aug 2020 07:12:56 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Thu, 01 Dec 2022 00:27:06 GMT

GET
H2 200 pubads_impl_2022102601.js Show response
securepubads.g.doubleclick.net/gpt/ 378 KB
128 KB 179ms
54ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102601.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f694ee2c9d59f662b923098dcd9fad758c1033f33d80ff72f992b8356bf527eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 22:01:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8736
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 130414
x-xss-protection: 0
last-modified: Wed, 26 Oct 2022 08:37:01 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 31 Oct 2023 22:01:30 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 157 B
742 B 185ms
63ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=1plus1.ua

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab326af9dc6c82a2117248f99b169c68e64ef429ca3cfb75ddf9aa81e07c3a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 106
x-xss-protection: 0
expires: Tue, 01 Nov 2022 00:27:06 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 925 B
997 B 190ms
65ms Script
text/javascript 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=__api_auth_recaptcha_on_load__&render=explicit&hl=uk

Requested by

Host: api.1plus1.video
URL: https://api.1plus1.video/static/js/api.auth.0.0.5.js?v=704f1bf8100dcad41f29c14adca06bf8df2c5c76

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9ddf0ee067c1ada86d598fecb917f2725e2430d9104a013bd7cdc41956f499cf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 584
x-xss-protection: 1; mode=block
expires: Tue, 01 Nov 2022 00:27:06 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 171ms
61ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=735077822&t=pageview&_s=1&dl=https%3A%2F%2F1plus1.ua%2F&ul=en-us&de=UTF-8&dt=%D0%9E%D1%84%D1%96%D1%86%D1%96%D0%B9%D0%BD%D0%B8%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%D1%83%201%2B1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAEABAAAAACAAI~&jid=1947436644&gjid=721985170&cid=597971806.1667262426&tid=UA-22507043-9&_gid=509638379.1667262427&_r=1&gtm=2wgaq0PWKM5Z&z=1980398787

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 01 Nov 2022 00:27:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://1plus1.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 166ms
61ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=735077822&t=pageview&_s=1&dl=https%3A%2F%2F1plus1.ua%2F&ul=en-us&de=UTF-8&dt=%D0%9E%D1%84%D1%96%D1%86%D1%96%D0%B9%D0%BD%D0%B8%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%D1%83%201%2B1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAjAAEABAAAAACAAI~&jid=784446800&gjid=229146760&cid=597971806.1667262426&tid=UA-113262294-1&_gid=509638379.1667262427&_r=1&gtm=2wgaq0PWKM5Z&z=1526719224

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 01 Nov 2022 00:27:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://1plus1.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm.html Show response
pa.tns-ua.com/viewability/ Frame 16EE 3 KB
1 KB 81ms
81ms Document
text/html 194.247.175.26
BEMOBILE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pa.tns-ua.com/viewability/cm.html
Requested by: Host: pa.tns-ua.com
URL: https://pa.tns-ua.com/viewability/cds.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.247.175.26 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 9b99450717649bd5715ae5cba0e064d8cc879abe705815792d66097163cfb576

Request headers

Referer: https://1plus1.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 01 Nov 2022 00:27:06 GMT
etag: W/"5b31038d-b5f"
last-modified: Mon, 25 Jun 2018 15:00:29 GMT
server: nginx/1.18.0

GET
H/1.1 200
OK api.auth.0.0.5.js Show response
api.1plus1.video/static/js/ Frame 766D 108 KB
33 KB 82ms
82ms Script
application/javascript 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.1plus1.video/static/js/api.auth.0.0.5.js?v=704f1bf8100dcad41f29c14adca06bf8df2c5c76
Requested by: Host: api.1plus1.video
URL: https://api.1plus1.video/u/l.js?p=128902&l=ua&f=0&auth=1&login_profile=1&_t=1667262426650
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: 792972a6b7f330144c0cf22b9c63f8efaff4665dfb2b43868d0cbbaff721d100

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 01 Nov 2022 00:27:06 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Apr 2022 11:58:30 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Thu, 01 Dec 2022 00:26:26 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 180ms
64ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700&subset=cyrillic-ext,latin-ext

Requested by

Host: api.1plus1.video
URL: https://api.1plus1.video/static/css/api.auth.css?_t800211606630

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

910612fc65208677f4e2fff60558e0f1949138a3696402a17ed5582efe0d2649

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://api.1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 01 Nov 2022 00:27:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 01 Nov 2022 00:22:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 01 Nov 2022 00:27:07 GMT

GET
H2

200

rexdot.js Show response
gaua.hit.gemius.pl/__/_1667262426902/
Redirect Chain

https://gaua.hit.gemius.pl/_1667262426902/rexdot.js?l=100&sendf=8&id=AjrqKCOxP8PKBji0fzFPYcU1XmENAbtLwaFZEcN9oWn.27&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2F1pl...
https://gaua.hit.gemius.pl/__/_1667262426902/rexdot.js?l=100&sendf=8&id=AjrqKCOxP8PKBji0fzFPYcU1XmENAbtLwaFZEcN9oWn.27&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2F...

169 B
472 B

134ms
134ms

Script
application/x-javascript

54.37.238.28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/__/_1667262426902/rexdot.js?l=100&sendf=8&id=AjrqKCOxP8PKBji0fzFPYcU1XmENAbtLwaFZEcN9oWn.27&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2F1plus1.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=UohxqwoqZgQONEmI_1fN9NcMX1Jqc6VHxQnROfiWBc3.g7FxvRHVyhyO4FaHB55xdXunwB3RM3onrtyHpMTCsc09Vbk8/zaYAbMs1e2cgX/&ltime=270&fpdata=-TURNEDOFF&inner=_ver%3D330%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Server: 54.37.238.28 , Poland, ASN16276 (OVH, FR),
Reverse DNS: ip28.ip-54-37-238.eu
Software: GHC /
Resource Hash: 33d458c06f21278be5a8d16ceb5b942960c830e8366a5e88a1b83ab3c752fec0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Nov 2022 00:27:07 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 169
expires: Mon, 31 Oct 2022 00:27:07 GMT

Redirect headers

pragma: no-cache
date: Tue, 01 Nov 2022 00:27:06 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: /__/_1667262426902/rexdot.js?l=100&sendf=8&id=AjrqKCOxP8PKBji0fzFPYcU1XmENAbtLwaFZEcN9oWn.27&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2F1plus1.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=UohxqwoqZgQONEmI_1fN9NcMX1Jqc6VHxQnROfiWBc3.g7FxvRHVyhyO4FaHB55xdXunwB3RM3onrtyHpMTCsc09Vbk8/zaYAbMs1e2cgX/&ltime=270&fpdata=-TURNEDOFF&inner=_ver%3D330%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Mon, 31 Oct 2022 00:27:06 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
437 B 167ms
55ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-22507043-9&cid=597971806.1667262426&jid=1947436644&gjid=721985170&_gid=509638379.1667262427&_u=YAhAAEAAAAAAACAAI~&z=1716649842

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 01 Nov 2022 00:27:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://1plus1.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 174ms
58ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1834787353214372&ev=fb_page_view&dl=https%3A%2F%2F1plus1.ua%2F&rl=&if=false&ts=1667262427011&sw=1600&sh=1200&at=

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 01 Nov 2022 00:27:07 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 recaptcha__uk.js Show response
www.gstatic.com/recaptcha/releases/NJPGLzpIZgjszqyOymHUP0XR/ 431 KB
162 KB 178ms
55ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/NJPGLzpIZgjszqyOymHUP0XR/recaptcha__uk.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=__api_auth_recaptcha_on_load__&render=explicit&hl=uk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed06e73814fadd7be93a06ef2280cc628f0925ae2b57ea90ea1454dccb3f2a71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1plus1.ua/
Origin: https://1plus1.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 23:23:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3818
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 165650
x-xss-protection: 0
last-modified: Mon, 24 Oct 2022 04:01:21 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 31 Oct 2023 23:23:29 GMT

GET
H2 200 PageStatEntry Show response
sslpagestat.mmi.bemobile.ua/pagestat/ 36 B
130 B 283ms
81ms XHR
application/json 194.247.175.26
BEMOBILE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sslpagestat.mmi.bemobile.ua/pagestat/PageStatEntry?cookie=278801B9BE48404ABDB5F89EC68CCD84&time=1667262426745&location=https%3A%2F%2F1plus1.ua%2F&referrer=&is_flash=0&session_id=950849806&version=3.5.337_ua/1.83&sw=1600&sh=1200&scd=24&spd=24&tnscm_adn=inline_cm&param1=~cm_timer~&param2=0&param3=1200&param5=3&vt=d
Requested by: Host: source.mmi.bemobile.ua
URL: https://source.mmi.bemobile.ua/cm/cm.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.247.175.26 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software: nginx/1.13.0 /
Resource Hash: 147b1111edda7e2c2f9d672b5649de2f2dc5d5cb9dda7905198aa883a4273013

Request headers

Accept: application/json
Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 01 Nov 2022 00:27:07 GMT
server: nginx/1.13.0
content-length: 36
content-type: application/json

GET
H2 200 pic.gif
pa.tns-ua.com/bug/ 56 B
230 B 81ms
81ms Image
image/gif 194.247.175.26
BEMOBILE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pa.tns-ua.com/bug/pic.gif?uid=278801B9BE48404ABDB5F89EC68CCD84&time=1667262427018
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.247.175.26 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:07 GMT
cache-control: no-cache
server: nginx/1.18.0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK api.auth.css
api.1plus1.video/static/css/ Frame 766D 56 KB
9 KB 82ms
82ms Stylesheet
text/css 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.1plus1.video/static/css/api.auth.css?_t168840745213
Requested by: Host: client
URL: about:client
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: a691ce0fb054d5f2128394b9ad9c5961d7c0cdc1804bc83d6760df78ee304d7f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 01 Nov 2022 00:27:07 GMT
Content-Encoding: gzip
Last-Modified: Mon, 03 Aug 2020 07:12:56 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Thu, 01 Dec 2022 00:27:07 GMT

GET
H3 200 api.js Show response
www.google.com/recaptcha/ Frame 766D 925 B
605 B 176ms
65ms Script
text/javascript 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=__api_auth_recaptcha_on_load__&render=explicit&hl=uk

Requested by

Host: api.1plus1.video
URL: https://api.1plus1.video/static/js/api.auth.0.0.5.js?v=704f1bf8100dcad41f29c14adca06bf8df2c5c76

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9ddf0ee067c1ada86d598fecb917f2725e2430d9104a013bd7cdc41956f499cf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 584
x-xss-protection: 1; mode=block
expires: Tue, 01 Nov 2022 00:27:07 GMT

GET
H2 200 config.json Show response
player.adtelligent.com/exchange_rates/298308/ 4 KB
2 KB 171ms
57ms XHR
application/json 45.133.44.3
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/exchange_rates/298308/config.json?cb=https%3A%2F%2F1plus1.ua%2F
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19297/hb_298309_4139.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: 31a29155b9206d1714980c090e73da1db9253f7f63ec76cf7bc445ebf5ce5ff0

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

expires: Thu, 03 Nov 2022 00:27:07 GMT
date: Tue, 01 Nov 2022 00:27:07 GMT
content-encoding: gzip
last-modified: Mon, 31 Oct 2022 12:01:11 GMT
server: nginx
etag: W/"635fb907-117a"
content-type: application/json
access-control-allow-origin: https://1plus1.ua
cache-control: max-age=172800
x-proxy-cache: HIT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 174ms
64ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=1plus1.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 171ms
63ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=1plus1.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 148 KB
46 KB 506ms
397ms XHR
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1227449208457138&correlator=599062418555148&eid=31068458%2C31069102&output=ldjh&gdfp_req=1&vrg=2022102601&ptt=17&impl=fifs&iu_parts=82479101%2C1plus1.ua%2CWeb_Interstitual&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=2&adks=2910912907&sfv=1-0-38&ists=1&fas=8&eri=1&sc=1&cookie=ID%3D80224a7f334433cc-22e28a3160ce0018%3AT%3D1667262426%3ART%3D1667262426%3AS%3DALNI_MZtcMiZylrBziNgRLiTAv9RRIweDA&gpic=UID%3D00000b7ac531850e%3AT%3D1667262426%3ART%3D1667262426%3AS%3DALNI_MbmXoCkJITrKJUf2kby6vjGqOhdLg&abxe=1&dt=1667262427161&lmt=1667262427&dlt=1667262425613&idt=1510&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2F1plus1.ua%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=597971806.1667262426&ga_sid=1667262426&ga_hid=735077822&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f520a34c66a363901b2a30157a5dba433244a6e09870d6b664c91235b8c6898d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46644
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://1plus1.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
05bba7976c30603a03eda28442e0f28c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 56EC 6 KB
4 KB 191ms
61ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://05bba7976c30603a03eda28442e0f28c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1plus1.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 01 Nov 2022 00:27:07 GMT
expires: Wed, 01 Nov 2023 00:27:07 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads_2022102601.js Show response
securepubads.g.doubleclick.net/gpt/ 37 KB
14 KB 162ms
56ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022102601.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b1c813e41d243acc58a5593c49d25c9ebe9e0d54719eaef7c74356fb8cf491b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 14:33:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 467614
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13940
x-xss-protection: 0
last-modified: Wed, 26 Oct 2022 08:37:01 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 26 Oct 2023 14:33:33 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 766D 5 KB
667 B 172ms
63ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700&subset=cyrillic-ext,latin-ext

Requested by

Host: api.1plus1.video
URL: https://api.1plus1.video/static/css/api.auth.css?_t168840745213

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

910612fc65208677f4e2fff60558e0f1949138a3696402a17ed5582efe0d2649

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://api.1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 01 Nov 2022 00:27:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 31 Oct 2022 23:49:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 01 Nov 2022 00:27:07 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 81ms
66ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-22507043-9&cid=597971806.1667262426&jid=1947436644&_u=YAhAAEAAAAAAACAAI~&z=1619100251

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Nov 2022 00:27:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 181ms
67ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-22507043-9&cid=597971806.1667262426&jid=1947436644&_u=YAhAAEAAAAAAACAAI~&z=1619100251

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Nov 2022 00:27:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
111 B 415ms
90ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19297/hb_298309_4139.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://1plus1.ua
date: Tue, 01 Nov 2022 00:27:07 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
271 B 179ms
58ms XHR
text/plain 147.75.85.234
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19297/hb_298309_4139.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://1plus1.ua
date: Tue, 01 Nov 2022 00:27:07 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
server: envoy
vary: origin, Accept-Encoding

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
211 B 311ms
67ms XHR
text/plain 2a02:2638::24
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.25.1-d&cb=72895984953

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19297/hb_298309_4139.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 01 Nov 2022 00:27:06 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://1plus1.ua
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H2

200

ROS Show response
pbjs.e-planning.net/hb/1/2e43c/1/1plus1.ua/
Redirect Chain

https://pbjs.e-planning.net/pbjs/1/2e43c/1/1plus1.ua/ROS?rnd=0.20107060748753902&e=300x250_0%3A300x250%2B300x250_1%3A300x250%2C300x600%2B300x250_2%3A300x250%2C300x600%2B970x250_0%3A970x250%2C750x25...
https://pbjs.e-planning.net/hb/1/2e43c/1/1plus1.ua/ROS?ct=1&r=pbjs&rnd=0.20107060748753902&e=300x250_0%3A300x250%2B300x250_1%3A300x250%2C300x600%2B300x250_2%3A300x250%2C300x600%2B970x250_0%3A970x25...

585 B
995 B

50ms
49ms

XHR
application/json

185.172.90.252
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://pbjs.e-planning.net/hb/1/2e43c/1/1plus1.ua/ROS?ct=1&r=pbjs&rnd=0.20107060748753902&e=300x250_0%3A300x250%2B300x250_1%3A300x250%2C300x600%2B300x250_2%3A300x250%2C300x600%2B970x250_0%3A970x250%2C750x250%2B1440x180_0%3A1440x180&ur=https%3A%2F%2F1plus1.ua%2F&pbv=6.25.1-d&ncb=1&vs=FFFFF&crs=UTF-8&fr=https%3A%2F%2F1plus1.ua%2F&e_pubcid=408f6601-ecb6-4af4-bbcc-a6d761b8f936
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Server: 185.172.90.252 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: 2c06019216613db509def3fdf03611d0872be7b436a496a3e3b38cccda1074ac

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires: Tue, 01 Nov 2022 00:27:07 GMT
date: Tue, 01 Nov 2022 00:27:07 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://1plus1.ua
content-type: application/json
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-length: 585
x-sid: AMS-927

Redirect headers

date: Tue, 01 Nov 2022 00:27:07 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location: /hb/1/2e43c/1/1plus1.ua/ROS?ct=1&r=pbjs&rnd=0.20107060748753902&e=300x250_0%3A300x250%2B300x250_1%3A300x250%2C300x600%2B300x250_2%3A300x250%2C300x600%2B970x250_0%3A970x250%2C750x250%2B1440x180_0%3A1440x180&ur=https%3A%2F%2F1plus1.ua%2F&pbv=6.25.1-d&ncb=1&vs=FFFFF&crs=UTF-8&fr=https%3A%2F%2F1plus1.ua%2F&e_pubcid=408f6601-ecb6-4af4-bbcc-a6d761b8f936
access-control-allow-origin: https://1plus1.ua
content-type: text/html; charset=iso-8859-1
access-control-allow-credentials: true
x-sid: AMS-927

POST
H/1.1 200
OK / Show response
ghb.adtelligent.com/v2/auction/ 361 B
462 B 45ms
45ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/v2/auction/
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19297/hb_298309_4139.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 6f1888ff3a407245f99c95e97c42cf1f277c74ba57e9da1bea859673c14ec573

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 01 Nov 2022 00:27:06 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://1plus1.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 158

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
55 B 422ms
108ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19297/hb_298309_4139.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://1plus1.ua
date: Tue, 01 Nov 2022 00:27:07 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
171 B 168ms
53ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19297/hb_298309_4139.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://1plus1.ua
date: Tue, 01 Nov 2022 00:27:07 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 200 bid Show response
a4p.adpartner.pro/hb/ 3 B
249 B 79ms
79ms XHR
application/json 54.38.197.123
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/hb/bid?tag=8048&sizes=1440x180&referer=https%3A%2F%2F1plus1.ua%2F
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19297/hb_298309_4139.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-01.adpartner.pro
Software: nginx /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://1plus1.ua
date: Tue, 01 Nov 2022 00:27:07 GMT
cache-control: no-store no-transform
access-control-allow-credentials: true
server: nginx
content-length: 3
content-type: application/json

POST
H2 200 v1 Show response
hb-api.omnitagjs.com/hb-api/prebid/ 180 B
524 B 207ms
85ms XHR
application/json 185.255.84.150
IGUANE-

General

Check archive.org

Show headers Download Go to

Full URL

https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2F1plus1.ua%2F&CanonicalUrl=https%3A%2F%2Fm.1plus1.ua%2F&PublisherDomain=https%3A%2F%2F1plus1.ua

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19297/hb_298309_4139.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.150 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

db202f76af84d270dd19fc6ffb8acb88e6a08c7731245df6ba7657bb842185ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 01 Nov 2022 00:27:07 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://1plus1.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 28
vary: Accept-Encoding
access-control-allow-headers: Accept-Encoding, Content-Type
content-length: 180
expires: 0

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
210 B 310ms
77ms XHR
text/plain 2a02:2638::24
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.25.1-d&cb=45697484430

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19297/hb_298309_4139.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 01 Nov 2022 00:27:06 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://1plus1.ua
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
356 B 191ms
60ms XHR
application/json 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19297/hb_298309_4139.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://1plus1.ua
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H/1.1 200
OK prebid.1.2.aspx Show response
inv-nets.admixer.net/ 1002 B
1 KB 175ms
57ms XHR
text/javascript 146.0.227.109
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/prebid.1.2.aspx

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19297/hb_298309_4139.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

1789f8692d19384cf21c4dc0e5455627d80568d08a0d6d810868898e95a2cf88

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 01 Nov 2022 00:27:07 GMT
Server: nginx
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: https://1plus1.ua
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 1002
X-Xss-Protection: 0

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 324 B
1 KB 330ms
140ms XHR
application/json 2602:803:c004:200::141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48254&zone_id=1767304&size_id=15&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=408f6601-ecb6-4af4-bbcc-a6d761b8f936%5E1&rf=https%3A%2F%2F1plus1.ua%2F&tg_i.pbadslot=%2F82479101%2F1plus1.ua%2F1plus1_300x250_2%23div-gpt-ad-1519059092931-2&tk_flint=pbjs_lite_v6.25.1-d&x_source.tid=c52f1dfa-47f4-414c-a463-49fb819657c0&l_pb_bid_id=642be6755c8af0b&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F82479101%2F1plus1.ua%2F1plus1_300x250_2%23div-gpt-ad-1519059092931-2&slots=1&rand=0.2443011928911838
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19297/hb_298309_4139.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: af3ccce7eec1e4d879d5ed4b43883048a15da8808c54807c16cf93db1468e233

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 01 Nov 2022 00:27:07 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://1plus1.ua
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 324
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 352 B
1 KB 341ms
152ms XHR
application/json 2602:803:c004:200::141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48254&zone_id=1767304&size_id=15&alt_size_ids=10&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=408f6601-ecb6-4af4-bbcc-a6d761b8f936%5E1&rf=https%3A%2F%2F1plus1.ua%2F&tg_i.pbadslot=%2F82479101%2F1plus1.ua%2F1plus1_300x600%23div-gpt-ad-1519059092931-01567274115&tk_flint=pbjs_lite_v6.25.1-d&x_source.tid=d125d029-feae-41db-a102-d3b5a7054aca&l_pb_bid_id=6595b1b170e61c7&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F82479101%2F1plus1.ua%2F1plus1_300x600%23div-gpt-ad-1519059092931-01567274115&slots=1&rand=0.49791112030282436
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19297/hb_298309_4139.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: fa2325c9f7f2e0c8ecd37540af5a0cd6aef47c860aac1353a95916613db5ee14

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 01 Nov 2022 00:27:07 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://1plus1.ua
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 352
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 323 B
1 KB 334ms
144ms XHR
application/json 2602:803:c004:200::141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48254&zone_id=1767304&size_id=57&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=408f6601-ecb6-4af4-bbcc-a6d761b8f936%5E1&rf=https%3A%2F%2F1plus1.ua%2F&tg_i.pbadslot=%2F82479101%2F1plus1.ua%2F1plus1_1250x250%23div-gpt-ad-1519059092931-1&tk_flint=pbjs_lite_v6.25.1-d&x_source.tid=12ccd157-2cd4-494e-ab67-0adc08f5736f&l_pb_bid_id=6651d053df0f91f&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F82479101%2F1plus1.ua%2F1plus1_1250x250%23div-gpt-ad-1519059092931-1&slots=1&rand=0.36576856503732325
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19297/hb_298309_4139.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 739bb3e5a04b679b6f2615fa83ca3c7cc1a3290d41690a2a99e84538653efb96

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 01 Nov 2022 00:27:07 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://1plus1.ua
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 323
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 352 B
1 KB 334ms
144ms XHR
application/json 2602:803:c004:200::141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48254&zone_id=1767304&size_id=15&alt_size_ids=10&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=408f6601-ecb6-4af4-bbcc-a6d761b8f936%5E1&rf=https%3A%2F%2F1plus1.ua%2F&tg_i.pbadslot=%2F82479101%2F1plus1.ua%2F1plus1_300x600%23div-gpt-ad-1519059092931-01567274115&tk_flint=pbjs_lite_v6.25.1-d&x_source.tid=3b787354-0dba-4eb0-aaca-e965517177b4&l_pb_bid_id=67b6cbaee5545cd&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F82479101%2F1plus1.ua%2F1plus1_300x600%23div-gpt-ad-1519059092931-01567274115&slots=1&rand=0.31213622411475184
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19297/hb_298309_4139.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: d007814f8a5cda7fd744b2ac5920e597d7698fd8c51b346c3f758443d6fb53e3

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 01 Nov 2022 00:27:07 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://1plus1.ua
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 352
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 325 B
1 KB 328ms
139ms XHR
application/json 2602:803:c004:200::141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2126352&size_id=15&eid_pubcid.org=408f6601-ecb6-4af4-bbcc-a6d761b8f936%5E1&rf=https%3A%2F%2F1plus1.ua%2F&tg_i.pbadslot=%2F82479101%2F1plus1.ua%2F1plus1_300x250_2%23div-gpt-ad-1519059092931-2&tk_flint=pbjs_lite_v6.25.1-d&x_source.tid=c52f1dfa-47f4-414c-a463-49fb819657c0&l_pb_bid_id=70a3981f25672ff&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F82479101%2F1plus1.ua%2F1plus1_300x250_2%23div-gpt-ad-1519059092931-2&slots=1&rand=0.701176599503786
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19297/hb_298309_4139.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: b4ad7cd05cc4a3202425d647834a173bbe5c489b536033151b8833868c9f1d7b

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 01 Nov 2022 00:27:07 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://1plus1.ua
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 325
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 353 B
1 KB 333ms
145ms XHR
application/json 2602:803:c004:200::141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2126352&size_id=15&alt_size_ids=10&eid_pubcid.org=408f6601-ecb6-4af4-bbcc-a6d761b8f936%5E1&rf=https%3A%2F%2F1plus1.ua%2F&tg_i.pbadslot=%2F82479101%2F1plus1.ua%2F1plus1_300x600%23div-gpt-ad-1519059092931-01567274115&tk_flint=pbjs_lite_v6.25.1-d&x_source.tid=d125d029-feae-41db-a102-d3b5a7054aca&l_pb_bid_id=71fec514480f9a5&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F82479101%2F1plus1.ua%2F1plus1_300x600%23div-gpt-ad-1519059092931-01567274115&slots=1&rand=0.3508337315727543
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19297/hb_298309_4139.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 56d823d32d7d2605f51fa1db7991959a2b526769ef715765b9bbd457f0801fff

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 01 Nov 2022 00:27:07 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://1plus1.ua
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 353
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 9 KB
6 KB 485ms
159ms XHR
application/json 2602:803:c004:200::141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2126352&size_id=57&eid_pubcid.org=408f6601-ecb6-4af4-bbcc-a6d761b8f936%5E1&rf=https%3A%2F%2F1plus1.ua%2F&tg_i.pbadslot=%2F82479101%2F1plus1.ua%2F1plus1_1250x250%23div-gpt-ad-1519059092931-1&tk_flint=pbjs_lite_v6.25.1-d&x_source.tid=12ccd157-2cd4-494e-ab67-0adc08f5736f&l_pb_bid_id=7204f8e2b34b8e9&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F82479101%2F1plus1.ua%2F1plus1_1250x250%23div-gpt-ad-1519059092931-1&slots=1&rand=0.34829744113450767
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19297/hb_298309_4139.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 22371ffd20e777e20be50d9e36018a97a1ce756d3dd8c0e16b6d6a573952c1f2

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 01 Nov 2022 00:27:07 GMT
Content-Encoding: gzip
Server: nginx/1.21.4
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://1plus1.ua
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 4765
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 353 B
1 KB 478ms
150ms XHR
application/json 2602:803:c004:200::141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2126352&size_id=15&alt_size_ids=10&eid_pubcid.org=408f6601-ecb6-4af4-bbcc-a6d761b8f936%5E1&rf=https%3A%2F%2F1plus1.ua%2F&tg_i.pbadslot=%2F82479101%2F1plus1.ua%2F1plus1_300x600%23div-gpt-ad-1519059092931-01567274115&tk_flint=pbjs_lite_v6.25.1-d&x_source.tid=3b787354-0dba-4eb0-aaca-e965517177b4&l_pb_bid_id=7386bc24f9035e3&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F82479101%2F1plus1.ua%2F1plus1_300x600%23div-gpt-ad-1519059092931-01567274115&slots=1&rand=0.8854112486887367
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19297/hb_298309_4139.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 44e004ddc97e11bdf48fc68053b6b6de75758f299513d038a03292fa4cbd1f38

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 01 Nov 2022 00:27:07 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://1plus1.ua
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 353
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK / Show response
ghb1.adtelligent.com/v2/auction/ 4 KB
761 B 157ms
45ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb1.adtelligent.com/v2/auction/
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19297/hb_298309_4139.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: cecfb613fd6df059e2ac80331b7556a6288f7024c86ba72541ac543285c1a99c

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 01 Nov 2022 00:27:06 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://1plus1.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 457

POST
H/1.1 200
OK / Show response
ghb2.adtelligent.com/v2/auction/ 3 KB
712 B 150ms
44ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb2.adtelligent.com/v2/auction/
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19297/hb_298309_4139.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 99d1e934527821ec4565fa08b939965c4b7c61eb70aa554096056a72c3d238b1

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 01 Nov 2022 00:27:06 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://1plus1.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 408

POST
H2 200 i Show response
ads.adnuntius.delivery/ 7 KB
2 KB 347ms
243ms XHR
application/json 172.67.137.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adnuntius.delivery/i?tzo=0&format=json
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19297/hb_298309_4139.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.137.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 084f902dc8bb5540b364d3a76d6e4a8500c81f796ed3863b310914d97e138d80

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 01 Nov 2022 00:27:07 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-adn-diagnostic-request-id: 44fcc3f58d124c6ff3a0eee2b9170a4d
x-adn-backend-server-id: f783ec92
content-length: 1235
pragma: no-cache
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AAN9Sk1m6%2BIuB1m6j60G4tUcdm%2FYMQBkPiWqybjbo5IJN%2FPRdHQxCpyZQlQV5QPCmpNCU4KyGN9CIT7EOjA12HXKz27LFPJltBwjxaFO2DcEsCR4zdiCwWbC6TbcnYErDa6EFTwRGK%2BY"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://1plus1.ua
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 763080baffebf3e7-LHR
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 arj Show response
adtelligent-d.openx.net/w/1.0/ 73 B
372 B 191ms
66ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adtelligent-d.openx.net/w/1.0/arj?ju=https%3A%2F%2F1plus1.ua%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=c52f1dfa-47f4-414c-a463-49fb819657c0%2Cd125d029-feae-41db-a102-d3b5a7054aca%2C12ccd157-2cd4-494e-ab67-0adc08f5736f%2C3b787354-0dba-4eb0-aaca-e965517177b4%2Cf57562c7-7a53-4cf4-a4b0-7d187859acc6&nocache=1667262427231&pubcid=408f6601-ecb6-4af4-bbcc-a6d761b8f936&schain=1.0%2C1!adtelligent.com%2C298309%2C1%2C%2C%2C&aus=300x250%7C300x600%2C300x250%7C970x250%2C750x250%7C300x600%2C300x250%7C1440x180&divids=div-gpt-ad-1519059092931-2%2Cdiv-gpt-ad-1519059092931-01604791960%2Cdiv-gpt-ad-1519059092931-1%2Cdiv-gpt-ad-1519059092931-01567274115%2Capi-gpt-catfish-wrapper&aucs=%252F82479101%252F1plus1.ua%252F1plus1_300x250_2%2523div-gpt-ad-1519059092931-2%2C%252F82479101%252F1plus1.ua%252F1plus1_300x600%2523div-gpt-ad-1519059092931-01567274115%2C%252F82479101%252F1plus1.ua%252F1plus1_1250x250%2523div-gpt-ad-1519059092931-1%2C%252F82479101%252F1plus1.ua%252F1plus1_300x600%2523div-gpt-ad-1519059092931-01567274115%2C%252F82479101%252F1plus1.ua%252Fcatfish%2523api-gpt-catfish-wrapper&auid=541177132%2C541177132%2C541177132%2C541177132%2C541177132
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19297/hb_298309_4139.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 648ece77ac36bc6cfc0ffaa15d26816babc465309f139f1ccbd125ba35bfda1e

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 01 Nov 2022 00:27:07 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: application/json
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://1plus1.ua
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 recaptcha__uk.js Show response
www.gstatic.com/recaptcha/releases/NJPGLzpIZgjszqyOymHUP0XR/ Frame 766D 431 KB
162 KB 164ms
55ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/NJPGLzpIZgjszqyOymHUP0XR/recaptcha__uk.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=__api_auth_recaptcha_on_load__&render=explicit&hl=uk

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed06e73814fadd7be93a06ef2280cc628f0925ae2b57ea90ea1454dccb3f2a71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1plus1.video/
Origin: https://1plus1.video
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 23:23:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3818
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 165650
x-xss-protection: 0
last-modified: Mon, 24 Oct 2022 04:01:21 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 31 Oct 2023 23:23:29 GMT

GET
H/1.1 200
OK hls.light.min.js Show response
1plus1.video/static/player/js/ Frame 766D 153 KB
53 KB 81ms
81ms Script
application/javascript 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://1plus1.video/static/player/js/hls.light.min.js
Requested by: Host: 1plus1.video
URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=704f1bf8100dcad41f29c14adca06bf8df2c5c76
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: bd9072da49e87b2c3688527532eb51a54a6886366915be497e4e2de0c83e5859

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/video/embed/E2fzXbha?l=ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 01 Nov 2022 00:27:07 GMT
Content-Encoding: gzip
Last-Modified: Tue, 05 Mar 2019 13:06:09 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Thu, 01 Dec 2022 00:22:22 GMT

GET
H2 200 92d3195f325a4d45ee303ab9d892d5b3.custom.jpg
images.1plus1.video/card-5/E2fzXbha/ Frame 766D 475 KB
476 KB 109ms
109ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/card-5/E2fzXbha/92d3195f325a4d45ee303ab9d892d5b3.custom.jpg
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: bc612c0463c547f2d209aebf6d513fe30242194a0c14739ac81495248c0c4d66

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:07 GMT
last-modified: Tue, 15 Jun 2021 14:24:37 GMT
server: nginx
etag: "c7be8b09dd21bd3fc4aad93543f193e6"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 486113
x-1p1-cdn: BYPASS; Tue, 01 Nov 2022 00:27:07 GMT
expires: Tue, 08 Nov 2022 00:27:07 GMT

GET
DATA 200
OK truncated
/ Frame 766D 369 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5f9ecc527406b9b72bc3a9f4527892dcf842584b7e6aeb7ce816a4c7c8803954

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
fonts.gstatic.com/s/opensans/v34/ Frame 766D 26 KB
26 KB 247ms
132ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700&subset=cyrillic-ext,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59bd288e64c57e034672999e33ebda6eb5ad1575945eb563dbfb5b44f226e1e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://1plus1.video
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 19:00:18 GMT
x-content-type-options: nosniff
age: 19609
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26240
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:14:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Oct 2023 19:00:18 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ Frame 766D 44 KB
44 KB 169ms
54ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700&subset=cyrillic-ext,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://1plus1.video
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 18:50:24 GMT
x-content-type-options: nosniff
age: 20203
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Oct 2023 18:50:24 GMT

GET
H2 200 gplayer.js Show response
gaua.hit.gemius.pl/ Frame 766D 22 KB
6 KB 77ms
77ms Script
application/x-javascript 54.37.238.28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/gplayer.js
Requested by: Host: 1plus1.video
URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=704f1bf8100dcad41f29c14adca06bf8df2c5c76
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.37.238.28 , Poland, ASN16276 (OVH, FR),
Reverse DNS: ip28.ip-54-37-238.eu
Software: GHC /
Resource Hash: 04cce6955ada56b8cb7ddf75ad86e59ef6ae2137c25bf04bcfa210434ed723fa

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:07 GMT
content-encoding: gzip
last-modified: Fri, 30 Sep 2022 13:21:50 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: max-age=43200
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 6043
expires: Tue, 01 Nov 2022 12:27:07 GMT

GET
H/1.1 200
OK 128902 Show response
api.1plus1.video/v2/ua/recommendation_projects/ Frame 766D 1 KB
1 KB 102ms
101ms XHR
application/json 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.1plus1.video/v2/ua/recommendation_projects/128902?cid=E2fzXbha&vct=3&_t421057251343
Requested by: Host: 1plus1.video
URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=704f1bf8100dcad41f29c14adca06bf8df2c5c76
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: a14baa265896ab752d86a101a2d088176b66d5e2a900d614cd4d42f9caddbf48

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 01 Nov 2022 00:27:07 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://1plus1.video
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 container.html Show response
05bba7976c30603a03eda28442e0f28c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2F85 6 KB
3 KB 164ms
54ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://05bba7976c30603a03eda28442e0f28c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1plus1.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 01 Nov 2022 00:27:07 GMT
expires: Wed, 01 Nov 2023 00:27:07 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 63ms
63ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=1plus1.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 64ms
64ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=1plus1.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 246 KB
48 KB 384ms
384ms XHR
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1227449208457138&correlator=3251233710022186&eid=31068458%2C31069102&output=ldjh&gdfp_req=1&vrg=2022102601&ptt=17&impl=fifs&iu_parts=82479101%2C1plus1.ua%2C1plus1_300x250_2%2C1plus1_300x600%2C1plus1_1250x250%2Ccatfish&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F3%2C%2F0%2F1%2F5&prev_iu_szs=300x250%2C300x600%7C300x250%2C970x250%7C750x250%2C300x600%7C300x250%2C1440x180&ifi=3&adks=695559250%2C3816035715%2C3836652839%2C3007370435%2C2198103003&sfv=1-0-38&prev_scp=Project_1plus1%3DMain%26hb_rfBid%3D0%26excl_cat%3DPREPOST%7CProject_1plus1%3DMain%26hb_rfBid%3D0%26excl_cat%3DPREPOST%7CProject_1plus1%3DMain%26hb_rfBid%3D0%26excl_cat%3DPREPOST%7CProject_1plus1%3DOther%26hb_rfBid%3D0%26excl_cat%3DPREPOST%7CProject_1plus1%3Dother%26hb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&sc=1&cookie=ID%3D80224a7f334433cc%3AT%3D1667262426%3AS%3DALNI_MYpBG2U19kwyw3pkaP-HQBk7NttiA&gpic=UID%3D00000b7ac531850e%3AT%3D1667262426%3ART%3D1667262426%3AS%3DALNI_MbmXoCkJITrKJUf2kby6vjGqOhdLg&abxe=1&dt=1667262427746&lmt=1667262427&dlt=1667262425613&idt=1510&adxs=299%2C983%2C315%2C983%2C80&adys=640%2C2328%2C4348%2C4875%2C1020&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C1%7C2%7C3%7C0&ucis=2%7C3%7C4%7C5%7C6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2F1plus1.ua%2F&frm=20&vis=1&psz=314x0%7C300x0%7C1176x120%7C300x0%7C1600x-1&msz=314x0%7C300x0%7C1176x0%7C300x0%7C1600x-1&fws=0%2C0%2C0%2C0%2C512&ohw=0%2C0%2C0%2C0%2C0&ga_vid=597971806.1667262426&ga_sid=1667262426&ga_hid=735077822&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bb03b7ea6637a065b1e4ac9479dc26d8fe41f649049c5ee843f107cdd9a6c867

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12231767363623583744/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12231767363623583744/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPCgiMbci_sCFViQ_QcdbMkIEg&gqi=&layout=/sadbundle/%24csp%253Der3%24/12231767363623583744/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12231767363623583744/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12231767363623583744/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPCgiMbci_sCFViQ_QcdbMkIEg&gqi=&layout=/sadbundle/%24csp%253Der3%24/12231767363623583744/index.html
date: Tue, 01 Nov 2022 00:27:08 GMT
x-content-type-options: nosniff
content-encoding: br
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48720
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1,-1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://1plus1.ua
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gemiuslib.js Show response
gaua.hit.gemius.pl/ Frame 766D 57 KB
15 KB 79ms
79ms Script
application/x-javascript 54.37.238.28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/gemiuslib.js
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/gplayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.37.238.28 , Poland, ASN16276 (OVH, FR),
Reverse DNS: ip28.ip-54-37-238.eu
Software: GHC /
Resource Hash: 884fbe47181d1a3dfb98a437776de4a42eb76d4ef1686b05d8642c8189caf6ad

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:07 GMT
content-encoding: gzip
last-modified: Fri, 30 Sep 2022 13:21:50 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: max-age=43200
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 15451
expires: Tue, 01 Nov 2022 12:27:07 GMT

GET
H/1.1 200
OK api.chat.0.0.1.js Show response
api.1plus1.video/static/js/ Frame 766D 33 KB
13 KB 81ms
81ms Script
application/javascript 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.1plus1.video/static/js/api.chat.0.0.1.js
Requested by: Host: 1plus1.video
URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=704f1bf8100dcad41f29c14adca06bf8df2c5c76
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: e2b2134adf52398755a5e6428ee95f6a6f99db6b82530f2b3e964c5be470cfe0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 01 Nov 2022 00:27:07 GMT
Content-Encoding: gzip
Last-Modified: Wed, 23 Feb 2022 14:15:45 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Thu, 01 Dec 2022 00:22:49 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 766D 370 KB
124 KB 191ms
70ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: 1plus1.video
URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=704f1bf8100dcad41f29c14adca06bf8df2c5c76

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab659f3b8c832932b95844fe1945e22b637f9650ed46c1713dc23af760d99b83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126790
x-xss-protection: 0
expires: Tue, 01 Nov 2022 00:27:07 GMT

GET
H2 200 fa026e772cfd5e39f5c43fb03bea1247.220x330.jpg
images.1plus1.video/playlist-1/101800/ Frame 766D 77 KB
78 KB 165ms
163ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/101800/fa026e772cfd5e39f5c43fb03bea1247.220x330.jpg
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 7f4b62d09dc30ffd1f6943c722fc053199beca02c3a5962264608d05ec583484

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:07 GMT
last-modified: Thu, 23 Sep 2021 09:32:32 GMT
server: nginx
etag: "1ac7c7bca48ad0b6bf49709fb825bd52"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 79302
x-1p1-cdn: BYPASS; Tue, 01 Nov 2022 00:27:07 GMT
expires: Tue, 08 Nov 2022 00:27:07 GMT

GET
H2 200 580fc007f314b6c7a87ec2f320914a1a.220x330.jpg
images.1plus1.video/playlist-1/5589/ Frame 766D 82 KB
83 KB 164ms
163ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/5589/580fc007f314b6c7a87ec2f320914a1a.220x330.jpg
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: ae0b2fa6956c5bbeab3ebb80e69bc0d313506fbf6d9a75fdd41d3511d8aeb120

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:07 GMT
last-modified: Wed, 26 Jan 2022 08:14:28 GMT
server: nginx
etag: "3917fa01fa34fdfd43db5b1c15071af1"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 84258
x-1p1-cdn: BYPASS; Tue, 01 Nov 2022 00:27:07 GMT
expires: Tue, 08 Nov 2022 00:27:07 GMT

GET
H2 200 f0ee1990bc109bdc1d80ced614848fbe.220x330.jpg
images.1plus1.video/playlist-1/118669/ Frame 766D 84 KB
84 KB 163ms
162ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/118669/f0ee1990bc109bdc1d80ced614848fbe.220x330.jpg
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: e52ce9aedd00c17de0baddbfc8112577c1a48f3d1c8aee25953a53feb7281d7c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:07 GMT
last-modified: Thu, 23 Sep 2021 09:37:45 GMT
server: nginx
etag: "cd80b64d6e8b1fb3fb0449e270085489"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 85922
x-1p1-cdn: BYPASS; Tue, 01 Nov 2022 00:27:07 GMT
expires: Tue, 08 Nov 2022 00:27:07 GMT

GET
H2 200 08889206d0bc6f22496fd04b86041fed.220x330.jpg
images.1plus1.video/playlist-1/326/ Frame 766D 91 KB
91 KB 161ms
160ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/326/08889206d0bc6f22496fd04b86041fed.220x330.jpg
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 176cec0c0610df2346dd22066f273900fa263f1071814b001d07ffbd654b9eda

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:07 GMT
last-modified: Sat, 13 Feb 2021 11:59:34 GMT
server: nginx
etag: "70c7ed91bbef141e65887484066b2093"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 93213
x-1p1-cdn: BYPASS; Tue, 01 Nov 2022 00:27:07 GMT
expires: Tue, 08 Nov 2022 00:27:07 GMT

GET
H2 200 e2811c3b984e91c24e364696bb27bc38.220x330.jpg
images.1plus1.video/playlist-1/93/ Frame 766D 73 KB
73 KB 162ms
161ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/93/e2811c3b984e91c24e364696bb27bc38.220x330.jpg
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 623b8ed926c2eb6436ec5a876949f4986eea52ccb69a6a0064164dd9d6361179

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:07 GMT
last-modified: Sat, 30 Oct 2021 07:14:20 GMT
server: nginx
etag: "a24e7612ca888c6a3f26a9c9ad42fb7a"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 74890
x-1p1-cdn: BYPASS; Tue, 01 Nov 2022 00:27:07 GMT
expires: Tue, 08 Nov 2022 00:27:07 GMT

GET
H2 200 fpdata.js Show response
gaua.hit.gemius.pl/ Frame 766D 281 B
354 B 76ms
76ms Script
application/x-javascript 54.37.238.28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/fpdata.js?href=1plus1.video
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/gemiuslib.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.37.238.28 , Poland, ASN16276 (OVH, FR),
Reverse DNS: ip28.ip-54-37-238.eu
Software: GHC /
Resource Hash: fa6234a2a0b074fbb5bb0f1922edd5b9e0479a346756cc12e8851dad31c2a08f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:07 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag: PRIVATE7520710249
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: private, max-age=2592000
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 281
expires: Thu, 01 Dec 2022 00:27:07 GMT

GET
H2 200 lsget.html Show response
ls.hit.gemius.pl/ Frame 1517 5 KB
3 KB 77ms
77ms Document
text/html 146.59.30.96
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ls.hit.gemius.pl/lsget.html
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/gemiuslib.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.30.96 , France, ASN16276 (OVH, FR),
Reverse DNS: ip96.ip-146-59-30.eu
Software: GHC /
Resource Hash: 47f2f511eb3c1e2028fdcfa65dafc9618b44a9e6d7cae366a054b5fe79892965

Request headers

Referer: https://1plus1.video/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
accept-ranges: none
cache-control: private, max-age=2592000
content-encoding: gzip
content-length: 2717
content-type: text/html;charset=utf-8
cross-origin-resource-policy: cross-origin
date: Tue, 01 Nov 2022 00:27:07 GMT
etag: PRIVATE7520710249
expires: Thu, 01 Dec 2022 00:27:07 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
p3p: CP="NOI DSP COR NID PSAo OUR IND"
server: GHC
vary: Accept-Encoding,Origin,User-Agent

GET
H3 200 css2
fonts.googleapis.com/ Frame 2F85 4 KB
636 B 69ms
69ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: 05bba7976c30603a03eda28442e0f28c.safeframe.googlesyndication.com
URL: https://05bba7976c30603a03eda28442e0f28c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://05bba7976c30603a03eda28442e0f28c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 01 Nov 2022 00:27:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 01 Nov 2022 00:07:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 01 Nov 2022 00:27:07 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame EED4 8 KB
895 B 71ms
71ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://05bba7976c30603a03eda28442e0f28c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 01 Nov 2022 00:27:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 31 Oct 2022 23:38:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 01 Nov 2022 00:27:07 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/ Frame EED4 2 KB
847 B 225ms
109ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://05bba7976c30603a03eda28442e0f28c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 19:44:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16946
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 14 Nov 2022 19:44:42 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221027/r20110914/ Frame EED4 23 KB
10 KB 168ms
54ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221027/r20110914/abg_lite_fy2021.js

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://05bba7976c30603a03eda28442e0f28c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 17:29:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25077
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9268
x-xss-protection: 0
server: cafe
etag: 17746901142539384344
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 14 Nov 2022 17:29:11 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/ Frame EED4 3 KB
1 KB 224ms
110ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/window_focus_fy2021.js

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://05bba7976c30603a03eda28442e0f28c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 19:26:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18045
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 14 Nov 2022 19:26:23 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/ Frame EED4 17 KB
7 KB 175ms
61ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://05bba7976c30603a03eda28442e0f28c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 18:55:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19895
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7367
x-xss-protection: 0
server: cafe
etag: 4759548068123418343
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 14 Nov 2022 18:55:33 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame EED4 0
0 63ms
62ms Image
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRcvCk0QJ6uMmKP621chUPCW5Wy7E1zj8LFaLuHv1mxgdAj75aokpLhD6RYXHS7FyPreGgY47O2ImUXz-uPhedhY2TnPQ
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://05bba7976c30603a03eda28442e0f28c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EED4 153 KB
47 KB 176ms
67ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c03682256f0ddbfa031d5ee3c2bbb80eea99dab4ffa12622c551dea01359656

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://05bba7976c30603a03eda28442e0f28c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47996
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666856053429787"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 01 Nov 2022 00:27:08 GMT

GET
H3 200 6d06f43d9219529f87f676616f1c0e3b.js Show response
www.gstatic.com/mysidia/ Frame EED4 33 KB
14 KB 164ms
54ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6d06f43d9219529f87f676616f1c0e3b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19d9403b8b5963aaeae98991373ef1f4ec9ed98d649be55e657db8e1302578bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://05bba7976c30603a03eda28442e0f28c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 12:01:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 476756
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13940
x-xss-protection: 0
last-modified: Mon, 24 Oct 2022 21:55:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 24 Jan 2023 12:01:12 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221027/r20110914/elements/html/ Frame 2F85 19 KB
8 KB 179ms
69ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221027/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: 05bba7976c30603a03eda28442e0f28c.safeframe.googlesyndication.com
URL: https://05bba7976c30603a03eda28442e0f28c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4e70f196596d57a6f3570a0983040f63d9ed88bb9da8849a302ad19fea617dd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://05bba7976c30603a03eda28442e0f28c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 01:02:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84264
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8012
x-xss-protection: 0
server: cafe
etag: 16149103330692230356
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 14 Nov 2022 01:02:44 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 2F85 205 B
229 B 165ms
59ms Image
image/png 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: 05bba7976c30603a03eda28442e0f28c.safeframe.googlesyndication.com
URL: https://05bba7976c30603a03eda28442e0f28c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://05bba7976c30603a03eda28442e0f28c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 23:04:32 GMT
x-content-type-options: nosniff
age: 4956
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 31 Oct 2023 23:04:32 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 2F85 604 B
628 B 167ms
62ms Image
image/png 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: 05bba7976c30603a03eda28442e0f28c.safeframe.googlesyndication.com
URL: https://05bba7976c30603a03eda28442e0f28c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://05bba7976c30603a03eda28442e0f28c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:23:31 GMT
x-content-type-options: nosniff
age: 217
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 01 Nov 2023 00:23:31 GMT

GET
H2 200 redot.js Show response
gaua.hit.gemius.pl/_1667262428038/ Frame 766D 2 B
225 B 76ms
76ms Script
application/x-javascript 54.37.238.28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/_1667262428038/redot.js?l=107&sendf=0&id=ByA1NmOpnbt8LmYqyjQkWrd8.l0YgocyqLXiHjiJayv.h7&et=data&hsrc=3&extra=_EC%3Dstreamcontent%7C_SPI%3D1667262428186%7C_SP%3DE2fzXbha%7C_SPD%3D1plus1.ua%7C_SPV%3D100%7C_SPR%3D665x400%7C_SC%3DE2fzXbha%7CcurrentDomain%3D1plus1.ua%7CcurrentNetwork%3Dhome%7CprojectID%3D128902%7C_SCV%3D100%7Cmute%3Dfalse%7C_SCR%3D665x400%7C_SCT%3DStarodavni%20tradiciyi%20guculivsirovariv%20ta%20sekreti%20virobnictva%20karpatskih%20tverdih%20siriv%7CvideoType%3D3%7CUserType%3DNotAuthorized%7CCategory%3DENT_AVT_1P1%7C_SCD%3D3189%7C_SCTE%3DVideo%7C_SCPD%3D20210612%7C_SCTY%3D1%2F00%7CcontentType%3Dfun%7C_SCTT%3D1&eventid=0&fr=3&tz=0&fv=-&href=https%3A%2F%2F1plus1.video%2Fvideo%2Fembed%2FE2fzXbha%3Fl%3Dua&ref=https%3A%2F%2F1plus1.ua%2F&screen=1600x1200r1000&col=24&window=665x400&vis=1&lsdata=1gYVHrMi77xl6N3HnkYT_vjtrTOCQdtaKR.ewZ_26A7.q7lc.ZmXVxYKxA1PiD9V4Jrw9Ju9ZCQHqSdMkahWrw59Y747/RetajQ9ApWXdC/&ltime=125&fpdata=TowbwhwKc.LiT9sN4ohHQVkeh2NCZtryhS3jzPiSg_H.Y7&inner=_ver%3D330%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&fpcap=&fpsec=1
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/gemiuslib.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.37.238.28 , Poland, ASN16276 (OVH, FR),
Reverse DNS: ip28.ip-54-37-238.eu
Software: GHC /
Resource Hash: 75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Nov 2022 00:27:08 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 2
expires: Mon, 31 Oct 2022 00:27:08 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 0DC5 1 KB
643 B 54ms
53ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 05bba7976c30603a03eda28442e0f28c.safeframe.googlesyndication.com
URL: https://05bba7976c30603a03eda28442e0f28c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://05bba7976c30603a03eda28442e0f28c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 46996
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 31 Oct 2022 11:23:52 GMT
etag: 48472445140208031
expires: Tue, 01 Nov 2022 11:23:52 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 bridge3.542.0_uk.html Show response
imasdk.googleapis.com/js/core/ Frame 56BE 688 KB
222 KB 164ms
55ms Document
text/html 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.542.0_uk.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

553e40559d22cced1be4a2e0e70df8dfe60d6b9fdfc0fbe8916b88f44e621703

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1plus1.video/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 385243
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 227082
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 13:26:25 GMT
expires: Fri, 27 Oct 2023 13:26:25 GMT
last-modified: Thu, 27 Oct 2022 13:17:31 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 766D 44 KB
17 KB 184ms
62ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 01 Nov 2022 00:27:08 GMT

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 766D 107 B
122 B 63ms
63ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=1plus1.video

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012210191347000/ Frame 91B8 221 KB
61 KB 170ms
53ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012210191347000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a79519048901b32cc426ca69b2e305b5644bcd0373f21995c27d19997e627c04

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 31 Oct 2022 17:11:32 GMT
age: 26136
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61564
x-xss-protection: 0
server: sffe
etag: "84cdcac007f64412"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 31 Oct 2023 17:11:32 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012210191347000/v0/ Frame 91B8 14 KB
5 KB 343ms
226ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012210191347000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f453198755f824befcfa757be6d917efd740f6c19270fbe4f8d98353517f8dc8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 31 Oct 2022 17:11:32 GMT
age: 26136
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5198
x-xss-protection: 0
server: sffe
etag: "aeb1502543fb438c"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 31 Oct 2023 17:11:32 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012210191347000/v0/ Frame 91B8 94 KB
28 KB 344ms
227ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012210191347000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ffc33071954215c38304ae191ecb45e2c03e1e7f40e758dd2f944889b92e5f76

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 31 Oct 2022 17:11:32 GMT
age: 26136
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28845
x-xss-protection: 0
server: sffe
etag: "fdb7364f8f067758"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 31 Oct 2023 17:11:32 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012210191347000/v0/ Frame 91B8 5 KB
2 KB 354ms
237ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012210191347000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bfdcc3eaa2c1649211030b5caa1e03a40a1299dc5fac7ca8d57144d56fb9afc5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 31 Oct 2022 17:11:32 GMT
age: 26136
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1912
x-xss-protection: 0
server: sffe
etag: "9f4a70ec77acc0d1"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 31 Oct 2023 17:11:32 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012210191347000/v0/ Frame 91B8 40 KB
13 KB 355ms
238ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012210191347000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e9ab8899832043bf5aa1f2c07cc6222bbf3dd450c4311bbbae045c37e8eb420

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 31 Oct 2022 17:11:32 GMT
age: 26136
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12946
x-xss-protection: 0
server: sffe
etag: "2923b90bb7365105"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 31 Oct 2023 17:11:32 GMT

GET
DATA 200
OK truncated
/ Frame 91B8 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3045c3edcdd198c247fa9fcd857e86de21b6245c9d60b4de84691c6a51f98d7d

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 uk.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 91B8 3 KB
3 KB 191ms
78ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/uk.png

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3877a009c29d6544113f27118f4d44385da6d6703ff8d53ed031e6da71825888

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 04:10:06 GMT
x-content-type-options: nosniff
server: cafe
age: 73022
etag: 14587847488922671356
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3073
x-xss-protection: 0
expires: Tue, 01 Nov 2022 04:10:06 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 91B8 344 B
368 B 193ms
80ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 04:10:05 GMT
x-content-type-options: nosniff
server: cafe
age: 73023
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Tue, 01 Nov 2022 04:10:05 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/6519882007862690039/ Frame 91B8 5 KB
5 KB 218ms
106ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6519882007862690039/downsize_200k_v1?sqp=4sqPyQSWAUKTAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhoIqAIQmwEYASABLQAAAD8wqAI4mwFFAACAPw&rs=AOga4qnZ0eBOEOAfNPwvye7J8vzQcQF2lg

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3bb34dd987c304c3a34018db4c26b9cc33b81f151380e0dfd3cf76fdd5682c45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:08 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5218
x-xss-protection: 0
last-modified: Mon, 26 Sep 2022 12:27:23 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 01 Nov 2023 00:27:08 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 91B8 0
0 100ms
99ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CHRIK22dgY67HMtig9u8P7JKjkAGYtvzRbKC9zMnwEJWL9OCyNhABIP3_hSNglQKgAezAo4kDyAEGqQKZxuqNUJGwPuACAKgDAcgDCqoE4AFP0DnUGE31_rkO2ps0TJZvchPQJGsmRQDCqAgjU9oRftgx43QFl5OrtusklpRjLl1iHrmmAONUwrUhVV42ZZqORVuTukPPusxVTRSVB-C1tyswDmJbzgovAXOR-POLtU9HW9iC2SlOcF9H0R0mM88Hq_Hb4_ar3SgTCUcdqKBNbKj7OxGcGKUAZUtBGXH81hVwnasD6V1xVH838mhNl7mnxwvJ8qepd19E-7HWVC09DK-FZasD8MABHsp5UqKdfsRUtD9JXlLoEurXG0oAjHbXdYtBhBzT7TPrklYxAX3EtMAE55vsvJEE4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBjeAB_y-3HaoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCL6wnSCBEIgOGAEBABGB0yAqoCOgKAQIAKA8gLAdgTDdAVAZgWAYAXAbIXHgocCAASFHB1Yi05MTM4MjQ3NjUzNzU0NTMzGNXbFg&sigh=uv2UsMlt4-I&uach_m=[UACH]&template_id=492
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 204 l
www.google.com/ads/measurement/ Frame 91B8 0
0 62ms
62ms Image
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTBGT09ZGcBJ2K2N4wDfIQlz383GD3GVDWQq9slkJOGpcnq_9NhBIeD9VZ4TgG4OPLONsQ13yMEy4G9dHdeK0vpWdvDbQ
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012210191347000/ Frame 5102 221 KB
60 KB 254ms
148ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012210191347000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a79519048901b32cc426ca69b2e305b5644bcd0373f21995c27d19997e627c04

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 31 Oct 2022 17:11:32 GMT
age: 26136
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61564
x-xss-protection: 0
server: sffe
etag: "84cdcac007f64412"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 31 Oct 2023 17:11:32 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012210191347000/v0/ Frame 5102 14 KB
5 KB 220ms
219ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012210191347000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f453198755f824befcfa757be6d917efd740f6c19270fbe4f8d98353517f8dc8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 31 Oct 2022 17:11:32 GMT
age: 26136
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5198
x-xss-protection: 0
server: sffe
etag: "aeb1502543fb438c"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 31 Oct 2023 17:11:32 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012210191347000/v0/ Frame 5102 94 KB
28 KB 222ms
221ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012210191347000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ffc33071954215c38304ae191ecb45e2c03e1e7f40e758dd2f944889b92e5f76

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 31 Oct 2022 17:11:32 GMT
age: 26136
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28845
x-xss-protection: 0
server: sffe
etag: "fdb7364f8f067758"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 31 Oct 2023 17:11:32 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012210191347000/v0/ Frame 5102 5 KB
2 KB 231ms
230ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012210191347000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bfdcc3eaa2c1649211030b5caa1e03a40a1299dc5fac7ca8d57144d56fb9afc5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 31 Oct 2022 17:11:32 GMT
age: 26136
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1912
x-xss-protection: 0
server: sffe
etag: "9f4a70ec77acc0d1"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 31 Oct 2023 17:11:32 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012210191347000/v0/ Frame 5102 40 KB
13 KB 231ms
231ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012210191347000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e9ab8899832043bf5aa1f2c07cc6222bbf3dd450c4311bbbae045c37e8eb420

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 31 Oct 2022 17:11:32 GMT
age: 26136
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12946
x-xss-protection: 0
server: sffe
etag: "2923b90bb7365105"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 31 Oct 2023 17:11:32 GMT

GET
H3 200 uk.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 5102 3 KB
3 KB 156ms
54ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/uk.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3877a009c29d6544113f27118f4d44385da6d6703ff8d53ed031e6da71825888

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 04:10:06 GMT
x-content-type-options: nosniff
server: cafe
age: 73022
etag: 14587847488922671356
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3073
x-xss-protection: 0
expires: Tue, 01 Nov 2022 04:10:06 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 5102 344 B
368 B 157ms
54ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 04:10:05 GMT
x-content-type-options: nosniff
server: cafe
age: 73023
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Tue, 01 Nov 2022 04:10:05 GMT

GET
DATA 200
OK truncated
/ Frame 5102 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cae0888d182090cd46aea1e1aeab2cbac4c17498c4991b7a7a844e782de4bd69

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 12618499531751353883
tpc.googlesyndication.com/simgad/ Frame 5102 33 KB
33 KB 158ms
58ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12618499531751353883?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qmKGNjwurw_q76NiARk2P_b4c4DCQ

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06ae86bad7a5dc6524f96287659be74b4fc8cd5e6ecf401f3a9fcce0851b0432

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 23:27:57 GMT
x-content-type-options: nosniff
age: 3551
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33968
x-xss-protection: 0
last-modified: Wed, 26 Oct 2022 08:12:52 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 31 Oct 2023 23:27:57 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 5102 0
0 62ms
61ms Image
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQfEdtmxjv0pDCChno_e8QTbaRA2FjWUYUyQf-mCxlSlNvDmKesASKSXk_a3esukgCGiSwpb27D-MKtOKp02WHNd90wkg
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 5102 0
0 123ms
123ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C-dJN22dgY6_HMtig9u8P7JKjkAHE9svAbNKF4fiCEI_xktT0MhABIP3_hSNglQKgAcW5ruADyAEC4AIAqAMByAMIqgTjAU_QVvIEQ0T-Oo-Jkx2dzLo06h_rKNtH4KYwyiT8JOjSQeEtYb7LJfMRq1H42IcF5gBIduy2ucXXigaRcS0gcY-y6HP9P4JK8ueGZxjV1siK5laHhxA0vw78Juft82WUfHg7Sl-y9AWSHovm0PJe_8LoZL8G2VaSKrDnOlBlJDvkP2Je453RObOnJQmcxs2w4whPYPjfuGCt9omf2D3SMlvfH1S7K6s9CP8ZRHjG3x7x-KseX09fNwhq6QewR45KkjzRJGGRQTetPEcqPVLy85XG3J0bf2WwdGkdDDizoek3GmLSwAShjdepmwTgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGAoAHyu74XqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEMTYAtIIEQiA4YAQEAEYHTICqgI6AoBAgAoDyAsB2BMN0BUBgBcBshceChwIABIUcHViLTkxMzgyNDc2NTM3NTQ1MzMY1dsW&sigh=YqMCnYofz8A&uach_m=[UACH]
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012210191347000/ Frame 03F5 221 KB
60 KB 271ms
175ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012210191347000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a79519048901b32cc426ca69b2e305b5644bcd0373f21995c27d19997e627c04

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 31 Oct 2022 17:11:32 GMT
age: 26136
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61564
x-xss-protection: 0
server: sffe
etag: "84cdcac007f64412"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 31 Oct 2023 17:11:32 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012210191347000/v0/ Frame 03F5 14 KB
5 KB 235ms
234ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012210191347000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f453198755f824befcfa757be6d917efd740f6c19270fbe4f8d98353517f8dc8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 31 Oct 2022 17:11:32 GMT
age: 26136
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5198
x-xss-protection: 0
server: sffe
etag: "aeb1502543fb438c"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 31 Oct 2023 17:11:32 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012210191347000/v0/ Frame 03F5 94 KB
28 KB 236ms
235ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012210191347000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ffc33071954215c38304ae191ecb45e2c03e1e7f40e758dd2f944889b92e5f76

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 31 Oct 2022 17:11:32 GMT
age: 26136
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28845
x-xss-protection: 0
server: sffe
etag: "fdb7364f8f067758"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 31 Oct 2023 17:11:32 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012210191347000/v0/ Frame 03F5 5 KB
2 KB 244ms
243ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012210191347000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bfdcc3eaa2c1649211030b5caa1e03a40a1299dc5fac7ca8d57144d56fb9afc5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 31 Oct 2022 17:11:32 GMT
age: 26136
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1912
x-xss-protection: 0
server: sffe
etag: "9f4a70ec77acc0d1"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 31 Oct 2023 17:11:32 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012210191347000/v0/ Frame 03F5 40 KB
13 KB 245ms
244ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012210191347000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e9ab8899832043bf5aa1f2c07cc6222bbf3dd450c4311bbbae045c37e8eb420

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 31 Oct 2022 17:11:32 GMT
age: 26136
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12946
x-xss-protection: 0
server: sffe
etag: "2923b90bb7365105"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 31 Oct 2023 17:11:32 GMT

GET
H3 200 uk.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 03F5 3 KB
3 KB 175ms
81ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/uk.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3877a009c29d6544113f27118f4d44385da6d6703ff8d53ed031e6da71825888

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 04:10:06 GMT
x-content-type-options: nosniff
server: cafe
age: 73022
etag: 14587847488922671356
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3073
x-xss-protection: 0
expires: Tue, 01 Nov 2022 04:10:06 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 03F5 344 B
368 B 175ms
81ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 04:10:05 GMT
x-content-type-options: nosniff
server: cafe
age: 73023
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Tue, 01 Nov 2022 04:10:05 GMT

GET
DATA 200
OK truncated
/ Frame 03F5 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e8c363c65f00f76d85000739582e951ff475d3a8c8762627ef6021a8bdb84fd0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 5432323396964976555
tpc.googlesyndication.com/simgad/ Frame 03F5 24 KB
24 KB 334ms
241ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5432323396964976555?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qkV97Np1Fl-WxslWUJH8DzB8nXeuw

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6401d27645c0348bb7e42ce0efbafd5a060a2e1c8d03cb8640c687406de56379

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:08 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24695
x-xss-protection: 0
last-modified: Wed, 26 Oct 2022 08:12:56 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 01 Nov 2023 00:27:08 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 03F5 0
0 255ms
255ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CuCb822dgY7LHMtig9u8P7JKjkAHE9svAbKKG4fiCEI_xktT0MhABIP3_hSNglQKgAcW5ruADyAEC4AIAqAMByAMIqgThAU_Qp9s2PIAId-2dvRcNgWMKStxY9J08ZY21RMEPyETJm3w-RJXNyGF6eKGD5zW9bcZ_6kLj4vS4s_S9FI9QmW3g-uMbdtta0E1Zmxm251XxtaQq5k0JG-7UPjt5BKMM_x5QNY51zNLbI9R0gX7tvDi347npV0SjOvUB83GlMprP8bXDs6j3aj9AyuBEblYKvHlzhwihVEUKq_p2iHDOTTctascJuFHhN5hZoRyt9vmgXSmRxywx7q-RhTghI__HiXYsfMlakudllexLUHTSQOM8ZsXDz0Ak15uu-TSE01UVW8AEoY3XqZsE4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBgKAB8ru-F6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDYhznSCBEIgOGAEBABGB0yAqoCOgKAQIAKA8gLAdgTDdAVAYAXAbIXHgocCAASFHB1Yi05MTM4MjQ3NjUzNzU0NTMzGNXbFg&sigh=rdYAtKNIcbc&uach_m=[UACH]
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 0DC5
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESENxHdOJ5g7l_PwJlIc1Xa4U&google_cver=1&google_push=AZmPxg8_3tKeU-vqd0PAygNb-_20VyamRo5imPasWwfXNoO9WULqllvHZ8DOb4AIo5DA0-indocwZdaVF3uUA0n2TkkOOMq9QbkPI...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENxHdOJ5g7l_PwJlIc1Xa4U&google_cver=1&google_push=AZmPxg8_3tKeU-vqd0PAygNb-_20VyamRo5imPasWwfXNoO9WULqllvHZ8DOb4AIo5DA0-indocwZdaVF3uUA0n2TkkOOMq9Qbk...

43 B
416 B

200ms
188ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENxHdOJ5g7l_PwJlIc1Xa4U&google_cver=1&google_push=AZmPxg8_3tKeU-vqd0PAygNb-_20VyamRo5imPasWwfXNoO9WULqllvHZ8DOb4AIo5DA0-indocwZdaVF3uUA0n2TkkOOMq9QbkPIw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg8_3tKeU-vqd0PAygNb-_20VyamRo5imPasWwfXNoO9WULqllvHZ8DOb4AIo5DA0-indocwZdaVF3uUA0n2TkkOOMq9QbkPIw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Nov 2022 00:27:08 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 763080c2cfbddd84-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 01 Nov 2022 00:27:08 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 2700
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENxHdOJ5g7l_PwJlIc1Xa4U&google_cver=1&google_push=AZmPxg8_3tKeU-vqd0PAygNb-_20VyamRo5imPasWwfXNoO9WULqllvHZ8DOb4AIo5DA0-indocwZdaVF3uUA0n2TkkOOMq9QbkPIw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg8_3tKeU-vqd0PAygNb-_20VyamRo5imPasWwfXNoO9WULqllvHZ8DOb4AIo5DA0-indocwZdaVF3uUA0n2TkkOOMq9QbkPIw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 763080c16e76dd84-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 0DC5
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEPQmBy8aW1NIy5TqMHs2Hdg&google_cver=1&google_push=AZmPxg8lRF1Io4UvOWKvTFuxzGp13WPUyHdjTNGGk0cDQvFDmbZVhlUkxXCM_KpoqttNWDr-10oJfahaC3tzpClzq6_2e4COF-0VnA
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=3940C19166EF48EFB4C2388CC09A2372&google_push=AZmPxg8lRF1Io4UvOWKvTFuxzGp13WPUyHdjTNGGk0cDQvFDmbZVhlUkxXCM_KpoqttNWDr-10oJfahaC3tzpCl...

170 B
232 B

64ms
63ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=3940C19166EF48EFB4C2388CC09A2372&google_push=AZmPxg8lRF1Io4UvOWKvTFuxzGp13WPUyHdjTNGGk0cDQvFDmbZVhlUkxXCM_KpoqttNWDr-10oJfahaC3tzpClzq6_2e4COF-0VnA

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Nov 2022 00:27:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 01 Nov 2022 00:27:08 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=3940C19166EF48EFB4C2388CC09A2372&google_push=AZmPxg8lRF1Io4UvOWKvTFuxzGp13WPUyHdjTNGGk0cDQvFDmbZVhlUkxXCM_KpoqttNWDr-10oJfahaC3tzpClzq6_2e4COF-0VnA
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 31 Oct 2022 00:27:08 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0DC5
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEBC3ZhOcFTZiZ7w5N6MK5AE&google_cver=1&google_push=AZmPxg-LHWUKwilnJrGoT3-av6DxZyjM5k-GVWloSsQ-LKrkeIoLMkW6TXSYP8xZ1g2ryouqxLrL84jVt7Y8Kx4RYy37...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEBC3ZhOcFTZiZ7w5N6MK5AE&google_cver=1&google_push=AZmPxg-LHWUKwilnJrGoT3-av6DxZyjM5k-GVWloSsQ-LKrkeIoLMkW6TXSYP8xZ1g2ryouqxLrL84jVt7Y8Kx...
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=5c20d163-e387-4022-88cd-18eddc027341
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=5c20d163-e387-4022-88cd-18eddc027341
https://x.bidswitch.net/sync?dsp_id=4&user_id=9149a057-df59-456e-b70f-46038b45f18b&ssp=google&expires=30&user_group=5&bsw_param=5c20d163-e387-4022-88cd-18eddc027341
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AZmPxg-LHWUKwilnJrGoT3-av6DxZyjM5k-GVWloSsQ-LKrkeIoLMkW6TXSYP8xZ1g2ryouqxLrL84jVt7Y8Kx4RYy37MEhnWLxxqQ&google_hm=XCDRY-OHQCKIzRjt3AJzQQ==

170 B
188 B

65ms
64ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AZmPxg-LHWUKwilnJrGoT3-av6DxZyjM5k-GVWloSsQ-LKrkeIoLMkW6TXSYP8xZ1g2ryouqxLrL84jVt7Y8Kx4RYy37MEhnWLxxqQ&google_hm=XCDRY-OHQCKIzRjt3AJzQQ==

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Nov 2022 00:27:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AZmPxg-LHWUKwilnJrGoT3-av6DxZyjM5k-GVWloSsQ-LKrkeIoLMkW6TXSYP8xZ1g2ryouqxLrL84jVt7Y8Kx4RYy37MEhnWLxxqQ&google_hm=XCDRY-OHQCKIzRjt3AJzQQ==
Date: Tue, 01 Nov 2022 00:27:09 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2 200 dds
rtb.openx.net/sync/ Frame 0DC5 43 B
351 B 193ms
62ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEHLOUKxz5geH0jAnL2-28ko&google_cver=1&google_push=AZmPxg-qIK8XyglvPJCcr0BofE6CiyqATX8lK8G-DFik4m87h-zBeXQNv5iq3fJbKCzV1TT-fHzDIjzDMvcjKs7Vhb_XKP1s97rAEg
Requested by: Host: 05bba7976c30603a03eda28442e0f28c.safeframe.googlesyndication.com
URL: https://05bba7976c30603a03eda28442e0f28c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Nov 2022 00:27:07 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 9ks9l15kh1cf2kptdup44i5mh6b0dogj

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 0DC5
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEKnIMwksKYPBi52-bZkShro&google_cver=1&google_push=AZmPxg88hl41vDlz76FlO1gvsuHGqnx_6FDuJiOBeQR1fjg83u80gmuEnNzSdA_KsOah_WohRxF3Kugds0sn...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg88hl41vDlz76FlO1gvsuHGqnx_6FDuJiOBeQR1fjg83u80gmuEnNzSdA_KsOah_WohRxF3Kugds0snvJuXUOCBUPbE36UhXA

170 B
329 B

147ms
73ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg88hl41vDlz76FlO1gvsuHGqnx_6FDuJiOBeQR1fjg83u80gmuEnNzSdA_KsOah_WohRxF3Kugds0snvJuXUOCBUPbE36UhXA

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Nov 2022 00:27:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg88hl41vDlz76FlO1gvsuHGqnx_6FDuJiOBeQR1fjg83u80gmuEnNzSdA_KsOah_WohRxF3Kugds0snvJuXUOCBUPbE36UhXA
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0DC5
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEOjfS9FBwrrh22pWRuAS0Wg&google_cver=1&google_push=AZmPxg-PZ1tq5cOY2dM2pzzj0iQcphEV0h4l_OsCd_qqtcttwDYQad-4VcEkUifxJoLhR62ABB...
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEOjfS9FBwrrh22pWRuAS0Wg&google_cver=1&google_push=AZmPxg-PZ1tq5cOY2dM2pzzj0iQcphEV0h4l_OsCd_qqtcttwDYQad-4VcEkUifxJoLhR62ABB...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1MT0FPTDlGRTJ1R28uREkzXzBzR25rd0gwcEhtQ2RlMH5B&google_push=AZmPxg-PZ1tq5cOY2dM2pzzj0iQcphEV0h4l_OsCd_qqtcttwDYQad-4V...

170 B
188 B

174ms
64ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1MT0FPTDlGRTJ1R28uREkzXzBzR25rd0gwcEhtQ2RlMH5B&google_push=AZmPxg-PZ1tq5cOY2dM2pzzj0iQcphEV0h4l_OsCd_qqtcttwDYQad-4VcEkUifxJoLhR62ABB4vGNPLPY-4eeX9PptwIkzuAkgQpdY

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Nov 2022 00:27:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1MT0FPTDlGRTJ1R28uREkzXzBzR25rd0gwcEhtQ2RlMH5B&google_push=AZmPxg-PZ1tq5cOY2dM2pzzj0iQcphEV0h4l_OsCd_qqtcttwDYQad-4VcEkUifxJoLhR62ABB4vGNPLPY-4eeX9PptwIkzuAkgQpdY
date: Tue, 01 Nov 2022 00:27:08 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

report
sync.teads.tv/um/ Frame 0DC5
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESECj8Kil4cpgl8vo9XXugXo0&google_cver=1&google_p...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AZmPxg-5HT5IezY2TpaVTixtLT7U98nH9SBpJp60tK5Oo5Jq513Oedz_R4GJch29Z_uuknfZhneoqHY-qb0tyxduJnYnX7qf-hQ1Vw
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
172 B

142ms
142ms

Image
image/gif

184.24.1.49
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Server: 184.24.1.49 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-1-49.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires: Tue, 01 Nov 2022 00:27:08 GMT
pragma: no-cache
date: Tue, 01 Nov 2022 00:27:08 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 01 Nov 2022 00:27:08 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 0DC5 0
232 B 196ms
61ms Image
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LJv_rKSOW73d6bZZqMrvISwgqLREIqzPl8HnKmdy5komcgMB32lOOK85VsDJICIFSvCI-Xjto

Requested by

Host: 05bba7976c30603a03eda28442e0f28c.safeframe.googlesyndication.com
URL: https://05bba7976c30603a03eda28442e0f28c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:08 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 yBpsGyrbw-0ekNfFbDofVV3UtCeaMQwd_FuZQ5DuPuw.js Show response
pagead2.googlesyndication.com/bg/ Frame 656D 36 KB
16 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/yBpsGyrbw-0ekNfFbDofVV3UtCeaMQwd_FuZQ5DuPuw.js

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c81a6c1b2adbc3ed1e90d7c56c3a1f555dd4b4279a310c1dfc5b994390ee3eec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://05bba7976c30603a03eda28442e0f28c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 21:51:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 95755
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15878
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 30 Oct 2023 21:51:13 GMT

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 91B8
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

63ms
63ms

Image
text/html

2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H3
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

date: Tue, 01 Nov 2022 00:27:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK / Show response
api.1plus1.video/home/vmap/ Frame 56BE 750 B
1 KB 101ms
101ms XHR
application/xml 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.1plus1.video/home/vmap/?s=1plus1.ua&r=YUhSMGNITTZMeTh4Y0d4MWN6RXVkV0V2&w=665&h=400&c=E2fzXbha&d=web&p1v=0&pid=128902
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.542.0_uk.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: 1ed9035f270ae78977114c29fe35e4c33ef453f8893b553e64cd02ad18e7940d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 01 Nov 2022 00:27:08 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/xml
Access-Control-Allow-Origin: https://imasdk.googleapis.com
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 5102
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

64ms
64ms

Image
text/html

2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H3
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

date: Tue, 01 Nov 2022 00:27:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 03F5
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

72ms
72ms

Image
text/html

2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H3
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

date: Tue, 01 Nov 2022 00:27:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

POST
H/1.1 204
No Content multitracking Show response
ghb.adtelligent.com/adunit/ 0
220 B 89ms
89ms XHR
text/plain 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/adunit/multitracking
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19297/hbw_master_298309_4139.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://1plus1.ua
Date: Tue, 01 Nov 2022 00:27:08 GMT
Access-Control-Allow-Credentials: true
Server: Adtelligent
Connection: Keep-Alive
X-Robots-Tag: noindex

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ 87 KB
28 KB 228ms
113ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19297/hb_298309_4139.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:09 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 29 Dec 2021 12:30:46 GMT
server: nginx
etag: W/"61cc54f6-15c19"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 02 Nov 2022 00:27:09 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 89 KB
29 KB 169ms
58ms XHR
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:09 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Mon, 24 Oct 2022 11:21:19 GMT
server: nginx
etag: W/"6356752f-16294"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 02 Nov 2022 00:27:09 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 175ms
67ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221027&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

315da2840ab7403b9840cbf6708da13d2a9058cfc21e791b30cf514d6cb0aab4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11215
x-xss-protection: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 59DC 15 KB
6 KB 170ms
57ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=1plus1.ua

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e00397129d5c9f4de2565731d60bc0120d1fe4dc78bf0b5cc9ea8c6571e27052

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://1plus1.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 01 Nov 2022 00:27:08 GMT
server: Kestrel
server-processing-duration-in-ticks: 726519
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 52e43f15d2888e2bea1a412d1f3df3f4_755x500.jpg
images.1plus1.ua/uploads/gallery/000/861/427/ 34 KB
34 KB 81ms
81ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/gallery/000/861/427/52e43f15d2888e2bea1a412d1f3df3f4_755x500.jpg?v=1645557790
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/build/js/app.js?id=ff35a9d53833cf45c98e
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 1a1cbd003f02f0c1712e6de047260a8897034a6966acd5cccf3472fd1637ffb3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:09 GMT
last-modified: Tue, 22 Feb 2022 19:23:10 GMT
server: nginx
etag: "83a5e65aa6e0b9abe0e1d35df7ad25b8"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 35041
x-1p1-cdn: HIT; Mon, 31 Oct 2022 23:28:14 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 240de918a00b0e609c0e7b5c81bbf561_755x500.jpg
images.1plus1.ua/uploads/gallery/001/079/440/ 47 KB
47 KB 140ms
140ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/gallery/001/079/440/240de918a00b0e609c0e7b5c81bbf561_755x500.jpg?v=1661864391
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/build/js/app.js?id=ff35a9d53833cf45c98e
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: cde44a1b2c04c5994bfc3e877d8ddc4ab44760347955af9c8fd370b10bea35a0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:09 GMT
last-modified: Wed, 24 Aug 2022 13:50:30 GMT
server: nginx
etag: "9744b481d651c3f3984cba0f7a3e6af8"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 48053
x-1p1-cdn: HIT; Mon, 31 Oct 2022 23:28:14 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK E2fzXbha Show response
1plus1.video/video/embed/ Frame 766D 11 KB
6 KB 110ms
109ms Document
text/html 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://1plus1.video/video/embed/E2fzXbha?autoplay=0&l=ua
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: a3443ff608e32e10bea29f0c04c3dae44e3b50bd0315443afe1176d804e54b99

Request headers

Referer: https://1plus1.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Tue, 01 Nov 2022 00:27:09 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=15
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H/1.1 200
OK ovva.0.3.0.css
1plus1.video/static/player/css/ Frame 766D 171 KB
26 KB 82ms
82ms Stylesheet
text/css 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://1plus1.video/static/player/css/ovva.0.3.0.css?v=704f1bf8100dcad41f29c14adca06bf8df2c5c76
Requested by: Host: 1plus1.video
URL: https://1plus1.video/video/embed/E2fzXbha?autoplay=0&l=ua
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: 3dac64a94fcc4eae3c54f1f12824e9b82bebbec1acb3cb8b908f4ecc1f90e578

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/video/embed/E2fzXbha?autoplay=0&l=ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 01 Nov 2022 00:27:09 GMT
Content-Encoding: gzip
Last-Modified: Mon, 29 Nov 2021 13:05:56 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Thu, 01 Dec 2022 00:26:09 GMT

GET
H/1.1 200
OK ovva.0.3.0.js Show response
1plus1.video/static/player/js/ Frame 766D 198 KB
69 KB 81ms
81ms Script
application/javascript 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=704f1bf8100dcad41f29c14adca06bf8df2c5c76
Requested by: Host: 1plus1.video
URL: https://1plus1.video/video/embed/E2fzXbha?autoplay=0&l=ua
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: 517d4417f1918881abb8b87e7be918ca95b9eb50de3a5ef4a46e2e39626aba7b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/video/embed/E2fzXbha?autoplay=0&l=ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 01 Nov 2022 00:27:09 GMT
Content-Encoding: gzip
Last-Modified: Wed, 12 Jan 2022 10:03:07 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Thu, 01 Dec 2022 00:22:54 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 766D 109 KB
43 KB 63ms
62ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-104502981-1

Requested by

Host: 1plus1.video
URL: https://1plus1.video/video/embed/E2fzXbha?autoplay=0&l=ua

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f53feedb2f21ec38d741e5ffab6eca3c084c873770783a69c6735bdde144e2ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43655
x-xss-protection: 0
last-modified: Tue, 01 Nov 2022 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 01 Nov 2022 00:27:09 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 91B8 42 B
64 B 97ms
97ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst2InuwFVVrirJbFduAYnjiJ-yEA6xwTdMAZWL83ESRslRZG6G-viMCKPkXLaavr9Sj4ovafQkT_23_v7kH9KCq55IkfO6Jl27059T5ETGCLVp1l2sfSZtTFh_-zoILXts8hqHvVQ&sai=AMfl-YRVDO-v6dCdscjbPGPYlzEAfEZ4MlabLS2ZwNmrIYTe2W1gEGIAJn_yRuX079UbccREqmEA7IjAzQVVKgMwuRsVS7j15bheEmDY9W2yO0MtpLXOsjBmKLnK6GKc3go&sig=Cg0ArKJSzBRxq9o8N54qEAE&cid=CAASF-Rortjs4BKJDseCNdCACDeedm3dIQfI&id=ampim&o=299,640&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=442&tls=1442&g=100&h=100&tt=1442&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Nov 2022 00:27:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 59DC
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=1plus1.ua&sn=ChromeSyncframe&so=0&topUrl=1plus1.ua&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=NdplynxSN3NETnIxcHFESUxlOXBIYi9tZmQvV1pCbGdTNDk1MkZkN1NQa0RCSFBEZnRtaTdjTDBvb2VRRVBFRUFSUHRwYkdjM1ZHL1V0THd1ck9lVGlNT3NYZXJscE9nNWJtSEtqWG1YV2hCTGphdjl4dGhQcExkdm1jS3...

428 B
655 B

236ms
73ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=NdplynxSN3NETnIxcHFESUxlOXBIYi9tZmQvV1pCbGdTNDk1MkZkN1NQa0RCSFBEZnRtaTdjTDBvb2VRRVBFRUFSUHRwYkdjM1ZHL1V0THd1ck9lVGlNT3NYZXJscE9nNWJtSEtqWG1YV2hCTGphdjl4dGhQcExkdm1jS3hPM1g4bGpxcEVFdldtd0hQZWhXcDFRMXRSY0FiL0N3ckRCcWJjZzdsVXRNd1N1enAwSWFjUVlMeUJ0U0tESDMyQy9BamhtLzdvRlArZEp6RS9ERmlXY0xjZ0NWV0Q1Qmkxd1c4bEhBUVE4L1pOKzBKNytiMnUzckUwVmpVcXNJalMrOFE1RDVybEUxZXVSRGFPNXV2Q05ieXlZRzFUdz09fA&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

ebadb20d2f480292f75c3613bc914042dd12df120b13e19ad7d2e609132de39a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Nov 2022 00:27:09 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2165251
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 01 Nov 2022 00:27:08 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=NdplynxSN3NETnIxcHFESUxlOXBIYi9tZmQvV1pCbGdTNDk1MkZkN1NQa0RCSFBEZnRtaTdjTDBvb2VRRVBFRUFSUHRwYkdjM1ZHL1V0THd1ck9lVGlNT3NYZXJscE9nNWJtSEtqWG1YV2hCTGphdjl4dGhQcExkdm1jS3hPM1g4bGpxcEVFdldtd0hQZWhXcDFRMXRSY0FiL0N3ckRCcWJjZzdsVXRNd1N1enAwSWFjUVlMeUJ0U0tESDMyQy9BamhtLzdvRlArZEp6RS9ERmlXY0xjZ0NWV0Q1Qmkxd1c4bEhBUVE4L1pOKzBKNytiMnUzckUwVmpVcXNJalMrOFE1RDVybEUxZXVSRGFPNXV2Q05ieXlZRzFUdz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 523471
content-length: 0
expires: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 63ms
63ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 01 Nov 2022 00:27:09 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 03F5 42 B
64 B 94ms
94ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstunq1QObrExxjBNJLk3S4YSQAkN26UWCCxVssUyf8QS6_vGx-P0xu6hmqWbYuBOECfa274DraTXMarNvw9sHZCG0UbgQHIzXFfgqISGEsLdh-MQz6ND4dbzjR0V9OrsS0S9PHZzA&sai=AMfl-YQfmjp-uja9Vn0QrJTXRiIAWlFVBAA81UIFDseuK2iLSuKBA3ztSICP5DGZ--v8uic3KnEdLjjuIFebjl-DpYJdyazDCAV4V9Nwoj2imdjiVh1Sb0PQZl7SaPjmPM4&sig=Cg0ArKJSzO-mLlrektW9EAE&cid=CAASF-Ro2l6Nu3OCRNKM2u-6VYEvPA4SHRAe&id=ampim&o=80,1020&d=1440,180&ss=1600,1200&bs=1600,1200&mcvt=1006&mtos=0,0,0,1006,1006&tos=0,0,0,1006,0&tfs=436&tls=1442&g=100&h=100&tt=1442&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Nov 2022 00:27:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F5D6 13 KB
5 KB 54ms
53ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1plus1.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 13349
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 31 Oct 2022 20:44:40 GMT
expires: Tue, 31 Oct 2023 20:44:40 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F22C 783 B
536 B 64ms
64ms Document
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4bf7ec3937d22b8e1f0a81ec70f843f653e71c47761e5d985658cec1822c5bd8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-3RAa_39EtmKp5Sy4wkKZ2Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://1plus1.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-3RAa_39EtmKp5Sy4wkKZ2Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 01 Nov 2022 00:27:09 GMT
expires: Tue, 01 Nov 2022 00:27:09 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK l.js Show response
api.1plus1.video/u/ Frame 766D 898 B
2 KB 92ms
92ms Script
application/javascript 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.1plus1.video/u/l.js?p=128902&l=ua&f=0&auth=1&login_profile=1&_t=1667262429802
Requested by: Host: 1plus1.video
URL: https://1plus1.video/video/embed/E2fzXbha?autoplay=0&l=ua
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: 33f41dcbf7b4037aa1f9064f95b6b41fa153af40337995af3163e3513ada4e46

Request headers

Referer: https://1plus1.video/
Origin: https://1plus1.video
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 01 Nov 2022 00:27:09 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: https://1plus1.video
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame 766D 134 KB
50 KB 62ms
62ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WPC3Q76

Requested by

Host: 1plus1.video
URL: https://1plus1.video/video/embed/E2fzXbha?autoplay=0&l=ua

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8eb98d198a8d0cb71e679a6ef3d94333bb52a9a3e1d1299d53f04b1aead470b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51044
x-xss-protection: 0
last-modified: Tue, 01 Nov 2022 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 01 Nov 2022 00:27:09 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 766D 49 KB
20 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-104502981-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 31 Oct 2022 23:15:54 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 4275
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Tue, 01 Nov 2022 01:15:54 GMT

GET
H3 200 yBpsGyrbw-0ekNfFbDofVV3UtCeaMQwd_FuZQ5DuPuw.js Show response
pagead2.googlesyndication.com/bg/ Frame F5D6 36 KB
16 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/yBpsGyrbw-0ekNfFbDofVV3UtCeaMQwd_FuZQ5DuPuw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c81a6c1b2adbc3ed1e90d7c56c3a1f555dd4b4279a310c1dfc5b994390ee3eec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 21:51:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 95756
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15878
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 30 Oct 2023 21:51:13 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F22C 0
0 87ms
87ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221027&jk=1227449208457138&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H/1.1 200
OK api.auth.0.0.5.js Show response
api.1plus1.video/static/js/ Frame 766D 108 KB
33 KB 81ms
80ms Script
application/javascript 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.1plus1.video/static/js/api.auth.0.0.5.js?v=704f1bf8100dcad41f29c14adca06bf8df2c5c76
Requested by: Host: api.1plus1.video
URL: https://api.1plus1.video/u/l.js?p=128902&l=ua&f=0&auth=1&login_profile=1&_t=1667262429802
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: 792972a6b7f330144c0cf22b9c63f8efaff4665dfb2b43868d0cbbaff721d100

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 01 Nov 2022 00:27:09 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Apr 2022 11:58:30 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Thu, 01 Dec 2022 00:26:26 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame F5D6 0
10 B 53ms
53ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?mf34lg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:09 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H/1.1 200
OK api.auth.css
api.1plus1.video/static/css/ Frame 766D 56 KB
9 KB 82ms
82ms Stylesheet
text/css 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.1plus1.video/static/css/api.auth.css?_t468018270103
Requested by: Host: client
URL: about:client
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: a691ce0fb054d5f2128394b9ad9c5961d7c0cdc1804bc83d6760df78ee304d7f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 01 Nov 2022 00:27:10 GMT
Content-Encoding: gzip
Last-Modified: Tue, 13 Apr 2021 11:47:41 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Thu, 01 Dec 2022 00:27:10 GMT

GET
H3 200 api.js Show response
www.google.com/recaptcha/ Frame 766D 925 B
605 B 63ms
63ms Script
text/javascript 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=__api_auth_recaptcha_on_load__&render=explicit&hl=uk

Requested by

Host: api.1plus1.video
URL: https://api.1plus1.video/static/js/api.auth.0.0.5.js?v=704f1bf8100dcad41f29c14adca06bf8df2c5c76

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9ddf0ee067c1ada86d598fecb917f2725e2430d9104a013bd7cdc41956f499cf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 584
x-xss-protection: 1; mode=block
expires: Tue, 01 Nov 2022 00:27:10 GMT

GET
H3 200 recaptcha__uk.js Show response
www.gstatic.com/recaptcha/releases/NJPGLzpIZgjszqyOymHUP0XR/ Frame 766D 431 KB
162 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/NJPGLzpIZgjszqyOymHUP0XR/recaptcha__uk.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=__api_auth_recaptcha_on_load__&render=explicit&hl=uk

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed06e73814fadd7be93a06ef2280cc628f0925ae2b57ea90ea1454dccb3f2a71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1plus1.video/
Origin: https://1plus1.video
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 23:23:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3821
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 165650
x-xss-protection: 0
last-modified: Mon, 24 Oct 2022 04:01:21 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 31 Oct 2023 23:23:29 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 766D 5 KB
667 B 63ms
63ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700&subset=cyrillic-ext,latin-ext

Requested by

Host: api.1plus1.video
URL: https://api.1plus1.video/static/css/api.auth.css?_t468018270103

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

910612fc65208677f4e2fff60558e0f1949138a3696402a17ed5582efe0d2649

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://api.1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 01 Nov 2022 00:27:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 31 Oct 2022 22:36:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 01 Nov 2022 00:27:10 GMT

GET
H/1.1 200
OK hls.light.min.js Show response
1plus1.video/static/player/js/ Frame 766D 153 KB
53 KB 81ms
81ms Script
application/javascript 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://1plus1.video/static/player/js/hls.light.min.js
Requested by: Host: 1plus1.video
URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=704f1bf8100dcad41f29c14adca06bf8df2c5c76
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: bd9072da49e87b2c3688527532eb51a54a6886366915be497e4e2de0c83e5859

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/video/embed/E2fzXbha?autoplay=0&l=ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 01 Nov 2022 00:27:10 GMT
Content-Encoding: gzip
Last-Modified: Tue, 05 Mar 2019 13:06:09 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Thu, 01 Dec 2022 00:22:22 GMT

GET
H2 200 92d3195f325a4d45ee303ab9d892d5b3.custom.jpg
images.1plus1.video/card-5/E2fzXbha/ Frame 766D 475 KB
476 KB 91ms
90ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/card-5/E2fzXbha/92d3195f325a4d45ee303ab9d892d5b3.custom.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: bc612c0463c547f2d209aebf6d513fe30242194a0c14739ac81495248c0c4d66

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:10 GMT
last-modified: Tue, 15 Jun 2021 14:24:37 GMT
server: nginx
etag: "c7be8b09dd21bd3fc4aad93543f193e6"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 486113
x-1p1-cdn: BYPASS; Tue, 01 Nov 2022 00:27:10 GMT
expires: Tue, 08 Nov 2022 00:27:10 GMT

GET
DATA 200
OK truncated
/ Frame 766D 369 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5f9ecc527406b9b72bc3a9f4527892dcf842584b7e6aeb7ce816a4c7c8803954

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
fonts.gstatic.com/s/opensans/v34/ Frame 766D 26 KB
26 KB 186ms
77ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700&subset=cyrillic-ext,latin-ext

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59bd288e64c57e034672999e33ebda6eb5ad1575945eb563dbfb5b44f226e1e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://1plus1.video
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 19:00:18 GMT
x-content-type-options: nosniff
age: 19612
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26240
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:14:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Oct 2023 19:00:18 GMT

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ Frame 766D 44 KB
44 KB 162ms
54ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700&subset=cyrillic-ext,latin-ext

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://1plus1.video
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 18:50:24 GMT
x-content-type-options: nosniff
age: 20206
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Oct 2023 18:50:24 GMT

GET
H2 200 gplayer.js Show response
gaua.hit.gemius.pl/ Frame 766D 22 KB
6 KB 77ms
77ms Script
application/x-javascript 54.37.238.28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/gplayer.js
Requested by: Host: 1plus1.video
URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=704f1bf8100dcad41f29c14adca06bf8df2c5c76
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.37.238.28 , Poland, ASN16276 (OVH, FR),
Reverse DNS: ip28.ip-54-37-238.eu
Software: GHC /
Resource Hash: 04cce6955ada56b8cb7ddf75ad86e59ef6ae2137c25bf04bcfa210434ed723fa

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:10 GMT
content-encoding: gzip
last-modified: Fri, 30 Sep 2022 13:21:50 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: max-age=43200
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 6043
expires: Tue, 01 Nov 2022 12:27:10 GMT

GET
H/1.1 200
OK 128902 Show response
api.1plus1.video/v2/ua/recommendation_projects/ Frame 766D 1 KB
1 KB 104ms
104ms XHR
application/json 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.1plus1.video/v2/ua/recommendation_projects/128902?cid=E2fzXbha&vct=3&_t1122536972851
Requested by: Host: 1plus1.video
URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=704f1bf8100dcad41f29c14adca06bf8df2c5c76
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: 800063ee7d4e13b8bd4b91f64d0a7a40d27ecb3a241de8b946265edec0f14a7a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 01 Nov 2022 00:27:10 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://1plus1.video
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 gemiuslib.js Show response
gaua.hit.gemius.pl/ Frame 766D 57 KB
15 KB 79ms
78ms Script
application/x-javascript 54.37.238.28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/gemiuslib.js
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/gplayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.37.238.28 , Poland, ASN16276 (OVH, FR),
Reverse DNS: ip28.ip-54-37-238.eu
Software: GHC /
Resource Hash: 884fbe47181d1a3dfb98a437776de4a42eb76d4ef1686b05d8642c8189caf6ad

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:10 GMT
content-encoding: gzip
last-modified: Fri, 30 Sep 2022 13:21:50 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: max-age=43200
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 15451
expires: Tue, 01 Nov 2022 12:27:10 GMT

GET
H/1.1 200
OK api.chat.0.0.1.js Show response
api.1plus1.video/static/js/ Frame 766D 33 KB
13 KB 81ms
81ms Script
application/javascript 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.1plus1.video/static/js/api.chat.0.0.1.js
Requested by: Host: 1plus1.video
URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=704f1bf8100dcad41f29c14adca06bf8df2c5c76
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: e2b2134adf52398755a5e6428ee95f6a6f99db6b82530f2b3e964c5be470cfe0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 01 Nov 2022 00:27:10 GMT
Content-Encoding: gzip
Last-Modified: Wed, 23 Feb 2022 14:15:45 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Thu, 01 Dec 2022 00:22:49 GMT

GET
H3 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 766D 370 KB
124 KB 69ms
69ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: 1plus1.video
URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=704f1bf8100dcad41f29c14adca06bf8df2c5c76

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab659f3b8c832932b95844fe1945e22b637f9650ed46c1713dc23af760d99b83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126790
x-xss-protection: 0
expires: Tue, 01 Nov 2022 00:27:10 GMT

GET
H2 200 580fc007f314b6c7a87ec2f320914a1a.220x330.jpg
images.1plus1.video/playlist-1/5589/ Frame 766D 82 KB
83 KB 118ms
116ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/5589/580fc007f314b6c7a87ec2f320914a1a.220x330.jpg
Requested by: Host: 1plus1.video
URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=704f1bf8100dcad41f29c14adca06bf8df2c5c76
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: ae0b2fa6956c5bbeab3ebb80e69bc0d313506fbf6d9a75fdd41d3511d8aeb120

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:10 GMT
last-modified: Wed, 26 Jan 2022 08:14:28 GMT
server: nginx
etag: "3917fa01fa34fdfd43db5b1c15071af1"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 84258
x-1p1-cdn: BYPASS; Tue, 01 Nov 2022 00:27:10 GMT
expires: Tue, 08 Nov 2022 00:27:10 GMT

GET
H2 200 fa026e772cfd5e39f5c43fb03bea1247.220x330.jpg
images.1plus1.video/playlist-1/101800/ Frame 766D 77 KB
78 KB 113ms
112ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/101800/fa026e772cfd5e39f5c43fb03bea1247.220x330.jpg
Requested by: Host: 1plus1.video
URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=704f1bf8100dcad41f29c14adca06bf8df2c5c76
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 7f4b62d09dc30ffd1f6943c722fc053199beca02c3a5962264608d05ec583484

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:10 GMT
last-modified: Thu, 23 Sep 2021 09:32:32 GMT
server: nginx
etag: "1ac7c7bca48ad0b6bf49709fb825bd52"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 79302
x-1p1-cdn: BYPASS; Tue, 01 Nov 2022 00:27:10 GMT
expires: Tue, 08 Nov 2022 00:27:10 GMT

GET
H2 200 f0ee1990bc109bdc1d80ced614848fbe.220x330.jpg
images.1plus1.video/playlist-1/118669/ Frame 766D 84 KB
84 KB 130ms
129ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/118669/f0ee1990bc109bdc1d80ced614848fbe.220x330.jpg
Requested by: Host: 1plus1.video
URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=704f1bf8100dcad41f29c14adca06bf8df2c5c76
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: e52ce9aedd00c17de0baddbfc8112577c1a48f3d1c8aee25953a53feb7281d7c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:10 GMT
last-modified: Thu, 23 Sep 2021 09:37:45 GMT
server: nginx
etag: "cd80b64d6e8b1fb3fb0449e270085489"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 85922
x-1p1-cdn: BYPASS; Tue, 01 Nov 2022 00:27:10 GMT
expires: Tue, 08 Nov 2022 00:27:10 GMT

GET
H2 200 e2811c3b984e91c24e364696bb27bc38.220x330.jpg
images.1plus1.video/playlist-1/93/ Frame 766D 73 KB
73 KB 95ms
94ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/93/e2811c3b984e91c24e364696bb27bc38.220x330.jpg
Requested by: Host: 1plus1.video
URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=704f1bf8100dcad41f29c14adca06bf8df2c5c76
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 623b8ed926c2eb6436ec5a876949f4986eea52ccb69a6a0064164dd9d6361179

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:10 GMT
last-modified: Sat, 30 Oct 2021 07:14:20 GMT
server: nginx
etag: "a24e7612ca888c6a3f26a9c9ad42fb7a"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 74890
x-1p1-cdn: BYPASS; Tue, 01 Nov 2022 00:27:10 GMT
expires: Tue, 08 Nov 2022 00:27:10 GMT

GET
H2 200 08889206d0bc6f22496fd04b86041fed.220x330.jpg
images.1plus1.video/playlist-1/326/ Frame 766D 91 KB
91 KB 139ms
139ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/326/08889206d0bc6f22496fd04b86041fed.220x330.jpg
Requested by: Host: 1plus1.video
URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=704f1bf8100dcad41f29c14adca06bf8df2c5c76
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 176cec0c0610df2346dd22066f273900fa263f1071814b001d07ffbd654b9eda

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:10 GMT
last-modified: Sat, 13 Feb 2021 11:59:34 GMT
server: nginx
etag: "70c7ed91bbef141e65887484066b2093"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 93213
x-1p1-cdn: BYPASS; Tue, 01 Nov 2022 00:27:10 GMT
expires: Tue, 08 Nov 2022 00:27:10 GMT

GET
H2 200 lsget.html Show response
ls.hit.gemius.pl/ Frame 6844 5 KB
3 KB 78ms
78ms Document
text/html 146.59.30.96
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ls.hit.gemius.pl/lsget.html
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/gemiuslib.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.30.96 , France, ASN16276 (OVH, FR),
Reverse DNS: ip96.ip-146-59-30.eu
Software: GHC /
Resource Hash: e96ae1a3bfeb9e7d034bf760bf7640e96b254a2d4f1e94e0f5b56fffb1e0a1d8

Request headers

Referer: https://1plus1.video/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
accept-ranges: none
cache-control: private, max-age=2592000
content-encoding: gzip
content-length: 2722
content-type: text/html;charset=utf-8
cross-origin-resource-policy: cross-origin
date: Tue, 01 Nov 2022 00:27:10 GMT
etag: PRIVATE7520710249
expires: Thu, 01 Dec 2022 00:27:10 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
p3p: CP="NOI DSP COR NID PSAo OUR IND"
server: GHC
vary: Accept-Encoding,Origin,User-Agent

GET
H3 200 bridge3.542.0_uk.html Show response
imasdk.googleapis.com/js/core/ Frame 029D 688 KB
222 KB 54ms
53ms Document
text/html 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.542.0_uk.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

553e40559d22cced1be4a2e0e70df8dfe60d6b9fdfc0fbe8916b88f44e621703

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1plus1.video/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 385245
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 227082
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 13:26:25 GMT
expires: Fri, 27 Oct 2023 13:26:25 GMT
last-modified: Thu, 27 Oct 2022 13:17:31 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 766D 44 KB
16 KB 174ms
65ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 01 Nov 2022 00:27:10 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 766D 0
0 88ms
88ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=esp&c=16&pc=607331890996613

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Nov 2022 00:27:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 766D 107 B
122 B 63ms
63ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=1plus1.video

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 127ms
126ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221027&jk=1227449208457138&bg=!BgWlBUHNAAZPh4lnb4c7ACkAdvg8WqWo6oCiV-OBOEbee_KrQwP2_xxd0SPgy8x_PNPhkziuWE2U0wIAAABNUgAAAAJoAQcKAKcV466y8aYeZl5y4UlrrYA9Y0rvuOqIbSiZMmjk9o3RWgHeLFmDq-OLu0_bZd0H2z0cOS02IC0nIZLSFzvp4IEZDIyBIsIJR6Ay-hYwDzWwLd9XjX4N5Mmy4oS3QYtCY5rNvDNaaZO4XGKoihNaCBhkVJERF9OvTbwWxAIftXDZ5XtoQfMuovfxyZjImwsiWA7BpDyf4N5VZflHknQ_3nc5ESig0JMKBpkClWah9pucEHidRpc0o1PSyNkBIER3HnjMMuJ4fELb4qv7Rd1N-SSKRELIW6-htyfPQTGFDsndrydlc1y6dXqWBowvRmmKZjZn_z783R-rA1sI5VNyhAerbRL7-V2FM5axk_FWAQL7Y3p5uGQJByH2on6QC5HYcN6pbazutPXr2CkonyrV_571OQBtehrIQqD1HXkyebcSGByznHENHxw60SgwTKnMkQmA5Hk2XtUkIjgcd-mpvrCDklUX2dyQyuBMpcauA8rRGiIpJ5BkF5clEr0zdRQgBUre622c4vWtl8sEAvNzCIRfHw9uR31JmgFU9FepvFp-5MUGs4wE--jxco73Q9O8MqdfgQwA_E1vFRi8MeBbiakZo38UIeuB8fgoxYZCxHl1IVw2GQjAZuclsIW6swPtsj6nJzVGC0NNr4TtgExkjZX-XUTasaVLhzF6fk3syGheTydAxPIhqDiHEWmfHGqQtiALmhohslzG6NW3rp0t5_8O5NrOuIXgZp1qbBjh5dshAdCQsMbWaGdowMRLOXjNMJ5AuxX7HAQDVajMMFferY0d-rg3_c0V5-dNO5QcwLcxjBp-kBOSx09UlDOrC7d5QYxrHsX8PNgkaNv11W4bXhqSjAlRssxEwJSgQAzntrBXcdz6ajv2DPqVXSSKcn0OTbLafAZujVGi4-4N8Ltz04j_4LkTUk5HAoOOGKEZwoEmVfNPN6r6pN_V08DJQb23Kt_aJ7SE1fSKnJXn-81MzicC9DKw2ozdL_QTIpdpmOhSwzuokCBU-EExKVceQ1aAxo_PteMD26__iZVBtB4OJSqxrdjBEjt4wOiYgZ9BYADMdSz8vusn2jeIAaGe5wgu-K5gmkDrzZsKDyuXVZzYfik
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 redot.js Show response
gaua.hit.gemius.pl/_1667262430549/ Frame 766D 2 B
202 B 76ms
76ms Script
application/x-javascript 54.37.238.28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/_1667262430549/redot.js?l=107&sendf=0&id=ByA1NmOpnbt8LmYqyjQkWrd8.l0YgocyqLXiHjiJayv.h7&et=data&hsrc=3&extra=_EC%3Dstreamcontent%7C_SPI%3D1667262430569%7C_SP%3DE2fzXbha%7C_SPD%3D1plus1.ua%7C_SPV%3D100%7C_SPR%3D665x400%7C_SC%3DE2fzXbha%7CcurrentDomain%3D1plus1.ua%7CcurrentNetwork%3Dhome%7CprojectID%3D128902%7C_SCV%3D100%7Cmute%3Dfalse%7C_SCR%3D665x400%7C_SCT%3DStarodavni%20tradiciyi%20guculivsirovariv%20ta%20sekreti%20virobnictva%20karpatskih%20tverdih%20siriv%7CvideoType%3D3%7CUserType%3DNotAuthorized%7CCategory%3DENT_AVT_1P1%7C_SCD%3D3189%7C_SCTE%3DVideo%7C_SCPD%3D20210612%7C_SCTY%3D1%2F00%7CcontentType%3Dfun%7C_SCTT%3D1&eventid=0&fr=3&tz=0&fv=-&href=https%3A%2F%2F1plus1.video%2Fvideo%2Fembed%2FE2fzXbha%3Fautoplay%3D0%26l%3Dua&ref=https%3A%2F%2F1plus1.ua%2F&screen=1600x1200r1000&col=24&window=665x400&vis=1&lsdata=cCDA3wqyh8eoqyd4s4oNz2FbLn7MACoZVO08Ss2vBcD.g7iI57kewCJ6q0d8XgWp2oXWlx5ccszNJ2O6MyL9q9Up8ja0/bqQqZLUPp7Mt1/&ltime=111&fpdata=TowbwhwKc.LiT9sN4ohHQVkeh2NCZtryhS3jzPiSg_H.Y7&inner=_ver%3D330%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&fpcap=&fpsec=1
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/gemiuslib.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.37.238.28 , Poland, ASN16276 (OVH, FR),
Reverse DNS: ip28.ip-54-37-238.eu
Software: GHC /
Resource Hash: 75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Nov 2022 00:27:10 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 2
expires: Mon, 31 Oct 2022 00:27:10 GMT

GET
H/1.1 200
OK / Show response
api.1plus1.video/home/vmap/ Frame 029D 750 B
1 KB 112ms
112ms XHR
application/xml 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.1plus1.video/home/vmap/?s=1plus1.ua&r=YUhSMGNITTZMeTh4Y0d4MWN6RXVkV0V2&w=665&h=400&c=E2fzXbha&d=web&p1v=0&pid=128902
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.542.0_uk.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: f8870efdcf91b95277d9277609b382448d18c7e14e453b5e88b72b5026f60fda

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 01 Nov 2022 00:27:10 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/xml
Access-Control-Allow-Origin: https://imasdk.googleapis.com
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Thu, 19 Nov 1981 08:52:00 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 170ms
57ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2F1plus1.ua%2F&domain=1plus1.ua&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://1plus1.ua
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://1plus1.ua
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Tue, 01 Nov 2022 00:27:09 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 752177
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2F1plus1.ua%2F&domain=1plus1.ua&cw=1&pbt=1&lsw=1
https://mug.criteo.com/sid?cpp=e-Ha23x6eDljUVFDVy9Ub3ZUekZYL0FyN0hhVWJ1VnBpK3JRM1NsUGtEeVRGMzVsQXdWWWp1UVI0SmQ5Ni9kdTFxenZ2U3djYy9RSGRrUGYxTXQxZmdBQk82WWNwczRCeDMvWU43dENmaDc3ejQrNW9rMzE2UW1lWTlqeE...

423 B
711 B

68ms
67ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=e-Ha23x6eDljUVFDVy9Ub3ZUekZYL0FyN0hhVWJ1VnBpK3JRM1NsUGtEeVRGMzVsQXdWWWp1UVI0SmQ5Ni9kdTFxenZ2U3djYy9RSGRrUGYxTXQxZmdBQk82WWNwczRCeDMvWU43dENmaDc3ejQrNW9rMzE2UW1lWTlqeEpGK0c3cVFJYXBEanVuNng2S2tFMDRkR2hCOUpSRWtINm1odzNUckx6cllndFo4TS8rOVc4SFN2VU9SY2sxWFJ0RnpJU0JYMk5WcHU2UVFzVlJ4eTgzNnlIS05LSitibDBLL2tWOEZnUDk5NGhidnBXcVc2dlQrM3dhaTlySUc2RmZ4UU9Qa2JoUlRmd2VCK09KSXpldnlaK1dkQldIUT09fA&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

efec80ca7d514bc935299841906790a2ed1ad207e7a0953f4b83cada9c184a56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Nov 2022 00:27:10 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1845923
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 01 Nov 2022 00:27:10 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-methods: GET
location: https://mug.criteo.com/sid?cpp=e-Ha23x6eDljUVFDVy9Ub3ZUekZYL0FyN0hhVWJ1VnBpK3JRM1NsUGtEeVRGMzVsQXdWWWp1UVI0SmQ5Ni9kdTFxenZ2U3djYy9RSGRrUGYxTXQxZmdBQk82WWNwczRCeDMvWU43dENmaDc3ejQrNW9rMzE2UW1lWTlqeEpGK0c3cVFJYXBEanVuNng2S2tFMDRkR2hCOUpSRWtINm1odzNUckx6cllndFo4TS8rOVc4SFN2VU9SY2sxWFJ0RnpJU0JYMk5WcHU2UVFzVlJ4eTgzNnlIS05LSitibDBLL2tWOEZnUDk5NGhidnBXcVc2dlQrM3dhaTlySUc2RmZ4UU9Qa2JoUlRmd2VCK09KSXpldnlaK1dkQldIUT09fA&cppv=2
access-control-allow-origin: https://1plus1.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 511606
content-length: 0
expires: 0

POST
H/1.1 200 prebid Show response
id5-sync.com/api/config/ 135 B
538 B 194ms
62ms XHR
application/json 162.19.138.118
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/config/prebid

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19297/hb_298309_4139.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.118 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533569.ip-162-19-138.eu

Software

Resource Hash

f2a8720de45d6e2afa1037156d17e6b24e05d98b9f3ffb06ea6dbd8faafb3297

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://1plus1.ua
date: Tue, 01 Nov 2022 00:27:10 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame DA47 15 KB
6 KB 172ms
54ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161562
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19297/hb_298309_4139.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://1plus1.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=64765
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Tue, 01 Nov 2022 00:27:10 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Tue, 01 Nov 2022 18:26:35 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 7A3C 281 B
573 B 181ms
57ms Document
text/html 23.203.77.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19297/hb_298309_4139.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.203.77.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-77-3.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://1plus1.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 01 Nov 2022 00:27:10 GMT
ETag: "40014-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Unused62: 8096267
Vary: Accept-Encoding

GET
H2 200 / Show response
spl.zeotap.com/ Frame 4848 8 KB
2 KB 158ms
57ms Document
text/html 2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19297/hb_298309_4139.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d04a22d58886ef542c1851164e031f1a45183ffde38a5911e59fe1c6013c3470

Request headers

Referer: https://1plus1.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://1plus1.ua
cf-cache-status: DYNAMIC
cf-ray: 763080d0eb0b7480-LHR
content-encoding: br
content-type: text/html
date: Tue, 01 Nov 2022 00:27:10 GMT
server: cloudflare
vary: Origin
via: 1.1 google

GET
H2 204 /
onetag-sys.com/usync/ Frame 2801 0
0 60ms
60ms Document
text/plain 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1667262427412

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19297/hb_298309_4139.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://1plus1.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 200 pd Show response
u.openx.net/w/1.0/ Frame E87D 0
91 B 84ms
63ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19297/hb_298309_4139.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://1plus1.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Tue, 01 Nov 2022 00:27:10 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 204 /
csync.loopme.me/ Frame 6DBB 0
0 175ms
58ms Document
text/plain 35.214.236.176
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D%26pubid%3D11378
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19297/hb_298309_4139.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.214.236.176 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS: 176.236.214.35.bc.googleusercontent.com
Software: _ /
Resource Hash

Request headers

Referer: https://1plus1.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

date: Tue, 01 Nov 2022 00:27:10 GMT
server: _

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 71DF 15 KB
6 KB 169ms
56ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161562
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19297/hb_298309_4139.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://1plus1.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=64765
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Tue, 01 Nov 2022 00:27:10 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Tue, 01 Nov 2022 18:26:35 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H/1.1 400
Request failed due to privacy signals getuid
ib.adnxs.com/ Frame 4848 0
0 180ms
57ms Image
text/html 37.252.173.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc2bec3a-868c-48f0-6de7-81e696dbe01f&reqId=f264e52d-7c47-4542-451f-9c78eb019b5b&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 4848 170 B
188 B 65ms
63ms Image
image/png 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc2bec3a-868c-48f0-6de7-81e696dbe01f&reqId=f264e52d-7c47-4542-451f-9c78eb019b5b&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Nov 2022 00:27:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 4848
Redirect Chain

https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
https://mwzeom.zeotap.com/mw?cid=45ca3c74-678b-4918-95e6-c8ef028dd655&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc2bec3a-868c-48f0-6de7-81e696dbe01f&reqId=f264e52d-7c47-4542...

95 B
152 B

70ms
66ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=45ca3c74-678b-4918-95e6-c8ef028dd655&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc2bec3a-868c-48f0-6de7-81e696dbe01f&reqId=f264e52d-7c47-4542-451f-9c78eb019b5b&zdid=1361
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:11 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 763080d39d7a7480-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

date: Tue, 01 Nov 2022 00:27:11 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://mwzeom.zeotap.com/mw?cid=45ca3c74-678b-4918-95e6-c8ef028dd655&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc2bec3a-868c-48f0-6de7-81e696dbe01f&reqId=f264e52d-7c47-4542-451f-9c78eb019b5b&zdid=1361
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 403 /
dmp.adform.net/serving/cookie/match/ Frame 4848 0
331 B 252ms
71ms Image
text/plain 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc2bec3a-868c-48f0-6de7-81e696dbe01f&reqId=f264e52d-7c47-4542-451f-9c78eb019b5b&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Nov 2022 00:27:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 4848 70 B
265 B 190ms
45ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dcc2bec3a-868c-48f0-6de7-81e696dbe01f%26reqId%3Df264e52d-7c47-4542-451f-9c78eb019b5b%26zdid%3D1361&gdpr=1&gdpr_consent=
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 01 Nov 2022 00:27:11 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 cm
trc.taboola.com/sg/zeotap/1/ Frame 4848 0
161 B 162ms
54ms Image
text/plain 2a04:4e42:400::300
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc2bec3a-868c-48f0-6de7-81e696dbe01f&reqId=f264e52d-7c47-4542-451f-9c78eb019b5b&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Tue, 01 Nov 2022 00:27:11 GMT
via: 1.1 varnish
x-cache-hits: 0
server: nginx
x-timer: S1667262431.087082,VS0,VE9
x-cache: MISS
accept-ranges: bytes
content-length: 0
x-served-by: cache-lon4254-LON

GET
H/1.1 200
OK u
dmp.v.fwmrm.net/ad/ Frame 4848 0
411 B 577ms
129ms Image
text/html 2600:1f18:6593:f602:8bd3:480b:a39:d536
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:6593:f602:8bd3:480b:a39:d536 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 01 Nov 2022 00:27:11 GMT
Content-Type: text/html
P3P: policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control: no-store
Connection: keep-alive
Keep-Alive: timeout=300
Content-Length: 0
Expires: 0

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 4848 0
166 B 205ms
58ms Image
text/html 185.64.189.115
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dcc2bec3a-868c-48f0-6de7-81e696dbe01f%26reqId%3Df264e52d-7c47-4542-451f-9c78eb019b5b%26zdid%3D1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Tue, 01 Nov 2022 00:27:10 GMT
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 4848
Redirect Chain

https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc2bec3a-868c-48f0-6de7-81e696dbe01f&reqId=f264e52d-7c47-4542-451f-9c78eb019b5b&zdid=1361
https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc2bec3a-868c-48f0-6de7-81e696dbe01f&reqId=f264e52d-7c47-4542-451f-9c78eb019b5b&zdid=136...
https://mwzeom.zeotap.com/mw?cid=d38ac7c2-fe8b-4d8e-a0b5-0a840d5d7bbf&zpartnerid=317&gdpr=1&gdpr_consent=

95 B
152 B

60ms
60ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=d38ac7c2-fe8b-4d8e-a0b5-0a840d5d7bbf&zpartnerid=317&gdpr=1&gdpr_consent=
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:11 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 763080d3ad867480-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

location: https://mwzeom.zeotap.com/mw?cid=d38ac7c2-fe8b-4d8e-a0b5-0a840d5d7bbf&zpartnerid=317&gdpr=1&gdpr_consent=
pragma: no-cache
date: Tue, 01 Nov 2022 00:27:11 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
x-xss-protection: 1; mode=block
expires: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 4848
Redirect Chain

https://dpm.demdex.net/ibs:dpid=199624&dpuuid=cc2bec3a-868c-48f0-6de7-81e696dbe01f&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=cc2bec3a-868c-48f0-6de7-81e696dbe01f&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
https://mwzeom.zeotap.com/mw?cid=54194878889895715481239663005364081405&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc2bec3a-868c-48f0-6de7-81e696dbe01f&reqId=f264e52d-7c47-...

95 B
163 B

80ms
58ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=54194878889895715481239663005364081405&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc2bec3a-868c-48f0-6de7-81e696dbe01f&reqId=f264e52d-7c47-4542-451f-9c78eb019b5b&zdid=1361
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:11 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 763080d39d797480-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

DCS: dcs-prod-irl1-1-v045-02ae087c0.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: mUdWVAHORAI=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://mwzeom.zeotap.com/mw?cid=54194878889895715481239663005364081405&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc2bec3a-868c-48f0-6de7-81e696dbe01f&reqId=f264e52d-7c47-4542-451f-9c78eb019b5b&zdid=1361
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 204 /
loadeu.exelator.com/load/ Frame 4848 0
324 B 202ms
55ms Image
text/plain 18.198.69.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc2bec3a-868c-48f0-6de7-81e696dbe01f&reqId=f264e52d-7c47-4542-451f-9c78eb019b5b&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.69.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:11 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 4848
Redirect Chain

https://bn01.er.bemail.it/zeotap.php?_bid=cc2bec3a-868c-48f0-6de7-81e696dbe01f&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc2bec3a-868c-48f0-6de7-81e696dbe01f&reqId=f264e52d-...
https://mwzeom.zeotap.com/mw?cid=BE1-2022110103-96008-0.644184001667268194-34302ddcf438d7446f283721ff1017bf&zdid=533&env=mWeb

95 B
152 B

58ms
57ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=BE1-2022110103-96008-0.644184001667268194-34302ddcf438d7446f283721ff1017bf&zdid=533&env=mWeb
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:11 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 763080d47e4e7480-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

Location: https://mwzeom.zeotap.com/mw?cid=BE1-2022110103-96008-0.644184001667268194-34302ddcf438d7446f283721ff1017bf&zdid=533&env=mWeb
Date: Tue, 01 Nov 2022 02:03:14 GMT
Server: nginx/1.10.2
Connection: keep-alive
X-Powered-By: PHP/5.4.16
Transfer-Encoding: chunked
Content-Type: text/html

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 4848
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
https://mwzeom.zeotap.com/mw?cid=7160837614998714514&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc2bec3a-868c-48f0-6de7-81e696dbe01f&reqId=f264e52d-7c47-4542-451f-...

95 B
152 B

60ms
59ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=7160837614998714514&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc2bec3a-868c-48f0-6de7-81e696dbe01f&reqId=f264e52d-7c47-4542-451f-9c78eb019b5b&zdid=1361
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:11 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 763080d3edc37480-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

Location: https://mwzeom.zeotap.com/mw?cid=7160837614998714514&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc2bec3a-868c-48f0-6de7-81e696dbe01f&reqId=f264e52d-7c47-4542-451f-9c78eb019b5b&zdid=1361
Date: Tue, 01 Nov 2022 00:27:11 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

check
pixel.tapad.com/idsync/ex/receive/ Frame 4848
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=cc2bec3a-868c-48f0-6de7-81e696dbe01f
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=cc2bec3a-868c-48f0-6de7-81e696dbe01f

95 B
122 B

82ms
69ms

Image
image/png

35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=cc2bec3a-868c-48f0-6de7-81e696dbe01f

Protocol

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

159.248.227.35.bc.googleusercontent.com

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:11 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type: image/png
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

Redirect headers

date: Tue, 01 Nov 2022 00:27:11 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=cc2bec3a-868c-48f0-6de7-81e696dbe01f
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 4848
Redirect Chain

https://idsync.frontend.weborama.fr/ids?key=zeotap&value=cc2bec3a-868c-48f0-6de7-81e696dbe01f&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
https://idsync.frontend.weborama.fr/ids?key=zeotap&value=cc2bec3a-868c-48f0-6de7-81e696dbe01f&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
https://mwzeom.zeotap.com/mw?webouuid=vaSgT7zyOvEIl861PdNG0.&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc2bec3a-868c-48f0-6de7-81e696dbe01f&reqId=f264e52d-7c47-45...

95 B
152 B

59ms
57ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?webouuid=vaSgT7zyOvEIl861PdNG0.&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc2bec3a-868c-48f0-6de7-81e696dbe01f&reqId=f264e52d-7c47-4542-451f-9c78eb019b5b&zdid=1361
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:11 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 763080d52ee07480-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Tue, 01 Nov 2022 00:27:10 GMT
via: 1.1 google
last-modified: Tue, 01 Nov 2022 00:27:11 GMT
server: Weborama Collect Frontend
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location: https://mwzeom.zeotap.com/mw?webouuid=vaSgT7zyOvEIl861PdNG0.&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc2bec3a-868c-48f0-6de7-81e696dbe01f&reqId=f264e52d-7c47-4542-451f-9c78eb019b5b&zdid=1361
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 404 2.gif
dmp.theadex.com/d/949/i/ Frame 4848 0
84 B 212ms
59ms Image
text/plain 185.15.245.83
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=cc2bec3a-868c-48f0-6de7-81e696dbe01f&axd_pid=175
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.15.245.83 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Nov 2022 00:27:11 GMT
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 4848
Redirect Chain

https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=cc2bec3a-868c-48f0-6de7-81e696dbe01f?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_con...
https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=cc2bec3a-868c-48f0-6de7-81e696dbe01f?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdp...
https://mwzeom.zeotap.com/mw?pid=815229a04c1d919d6733a65ed3cf76df&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc2bec3a-868c-48f0-6de7-81e696dbe01f&reqId=f264e52d-7c...

95 B
152 B

59ms
58ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?pid=815229a04c1d919d6733a65ed3cf76df&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc2bec3a-868c-48f0-6de7-81e696dbe01f&reqId=f264e52d-7c47-4542-451f-9c78eb019b5b&zdid=1361
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:11 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 763080d4ae737480-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Tue, 01 Nov 2022 00:27:11 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://mwzeom.zeotap.com/mw?pid=815229a04c1d919d6733a65ed3cf76df&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc2bec3a-868c-48f0-6de7-81e696dbe01f&reqId=f264e52d-7c47-4542-451f-9c78eb019b5b&zdid=1361
cache-control: no-cache
x-server: 10.45.31.235
content-length: 0
expires: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 4848
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
https://mwzeom.zeotap.com/mw?cid=y-QLGZZJZE2orARm31IllLCmFmDw0FTobBqA--~A&zpartnerid=570&env=mWeb

95 B
152 B

58ms
57ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=y-QLGZZJZE2orARm31IllLCmFmDw0FTobBqA--~A&zpartnerid=570&env=mWeb
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:11 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 763080d45e377480-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

date: Tue, 01 Nov 2022 00:27:11 GMT
strict-transport-security: max-age=31536000
via: http/1.1 spdc0109.pbp.ir2.yahoo.com (ApacheTrafficServer)
server: ATS
age: 0
content-type: text/html;charset=utf-8
location: https://mwzeom.zeotap.com/mw?cid=y-QLGZZJZE2orARm31IllLCmFmDw0FTobBqA--~A&zpartnerid=570&env=mWeb
content-length: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 4848
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc2bec3a-868c-48f0-6de7-81e696dbe01f&reqId=f264e52d-7c47-4542-451f-9c78eb019b5b&zd...
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=QKedJaQzZjTZTvmiQ52Zfnsb7yzzgCWp%2BS41iYitP1U%3D

95 B
152 B

84ms
83ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=QKedJaQzZjTZTvmiQ52Zfnsb7yzzgCWp%2BS41iYitP1U%3D
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:11 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 763080d54f0c7480-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Tue, 01 Nov 2022 00:27:11 GMT
server: AAWebServer
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=QKedJaQzZjTZTvmiQ52Zfnsb7yzzgCWp%2BS41iYitP1U%3D
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires: 0

GET
H2 200 v2
odr.mookie1.com/t/ Frame 4848 43 B
356 B 202ms
63ms Image
image/gif 34.98.67.61
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=cc2bec3a-868c-48f0-6de7-81e696dbe01f&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc2bec3a-868c-48f0-6de7-81e696dbe01f&reqId=f264e52d-7c47-4542-451f-9c78eb019b5b&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Nov 2022 00:27:11 GMT
via: 1.1 google
server: Apache
content-type: image/gif;charset=UTF-8
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 4848 0
338 B 194ms
55ms Image
text/plain 54.72.167.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc2bec3a-868c-48f0-6de7-81e696dbe01f&reqId=f264e52d-7c47-4542-451f-9c78eb019b5b&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.167.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-167-131.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-served-by: beacon-n015-dub-prod.krxd.net
date: Tue, 01 Nov 2022 00:27:11 GMT
cache-control: private, no-cache, no-store
x-request-time: D=44 t=1667262431
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 /
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame 4848 95 B
359 B 212ms
61ms Image
image/png 162.55.236.225
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=cc2bec3a-868c-48f0-6de7-81e696dbe01f&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc2bec3a-868c-48f0-6de7-81e696dbe01f&reqId=f264e52d-7c47-4542-451f-9c78eb019b5b&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.55.236.225 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.225.236.55.162.clients.your-server.de
Software: nginx/1.14.2 /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/png
date: Tue, 01 Nov 2022 00:27:11 GMT
server: nginx/1.14.2
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 4848
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr...
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=Y2Bn3wAEpV5TEwAT&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc2bec3a-868c-48f0-6de7-81e696dbe01f&reqId=f264e52d-7c47-4542-451f-9c7...

95 B
152 B

58ms
57ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=Y2Bn3wAEpV5TEwAT&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc2bec3a-868c-48f0-6de7-81e696dbe01f&reqId=f264e52d-7c47-4542-451f-9c78eb019b5b&zdid=1361&_test=Y2Bn3wAEpV5TEwAT
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:11 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 763080d66fff7480-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

x-served-by: cache-hhn4041-HHN
pragma: no-cache
date: Tue, 01 Nov 2022 00:27:11 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1667262432.694731,VS0,VE0
x-cache: HIT
location: https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=Y2Bn3wAEpV5TEwAT&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc2bec3a-868c-48f0-6de7-81e696dbe01f&reqId=f264e52d-7c47-4542-451f-9c78eb019b5b&zdid=1361&_test=Y2Bn3wAEpV5TEwAT
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 4848
Redirect Chain

https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
https://mwzeom.zeotap.com/mw?cid=7ac96360-67df-4e00-bf7c-50dadb31b451&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc2bec3a-868c-48f0-6de7-81e696dbe01f&reqId=f264e52...

95 B
152 B

57ms
56ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=7ac96360-67df-4e00-bf7c-50dadb31b451&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc2bec3a-868c-48f0-6de7-81e696dbe01f&reqId=f264e52d-7c47-4542-451f-9c78eb019b5b&zdid=1361
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:11 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 763080d5ef8d7480-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

Date: Tue, 01 Nov 2022 00:27:11 GMT
Server: MT3 4539 98cc2da master cdg-pixel-x26 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Location: https://mwzeom.zeotap.com/mw?cid=7ac96360-67df-4e00-bf7c-50dadb31b451&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc2bec3a-868c-48f0-6de7-81e696dbe01f&reqId=f264e52d-7c47-4542-451f-9c78eb019b5b&zdid=1361
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Expires: Tue, 01 Nov 2022 00:27:10 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 4848
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc2bec3a-868c-48f0-6de7-81e696dbe01f&reqId=f264e52d-7c47-4542-451f-9c78eb019b5b&zdid=1361
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc2bec3a-868c-48f0-6de7-81e696dbe01f&reqId=f264e52d-7c47-4542-451f-9c78eb01...

0
337 B

55ms
55ms

Image
text/plain

54.72.167.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc2bec3a-868c-48f0-6de7-81e696dbe01f&reqId=f264e52d-7c47-4542-451f-9c78eb019b5b&zdid=1361
Protocol: H2
Server: 54.72.167.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-167-131.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-served-by: beacon-n002-dub-prod.krxd.net
date: Tue, 01 Nov 2022 00:27:11 GMT
cache-control: private, no-cache, no-store
x-request-time: D=43 t=1667262431
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc2bec3a-868c-48f0-6de7-81e696dbe01f&reqId=f264e52d-7c47-4542-451f-9c78eb019b5b&zdid=1361
date: Tue, 01 Nov 2022 00:27:11 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a005-ash-prod.krxd.net

GET
H/1.1

200
OK

dcm
aax-eu.amazon-adsystem.com/s/ Frame 4848
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=cc2bec3a-868c-48f0-6de7-81e696dbe01f&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc2bec3a-868c-48f0-6de...
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=cc2bec3a-868c-48f0-6de7-81e696dbe01f&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc2bec3a-868c-48f0-6de...

43 B
568 B

59ms
59ms

Image
image/gif

52.95.122.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=cc2bec3a-868c-48f0-6de7-81e696dbe01f&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc2bec3a-868c-48f0-6de7-81e696dbe01f&reqId=f264e52d-7c47-4542-451f-9c78eb019b5b&zdid=1361&dcc=t

Protocol

HTTP/1.1

Server

52.95.122.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 01 Nov 2022 00:27:11 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 3RMKD6BWYCSAQQKNT7PJ
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 01 Nov 2022 00:27:11 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: CPGX8J486EAMAMHX6XJJ
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=cc2bec3a-868c-48f0-6de7-81e696dbe01f&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc2bec3a-868c-48f0-6de7-81e696dbe01f&reqId=f264e52d-7c47-4542-451f-9c78eb019b5b&zdid=1361&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 400 87734
tags.bluekai.com/site/ Frame 4848 0
145 B 358ms
237ms Image
text/plain 104.76.200.221
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/87734?id=cc2bec3a-868c-48f0-6de7-81e696dbe01f&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc2bec3a-868c-48f0-6de7-81e696dbe01f&reqId=f264e52d-7c47-4542-451f-9c78eb019b5b&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.76.200.221 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-76-200-221.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:11 GMT
content-length: 0
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 4848
Redirect Chain

https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dcc2...
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc2bec3a-868c-48f0-6de7-81e696dbe01f&reqId=f264e52d-7c47-4542-451f-9c78eb019b5b&zdid=1361

95 B
152 B

59ms
59ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc2bec3a-868c-48f0-6de7-81e696dbe01f&reqId=f264e52d-7c47-4542-451f-9c78eb019b5b&zdid=1361
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:11 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 763080d6d8577480-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

location: https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc2bec3a-868c-48f0-6de7-81e696dbe01f&reqId=f264e52d-7c47-4542-451f-9c78eb019b5b&zdid=1361
date: Tue, 01 Nov 2022 00:27:11 GMT
cross-origin-resource-policy: cross-origin
content-length: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 4848
Redirect Chain

https://pixel.rubiconproject.com/token?pid=41544&puid=cc2bec3a-868c-48f0-6de7-81e696dbe01f&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc2bec3a-868c-48f0-6de7-81e696db...
https://mwzeom.zeotap.com/mw?cid=L9XH02IL-I-DLJF&env=mWeb&zpartnerid=1770&gdpr=1

95 B
152 B

56ms
55ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=L9XH02IL-I-DLJF&env=mWeb&zpartnerid=1770&gdpr=1
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:11 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 763080d5bf5f7480-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

Location: https://mwzeom.zeotap.com/mw?cid=L9XH02IL-I-DLJF&env=mWeb&zpartnerid=1770&gdpr=1
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 4848
Redirect Chain

https://x.bidswitch.net/syncd?dsp_id=461&user_group=1&expires=5&user_id=cc2bec3a-868c-48f0-6de7-81e696dbe01f&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BBBSW_UUID%7D%26cookie_age%3D%24...
https://mwzeom.zeotap.com/mw?cid=${BBSW_UUID}&cookie_age=${COOKIE_AGE}&env=mWeb&zpartnerid=1771&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc2bec3a-868c-48f0-6de7-81e696dbe01f&reqId=f264e...

95 B
152 B

59ms
58ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=${BBSW_UUID}&cookie_age=${COOKIE_AGE}&env=mWeb&zpartnerid=1771&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc2bec3a-868c-48f0-6de7-81e696dbe01f&reqId=f264e52d-7c47-4542-451f-9c78eb019b5b&zdid=1361
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:11 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 763080d5ef907480-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

Location: https://mwzeom.zeotap.com/mw?cid=${BBSW_UUID}&cookie_age=${COOKIE_AGE}&env=mWeb&zpartnerid=1771&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc2bec3a-868c-48f0-6de7-81e696dbe01f&reqId=f264e52d-7c47-4542-451f-9c78eb019b5b&zdid=1361
Date: Tue, 01 Nov 2022 00:27:11 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2 200 cmp.min.js Show response
spl.zeotap.com/ Frame 4848 557 B
468 B 60ms
59ms Script
text/plain 2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc2bec3a-868c-48f0-6de7-81e696dbe01f&reqId=f264e52d-7c47-4542-451f-9c78eb019b5b&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d858f7e2f350006b95b4ee9186907d826b0dd0023ef6b467767d5033d145db1e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:10 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 763080d1abb97480-LHR
access-control-allow-headers: *

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 7A3C 32 KB
10 KB 58ms
58ms Script
text/html 23.203.77.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.203.77.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-77-3.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 256f6bec6a211d7c3445e856d793846aca14627b2d03c2186c6233140996c1d5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 01 Nov 2022 00:27:10 GMT
Content-Encoding: gzip
Last-Modified: Mon, 17 Oct 2022 18:37:59 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=35720
Connection: keep-alive
Content-Length: 9454
Expires: Tue, 01 Nov 2022 10:22:30 GMT

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
396 B 204ms
58ms XHR
application/json 141.95.98.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19297/hb_298309_4139.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.65 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216659.ip-141-95-98.eu

Software

Resource Hash

7bb8043d251601fb8975e5e513a862a9b1d0a2eea8886223708a8e4deb58870b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://1plus1.ua
date: Tue, 01 Nov 2022 00:27:10 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame DA47 0
39 B 201ms
59ms Script
text/plain 185.64.189.115
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=76196812&p=161562&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161562
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:11 GMT
content-length: 0

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 199ms
62ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Tue, 01 Nov 2022 00:27:10 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 459972
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 204 cmp
spl.zeotap.com/ Frame 4848 0
0 72ms
72ms Document
text/plain 2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc2bec3a-868c-48f0-6de7-81e696dbe01f&reqId=f264e52d-7c47-4542-451f-9c78eb019b5b&zdid=1361&cmp=0
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc2bec3a-868c-48f0-6de7-81e696dbe01f&reqId=f264e52d-7c47-4542-451f-9c78eb019b5b&zdid=1361
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://spl.zeotap.com
cf-cache-status: DYNAMIC
cf-ray: 763080d20c157480-LHR
date: Tue, 01 Nov 2022 00:27:11 GMT
server: cloudflare
vary: Origin
via: 1.1 google

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 7A3C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIvLrVNgBaSjY-s5zlnkoG8&google_cver=1

0
239 B

231ms
54ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIvLrVNgBaSjY-s5zlnkoG8&google_cver=1
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Tue, 01 Nov 2022 00:27:11 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIvLrVNgBaSjY-s5zlnkoG8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7A3C
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlYSDAySUwtSS1ETEpG

170 B
188 B

66ms
65ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlYSDAySUwtSS1ETEpG

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Nov 2022 00:27:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlYSDAySUwtSS1ETEpG
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 7A3C
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/LoHyztzcthogfysm-LCOZg?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=69833414504542492

0
239 B

94ms
56ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=69833414504542492
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Tue, 01 Nov 2022 00:27:11 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=69833414504542492
content-length: 0

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 7A3C 70 B
264 B 60ms
56ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 01 Nov 2022 00:27:11 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame 7A3C
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=8oPHZuFZS_2wh-Rct2WbLw&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=8oPHZuFZS_2wh-Rct2WbLw

43 B
720 B

134ms
133ms

Image
image/gif

52.95.122.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=8oPHZuFZS_2wh-Rct2WbLw

Protocol

HTTP/1.1

Server

52.95.122.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 01 Nov 2022 00:27:11 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 6D62GEMF2KW18YAP0RX3
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=8oPHZuFZS_2wh-Rct2WbLw
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

setuid
px.ads.linkedin.com/ Frame 7A3C
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L9XH02IL-I-DLJF

0
707 B

379ms
235ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L9XH02IL-I-DLJF
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 00:27:11 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: BE6B4D5109D44488AF9942867EB57855 Ref B: FRAEDGE1917 Ref C: 2022-11-01T00:27:11Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXsXcj71/JYXGkqVTH9yA==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L9XH02IL-I-DLJF
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 7A3C
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Al5AVSFBQLe9BCC8yVkt7g&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Al5AVSFBQLe9BCC8yVkt7g

43 B
479 B

137ms
137ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Al5AVSFBQLe9BCC8yVkt7g

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 01 Nov 2022 00:27:11 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: FJ6KMQR0QRKGJ0GM1PZ4
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Al5AVSFBQLe9BCC8yVkt7g
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7A3C
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NzVjY2NhODc3YTc5ZTFiZTIyZGFlNTBkY2ZkMWQyNGY4NDhjN2VmOQ

170 B
188 B

64ms
64ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NzVjY2NhODc3YTc5ZTFiZTIyZGFlNTBkY2ZkMWQyNGY4NDhjN2VmOQ

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Nov 2022 00:27:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NzVjY2NhODc3YTc5ZTFiZTIyZGFlNTBkY2ZkMWQyNGY4NDhjN2VmOQ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

POST
H/1.1 200 692.json Show response
id5-sync.com/g/v2/ 216 B
619 B 187ms
61ms XHR
application/json 162.19.138.118
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/692.json

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19297/hb_298309_4139.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.118 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533569.ip-162-19-138.eu

Software

Resource Hash

ccc187f738ae2aeddb2f0049584a5d48c949588739d1c9c7c12e53ca1be87d0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://1plus1.ua
date: Tue, 01 Nov 2022 00:27:11 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

POST
H2 200 PageStatEntry Show response
sslpagestat.mmi.bemobile.ua/pagestat/ 36 B
130 B 83ms
83ms XHR
application/json 194.247.175.26
BEMOBILE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sslpagestat.mmi.bemobile.ua/pagestat/PageStatEntry
Requested by: Host: source.mmi.bemobile.ua
URL: https://source.mmi.bemobile.ua/cm/cm.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.247.175.26 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software: nginx/1.13.0 /
Resource Hash: 147b1111edda7e2c2f9d672b5649de2f2dc5d5cb9dda7905198aa883a4273013

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 01 Nov 2022 00:27:11 GMT
server: nginx/1.13.0
content-length: 36
content-type: application/json

GET
H2 200 PageStatEntry Show response
sslpagestat.mmi.bemobile.ua/pagestat/ 36 B
130 B 82ms
82ms XHR
application/json 194.247.175.26
BEMOBILE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sslpagestat.mmi.bemobile.ua/pagestat/PageStatEntry?cookie=278801B9BE48404ABDB5F89EC68CCD84&time=1667262431793&location=https%3A%2F%2F1plus1.ua%2F&referrer=&is_flash=0&session_id=950849806&version=3.5.337_ua/1.83&sw=1600&sh=1200&scd=24&spd=24&tnscm_adn=inline_cm&param1=~cm_timer~&param2=5&param3=1200&param4=5758&param5=8&vt=d
Requested by: Host: source.mmi.bemobile.ua
URL: https://source.mmi.bemobile.ua/cm/cm.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.247.175.26 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software: nginx/1.13.0 /
Resource Hash: 147b1111edda7e2c2f9d672b5649de2f2dc5d5cb9dda7905198aa883a4273013

Request headers

Accept: application/json
Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 01 Nov 2022 00:27:11 GMT
server: nginx/1.13.0
content-length: 36
content-type: application/json

GET
H2 400 / Show response
graph.facebook.com/v2.2/ 202 B
585 B 214ms
88ms XHR
application/json 2a03:2880:f02d:e:face:b00c:0:2
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://graph.facebook.com/v2.2/?fields=og_object{engagement}&id=https://1plus1.uahttps://1plus1.video/video/embed/E2fzXbha?l=ua

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/build/js/app.js?id=ff35a9d53833cf45c98e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:e:face:b00c:0:2 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

250a3e89e6ad514866294ded963036281a7a707bdc999b7241a7969374df9561

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
www-authenticate: OAuth "Facebook Platform" "invalid_request" "(#2) Service temporarily unavailable"
date: Tue, 01 Nov 2022 00:27:12 GMT
x-fb-rev: 1006502582
alt-svc: h3=":443"; ma=86400
content-length: 150
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: tKkzLBSS7hwyWkJizHbzaNJHRHjU8ukW6eMlmRReGe/HoTGKbTMCYrVPQW2+PU5wwEnSEUKfaAbrZr9RTgHmgw==
x-fb-trace-id: AhAkUOuJDG3
vary: Origin, Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-fb-request-id: AzE8Tlvmngf7cMHV8QjXz2k
cache-control: no-store
facebook-api-version: v8.0
expires: Sat, 01 Jan 2000 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

159 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

85 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.1plus1.video/	1970-01-20 16:43:42	Name: _opov_sid_ Value: nq316rbfk5e8sr5poj927hgm59
1plus1.ua/	1970-01-20 16:43:42	Name: _opov_hid_l Value: bae1bf73-ad8c-5481-8e68-7e65c948b6b9
.1plus1.ua/	1970-01-20 16:43:42	Name: _opov_sid_ Value: nq316rbfk5e8sr5poj927hgm59
1plus1.ua/	1969-12-31 23:59:59	Name: Value: store.test
1plus1.ua/	1970-01-20 16:33:37	Name: _pk_id.2.1c86 Value: f350f20af2a28801.1667262426.1.1667262426.1667262426.
1plus1.ua/	1970-01-20 07:07:44	Name: _pk_ses.2.1c86 Value: *
.1plus1.ua/	1970-01-20 16:43:42	Name: _ga Value: GA1.2.597971806.1667262426
.1plus1.ua/	1970-01-20 07:09:08	Name: _gid Value: GA1.2.509638379.1667262427
.1plus1.ua/	1970-01-20 07:07:42	Name: _gat_UA-22507043-9 Value: 1
.1plus1.ua/	1970-01-20 07:07:42	Name: _gat_UA-113262294-1 Value: 1
.1plus1.ua/	1970-01-20 16:29:18	Name: __gpi Value: UID=00000b7ac531850e:T=1667262426:RT=1667262426:S=ALNI_MbmXoCkJITrKJUf2kby6vjGqOhdLg
.1plus1.ua/	1970-01-20 16:36:30	Name: __gfp_64b Value: 9QosQV3NhNtmATD8_H63Ou0DRH4VffprqnUiakHvScj.b7\|1667262426
a4p.adpartner.pro/	1970-01-20 08:34:06	Name: apuid Value: 51099579-03a4-4233-a003-f27fec6d79e1
.1plus1.ua/	1970-01-20 15:53:18	Name: _hjSessionUser_1437498 Value: eyJpZCI6IjI1ZGUzZjRkLWZhYWUtNWE4Ny04MDY1LWVlY2Q4M2M0YmU0NSIsImNyZWF0ZWQiOjE2NjcyNjI0MjY4NzcsImV4aXN0aW5nIjpmYWxzZX0=
.1plus1.ua/	1970-01-20 07:07:44	Name: _hjFirstSeen Value: 1
1plus1.ua/	1970-01-20 07:07:42	Name: _hjIncludedInSessionSample Value: 0
.1plus1.ua/	1970-01-20 07:07:44	Name: _hjSession_1437498 Value: eyJpZCI6IjhmMDllODgzLThjMDgtNGU0Yi05NjgyLWY4ODgyNDkzOGU3NiIsImNyZWF0ZWQiOjE2NjcyNjI0MjY4OTcsImluU2FtcGxlIjpmYWxzZX0=
.1plus1.ua/	1970-01-20 07:07:44	Name: _hjAbsoluteSessionInProgress Value: 0
.mfadsrvr.com/	1970-01-20 16:43:42	Name: tuuid Value: 7b230a4d-f150-49ae-9c8c-dea6b5193477
.mfadsrvr.com/	1970-01-20 16:43:42	Name: c Value: 1667262427
.mfadsrvr.com/	1970-01-20 16:43:42	Name: tuuid_lu Value: 1667262427
.mfadsrvr.com/	1970-01-20 16:43:42	Name: ssh Value: !adtelligent,1667262427
1plus1.ua/	1970-01-20 07:50:54	Name: _pbjs_userid_consent_data Value: 3524755945110770
.1plus1.ua/	1970-01-20 15:53:18	Name: _pubcid Value: 408f6601-ecb6-4af4-bbcc-a6d761b8f936
.adtelligent.com/	1970-01-20 08:36:59	Name: vmuid Value: 34fa9bb1250860b7
.adtelligent.com/	1970-01-20 08:36:59	Name: a307558 Value: 51099579-03a4-4233-a003-f27fec6d79e1
pbjs.e-planning.net/	1969-12-31 23:59:59	Name: CT Value: 1
.prebid.a-mo.net/	1970-01-20 15:53:18	Name: __amc Value: 1_1667262427_1667262427
.admixer.net/	1970-01-20 09:17:18	Name: am-uid Value: 609d68ece4174a4ca9d168a24c8166c5
.e-planning.net/	1970-01-20 16:43:42	Name: E Value: AGxniIwlVhrhv6gU
.adtelligent.com/	1970-01-20 08:36:59	Name: a736011 Value: 7b230a4d-f150-49ae-9c8c-dea6b5193477
.ads.adnuntius.delivery/	1970-01-20 07:50:54	Name: usi Value: lws1!adnfp8d3c5c6dec19612d
.ads.adnuntius.delivery/	1969-12-31 23:59:59	Name: sessionId Value: 5755b375755380cd14fd2854e57c3585
.ads.adnuntius.delivery/	1970-01-20 07:20:18	Name: i Value: 0AAAAAQAA
.ads.adnuntius.delivery/	1970-01-20 07:20:18	Name: r Value: 0AAAAAQAA
.ads.adnuntius.delivery/	1970-01-20 07:20:18	Name: s Value: 0AAAAAQAA
.ads.adnuntius.delivery/	1970-01-20 07:20:18	Name: v Value: 0AAAAAQAA
.ads.adnuntius.delivery/	1970-01-20 07:20:18	Name: c Value: 0AAAAAQAA
.doubleclick.net/	1970-01-20 16:29:18	Name: IDE Value: AHWqTUkVNQVu53LahPRtiCQHNRQuWaRLkODmMReE2lA2bWAsrUKAzTCqGpqTLlUxUmc
.rubiconproject.com/	1970-01-20 15:53:18	Name: khaos Value: L9XH02IL-I-DLJF
.rubiconproject.com/	1970-01-20 15:53:18	Name: audit Value: 1\|hLZGFuTafB1tDI3Zi5TA6a2qEsFCZ0ctSdOhPT1GMTk+vWXST3wIGcncU1+myBRrfr2w3YCIInLgcRgjl6EitUxkBIWMWoVW3OlDu/ORdD8=
.1plus1.ua/	1970-01-20 16:29:18	Name: __gads Value: ID=80224a7f334433cc:T=1667262426:S=ALNI_MYpBG2U19kwyw3pkaP-HQBk7NttiA
.1plus1.video/	1970-01-20 16:36:30	Name: __gfp_s_64b Value: TowbwhwKc.LiT9sN4ohHQVkeh2NCZtryhS3jzPiSg_H.Y7\|1667262427
.simpli.fi/	1970-01-20 15:54:44	Name: suid Value: 3940C19166EF48EFB4C2388CC09A2372
.yahoo.com/	1970-01-20 15:53:40	Name: A3 Value: d=AQABBNxnYGMCENauLlAcunDO87crm6DhgkoFEgEBAQG5YWNqYwAAAAAA_eMAAA&S=AQAAApTTEqajt9TJ-QXjdVuVtTM
.bidswitch.net/	1970-01-20 15:53:18	Name: tuuid Value: 5c20d163-e387-4022-88cd-18eddc027341
.bidswitch.net/	1970-01-20 15:53:18	Name: c Value: 1667262428
.bidswitch.net/	1970-01-20 15:53:18	Name: tuuid_lu Value: 1667262428
.analytics.yahoo.com/	1970-01-20 15:53:18	Name: IDSYNC Value: 18yx~281c
.doubleclick.net/	1970-01-20 07:07:46	Name: DSID Value: NO_DATA
.tribalfusion.com/	1970-01-20 09:17:18	Name: ANON_ID Value: aKnseFxNeThBeZdwQMhEqNgWg34xm9bAXIGuUnWVqV64IJVSWipBpG2hjZaTX7LEZaS87s6fFMhClSIFduVRwSB
.creative-serving.com/	1970-01-20 16:29:18	Name: tuuid Value: 9149a057-df59-456e-b70f-46038b45f18b
.creative-serving.com/	1970-01-20 16:29:18	Name: c Value: 1667262428
.creative-serving.com/	1970-01-20 16:29:18	Name: tuuid_lu Value: 1667262428
.criteo.com/	1970-01-20 16:29:18	Name: uid Value: 51205475-f4f1-4b13-8cd7-c076bdf0853a
1plus1.video/	1970-01-20 16:43:42	Name: _opov_hid_l Value: 415542cf-84d9-5119-a586-f4e3e730fcbd
.hit.gemius.pl/	1970-01-20 16:36:30	Name: Gdyn Value: KlQHjMXGQMQGEarvkqKZS9lissGM019cL6nxmGtJOtKnyJaiGsRPkeKiGKGGq115gGl8leB2GQRPgSVgEMSG
.zeotap.com/	1970-01-20 15:53:18	Name: zc Value: cc2bec3a-868c-48f0-6de7-81e696dbe01f
.zeotap.com/	1970-01-20 07:09:08	Name: zsc Value: %03%19%F2%B0%7C%10ZX%F1%8E%3F%E8%1Cx%C7%24%FCj%B2Y%88J%D0p%3A%00%40K%07nqn%9Fw%E1%A3%8C%FAZ%0DQ%3F%3E%98%A0%C9%2C%23%26%82M%7FN%A0%94%90%7D%06%B8%06%8C%2C%CB%81%19%1B%C6%D0%40x%CD%B2%CD%D1n%E4%80%8Fl%0D%DC%ACm%A16%1D%3C%D8%95n%3Dq%40%A7%15%2C%08%05+%5C%83%2A9%02%88%B5%E9I%29%C8L%87%10%98%D5%98%F8%2C7%EB%1BG%C0_%B7%C5_%DB%ED%09m%18%BB%B2%2BF%BA%D9%D2%3Er%3C%B3%5E%B6R%7D%06%CB%1D%E7L%0B%40d%ED%11%7C%B9%C5%1E%5D%E8%3B0%1B%BE%01%BB%7DF
.ads.pubmatic.com/	1970-01-20 07:09:08	Name: KCCH Value: YES
.demdex.net/	1970-01-20 11:26:54	Name: demdex Value: 54194878889895715481239663005364081405
.tidaltv.com/	1970-01-20 15:53:18	Name: tidal_ttid Value: d38ac7c2-fe8b-4d8e-a0b5-0a840d5d7bbf
.1plus1.ua/	1970-01-20 16:29:18	Name: cto_bundle Value: wD00RV82WGFpSDN6Mk5UUkVaVW9JaCUyRlpTMGlZeDQ4bUdabW92MnglMkZPaU9vVmoydWs4a0JUWGlXQUN2NTlMTGFneiUyQlB1UiUyQjBUZ2RRT1lwZXNTYklhSTIlMkZTYXU4R2QzUnZGbUJHYzhJY3ZrOFN0RFA1TkZ1amkxM2ZzT252WlBtbSUyQklnM3dXVkxIajBFTERoNEVaQ092SWJBU1ElM0QlM0Q
.1plus1.ua/	1970-01-20 16:29:18	Name: cto_bidid Value: U3MBDV80REQzWEV5WnNwMWsxWG1hOEIzWUpucmkwNzR4Q0xWSnNPTVNsUEJuJTJGbGVhU2puaHllRU1Rdk4zWG1jcDVNcmFub2dVZW1aOGtmT3JuMXZjUW5GZDcySVhLRmszVmo2VkhtY2dZNjI1UG44JTNE
.dpm.demdex.net/	1970-01-20 11:26:54	Name: dpm Value: 54194878889895715481239663005364081405
.tapad.com/	1970-01-20 08:34:06	Name: TapAd_3WAY_SYNCS Value:
.tapad.com/	1970-01-20 08:34:06	Name: TapAd_TS Value: 1667262431158
.tapad.com/	1970-01-20 08:34:06	Name: TapAd_DID Value: a94db213-5916-4360-93d1-5f99b4e7254b
.tidaltv.com/	1970-01-20 15:53:18	Name: sync-his Value: "H4sIAAAAAAAAADM0NrKwsDK0MAIARCzy9wkAAAA="
.adfarm1.adition.com/	1970-01-20 09:17:18	Name: UserID1 Value: 7160837614998714514
.weborama.fr/	1970-01-20 16:33:37	Name: AFFICHE_W Value: MiuSIDAoj28y32
.crwdcntrl.net/	1970-01-20 13:36:29	Name: _cc_dc Value: 1
.crwdcntrl.net/	1970-01-20 13:36:29	Name: _cc_id Value: 815229a04c1d919d6733a65ed3cf76df
.fwmrm.net/	1970-01-20 11:26:54	Name: _uid Value: "e9895_7160837614994931778"
.krxd.net/	1970-01-20 11:26:54	Name: _kuid_ Value: PK_qBS8J
.agkn.com/	1970-01-20 15:53:18	Name: ab Value: 0001%3AEqg9T2%2Bw6x0GdcWmpNq3KX21JOcwb9Cc
.richaudience.com/	1970-01-20 09:17:18	Name: avcid-zeo-uid Value: cc2bec3a-868c-48f0-6de7-81e696dbe01f
.amazon-adsystem.com/	1970-01-20 16:43:42	Name: ad-privacy Value: 0
.mathtag.com/	1970-01-20 16:33:37	Name: uuid Value: 7ac96360-67df-4e00-bf7c-50dadb31b451
.everesttech.net/	1970-01-20 15:53:18	Name: everest_g_v2 Value: g_surferid~Y2Bn3wAEpV5TEwAT
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 15:53:18	Name: bcookie Value: "v=2&2babe111-9bf0-4f16-89ee-da5c1a34ed54"
.linkedin.com/	1970-01-20 11:26:54	Name: li_gc Value: MTswOzE2NjcyNjI0MzE7MjswMjHp6rQdOmBwlLWUBURqbTC9ml+bB7dSRPQG0D39DvZ51w==
.linkedin.com/	1970-01-20 07:09:08	Name: lidc Value: "b=OGST03:s=O:r=O:a=O:p=O:g=2773:u=1:x=1:i=1667262431:t=1667348831:v=2:sig=AQFP9huTrPIvY__aF7P00IdS6E8cCRxa"
.amazon-adsystem.com/	1970-01-20 12:56:11	Name: ad-id Value: A7TXTdUlrkoRgJJdVGbL7JA

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://1plus1.ua/(Line 2424) Message: Allow attribute will take precedence over 'allowfullscreen'.
other	warning	URL: https://cdn.ampproject.org/rtv/012210191347000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://cdn.ampproject.org/rtv/012210191347000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://cdn.ampproject.org/rtv/012210191347000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc2bec3a-868c-48f0-6de7-81e696dbe01f&reqId=f264e52d-7c47-4542-451f-9c78eb019b5b&zdid=1361 Message: Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network	error	URL: https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc2bec3a-868c-48f0-6de7-81e696dbe01f&reqId=f264e52d-7c47-4542-451f-9c78eb019b5b&zdid=1361 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=cc2bec3a-868c-48f0-6de7-81e696dbe01f&axd_pid=175 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://tags.bluekai.com/site/87734?id=cc2bec3a-868c-48f0-6de7-81e696dbe01f&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=cc2bec3a-868c-48f0-6de7-81e696dbe01f&reqId=f264e52d-7c47-4542-451f-9c78eb019b5b&zdid=1361 Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://graph.facebook.com/v2.2/?fields=og_object{engagement}&id=https://1plus1.uahttps://1plus1.video/video/embed/E2fzXbha?l=ua Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

05bba7976c30603a03eda28442e0f28c.safeframe.googlesyndication.com
1plus1.ua
1plus1.video
a.tribalfusion.com
a4p.adpartner.pro
aa.agkn.com
aax-eu.amazon-adsystem.com
ads.adnuntius.delivery
ads.creative-serving.com
ads.pubmatic.com
adservice.google.com
adservice.google.de
adtelligent-d.openx.net
ap.lijit.com
api.1plus1.video
assay.1plus1.ua
bcp.crwdcntrl.net
beacon.krxd.net
bidder.criteo.com
bn01.er.bemail.it
cdn.admixer.net
cdn.ampproject.org
cm.g.doubleclick.net
cms.analytics.yahoo.com
connect.facebook.net
csync.loopme.me
dmp.adform.net
dmp.theadex.com
dmp.v.fwmrm.net
dpm.demdex.net
dsp.adfarm1.adition.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
gaua.hit.gemius.pl
ghb.adtelligent.com
ghb1.adtelligent.com
ghb2.adtelligent.com
googleads.g.doubleclick.net
graph.facebook.com
gum.criteo.com
hb-api.omnitagjs.com
hbopenbid.pubmatic.com
ib.adnxs.com
id5-sync.com
idsync.frontend.weborama.fr
image6.pubmatic.com
images.1plus1.ua
images.1plus1.video
imasdk.googleapis.com
inv-nets.admixer.net
lb.eu-1-id5-sync.com
loadeu.exelator.com
ls.hit.gemius.pl
match.adsrvr.org
mug.criteo.com
mwzeom.zeotap.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
odr.mookie1.com
onetag-sys.com
pa.tns-ua.com
pagead2.googlesyndication.com
partner.googleadservices.com
pbjs.e-planning.net
pixel.mathtag.com
pixel.rubiconproject.com
pixel.tapad.com
player.adtelligent.com
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prebid.a-mo.net
px.ads.linkedin.com
rtb.mfadsrvr.com
rtb.openx.net
s.amazon-adsystem.com
s.tribalfusion.com
s0.2mdn.net
script.hotjar.com
securepubads.g.doubleclick.net
source.mmi.bemobile.ua
spl.zeotap.com
sslpagestat.mmi.bemobile.ua
static.criteo.net
static.hotjar.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.adtelligent.com
sync.richaudience.com
sync.teads.tv
sync.tidaltv.com
tags.bluekai.com
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
usermatch.krxd.net
vars.hotjar.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
104.76.200.221
104.79.88.164
141.95.98.65
146.0.227.109
146.59.30.96
147.75.85.234
151.1.205.165
151.101.194.49
162.19.138.118
162.55.236.225
172.217.16.194
172.67.137.15
178.250.0.157
18.198.69.109
18.66.147.62
18.66.97.10
184.24.1.49
185.15.245.83
185.172.90.252
185.184.8.90
185.255.84.150
185.64.189.112
185.64.189.115
194.247.175.26
194.247.175.38
195.137.240.108
195.137.240.12
195.137.240.20
195.137.240.21
195.137.240.80
212.82.100.182
23.203.77.3
23.35.236.201
2600:1f18:6593:f602:8bd3:480b:a39:d536
2602:803:c004:200::141
2606:4700:10::6816:1857
2606:4700::6812:18ad
2620:1ec:21::14
2a00:1450:4001:800::2001
2a00:1450:4001:802::2003
2a00:1450:4001:803::2003
2a00:1450:4001:806::2002
2a00:1450:4001:808::2004
2a00:1450:4001:808::2006
2a00:1450:4001:809::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::200a
2a00:1450:4001:827::200e
2a00:1450:4001:829::2001
2a00:1450:4001:829::200a
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2001
2a00:1450:4001:830::2002
2a00:1450:4001:830::2008
2a00:1450:400c:c00::9c
2a02:2638::1c
2a02:2638::24
2a02:2638::3
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f02d:e:face:b00c:0:2
2a03:2880:f12d:83:face:b00c:0:25de
2a03:90c0:41:2801::254
2a04:4e42:400::300
2a05:d018:24:b002:eb7b:3a65:f7da:a48f
2a05:d018:d29:3602:6ee:8b56:8f25:1314
2a0c:5c81:5142::2
3.123.58.204
3.123.63.102
3.126.56.137
3.127.109.147
3.33.220.150
34.111.131.239
34.98.67.61
35.204.74.118
35.214.236.176
35.227.248.159
35.227.252.103
35.244.159.8
37.157.4.29
37.252.173.38
45.133.44.3
51.75.86.98
52.18.158.197
52.222.236.43
52.45.193.237
52.46.130.91
52.50.73.154
52.58.224.147
52.95.122.74
54.37.238.28
54.38.197.123
54.72.167.131
62.149.1.122
69.173.144.165
72.251.249.9
85.114.159.93
99.81.33.254
000964868ff810134e60f5aa3193aabf2f64e9b090a68b033478e8bab34b4fde
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
01fbf116f5bcf490079e6333880123c8cd746c42ef44fc2b1bb240d311d9dff9
04cce6955ada56b8cb7ddf75ad86e59ef6ae2137c25bf04bcfa210434ed723fa
0556670f2e246937b87a4a5d3e555ed5a84e1fae9b00b64cf163e62b651a3273
06117d058031007e84bc9e484f9f2628a9b19ace9b540db2c4698135b422599f
06ae86bad7a5dc6524f96287659be74b4fc8cd5e6ecf401f3a9fcce0851b0432
084f902dc8bb5540b364d3a76d6e4a8500c81f796ed3863b310914d97e138d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c03682256f0ddbfa031d5ee3c2bbb80eea99dab4ffa12622c551dea01359656
0fc2fc5d88d357fa83957e664039e6a19588081e55a215d8d077eed82d43beba
147b1111edda7e2c2f9d672b5649de2f2dc5d5cb9dda7905198aa883a4273013
15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32
16aec55d227d15b95ca9a2297e928565f7563468e81b0f92cfaff43c2aede381
176cec0c0610df2346dd22066f273900fa263f1071814b001d07ffbd654b9eda
1789f8692d19384cf21c4dc0e5455627d80568d08a0d6d810868898e95a2cf88
1820cd4440179ec4ef016c7a8aed551449d2c9416e2b059cf9e0db182b97c876
18490029527d0166564d08d77d15347f5c7604cb916606860eb0bf458565ba9f
19d9403b8b5963aaeae98991373ef1f4ec9ed98d649be55e657db8e1302578bc
1a1cbd003f02f0c1712e6de047260a8897034a6966acd5cccf3472fd1637ffb3
1d09013d3a41d98fb51611338090332b2513522dde37404c17e1c809878e97f3
1d5c04551ea614f318af19f413651ec2757a876b3f8b37ff044b36f8f4bb8a82
1ed9035f270ae78977114c29fe35e4c33ef453f8893b553e64cd02ad18e7940d
22371ffd20e777e20be50d9e36018a97a1ce756d3dd8c0e16b6d6a573952c1f2
2313205280cfdb0e1efe40a5ca027634e9bb129bc9d0bbdae1d29270d12610c5
250a3e89e6ad514866294ded963036281a7a707bdc999b7241a7969374df9561
256f6bec6a211d7c3445e856d793846aca14627b2d03c2186c6233140996c1d5
2b54c7afbe0d946052c89c8413695163241374312b089f176b0f1ec360624445
2b7f68582252a22f529528a5bcd334c5d727a7e972d2808677aaee4a4ba20259
2c06019216613db509def3fdf03611d0872be7b436a496a3e3b38cccda1074ac
2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3040f740229748b61c5290a2c1ec05f26bc8faab8420c6c7d665207d8f6ebdd2
3045c3edcdd198c247fa9fcd857e86de21b6245c9d60b4de84691c6a51f98d7d
315da2840ab7403b9840cbf6708da13d2a9058cfc21e791b30cf514d6cb0aab4
31a29155b9206d1714980c090e73da1db9253f7f63ec76cf7bc445ebf5ce5ff0
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33d458c06f21278be5a8d16ceb5b942960c830e8366a5e88a1b83ab3c752fec0
33f41dcbf7b4037aa1f9064f95b6b41fa153af40337995af3163e3513ada4e46
3877a009c29d6544113f27118f4d44385da6d6703ff8d53ed031e6da71825888
3ab326af9dc6c82a2117248f99b169c68e64ef429ca3cfb75ddf9aa81e07c3a4
3b0464081ea585a89a02303644ebb231f4cbf5ce95d349a3fcd277b15acbe9f6
3bb34dd987c304c3a34018db4c26b9cc33b81f151380e0dfd3cf76fdd5682c45
3d7c1ec30fd8a803e1b0a4982741effc2ef61bb2ef1027d7dc6e9f40ef1c6821
3dac64a94fcc4eae3c54f1f12824e9b82bebbec1acb3cb8b908f4ecc1f90e578
3e9ab8899832043bf5aa1f2c07cc6222bbf3dd450c4311bbbae045c37e8eb420
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
3fdf445b8cfc96cac2dc15cf848136734465e421404c4af45aa2edf8aac271e1
44e004ddc97e11bdf48fc68053b6b6de75758f299513d038a03292fa4cbd1f38
4596b3d166f6e8609c22c2c710e14944bf6dfdf65b6eb8f8e3106628d390385a
47548feea43cf88831b574cabfc5b7df371388a1e78856f9fb7ed81de4676d22
47f2f511eb3c1e2028fdcfa65dafc9618b44a9e6d7cae366a054b5fe79892965
4bf7ec3937d22b8e1f0a81ec70f843f653e71c47761e5d985658cec1822c5bd8
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d7642cae4647b8595bc8fefc8dfe9b7b33ddc5e1f0656145391684f33e7e91a
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e70f196596d57a6f3570a0983040f63d9ed88bb9da8849a302ad19fea617dd2
510a67c7668f715cc21c67f0e77b8c97a373cfa9607af40c4845368d0ab96451
517d4417f1918881abb8b87e7be918ca95b9eb50de3a5ef4a46e2e39626aba7b
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
553e40559d22cced1be4a2e0e70df8dfe60d6b9fdfc0fbe8916b88f44e621703
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56d823d32d7d2605f51fa1db7991959a2b526769ef715765b9bbd457f0801fff
59bd288e64c57e034672999e33ebda6eb5ad1575945eb563dbfb5b44f226e1e1
5a4bf6765c70fc79d4a77d75bbd839f0054209a82412b838a05b070141ef0889
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d1b56a762d63b6e9bfb8a70552ce75c1c3938c782f8d9de971ecc960836c451
5db6b320697dc25d8ecd8bf7c14ba9ecdc862c2f2861e4b0e4c57c1095ff4123
5e3d6bd30950156d2002981b0cde40ae548239fbe542c8c78d306a6855808c41
5f9ecc527406b9b72bc3a9f4527892dcf842584b7e6aeb7ce816a4c7c8803954
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99
623b8ed926c2eb6436ec5a876949f4986eea52ccb69a6a0064164dd9d6361179
6401d27645c0348bb7e42ce0efbafd5a060a2e1c8d03cb8640c687406de56379
648ece77ac36bc6cfc0ffaa15d26816babc465309f139f1ccbd125ba35bfda1e
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
67318e1c9ea0047b035276d21690ea657f781686c5fb857f4f80ba1084ea3671
680f6e9a0e9f9d8c145e11d6937f688ff4299215d44bf0a54368ffc6acdbfc51
69b16b648d02a645b4aad53a7eb20a8638158fafd0b0554bc2757fd488c20ef9
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c7a677511c0dd0ce9ec2e8d21319c91509a51ad6324583cf9d81d4f5612a9c8
6f1888ff3a407245f99c95e97c42cf1f277c74ba57e9da1bea859673c14ec573
6ff8873c5c7e5ddfdd65675936d186a8822ec5a7f51401eed3c06723166b43bd
70b59bb9497e5e0c1e576f5efc2048b1135d82312ac4a023b82f5d93d06a0451
714576ef1d7b58980b7658ae9b8b4d74a223fba87934dc442db4098873e179a3
739bb3e5a04b679b6f2615fa83ca3c7cc1a3290d41690a2a99e84538653efb96
74f028a8bd902293c6b88b3b8881a0e4bdee455d6dd6b242595c29287f7afd47
75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070
77639b450a3179e657341017374b6b46eaa79cf1e02cd816c53feb97db03bf6c
792972a6b7f330144c0cf22b9c63f8efaff4665dfb2b43868d0cbbaff721d100
7ad588d3ad3a602e78de01339111071be57aa24e237a1954114cdc91e406d0f2
7b1c813e41d243acc58a5593c49d25c9ebe9e0d54719eaef7c74356fb8cf491b
7bb8043d251601fb8975e5e513a862a9b1d0a2eea8886223708a8e4deb58870b
7f4b62d09dc30ffd1f6943c722fc053199beca02c3a5962264608d05ec583484
800063ee7d4e13b8bd4b91f64d0a7a40d27ecb3a241de8b946265edec0f14a7a
8268cc4eade211432e35f62d594ee59ff26f6f6021b64538c8489a186047dc49
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
851ab1d0997cc0dd8c000ccb7d04106aafa3d5586dd097a74a0805301b8ec95d
866c1245aa992a1f895635f3205d94b8ac5489d00d5cff179a028818ea9a9422
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
884fbe47181d1a3dfb98a437776de4a42eb76d4ef1686b05d8642c8189caf6ad
89d04c60a83b0e4062f5ddeea8a2c3d6cb3ff5e60fff3fbf006d80e86342b102
8a224f5666106a0d1c78951d4dfb964ab63183d044119a68404f7c01c19f951d
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8aadc28b0ec405daf1cbb1351e19deb8febabe27bf62dcf1a6a3610558bcc7b9
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8eb98d198a8d0cb71e679a6ef3d94333bb52a9a3e1d1299d53f04b1aead470b5
8f9e71ad37578a2db5a8e702ba31316a65dc3f36b2883198adab4d8261631483
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
910612fc65208677f4e2fff60558e0f1949138a3696402a17ed5582efe0d2649
9159428bbdf94520eb34b62eb8386900f829235ae8ff000ce0e98d67ab510144
92041182fcc3c5360775d050db26696d325f66110658bcf563a4d1046ba0125f
9303fdeadc44a4a62adfe5ab47832aedf8eefcb904e2424f732e437d0972204b
956d0cd637f8a1f31b4c91fcfa396bf8c715bb4f48607fca3e8f7486ff405811
9784d739d5c17552246ac97886dd2455b93bd36df81741e57d408a20c827364e
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
99d1e934527821ec4565fa08b939965c4b7c61eb70aa554096056a72c3d238b1
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9af5074bc329f07b6df160aa97c505a31bdf72b72f8d7eca5ce99df3d18a3e42
9b99450717649bd5715ae5cba0e064d8cc879abe705815792d66097163cfb576
9ca9ad42bb70335f6b682f2b753b9841e5b6cb16e2f947329ac804e79642b52d
9cfc3a96cab0eb315783265b6db554e532e060952d409399cc7dd1d7e775b9a3
9ddf0ee067c1ada86d598fecb917f2725e2430d9104a013bd7cdc41956f499cf
9fd50ff5adfa6980aa1fc237090f90dd8896a569ae5ca746b8f3dda0141e9c85
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a14baa265896ab752d86a101a2d088176b66d5e2a900d614cd4d42f9caddbf48
a32df95e0fa3d1b8880aa6b059b9ce90a6c38da623bcf3a66e3c09db8e89f9fe
a3443ff608e32e10bea29f0c04c3dae44e3b50bd0315443afe1176d804e54b99
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5af34b74868f58da2483e0ad87af7bfb087d4fc23ee86139a4fba443bb66e5f
a691ce0fb054d5f2128394b9ad9c5961d7c0cdc1804bc83d6760df78ee304d7f
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a79519048901b32cc426ca69b2e305b5644bcd0373f21995c27d19997e627c04
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
ab659f3b8c832932b95844fe1945e22b637f9650ed46c1713dc23af760d99b83
abee2ab95491ef1e29b65b7c025f035fc075327c87817750d1149ed782780477
ac386cc8192b5599a915edd828489b18d42b9e172a7a8767593dbd1010ee0d6a
ac9e7a910eb3c1e04b1e33f6eb96658cf89201ec223486602a9f43067b9999c3
ae0b2fa6956c5bbeab3ebb80e69bc0d313506fbf6d9a75fdd41d3511d8aeb120
af3ccce7eec1e4d879d5ed4b43883048a15da8808c54807c16cf93db1468e233
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b4ad7cd05cc4a3202425d647834a173bbe5c489b536033151b8833868c9f1d7b
b4f62bf20a3f0808f3fcbf15652faf6d62a407e40a5d90b064cac4483987de93
bb03b7ea6637a065b1e4ac9479dc26d8fe41f649049c5ee843f107cdd9a6c867
bbb05b94711d32b94bf45db19a44a6f68bc361a1374016744bfd911dc43c4e3c
bc612c0463c547f2d209aebf6d513fe30242194a0c14739ac81495248c0c4d66
bd9072da49e87b2c3688527532eb51a54a6886366915be497e4e2de0c83e5859
bda7622ec772fb96ea5b3200a730601a3f51749850cf93d0030acaac24f7e729
bfdcc3eaa2c1649211030b5caa1e03a40a1299dc5fac7ca8d57144d56fb9afc5
c0a4830af55fb7faabcbe34e804d186959aac83e6832495817e0e62122d2748f
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c81a6c1b2adbc3ed1e90d7c56c3a1f555dd4b4279a310c1dfc5b994390ee3eec
c9ac329fa423fec0dafb06ca2338461247df25ca15d472629042140c4b4494a4
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca6a9cd72673dc0ae21f623d3c5dd391e9e7bea54a3c97aeff7bf3cd07a79baf
cae0888d182090cd46aea1e1aeab2cbac4c17498c4991b7a7a844e782de4bd69
ccc187f738ae2aeddb2f0049584a5d48c949588739d1c9c7c12e53ca1be87d0b
cde44a1b2c04c5994bfc3e877d8ddc4ab44760347955af9c8fd370b10bea35a0
ce7c4b304c61ab6f6bc5bc4d333177a66061d1b84c6ee3b0b322ec360f65dcc4
cecfb613fd6df059e2ac80331b7556a6288f7024c86ba72541ac543285c1a99c
cf78db9ae428d32c1d7f8704bd9f3a48d20f97cb961c4558fc124ca7c91730f9
d007814f8a5cda7fd744b2ac5920e597d7698fd8c51b346c3f758443d6fb53e3
d04a22d58886ef542c1851164e031f1a45183ffde38a5911e59fe1c6013c3470
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d3031ee72a364aeaffd991044ce55281db1a614ef5fb84ec49fa991e9b547ca8
d67ab679cc0597d1507ab7e3ca380654c0c1703e7b7f23bb64e2aeb7334e35e0
d6b49756d33011a4890d6987aa02c915e192b7b241627bb179fb38154aa6f963
d807c12f029f4df6967f2f082f63eee8013a45f2125c9201b368bb4bb37f9361
d858f7e2f350006b95b4ee9186907d826b0dd0023ef6b467767d5033d145db1e
d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330
dab13a8cb17fa9d4b5efdefdf72482ab876af6d2fca8a385be5522ada4351f06
db202f76af84d270dd19fc6ffb8acb88e6a08c7731245df6ba7657bb842185ce
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dff77cfb9ac7c3a3909dfc65176f8b1882d9dead5bbdea9442520101a41d4d11
e00397129d5c9f4de2565731d60bc0120d1fe4dc78bf0b5cc9ea8c6571e27052
e20727837a0d7fc6f004043d1bb7149b41aabd4916c2df92e8063166f96999ea
e2b2134adf52398755a5e6428ee95f6a6f99db6b82530f2b3e964c5be470cfe0
e2f8f0706f69f653a48b540af3378965cb4f0fbbf874e5f791b33b7c0bbc592e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e52ce9aedd00c17de0baddbfc8112577c1a48f3d1c8aee25953a53feb7281d7c
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e8c363c65f00f76d85000739582e951ff475d3a8c8762627ef6021a8bdb84fd0
e96ae1a3bfeb9e7d034bf760bf7640e96b254a2d4f1e94e0f5b56fffb1e0a1d8
ea8035cf546e48d6dbe535872b317ab8b18da59f06c6d4e3c5c55385e5290c01
ebadb20d2f480292f75c3613bc914042dd12df120b13e19ad7d2e609132de39a
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ecd2e45fcd6ed0f17eaefccd72cdb8253be8673636adcbf3f8902aeeed654fe2
ed06e73814fadd7be93a06ef2280cc628f0925ae2b57ea90ea1454dccb3f2a71
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efec80ca7d514bc935299841906790a2ed1ad207e7a0953f4b83cada9c184a56
f1f3fd397b3a2fe331f7c691c53f0b577d2cbd2398b84e4c3fc8fcb653570a2a
f2a8720de45d6e2afa1037156d17e6b24e05d98b9f3ffb06ea6dbd8faafb3297
f453198755f824befcfa757be6d917efd740f6c19270fbe4f8d98353517f8dc8
f520a34c66a363901b2a30157a5dba433244a6e09870d6b664c91235b8c6898d
f53feedb2f21ec38d741e5ffab6eca3c084c873770783a69c6735bdde144e2ca
f694ee2c9d59f662b923098dcd9fad758c1033f33d80ff72f992b8356bf527eb
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
f7d679ac3eacbeb4ab5801b3f1dd63d710fad1c3d44440be04f102adb53a6bcb
f8870efdcf91b95277d9277609b382448d18c7e14e453b5e88b72b5026f60fda
f97db90ab0f9f02be24766a9115e2267615d33fdbb33c11a7adfa93e073997bc
f98c3b183a8834fa2303d8c358f62cc42785540dec4bcca3bf682dcd893874bb
fa1e91b87103157f908a9ee3b3c0eab74ab3c71026f7538071c715a009f73b7a
fa2325c9f7f2e0c8ecd37540af5a0cd6aef47c860aac1353a95916613db5ee14
fa6234a2a0b074fbb5bb0f1922edd5b9e0479a346756cc12e8851dad31c2a08f
faaa1e6ed6644a1d0f2e847214536e9a7743d5967265095806f2a2c875f021a0
fb28e529eb48422c4f3150357d137cfa2fba6055291e5e75ad8239da66074888
fd8dbe0bbdcfc386ee8757b7eaa6ba2c04666ff77be23c2b56f587fca3eb2c5c
ff3ae49d160812d67552eddd8cde0a5b4bae37c20ebdcf47784a74f6f23be809
ffc33071954215c38304ae191ecb45e2c03e1e7f40e758dd2f944889b92e5f76

1plus1.ua Open in urlscan Pro 195.137.240.80 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

344 Requests

89 %HTTPS

35 %IPv6

70 Domains

108 Subdomains

82 IPs

12 Countries

8520 kBTransfer

16343 kBSize

85 Cookies

32 Outgoing links

Page URL History

Redirected requests

344 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

1plus1.ua Open in urlscan Pro
195.137.240.80 Public Scan

Screenshot
Live screenshot

Full Image

344
Requests

89 %
HTTPS

35 %
IPv6

70
Domains

108
Subdomains

82
IPs

12
Countries

8520 kB
Transfer

16343 kB
Size

85
Cookies

344 HTTP transactions
5 data transactions