1plus1.ua Open in urlscan Pro
195.137.240.100 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://1plus1.ua/
Effective URL:
https://1plus1.ua/
Submission: On July 04 via api (July 4th 2022, 2:21:11 am UTC) from GB — Scanned from GB

Summary HTTP 319 Redirects Links 28 Behaviour Indicators

Summary

This website contacted 67 IPs in 13 countries across 46 domains to perform 319 HTTP transactions. The main IP is 195.137.240.100, located in Ukraine and belongs to ASN-UNIAN, UA. The main domain is 1plus1.ua. The Cisco Umbrella rank of the primary domain is 700434.
TLS certificate: Issued by R3 on May 12th 2022. Valid for: 3 months.

This is the only time 1plus1.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 10	195.137.240.100 195.137.240.100	29389 (ASN-UNIAN) (ASN-UNIAN)
9	195.137.240.108 195.137.240.108	29389 (ASN-UNIAN) (ASN-UNIAN)
18	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
59	195.137.240.21 195.137.240.21	29389 (ASN-UNIAN) (ASN-UNIAN)
5	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
13	195.137.240.88 195.137.240.88	29389 (ASN-UNIAN) (ASN-UNIAN)
4	45.133.44.3 45.133.44.3	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
2	195.137.240.12 195.137.240.12	29389 (ASN-UNIAN) (ASN-UNIAN)
4	2a03:90c0:41:... 2a03:90c0:41:2801::254	199524 (GCORE) (GCORE)
1	18.66.97.10 18.66.97.10	16509 (AMAZON-02) (AMAZON-02)
1 9	146.59.10.80 146.59.10.80	16276 (OVH) (OVH)
1	194.247.175.23 194.247.175.23	196831 (BEMOBILE-AS) (BEMOBILE-AS)
4	194.247.175.19 194.247.175.19	196831 (BEMOBILE-AS) (BEMOBILE-AS)
2	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
5	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	52.222.236.63 52.222.236.63	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
8	2a0c:5c81:514... 2a0c:5c81:5142::2	55081 (24SHELLS) (24SHELLS)
1	18.66.139.117 18.66.139.117	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1 2	51.83.220.94 51.83.220.94	16276 (OVH) (OVH)
1	62.149.0.72 62.149.0.72	15497 (COLOCALL ...) (COLOCALL Internet Data Center ColoCALL)
1 2	147.75.198.217 147.75.198.217	54825 (PACKET) (PACKET)
2	146.59.30.108 146.59.30.108	16276 (OVH) (OVH)
10	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
1 9	2a00:1450:400... 2a00:1450:4001:80b::2004	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
5	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c01::9c	15169 (GOOGLE) (GOOGLE)
3	194.247.175.25 194.247.175.25	196831 (BEMOBILE-AS) (BEMOBILE-AS)
6	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
1	147.75.85.234 147.75.85.234	54825 (PACKET) (PACKET)
2	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	185.33.221.89 185.33.221.89	29990 (ASN-APPNEX) (ASN-APPNEX)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1 2	46.249.52.249 46.249.52.249	50673 (SERVERIUS-AS) (SERVERIUS-AS)
1	146.0.227.109 146.0.227.109	29066 (VELIANET-...) (VELIANET-AS velia.net Internetdienste GmbH)
1	185.255.84.151 185.255.84.151	200271 (IGUANE-) (IGUANE-)
8	2602:803:c004... 2602:803:c004:200::140	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2606:4700:303... 2606:4700:3030::6815:5525	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	51.75.86.98 51.75.86.98	16276 (OVH) (OVH)
19	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
1 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1 10	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
2 2	54.93.71.13 54.93.71.13	16509 (AMAZON-02) (AMAZON-02)
1 1	185.29.132.241 185.29.132.241	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 1	2a05:d018:d29... 2a05:d018:d29:3605:733c:ed5f:ba2e:ed39	16509 (AMAZON-02) (AMAZON-02)
2 2	213.155.156.166 213.155.156.166	1299 (TWELVE99 ...) (TWELVE99 Arelion)
2 2	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	63.251.14.3 63.251.14.3	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
4	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2006	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5714	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	142.250.201.163 142.250.201.163	15169 (GOOGLE) (GOOGLE)
1	173.194.76.154 173.194.76.154	15169 (GOOGLE) (GOOGLE)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
2	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 4	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a05:d01c:1d8... 2a05:d01c:1d8:8102:95d9:9814:5eb1:9b73	16509 (AMAZON-02) (AMAZON-02)
3	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	23.35.236.233 23.35.236.233	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	2a05:d01c:1d8... 2a05:d01c:1d8:8101:3228:f44e:fd20:fc96	16509 (AMAZON-02) (AMAZON-02)
2	2a05:d01c:1d8... 2a05:d01c:1d8:8101:7677:5b33:71a6:2d38	16509 (AMAZON-02) (AMAZON-02)
3	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4002:80e::2003	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f02... 2a03:2880:f02d:110:face:b00c:0:2	32934 (FACEBOOK) (FACEBOOK)
1	141.95.98.70 141.95.98.70	16276 (OVH) (OVH)
319	67

10 195.137.240.100 (Ukraine) 1 redirects

ASN29389 (ASN-UNIAN, UA)
PTR: front03.1plus1.ua

1plus1.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 195.137.240.108 (Ukraine)

ASN29389 (ASN-UNIAN, UA)
PTR: front03.1plus1.ua

1plus1.video	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

59 195.137.240.21 (Ukraine)

ASN29389 (ASN-UNIAN, UA)
PTR: images.1plus1.ua

images.1plus1.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.1plus1.video	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 195.137.240.88 (Ukraine)

ASN29389 (ASN-UNIAN, UA)
PTR: front02.1plus1.ua

api.1plus1.video	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 45.133.44.3 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

player.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.137.240.12 (Ukraine)

ASN29389 (ASN-UNIAN, UA)
PTR: assay.1plus1.ua

assay.1plus1.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:90c0:41:2801::254 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)

cdn.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-10.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 146.59.10.80 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip80.ip-146-59-10.eu

gaua.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 194.247.175.23 (Ukraine)

ASN196831 (BEMOBILE-AS, UA)

source.mmi.bemobile.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 194.247.175.19 (Ukraine)

ASN196831 (BEMOBILE-AS, UA)

pa.tns-ua.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.ae	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-63.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.ae	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a0c:5c81:5142::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)

ghb.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ghb1.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.139.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-139-117.fra60.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.83.220.94 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: app-ngx-pl-03.adpartner.pro

a4p.adpartner.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 62.149.0.72 (Ukraine)

ASN15497 (COLOCALL Internet Data Center ColoCALL, UA)
PTR: 0-72.cc86365-03-tmp.cc.colocall.com

sync.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 147.75.198.217 (Tokyo, Japan) 1 redirects

ASN54825 (PACKET, US)
PTR: sync-1

sync.pubwise.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 146.59.30.108 (France)

ASN16276 (OVH, FR)
PTR: ip108.ip-146-59-30.eu

ls.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c01::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 194.247.175.25 (Ukraine)

ASN196831 (BEMOBILE-AS, UA)

sslpagestat.mmi.bemobile.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.ae	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.85.234 (Schiphol, Netherlands)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.221.89 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

adtelligent-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.249.52.249 (Amsterdam, Netherlands) 1 redirects

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net

pbjs.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.0.227.109 (Ascension Island)

ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE)

inv-nets.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.151 (Ivry-sur-Seine, France)

ASN200271 (IGUANE-, FR)

hb-api.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2602:803:c004:200::140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::6815:5525 (United States)

ASN13335 (CLOUDFLARENET, US)

ads.adnuntius.delivery	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.75.86.98 (France)

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.185.226 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.93.71.13 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-71-13.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.241 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3605:733c:ed5f:ba2e:ed39 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.166 (Uppsala, Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-166.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.18.126 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.251.14.3 (United States) 2 redirects

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.201.163 (United States)

ASN15169 (GOOGLE, US)
PTR: par21s23-in-f3.1e100.net

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.194.76.154 (United States)

ASN15169 (GOOGLE, US)
PTR: ws-in-f154.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638::1c (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d01c:1d8:8102:95d9:9814:5eb1:9b73 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

rtr.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.35.236.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-233.deploy.static.akamaitechnologies.com

s-video.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d01c:1d8:8101:3228:f44e:fd20:fc96 (London, United Kingdom) 2 redirects

ASN16509 (AMAZON-02, US)

s.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d01c:1d8:8101:7677:5b33:71a6:2d38 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4002:80e::2003 (Australia)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f02d:110:face:b00c:0:2 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

graph.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.70 (France)

ASN16276 (OVH, FR)
PTR: ns3216620.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
48	1plus1.ua 1 redirects 1plus1.ua — Cisco Umbrella Rank: 700434 images.1plus1.ua assay.1plus1.ua	3 MB
45	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 120 45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 160 ade.googlesyndication.com — Cisco Umbrella Rank: 273	400 KB
45	1plus1.video 1plus1.video — Cisco Umbrella Rank: 217613 api.1plus1.video — Cisco Umbrella Rank: 262633 images.1plus1.video — Cisco Umbrella Rank: 628997	2 MB
29	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 54 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209 stats.g.doubleclick.net — Cisco Umbrella Rank: 119 cm.g.doubleclick.net — Cisco Umbrella Rank: 205 bid.g.doubleclick.net — Cisco Umbrella Rank: 465 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 287	274 KB
14	gstatic.com www.gstatic.com fonts.gstatic.com Failed csi.gstatic.com	549 KB
13	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 92 www.google.com — Cisco Umbrella Rank: 8	4 KB
13	adtelligent.com player.adtelligent.com — Cisco Umbrella Rank: 5725 ghb.adtelligent.com — Cisco Umbrella Rank: 6305 sync.adtelligent.com — Cisco Umbrella Rank: 4149 ghb1.adtelligent.com — Cisco Umbrella Rank: 7431	152 KB
11	gemius.pl 1 redirects gaua.hit.gemius.pl — Cisco Umbrella Rank: 51572 ls.hit.gemius.pl — Cisco Umbrella Rank: 12029	47 KB
9	innovid.com rtr.innovid.com — Cisco Umbrella Rank: 1545 Failed s-video.innovid.com — Cisco Umbrella Rank: 22651 s.innovid.com — Cisco Umbrella Rank: 1546 ag.innovid.com — Cisco Umbrella Rank: 1383	29 KB
9	criteo.com 2 redirects bidder.criteo.com — Cisco Umbrella Rank: 744 gum.criteo.com — Cisco Umbrella Rank: 391 mug.criteo.com — Cisco Umbrella Rank: 2727	9 KB
9	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 71 imasdk.googleapis.com — Cisco Umbrella Rank: 425 Failed	458 KB
8	rubiconproject.com fastlane.rubiconproject.com — Cisco Umbrella Rank: 528	9 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 49	59 KB
5	admixer.net cdn.admixer.net — Cisco Umbrella Rank: 40667 inv-nets.admixer.net — Cisco Umbrella Rank: 2560	85 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 89	217 KB
4	google.ae adservice.google.ae — Cisco Umbrella Rank: 119687 www.google.ae — Cisco Umbrella Rank: 24039	2 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 179	155 KB
4	tns-ua.com pa.tns-ua.com — Cisco Umbrella Rank: 84664	4 KB
4	bemobile.ua source.mmi.bemobile.ua — Cisco Umbrella Rank: 196481 sslpagestat.mmi.bemobile.ua — Cisco Umbrella Rank: 200276	20 KB
3	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 627 script.hotjar.com — Cisco Umbrella Rank: 904 vars.hotjar.com — Cisco Umbrella Rank: 917	67 KB
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 606	56 KB
2	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 276	41 KB
2	lijit.com 2 redirects ap.lijit.com — Cisco Umbrella Rank: 660	1 KB
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 576	2 KB
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 4852	645 B
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 790	2 KB
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 801 r.turn.com — Cisco Umbrella Rank: 2975	869 B
2	e-planning.net 1 redirects pbjs.e-planning.net — Cisco Umbrella Rank: 6853	1 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 96 graph.facebook.com — Cisco Umbrella Rank: 132	900 B
2	pubwise.io 1 redirects sync.pubwise.io — Cisco Umbrella Rank: 7911	342 B
2	adpartner.pro 1 redirects a4p.adpartner.pro — Cisco Umbrella Rank: 8052	506 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 155	88 KB
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 550	1 KB
1	ctnsnet.com 1 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 34958	609 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 429	10 KB
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 479	1 KB
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 462	861 B
1	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 820	356 B
1	adnuntius.delivery ads.adnuntius.delivery — Cisco Umbrella Rank: 46825	2 KB
1	omnitagjs.com hb-api.omnitagjs.com — Cisco Umbrella Rank: 4705	524 B
1	creativecdn.com prebid-eu.creativecdn.com — Cisco Umbrella Rank: 6442	171 B
1	openx.net adtelligent-d.openx.net — Cisco Umbrella Rank: 17930	375 B
1	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 244	8 KB
1	pubmatic.com hbopenbid.pubmatic.com — Cisco Umbrella Rank: 520	111 B
1	a-mo.net prebid.a-mo.net — Cisco Umbrella Rank: 1220	271 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 867	694 B
319	46

	Domain	Requested by
36	images.1plus1.ua	1plus1.ua
23	images.1plus1.video	1plus1.ua
19	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com 45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com 1plus1.ua imasdk.googleapis.com
18	pagead2.googlesyndication.com	1plus1.ua pagead2.googlesyndication.com 45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com tpc.googlesyndication.com
13	api.1plus1.video	1plus1.ua api.1plus1.video 1plus1.video client imasdk.googleapis.com
10	cm.g.doubleclick.net	1 redirects 45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com
10	1plus1.ua	1 redirects 1plus1.ua
9	www.google.com	1 redirects api.1plus1.video 1plus1.ua tpc.googlesyndication.com 45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com
9	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net 1plus1.ua 45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com
9	gaua.hit.gemius.pl	1 redirects 1plus1.ua gaua.hit.gemius.pl 1plus1.video
9	1plus1.video	1plus1.ua 1plus1.video
8	fastlane.rubiconproject.com	player.adtelligent.com
7	ghb.adtelligent.com	player.adtelligent.com
7	googleads.g.doubleclick.net	pagead2.googlesyndication.com 45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com
6	www.gstatic.com	www.google.com 45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com
5	45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
5	fonts.googleapis.com	api.1plus1.video 45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
5	www.googletagmanager.com	1plus1.ua 1plus1.video
4	gum.criteo.com	2 redirects static.criteo.net
4	csi.gstatic.com	imasdk.googleapis.com
4	imasdk.googleapis.com	1plus1.video imasdk.googleapis.com 45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com
4	fonts.gstatic.com	fonts.googleapis.com
4	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net imasdk.googleapis.com
4	www.googletagservices.com	1plus1.ua 45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com
4	pa.tns-ua.com	1plus1.ua source.mmi.bemobile.ua pa.tns-ua.com
4	cdn.admixer.net	1plus1.ua cdn.admixer.net
4	player.adtelligent.com	1plus1.ua player.adtelligent.com
3	ade.googlesyndication.com
3	s-video.innovid.com
3	mug.criteo.com
3	sslpagestat.mmi.bemobile.ua	source.mmi.bemobile.ua
3	adservice.google.ae	pagead2.googlesyndication.com securepubads.g.doubleclick.net
2	ag.innovid.com
2	s.innovid.com	2 redirects
2	rtr.innovid.com	imasdk.googleapis.com
2	static.criteo.net	player.adtelligent.com static.criteo.net
2	s0.2mdn.net	imasdk.googleapis.com tpc.googlesyndication.com
2	ap.lijit.com	2 redirects
2	ssum-sec.casalemedia.com	2 redirects
2	d5p.de17a.com	2 redirects
2	pm.w55c.net	2 redirects
2	pbjs.e-planning.net	1 redirects 1plus1.ua
2	bidder.criteo.com	player.adtelligent.com
2	ls.hit.gemius.pl	gaua.hit.gemius.pl
2	sync.pubwise.io	1 redirects 1plus1.ua
2	a4p.adpartner.pro	1 redirects player.adtelligent.com
2	connect.facebook.net	1plus1.ua connect.facebook.net
2	assay.1plus1.ua	1plus1.ua
1	id5-sync.com	player.adtelligent.com
1	graph.facebook.com	1plus1.ua
1	googleads4.g.doubleclick.net
1	gcm.ctnsnet.com	1 redirects
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	cdn.jsdelivr.net	45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com
1	pr-bh.ybp.yahoo.com	1 redirects
1	sync.mathtag.com	1 redirects
1	r.turn.com
1	ad.turn.com	1 redirects
1	onetag-sys.com	player.adtelligent.com
1	ads.adnuntius.delivery	player.adtelligent.com
1	ghb1.adtelligent.com	player.adtelligent.com
1	hb-api.omnitagjs.com	player.adtelligent.com
1	inv-nets.admixer.net	player.adtelligent.com
1	prebid-eu.creativecdn.com	player.adtelligent.com
1	adtelligent-d.openx.net	player.adtelligent.com
1	ib.adnxs.com	player.adtelligent.com
1	hbopenbid.pubmatic.com	player.adtelligent.com
1	prebid.a-mo.net	player.adtelligent.com
1	www.google.ae	1plus1.ua
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.facebook.com	1plus1.ua
1	sync.adtelligent.com	1plus1.ua
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	source.mmi.bemobile.ua	1plus1.ua
1	static.hotjar.com	1plus1.ua
319	78

This site contains links to these domains. Also see Links.

Domain
1plus1.video
www.facebook.com
t.me
instagram.com
dovgadoba.1plus1.ua
images.1plus1.ua
tsn.ua
plus-plus.tv
2plus2.ua
tet.tv
1plus1.international
bigudi.tv
www.unian.net
paramountcomedy.com.ua
tv.kyivstar.ua
media.1plus1.ua
sales.1plus1.digital

Subject Issuer	Validity	Valid
1plus1.ua R3	`2022-05-12` - `2022-08-10`	3 months	crt.sh
*.1plus1.video Go Daddy Secure Certificate Authority - G2	`2021-10-22` - `2022-08-14`	10 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
images.1plus1.ua R3	`2022-06-16` - `2022-09-14`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
player.adtelligent.com R3	`2022-05-20` - `2022-08-18`	3 months	crt.sh
assay.1plus1.ua R3	`2022-05-10` - `2022-08-08`	3 months	crt.sh
*.admixer.net Sectigo RSA Domain Validation Secure Server CA	`2022-06-08` - `2023-06-21`	a year	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
*.hit.gemius.pl Sectigo ECC Domain Validation Secure Server CA	`2021-09-08` - `2022-09-25`	a year	crt.sh
*.mmi.bemobile.ua Sectigo RSA Domain Validation Secure Server CA	`2022-01-14` - `2023-02-03`	a year	crt.sh
juke.mmi.tns-ua.com R3	`2022-05-16` - `2022-08-14`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-04-12` - `2022-07-11`	3 months	crt.sh
ghb.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2022-06-06` - `2022-09-04`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.google.ae GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
adpartner.pro R3	`2022-06-14` - `2022-09-12`	3 months	crt.sh
*.a-mo.net R3	`2022-05-05` - `2022-08-03`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-15` - `2022-09-18`	3 months	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-17` - `2023-04-12`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-21` - `2023-07-21`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
ghb1.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2022-06-09` - `2022-09-07`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-30` - `2023-05-30`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-10` - `2023-01-03`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-21` - `2022-09-23`	3 months	crt.sh
*.innovid.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-15` - `2023-04-15`	a year	crt.sh
*.id5-sync.com R3	`2022-05-31` - `2022-08-29`	3 months	crt.sh

This page contains 25 frames:

Primary Page: https://1plus1.ua/
Frame ID: C2B2A8BB7BDBE105050D7866FFB9D5DA
Requests: 149 HTTP requests in this frame

Frame: https://1plus1.video/video/embed/E2fzXbha?autoplay=0&l=ua
Frame ID: 0E33426AC12CCA60A8C8D5CC1C29F49F
Requests: 70 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20190131/zrt_lookup.html
Frame ID: 7C95688A596673D6DBB26488E8500151
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-63c3a81830bf549dafe40b369003f751.html
Frame ID: 03D1F4A46581D00DC4E54AC415D1EF2E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9111367348737651&output=html&adk=1812271804&adf=3025194257&lmt=1656901264&plat=1%3A16777216%2C2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2F1plus1.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656901264316&bpp=2&bdt=557&idt=186&shv=r20220629&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8537337792461&frm=20&pv=2&ga_vid=2063326827.1656901265&ga_sid=1656901265&ga_hid=1268243086&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C31065741%2C31068196%2C31068309%2C42531605&oid=2&pvsid=84074762634372&tmod=898549037&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=208
Frame ID: 5FBEDC536AFADCF7715BB7B60C5C2016
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/46506/c.html?b=46506
Frame ID: 7AA9DA53D6055CD2C058771A815328F6
Requests: 1 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: 56943213C7ED45FC6988D95D01E12E0C
Requests: 1 HTTP requests in this frame

Frame: https://pa.tns-ua.com/viewability/cm.html
Frame ID: B7D5D233F976A0186174AD2E3D783A7B
Requests: 1 HTTP requests in this frame

Frame: https://45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 472D15927CA0BDE9185E32F7FE95E6FE
Requests: 1 HTTP requests in this frame

Frame: https://45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 64BA0CF72607D3F84AEE795950C73A5C
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 18924DAA59BB860389CCB137CC3A8E82
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5509ED79B479C739F2D3A8BA26427A23
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/load_preloaded_resource_fy2021.js
Frame ID: DD589F2339D2559F47B802488FB54DC4
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 605972B32CAA41C5E849471BEA3EAF8E
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/edue1xTc5YuiZOhJi4VIA_c20CetZt5T9y7Q3cNnrTA.js
Frame ID: 27EDE8E5F4F17171FBEF9973A41007EC
Requests: 1 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: 9E308E96D409ADEB82C640DE751F168A
Requests: 1 HTTP requests in this frame

Frame: https://45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: B8772BCBF388D5E0D74CB9DEEC12AFA8
Requests: 8 HTTP requests in this frame

Frame: https://45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 015DB8E698382D5A4C492C46231DFC35
Requests: 36 HTTP requests in this frame

Frame: https://45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 54F24EB2F45963C30F8962EB5C72C405
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9398474255730865772/index.html
Frame ID: E3055E82D81D646B9300720F9BD05006
Requests: 5 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.520.0_uk.html
Frame ID: CA27ECFE1C2B721A6F0D0AF6AB2F71DB
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 6CD0C1B1ECB9654D82EDAFF3D65C8D35
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 95F1D0CFA03D282A9D07336B2AD927A4
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=1plus1.ua
Frame ID: 963CECD82099142A5DDDA4D76D8E5DB9
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: EBB4FF2777CC1AF7EB835A5D2A7E2A68
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Офіційний сайт каналу 1+1Kyivstar

Page URL History Show full URLs

http://1plus1.ua/ HTTP 301
https://1plus1.ua/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Gemius (Analytics) Expand

Overall confidence: 100%
Detected patterns

hit\.gemius\.pl/xgemius\.js
hit\.gemius\.pl
xgemius\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Matomo Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

piwik\.js|piwik\.php

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

319
Requests

90 %
HTTPS

45 %
IPv6

46
Domains

78
Subdomains

67
IPs

13
Countries

7331 kB
Transfer

15083 kB
Size

63
Cookies

28 Outgoing links

These are links going to different origins than the main page.

URL: https://1plus1.video/
Title: Відео

Search URL Search Domain Scan URL

URL: https://www.facebook.com/1plus1.ua/

Search URL Search Domain Scan URL

URL: https://t.me/OnePlusOneChannel

Search URL Search Domain Scan URL

URL: https://instagram.com/1plus1_ua?utm_medium=copy_link

Search URL Search Domain Scan URL

URL: https://1plus1.video/tvguide/1plus1/online
Title: ОНЛАЙН

Search URL Search Domain Scan URL

URL: https://dovgadoba.1plus1.ua/
Title: Довга доба

Search URL Search Domain Scan URL

URL: https://1plus1.video/tancy-so-zvezdami/
Title: Всі відео

Search URL Search Domain Scan URL

URL: https://1plus1.video/golos-strany/12-sezon
Title: Голос країни 12 сезон 5 випуск. Вибір наосліп 12 сезон 5 випуск

Search URL Search Domain Scan URL

URL: https://images.1plus1.ua/uploads/gallery/000/860/641/337329a5e3fec02712e8d60b21e1412b.jpg?v=1645529997

Search URL Search Domain Scan URL

URL: https://images.1plus1.ua/uploads/gallery/000/860/650/f151616dfa4225a5765c58f2fe77ae18.jpg?v=1645530032

Search URL Search Domain Scan URL

URL: https://images.1plus1.ua/uploads/gallery/000/860/659/b179b1a345011da2f620df40a3fba89a.jpg?v=1645530060

Search URL Search Domain Scan URL

URL: https://images.1plus1.ua/uploads/gallery/000/860/668/6476cab202c46a67552db7f8e6293399.jpg?v=1645530090

Search URL Search Domain Scan URL

URL: https://images.1plus1.ua/uploads/gallery/000/861/427/52e43f15d2888e2bea1a412d1f3df3f4.jpg?v=1645557776

Search URL Search Domain Scan URL

URL: https://images.1plus1.ua/uploads/gallery/000/862/984/83ff7b55149114842e5483a7bee20364.jpg?v=1645633328

Search URL Search Domain Scan URL

URL: https://1plus1.video/video/embed/E2fzXbha?l=ua
Title: Стародавні традиції гуцулів-сироварів та секрети виробництва карпатських твердих сирів

Search URL Search Domain Scan URL

URL: https://tsn.ua/

Search URL Search Domain Scan URL

URL: https://plus-plus.tv/

Search URL Search Domain Scan URL

URL: https://2plus2.ua/

Search URL Search Domain Scan URL

URL: https://tet.tv/

Search URL Search Domain Scan URL

URL: https://1plus1.international/

Search URL Search Domain Scan URL

URL: https://bigudi.tv/

Search URL Search Domain Scan URL

URL: https://www.unian.net/

Search URL Search Domain Scan URL

URL: https://paramountcomedy.com.ua/

Search URL Search Domain Scan URL

URL: https://tv.kyivstar.ua/
Title: Kyivstar

Search URL Search Domain Scan URL

URL: https://media.1plus1.ua/ua/media/channels/1plus1
Title: ПРО КАНАЛ

Search URL Search Domain Scan URL

URL: https://sales.1plus1.digital/
Title: РЕКЛАМА

Search URL Search Domain Scan URL

URL: https://media.1plus1.ua/ua/media/channels/problems
Title: ПРОБЛЕМИ З ПРИЙОМОМ КАНАЛУ 1+1

Search URL Search Domain Scan URL

URL: https://media.1plus1.ua/ua/hr
Title: КАР’ЄРА

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://1plus1.ua/ HTTP 301
https://1plus1.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 92

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=b8b1ed26-78ef-4365-aa13-d23cdc14f7ec

Request Chain 93

https://sync.pubwise.io/usersync/adtellsspban/%7Buid%7D HTTP 302
https://sync.pubwise.io/usersync/adtellsspban/%7Buid%7D?zcc=1

Request Chain 106

https://gaua.hit.gemius.pl/_1656901264919/rexdot.js?l=100&id=AjrqKCOxP8PKBji0fzFPYcU1XmENAbtLwaFZEcN9oWn.27&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2F1plus1.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=cJ3L2kFlOCNuJKfWs3pFMLXsHo2pCZLhTzGPU2j6m13.u7xHPPQHaaIhiPUzbfWOn8nJd5UjRr7QXCKPRa.l2c2v6Hut/ZDH3DYaMeLVAg/&ltime=291&fpdata=WLgaFqfIAAuQv3Hgpu91xqUvxwqW5P0_lBpWPdu6k2P.U7&fpcap= HTTP 301
https://gaua.hit.gemius.pl/__/_1656901264919/rexdot.js?l=100&id=AjrqKCOxP8PKBji0fzFPYcU1XmENAbtLwaFZEcN9oWn.27&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2F1plus1.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=cJ3L2kFlOCNuJKfWs3pFMLXsHo2pCZLhTzGPU2j6m13.u7xHPPQHaaIhiPUzbfWOn8nJd5UjRr7QXCKPRa.l2c2v6Hut/ZDH3DYaMeLVAg/&ltime=291&fpdata=WLgaFqfIAAuQv3Hgpu91xqUvxwqW5P0_lBpWPdu6k2P.U7&fpcap=

Request Chain 133

https://pbjs.e-planning.net/pbjs/1/2e43c/1/1plus1.ua/ROS?rnd=0.8590668362379317&e=300x250_0%3A300x250%2B300x250_1%3A300x250%2C300x600%2B300x250_2%3A300x250%2C300x600%2B970x250_0%3A970x250%2C750x250%2B1440x180_0%3A1440x180&ur=https%3A%2F%2F1plus1.ua%2F&pbv=6.7.0-pre&ncb=1&vs=FFFFF&crs=UTF-8&fr=https%3A%2F%2F1plus1.ua%2F&e_pubcid=86b27987-dd71-4121-a089-327c9eba49c6 HTTP 302
https://pbjs.e-planning.net/hb/1/2e43c/1/1plus1.ua/ROS?ct=1&r=pbjs&rnd=0.8590668362379317&e=300x250_0%3A300x250%2B300x250_1%3A300x250%2C300x600%2B300x250_2%3A300x250%2C300x600%2B970x250_0%3A970x250%2C750x250%2B1440x180_0%3A1440x180&ur=https%3A%2F%2F1plus1.ua%2F&pbv=6.7.0-pre&ncb=1&vs=FFFFF&crs=UTF-8&fr=https%3A%2F%2F1plus1.ua%2F&e_pubcid=86b27987-dd71-4121-a089-327c9eba49c6

Request Chain 202

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEC2P-0dfZB7k7DQyVwhyRDA&google_cver=1&google_push=ARnp8GDeTT86C6orZOkYulFWMRYC9-pYElDjECuG5Im-pSOpzUbQlS07xBECf1h4O9RBG2nR9sP5-T2yvs1YeOlsCfh5WN9Pm5E HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzkyNjQyNDA3NDE0MjY3MTA5OQ==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEC2P-0dfZB7k7DQyVwhyRDA&google_cver=1

Request Chain 203

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELzf5omyKR7KuJdsS8LOioA&google_cver=1&google_push=ARnp8GAuOlr-RCNuW69Mqo7fGedHkOLDS6ZHhNH0Pv54xhuHUN7EYYOOytVTTih9tV3Z33DeBbuheOFHwHYZVYqZikw5LIhzdQJq HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELzf5omyKR7KuJdsS8LOioA&google_cver=1&google_push=ARnp8GAuOlr-RCNuW69Mqo7fGedHkOLDS6ZHhNH0Pv54xhuHUN7EYYOOytVTTih9tV3Z33DeBbuheOFHwHYZVYqZikw5LIhzdQJq HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=N3pVV215cDExTzhiSFk1&google_gid=CAESELzf5omyKR7KuJdsS8LOioA&google_cver=1&google_push=ARnp8GAuOlr-RCNuW69Mqo7fGedHkOLDS6ZHhNH0Pv54xhuHUN7EYYOOytVTTih9tV3Z33DeBbuheOFHwHYZVYqZikw5LIhzdQJq

Request Chain 204

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEL5zKaNhxk7Z_ofjZb_rh2A&google_cver=1&google_push=ARnp8GAgpsgVzMvuMWAIGAMmcna0wheG3IkZQRBHRkoVteCOXGIUGJEaoulTO38KnkKBxCqEz5fCB4nU-_6PJSy-hed9HkWcMgS0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ARnp8GAgpsgVzMvuMWAIGAMmcna0wheG3IkZQRBHRkoVteCOXGIUGJEaoulTO38KnkKBxCqEz5fCB4nU-_6PJSy-hed9HkWcMgS0

Request Chain 205

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEKuh5hEQZcvK3NSXN2q78h0&google_cver=1&google_push=ARnp8GDfl10-QKvFl8RDHMrBsczvVbV_FuQgZ4JFO14xC-giqs5ON36SR1ry9M1zeBV_Wsq0J2hSHBbJRO0UomLS96VG4-U4JGrR HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ARnp8GDfl10-QKvFl8RDHMrBsczvVbV_FuQgZ4JFO14xC-giqs5ON36SR1ry9M1zeBV_Wsq0J2hSHBbJRO0UomLS96VG4-U4JGrR&google_hm=MzExMTA2NTk3OTM3MDQ1MTc4NA%3D%3D

Request Chain 206

https://d5p.de17a.com/cookies/google?google_gid=CAESEO59nEZc4_Sn0iV1Q7izoK0&google_cver=1&google_push=ARnp8GBGyE_r-c8yiNvurRtCLVtGceo2SHpUlWM0sdGTplES6FGzFtCnbcWPpbkIokIlJmUg56oHJRcv_Nd6gc_FTtMKGxXgN1s HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEO59nEZc4_Sn0iV1Q7izoK0&google_cver=1&google_push=ARnp8GBGyE_r-c8yiNvurRtCLVtGceo2SHpUlWM0sdGTplES6FGzFtCnbcWPpbkIokIlJmUg56oHJRcv_Nd6gc_FTtMKGxXgN1s HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ARnp8GBGyE_r-c8yiNvurRtCLVtGceo2SHpUlWM0sdGTplES6FGzFtCnbcWPpbkIokIlJmUg56oHJRcv_Nd6gc_FTtMKGxXgN1s

Request Chain 207

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDCwnarYqXtT6XVzYRxWtD8&google_cver=1&google_push=ARnp8GCcvXCkFf-HaW9NvVAmilLO170vZ8_8TB_68c41SxiYVZrpXFN_bkqddutB_AuubRAHXWXZ3yHmIeMUWmmMrrjvsOIpYEz5 HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEDCwnarYqXtT6XVzYRxWtD8&google_push=ARnp8GCcvXCkFf-HaW9NvVAmilLO170vZ8_8TB_68c41SxiYVZrpXFN_bkqddutB_AuubRAHXWXZ3yHmIeMUWmmMrrjvsOIpYEz5&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDCwnarYqXtT6XVzYRxWtD8&google_hm=YsJOktFmdcWRqLEGyGo8JwAACgMAAAAB&google_nid=index&google_push=ARnp8GCcvXCkFf-HaW9NvVAmilLO170vZ8_8TB_68c41SxiYVZrpXFN_bkqddutB_AuubRAHXWXZ3yHmIeMUWmmMrrjvsOIpYEz5

Request Chain 208

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEGH29RzP7jp35c8Lj-BxV1Y&google_cver=1&google_push=ARnp8GDiXXDnwRy28cXzrqm6yYc_vXwOUWduw861vTGWOsy5Jn1EofWHyTpRpUuhJwT5HlcvY8CLbMnIAKMqHixCSFKBAo8v6oH4 HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEGH29RzP7jp35c8Lj-BxV1Y&google_cver=1&google_push=ARnp8GDiXXDnwRy28cXzrqm6yYc_vXwOUWduw861vTGWOsy5Jn1EofWHyTpRpUuhJwT5HlcvY8CLbMnIAKMqHixCSFKBAo8v6oH4&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ARnp8GDiXXDnwRy28cXzrqm6yYc_vXwOUWduw861vTGWOsy5Jn1EofWHyTpRpUuhJwT5HlcvY8CLbMnIAKMqHixCSFKBAo8v6oH4&google_hm=E6rtKGZH6hokrbkvRfWZNCq6

Request Chain 267

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 283

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEB9uOJilA6TyUCx5P0WdlEI&google_cver=1&google_push=ARnp8GAZxdQBET2aLcwWY9N3WLyU9vuZq-7TL1lSw279dNBVrWpQgrRE9UdFdPI7JedSJ2MXQedAjNoDcNa2nwMzrYzvT182f3om HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ARnp8GAZxdQBET2aLcwWY9N3WLyU9vuZq-7TL1lSw279dNBVrWpQgrRE9UdFdPI7JedSJ2MXQedAjNoDcNa2nwMzrYzvT182f3om&google_hm=qBvuCUpUTyW5clHnF3nR9Gw

Request Chain 290

https://gum.criteo.com/sid/json?origin=publishertag&domain=1plus1.ua&sn=ChromeSyncframe&so=0&topUrl=1plus1.ua&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=RRBr7Xx3NFdoVlJPbEdPQ0xXaDVKcXhjZmpZdjYvOE5OUjE3OFN3NnJXWVpaOUFPRWZyWjB2VlFURVJsYVVleEVOR09JTEZsY01vS1ZWeVVnczB4bHNJMUh0MGYzeWVVL0NzWUUrdTVHZWM5T1gxT2NJK3ViV0dhUG1yVkxzL04zcnlrV3AzT3Fuam12QS83NkhrOWxNRDI0SXpORkJiRUF2eDNHNm5uSUk2MU40Q1ZuR01OejhXeHBZaUZxNEdROHF6SWZQS3RHR2JaR296ZnhXVUJWYlI3Z0FKYWJrajRXWGFJSFF4eTdTaHlMWUdHNG52M3EzYURCNUppZWZJYUNWL2JoSXVOY1dTU3NUcVVLOTBDTVBqYkxlZz09fA&cppv=2

Request Chain 301

https://s.innovid.com/1x1.gif?project_hash=1gt6if&client_id=6995&video_id=915882&channel_id=2927448&publisher_id=4847&placement_tag_id=0&project_state=2&r=1656901267583&placement_hash=16dgfe&audience_id=30386533&action=play&version_id=10000&session_id=3546f6807bb7522cf54e8ac26efa4b5399f522da&ivc_exdata=ivc_adstxt_domain%3Dgoogle.com%26ivc_adstxt_publisher%3Dpub-9138247653754533%26ivc_appid%3D%26ivc_campaignid%3D17478450894%26ivc_creativeid%3D430148999%26ivc_orderid%3D28362746%26ivc_dealid%3D%26ivc_publisherid%3D1%26ivc_site%3D15111889383%26ivc_dsp%3Ddv360%26ivc_dbmtoken%3DAD1EzRQAAABmCl4KDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhEIzv2vjkGoAu3NcrAC-o_DDUAB0gIqGAAiEwjhhomblt74AhXFduAKHYfjCZUoATABOJGalfmaEEACSAFYmIQgEIebjs0BpvTU-nYWpeEa5dQ5P5BFWA%26audience_id%3D30386533%26version_id%3D10000%26iv_geo_dma%3D%26iv_geo_country%3DGB%26iv_geo_city%3D%26iv_geo_state%3D%26iv_geo_zip%3D%26iv_geo_lat%3D51.4964%26iv_geo_lon%3D-0.1224 HTTP 302
https://ag.innovid.com/1x1.gif?project_hash=1gt6if&client_id=6995&video_id=915882&channel_id=2927448&publisher_id=4847&placement_tag_id=0&project_state=2&r=1656901267583&placement_hash=16dgfe&audience_id=30386533&action=play&version_id=10000&session_id=3546f6807bb7522cf54e8ac26efa4b5399f522da&ivc_exdata=ivc_adstxt_domain%3Dgoogle.com%26ivc_adstxt_publisher%3Dpub-9138247653754533%26ivc_appid%3D%26ivc_campaignid%3D17478450894%26ivc_creativeid%3D430148999%26ivc_orderid%3D28362746%26ivc_dealid%3D%26ivc_publisherid%3D1%26ivc_site%3D15111889383%26ivc_dsp%3Ddv360%26ivc_dbmtoken%3DAD1EzRQAAABmCl4KDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhEIzv2vjkGoAu3NcrAC-o_DDUAB0gIqGAAiEwjhhomblt74AhXFduAKHYfjCZUoATABOJGalfmaEEACSAFYmIQgEIebjs0BpvTU-nYWpeEa5dQ5P5BFWA%26audience_id%3D30386533%26version_id%3D10000%26iv_geo_dma%3D%26iv_geo_country%3DGB%26iv_geo_city%3D%26iv_geo_state%3D%26iv_geo_zip%3D%26iv_geo_lat%3D51.4964%26iv_geo_lon%3D-0.1224

Request Chain 304

https://s.innovid.com/1x1.gif?project_hash=1gt6if&client_id=6995&video_id=915882&channel_id=2927448&publisher_id=4847&placement_tag_id=0&project_state=2&r=1656901267583&placement_hash=16dgfe&audience_id=30386533&action=init&version_id=10000&session_id=3546f6807bb7522cf54e8ac26efa4b5399f522da&ivc_exdata=ivc_adstxt_domain%3Dgoogle.com%26ivc_adstxt_publisher%3Dpub-9138247653754533%26ivc_appid%3D%26ivc_campaignid%3D17478450894%26ivc_creativeid%3D430148999%26ivc_orderid%3D28362746%26ivc_dealid%3D%26ivc_publisherid%3D1%26ivc_site%3D15111889383%26ivc_dsp%3Ddv360%26ivc_dbmtoken%3DAD1EzRQAAABmCl4KDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhEIzv2vjkGoAu3NcrAC-o_DDUAB0gIqGAAiEwjhhomblt74AhXFduAKHYfjCZUoATABOJGalfmaEEACSAFYmIQgEIebjs0BpvTU-nYWpeEa5dQ5P5BFWA%26audience_id%3D30386533%26version_id%3D10000%26iv_geo_dma%3D%26iv_geo_country%3DGB%26iv_geo_city%3D%26iv_geo_state%3D%26iv_geo_zip%3D%26iv_geo_lat%3D51.4964%26iv_geo_lon%3D-0.1224 HTTP 302
https://ag.innovid.com/1x1.gif?project_hash=1gt6if&client_id=6995&video_id=915882&channel_id=2927448&publisher_id=4847&placement_tag_id=0&project_state=2&r=1656901267583&placement_hash=16dgfe&audience_id=30386533&action=init&version_id=10000&session_id=3546f6807bb7522cf54e8ac26efa4b5399f522da&ivc_exdata=ivc_adstxt_domain%3Dgoogle.com%26ivc_adstxt_publisher%3Dpub-9138247653754533%26ivc_appid%3D%26ivc_campaignid%3D17478450894%26ivc_creativeid%3D430148999%26ivc_orderid%3D28362746%26ivc_dealid%3D%26ivc_publisherid%3D1%26ivc_site%3D15111889383%26ivc_dsp%3Ddv360%26ivc_dbmtoken%3DAD1EzRQAAABmCl4KDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhEIzv2vjkGoAu3NcrAC-o_DDUAB0gIqGAAiEwjhhomblt74AhXFduAKHYfjCZUoATABOJGalfmaEEACSAFYmIQgEIebjs0BpvTU-nYWpeEa5dQ5P5BFWA%26audience_id%3D30386533%26version_id%3D10000%26iv_geo_dma%3D%26iv_geo_country%3DGB%26iv_geo_city%3D%26iv_geo_state%3D%26iv_geo_zip%3D%26iv_geo_lat%3D51.4964%26iv_geo_lon%3D-0.1224

Request Chain 315

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2F1plus1.ua%2F&domain=1plus1.ua&cw=1&pbt=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=YZwOh3xUZHdZSDJ4Nk01c3Bmbm1ZZlBzclo3cHlmWHNtNFNCZW4xcS93RzZhYzU5ZDh0OXZnVkM5YkhCSmlBZHJYN0FCd3ZhQW8zclpYemFObnR6dXVYZmU0b1VQaHMvRGtXbGtLbUVHZy9zVXljUC91enVWdDI5MHNJeFc4VU1uL2ozMHhiR1Z1NEE0cnhLRWN3MEwwSnlQMnU3VlJ4aloyZEY4TjM2U1dLZkVoY21LODd6YVpWdWw4dFpqVWQrbDMzQUJJM0dBcmJPY1g5RXdRS1Z4V3BRWDNMTVAwTDg3V0lPSHVCMlo2bG9UZlhzZDVyVHZ6d05NOXMwVVl5WlVyNjUyVHlwdHcvSjQ5Znh4VjlxNWNpMzRiQT09fA&cppv=2

319 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
1plus1.ua/
Redirect Chain

http://1plus1.ua/
https://1plus1.ua/

263 KB
67 KB

348ms
135ms

Document
text/html

195.137.240.100
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://1plus1.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.100 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: ce192f9f9abe37c4a23cd53224b50073fdf395e13a3a5bda93f4cc7d713cd1a0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Cache-Control: no-cache, private
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Mon, 04 Jul 2022 02:21:03 GMT
Keep-Alive: timeout=15
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

Redirect headers

Connection: keep-alive
Content-Length: 178
Content-Type: text/html
Date: Mon, 04 Jul 2022 02:21:03 GMT
Keep-Alive: timeout=15
Location: https://1plus1.ua/
Server: nginx

GET
H/1.1 200
OK desktop.css
1plus1.ua/build/css/ 136 KB
33 KB 135ms
71ms Stylesheet
text/css 195.137.240.100
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://1plus1.ua/build/css/desktop.css?id=c39a6fec71f6f36b6aef
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.100 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: 2b7f68582252a22f529528a5bcd334c5d727a7e972d2808677aaee4a4ba20259

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 02:21:03 GMT
Content-Encoding: gzip
Last-Modified: Mon, 27 Jun 2022 13:34:00 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Mon, 11 Jul 2022 02:21:03 GMT

GET
H/1.1 200
OK api.0.3.0.js Show response
1plus1.video/static/player/js/ 7 KB
3 KB 319ms
70ms Script
application/javascript 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://1plus1.video/static/player/js/api.0.3.0.js
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: a5af34b74868f58da2483e0ad87af7bfb087d4fc23ee86139a4fba443bb66e5f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 02:21:04 GMT
Content-Encoding: gzip
Last-Modified: Tue, 13 Apr 2021 11:47:42 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Wed, 03 Aug 2022 02:17:01 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 162 KB
56 KB 151ms
63ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f759e4f69ed7f5bc9885b959b6ed6af990369670e279772f82bd7c5c5108bcd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 02:21:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56382
x-xss-protection: 0
server: cafe
etag: 1869011529303416406
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 04 Jul 2022 02:21:04 GMT

GET
H2 200 aa679cf8beef220ad36f11f06fe42684_1050x960.jpg
images.1plus1.ua/uploads/articles/000/993/862/ 107 KB
107 KB 520ms
268ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/000/993/862/aa679cf8beef220ad36f11f06fe42684_1050x960.jpg?v=1654167995
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: d2d5b38dab063f33a17e743518b185ec00efbb4494c46f3b58571dfdc56958fc

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 02:21:04 GMT
last-modified: Fri, 03 Jun 2022 04:56:25 GMT
server: nginx
etag: "ecfb58188da8d4616230a318734e218d"
content-type: image/jpeg
cache-control: max-age=315360000
content-length: 109280
accept-ranges: bytes
x-1p1-cdn: MISS; Mon, 04 Jul 2022 02:21:04 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 786bf639ec69b500db951218a3a067ad_1050x960.jpg
images.1plus1.ua/uploads/articles/001/004/017/ 48 KB
48 KB 458ms
207ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/004/017/786bf639ec69b500db951218a3a067ad_1050x960.jpg?v=1655109250
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 9baa8b454d8fb2173b9edc864f62fe0e3119faa407aea571c9674ebe20085ddd

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 02:21:04 GMT
last-modified: Mon, 13 Jun 2022 08:34:11 GMT
server: nginx
etag: "0fd98c89060337303be20bc04cbed864"
content-type: image/jpeg
cache-control: max-age=315360000
content-length: 49201
accept-ranges: bytes
x-1p1-cdn: MISS; Mon, 04 Jul 2022 02:21:04 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 b978057f1f38a2b0fea71b7e1ddc4906_1050x960.jpg
images.1plus1.ua/uploads/articles/001/005/298/ 157 KB
157 KB 583ms
331ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/005/298/b978057f1f38a2b0fea71b7e1ddc4906_1050x960.jpg?v=1655136044
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 6927c24b0af36e882d5042b98d4a3565048a436e64c3ddcd5baf4e072a542f68

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 02:21:04 GMT
last-modified: Mon, 13 Jun 2022 16:00:45 GMT
server: nginx
etag: "babbe1c50689fdeb29c1736e3964276c"
content-type: image/jpeg
cache-control: max-age=315360000
content-length: 160366
accept-ranges: bytes
x-1p1-cdn: MISS; Mon, 04 Jul 2022 02:21:04 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 2af7f9f6d80e983e2ee286caafd59637_1050x960.png
images.1plus1.ua/uploads/articles/001/016/383/ 1 MB
1 MB 718ms
467ms Image
image/png 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/016/383/2af7f9f6d80e983e2ee286caafd59637_1050x960.png?v=1655969889
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 0f4116c2f3eb90f22f0851486373a2955bbf1b831e2183114cac19576847f445

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 02:21:04 GMT
last-modified: Thu, 23 Jun 2022 07:38:10 GMT
server: nginx
etag: "930b0a77e90dc47021d46ce1e94d655e"
content-type: image/png
cache-control: max-age=315360000
content-length: 1420987
accept-ranges: bytes
x-1p1-cdn: MISS; Mon, 04 Jul 2022 02:21:04 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 16e58cbb7536956ed7ac4f3001ee0655_210x150.jpeg
images.1plus1.ua/uploads/articles/001/017/223/ 7 KB
8 KB 328ms
77ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/017/223/16e58cbb7536956ed7ac4f3001ee0655_210x150.jpeg?v=1655990938
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: f94f7ed00bf647ee790a23576c2f00740c46f251831a343595f914b0ece97d1b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 02:21:04 GMT
last-modified: Thu, 23 Jun 2022 13:29:00 GMT
server: nginx
etag: "2df1078574da210b8061133283fc84dc"
content-type: image/jpeg
cache-control: max-age=315360000
content-length: 7492
accept-ranges: bytes
x-1p1-cdn: MISS; Mon, 04 Jul 2022 02:21:04 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 41979cddf901da9b48ad44f6de35e60c_210x150.jpg
images.1plus1.ua/uploads/articles/001/012/888/ 9 KB
9 KB 387ms
136ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/012/888/41979cddf901da9b48ad44f6de35e60c_210x150.jpg?v=1655722873
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: fe0abf3c4bd85393310780feb423d41c8886c3a9f5f36de8fb9153eacc572d33

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 02:21:04 GMT
last-modified: Mon, 20 Jun 2022 11:01:13 GMT
server: nginx
etag: "5c26e14261f6693a16c63a631f1b095f"
content-type: image/jpeg
cache-control: max-age=315360000
content-length: 8883
accept-ranges: bytes
x-1p1-cdn: MISS; Mon, 04 Jul 2022 02:21:04 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 a3d98a3662856b646d86fc095ae62781_210x150.jpg
images.1plus1.ua/uploads/articles/001/008/148/ 7 KB
7 KB 783ms
581ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/008/148/a3d98a3662856b646d86fc095ae62781_210x150.jpg?v=1655371982
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 54aee54e1aa9fe5c4a304b2f16226324c09f0c422ff9a0bb9445cb858ae42197

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 02:21:04 GMT
last-modified: Mon, 20 Jun 2022 11:24:53 GMT
server: nginx
etag: "55da9297eabf499ca3883219deb05367"
content-type: image/jpeg
cache-control: max-age=315360000
content-length: 7345
accept-ranges: bytes
x-1p1-cdn: MISS; Mon, 04 Jul 2022 02:21:04 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 d48f1cbe6387468b87d5eb4a5a5e7ff9_210x150.jpg
images.1plus1.ua/uploads/articles/001/011/787/ 4 KB
4 KB 610ms
408ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/011/787/d48f1cbe6387468b87d5eb4a5a5e7ff9_210x150.jpg?v=1655706581
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 5e38610da08b4ce64af08d5fb45a599b48369d6154f94cb607a69dbba7017a59

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 02:21:04 GMT
last-modified: Mon, 20 Jun 2022 06:29:42 GMT
server: nginx
etag: "f4a2f621158c0470957205aac1ab427e"
content-type: image/jpeg
cache-control: max-age=315360000
content-length: 3608
accept-ranges: bytes
x-1p1-cdn: MISS; Mon, 04 Jul 2022 02:21:04 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 786beb3d15a1f68fab39534a986a7812_210x150.jpg
images.1plus1.ua/uploads/articles/001/015/921/ 7 KB
7 KB 618ms
416ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/015/921/786beb3d15a1f68fab39534a986a7812_210x150.jpg?v=1655905643
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: a465f8f64b04557d4b857f47133d7405afddf56e08011d751affe567133afdd3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 02:21:04 GMT
last-modified: Wed, 22 Jun 2022 13:47:23 GMT
server: nginx
etag: "cf2056b009d84244578f56679872c221"
content-type: image/jpeg
cache-control: max-age=315360000
content-length: 7171
accept-ranges: bytes
x-1p1-cdn: MISS; Mon, 04 Jul 2022 02:21:04 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 996bb0d4b6844d19461ac0394a197055_210x150.jpg
images.1plus1.ua/uploads/articles/001/025/341/ 5 KB
5 KB 550ms
347ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/025/341/996bb0d4b6844d19461ac0394a197055_210x150.jpg?v=1656833387
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: cf625927327c24ad69bba582df478bf480a18cf643e813292073fb2d0ff6a8c6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 02:21:04 GMT
last-modified: Sun, 03 Jul 2022 07:29:49 GMT
server: nginx
etag: "3d32cd3e8ca5c94a76e4f79400fd1355"
content-type: image/jpeg
cache-control: max-age=315360000
content-length: 5039
accept-ranges: bytes
x-1p1-cdn: MISS; Mon, 04 Jul 2022 02:21:04 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 be1e839a0fdfdaffccd4effdec4b6257_210x150.jpg
images.1plus1.ua/uploads/articles/001/012/330/ 8 KB
9 KB 404ms
202ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/012/330/be1e839a0fdfdaffccd4effdec4b6257_210x150.jpg?v=1655714317
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 98e39a85d1174c620ab799a1fd146e98394864d6ac1c94ee032217d982238145

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 02:21:04 GMT
last-modified: Mon, 20 Jun 2022 08:38:37 GMT
server: nginx
etag: "73b970f0d0148fe8f7155cacb1804a7b"
content-type: image/jpeg
cache-control: max-age=315360000
content-length: 8514
accept-ranges: bytes
x-1p1-cdn: MISS; Mon, 04 Jul 2022 02:21:04 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 7b06fe34bf7d9ce7553ada82faa00b0c_210x150.webp
images.1plus1.ua/uploads/articles/001/022/527/ 6 KB
6 KB 600ms
398ms Image
image/webp 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/022/527/7b06fe34bf7d9ce7553ada82faa00b0c_210x150.webp?v=1656507818
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: ef7b9a12392620e93cbf0de3947b91ff2a05a32e6a4c61468adfa5befccf64eb

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 02:21:04 GMT
last-modified: Wed, 29 Jun 2022 13:03:38 GMT
server: nginx
etag: "888ee5b991f20be299975453227b4020"
content-type: image/webp
cache-control: max-age=315360000
content-length: 5896
accept-ranges: bytes
x-1p1-cdn: MISS; Mon, 04 Jul 2022 02:21:04 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 77b73e35ea2d1cbaec66e2d14873a105_210x150.jpg
images.1plus1.ua/uploads/articles/001/024/978/ 5 KB
5 KB 680ms
478ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/024/978/77b73e35ea2d1cbaec66e2d14873a105_210x150.jpg?v=1656744476
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: aff07859ecbbac7c3e97c830c66c57764964a3dc12d0f8d14688bcaad8d976f9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 02:21:04 GMT
last-modified: Sat, 02 Jul 2022 06:47:57 GMT
server: nginx
etag: "cc555b6cc33e2ae9bfd237cf2068a565"
content-type: image/jpeg
cache-control: max-age=315360000
content-length: 4962
accept-ranges: bytes
x-1p1-cdn: MISS; Mon, 04 Jul 2022 02:21:04 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 81a3bbcb5a2cc712573e499e460c9df8_210x150.jpg
images.1plus1.ua/uploads/articles/001/024/888/ 6 KB
6 KB 610ms
407ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/024/888/81a3bbcb5a2cc712573e499e460c9df8_210x150.jpg?v=1656744360
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: f7c4dd14f86219495debe24598115337ba14e4319dda983e869dfa9e1b29d63b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 02:21:04 GMT
last-modified: Sat, 02 Jul 2022 06:46:02 GMT
server: nginx
etag: "21db2e214258083b196d6411518db427"
content-type: image/jpeg
cache-control: max-age=315360000
content-length: 5720
accept-ranges: bytes
x-1p1-cdn: MISS; Mon, 04 Jul 2022 02:21:04 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 136 KB
47 KB 142ms
54ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PWKM5Z

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

23bc455e88fbf46b47c43d527b1ee2ebc56e78ddc2cd2e265db7a78b41fda2a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 02:21:04 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47827
x-xss-protection: 0
last-modified: Mon, 04 Jul 2022 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 04 Jul 2022 02:21:04 GMT

GET
H/1.1 200
OK app.js Show response
1plus1.ua/build/js/ 315 KB
112 KB 72ms
72ms Script
application/javascript 195.137.240.100
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://1plus1.ua/build/js/app.js?id=ff35a9d53833cf45c98e
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.100 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: 3fdf445b8cfc96cac2dc15cf848136734465e421404c4af45aa2edf8aac271e1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 02:21:03 GMT
Content-Encoding: gzip
Last-Modified: Thu, 20 Jan 2022 11:37:07 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=604800
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Mon, 11 Jul 2022 02:21:03 GMT

GET
H/1.1 200
OK l.js Show response
api.1plus1.video/u/ 895 B
2 KB 336ms
97ms Script
application/javascript 195.137.240.88
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.1plus1.video/u/l.js?p=&l=ua&f=0&auth=1&login_profile=1
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.88 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front02.1plus1.ua
Software: nginx /
Resource Hash: e6ab2c1f9d44117b891343d44495f2f7bce4695d2390b57b6ddd7d6243e90828

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 04 Jul 2022 02:21:04 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: https://1plus1.ua
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Keep-Alive: timeout=15
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 wrapper_hb_298309_4139.js Show response
player.adtelligent.com/prebid/ 786 B
747 B 127ms
41ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/prebid/wrapper_hb_298309_4139.js?cb=19177
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 6030223b5a0f8cb565b817fed301a66ff90780dd7c180bc73cb1ae921d871a9b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 02:21:04 GMT
content-encoding: gzip
last-modified: Thu, 30 Jun 2022 21:48:41 GMT
server: nginx
etag: W/"62be1a39-312"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Wed, 06 Jul 2022 02:21:04 GMT
cache-control: max-age=172800
x-proxy-cache: HIT

GET
H2 200 piwik.js Show response
assay.1plus1.ua/ 57 KB
23 KB 325ms
141ms Script
application/javascript 195.137.240.12
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL

https://assay.1plus1.ua/piwik.js

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

195.137.240.12 , Ukraine, ASN29389 (ASN-UNIAN, UA),

Reverse DNS

assay.1plus1.ua

Software

nginx /

Resource Hash

714576ef1d7b58980b7658ae9b8b4d74a223fba87934dc442db4098873e179a3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 02:21:04 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Tue, 08 Jan 2019 00:15:41 GMT
server: nginx
etag: W/"5c33ebad-e3b1"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 loader2.js Show response
cdn.admixer.net/scripts3/ 176 KB
55 KB 344ms
114ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/loader2.js
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: f3aa6b021bc45554639438646953173347b1d881478b50ca862d5d7700088a60

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc30
date: Mon, 04 Jul 2022 02:21:04 GMT
content-encoding: gzip
last-modified: Mon, 16 May 2022 12:23:59 GMT
server: nginx
etag: W/"6282425f-2c101"
x-cached-since: 2022-07-04T02:17:03+00:00
content-type: application/javascript
cache-control: max-age=600
cache: HIT
expires: Mon, 16 May 2022 12:35:25 GMT

GET
H2 200 hotjar-1437498.js Show response
static.hotjar.com/c/ 4 KB
2 KB 145ms
42ms Script
application/javascript 18.66.97.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1437498.js?sv=6

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.10 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-10.fra56.r.cloudfront.net

Software

Resource Hash

08eb23ff14f9a46ee4882c1d442cdd3c99385b8f3febcbed8ebe464688976320

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
age: 50
x-cache: Hit from cloudfront
date: Mon, 04 Jul 2022 02:21:04 GMT
cross-origin-resource-policy: cross-origin
via: 1.1 22993faf725ff29c940e58cb14ddf668.cloudfront.net (CloudFront)
cache-control: max-age=60
etag: W/36d5cafe6981420c31511ee830e7e2e1
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: y3lov70Hljv-TiW9C-hJoS84SjBs9Vd8C5fqzcmGwCyPWz3P99fYMw==

GET
H/1.1 200
OK 1plus1_2020-Bold.woff2
1plus1.ua/build/fonts/ 40 KB
40 KB 70ms
69ms Font
font/woff2 195.137.240.100
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://1plus1.ua/build/fonts/1plus1_2020-Bold.woff2?162ea61293c1251c9d38ebfbb41955e8
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/build/css/desktop.css?id=c39a6fec71f6f36b6aef
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.100 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: f7d679ac3eacbeb4ab5801b3f1dd63d710fad1c3d44440be04f102adb53a6bcb

Request headers

Referer: https://1plus1.ua/build/css/desktop.css?id=c39a6fec71f6f36b6aef
Origin: https://1plus1.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 02:21:04 GMT
Last-Modified: Tue, 12 Oct 2021 22:31:59 GMT
Server: nginx
Content-Type: font/woff2
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 40500
Expires: Mon, 11 Jul 2022 02:21:04 GMT

GET
H/1.1 200
OK 1plus1_2020-Regular.woff2
1plus1.ua/build/fonts/ 38 KB
39 KB 135ms
134ms Font
font/woff2 195.137.240.100
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://1plus1.ua/build/fonts/1plus1_2020-Regular.woff2?90bfe5ae3558a09fc8e59e35be273ed8
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/build/css/desktop.css?id=c39a6fec71f6f36b6aef
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.100 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: fa1e91b87103157f908a9ee3b3c0eab74ab3c71026f7538071c715a009f73b7a

Request headers

Referer: https://1plus1.ua/build/css/desktop.css?id=c39a6fec71f6f36b6aef
Origin: https://1plus1.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 02:21:04 GMT
Last-Modified: Tue, 12 Oct 2021 22:31:59 GMT
Server: nginx
Content-Type: font/woff2
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 39364
Expires: Mon, 11 Jul 2022 02:21:04 GMT

GET
H/1.1 200
OK dancingStars__slide.jpg
1plus1.ua/build/images/ 33 KB
34 KB 264ms
148ms Image
image/jpeg 195.137.240.100
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1plus1.ua/build/images/dancingStars__slide.jpg?c8c69a3b3ba47ad12f574e642cd8ff97
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/build/css/desktop.css?id=c39a6fec71f6f36b6aef
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.100 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: 77639b450a3179e657341017374b6b46eaa79cf1e02cd816c53feb97db03bf6c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/build/css/desktop.css?id=c39a6fec71f6f36b6aef
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 02:21:04 GMT
Last-Modified: Tue, 09 Nov 2021 09:53:25 GMT
Server: nginx
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 34003
Expires: Mon, 11 Jul 2022 02:21:04 GMT

GET
H/1.1 200
OK 1plus1_2020-RegularOblique.woff2
1plus1.ua/build/fonts/ 43 KB
43 KB 124ms
70ms Font
font/woff2 195.137.240.100
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://1plus1.ua/build/fonts/1plus1_2020-RegularOblique.woff2?c64da9994c0baf83a13910fe8cea8652
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/build/css/desktop.css?id=c39a6fec71f6f36b6aef
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.100 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: 67318e1c9ea0047b035276d21690ea657f781686c5fb857f4f80ba1084ea3671

Request headers

Referer: https://1plus1.ua/build/css/desktop.css?id=c39a6fec71f6f36b6aef
Origin: https://1plus1.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 02:21:04 GMT
Last-Modified: Tue, 12 Oct 2021 22:31:59 GMT
Server: nginx
Content-Type: font/woff2
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 43528
Expires: Mon, 11 Jul 2022 02:21:04 GMT

GET
H/1.1 200
OK 1plus1_2020-Black.woff2
1plus1.ua/build/fonts/ 38 KB
38 KB 196ms
70ms Font
font/woff2 195.137.240.100
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://1plus1.ua/build/fonts/1plus1_2020-Black.woff2?7d9bb787c86f7fe8b7258cdeee70c3bd
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/build/css/desktop.css?id=c39a6fec71f6f36b6aef
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.100 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: fb28e529eb48422c4f3150357d137cfa2fba6055291e5e75ad8239da66074888

Request headers

Referer: https://1plus1.ua/build/css/desktop.css?id=c39a6fec71f6f36b6aef
Origin: https://1plus1.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 02:21:04 GMT
Last-Modified: Tue, 12 Oct 2021 22:31:59 GMT
Server: nginx
Content-Type: font/woff2
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 38848
Expires: Mon, 11 Jul 2022 02:21:04 GMT

GET
H/1.1 200
OK 1plus1_2020-Light.woff2
1plus1.ua/build/fonts/ 40 KB
40 KB 291ms
151ms Font
font/woff2 195.137.240.100
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://1plus1.ua/build/fonts/1plus1_2020-Light.woff2?cfb0332de68c76eefb11f8e7b649bf5b
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/build/css/desktop.css?id=c39a6fec71f6f36b6aef
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.100 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: ff3ae49d160812d67552eddd8cde0a5b4bae37c20ebdcf47784a74f6f23be809

Request headers

Referer: https://1plus1.ua/build/css/desktop.css?id=c39a6fec71f6f36b6aef
Origin: https://1plus1.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 02:21:04 GMT
Last-Modified: Tue, 12 Oct 2021 22:31:59 GMT
Server: nginx
Content-Type: font/woff2
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 40576
Expires: Mon, 11 Jul 2022 02:21:04 GMT

GET
H2 200 996bb0d4b6844d19461ac0394a197055_770x420.jpg
images.1plus1.ua/uploads/articles/001/025/341/ 31 KB
32 KB 605ms
416ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/025/341/996bb0d4b6844d19461ac0394a197055_770x420.jpg?v=1656833392
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 1a97b6ad77b7b2d964adcf284bba0a1305fcc7eae64b28da2befe69f8656a411

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 02:21:04 GMT
last-modified: Sun, 03 Jul 2022 07:29:55 GMT
server: nginx
etag: "004925efb8d57265640ade95c6449020"
content-type: image/jpeg
cache-control: max-age=315360000
content-length: 32187
accept-ranges: bytes
x-1p1-cdn: MISS; Mon, 04 Jul 2022 02:21:04 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 7b06fe34bf7d9ce7553ada82faa00b0c_490x1050.webp
images.1plus1.ua/uploads/articles/001/022/527/ 34 KB
34 KB 600ms
412ms Image
image/webp 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/022/527/7b06fe34bf7d9ce7553ada82faa00b0c_490x1050.webp?v=1656507818
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: f82740c25cd3082328eed81c5e2e08d0d6baf9d9c1ffcb772c42faab4ddcb84b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 02:21:04 GMT
last-modified: Wed, 29 Jun 2022 13:03:38 GMT
server: nginx
etag: "02e8eb640f48fd4ae73a74f744211503"
content-type: image/webp
cache-control: max-age=315360000
content-length: 34730
accept-ranges: bytes
x-1p1-cdn: MISS; Mon, 04 Jul 2022 02:21:04 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 be1e839a0fdfdaffccd4effdec4b6257_770x420.jpg
images.1plus1.ua/uploads/articles/001/012/330/ 55 KB
55 KB 647ms
458ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/012/330/be1e839a0fdfdaffccd4effdec4b6257_770x420.jpg?v=1655714317
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 36cb7a40b0ac2e45a4e00c15135d9364ac253a99f7b0511ed6d54bc2de5154ad

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 02:21:04 GMT
last-modified: Mon, 20 Jun 2022 08:38:38 GMT
server: nginx
etag: "1842c88ee0f1b35a99d5fb2520eeb9f6"
content-type: image/jpeg
cache-control: max-age=315360000
content-length: 56380
accept-ranges: bytes
x-1p1-cdn: MISS; Mon, 04 Jul 2022 02:21:04 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 77b73e35ea2d1cbaec66e2d14873a105_770x420.jpg
images.1plus1.ua/uploads/articles/001/024/978/ 28 KB
28 KB 332ms
143ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/024/978/77b73e35ea2d1cbaec66e2d14873a105_770x420.jpg?v=1656744477
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 0d445a74d3a246cfcc740a2089396539a39b2a86534a69eeab2fb5bf9de93e9f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 02:21:04 GMT
last-modified: Sat, 02 Jul 2022 06:47:57 GMT
server: nginx
etag: "bdb65dc781173a3e2d018c4a74416871"
content-type: image/jpeg
cache-control: max-age=315360000
content-length: 28771
accept-ranges: bytes
x-1p1-cdn: MISS; Mon, 04 Jul 2022 02:21:04 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 2a9b9ae8c1874a906d0bcb255fa74b7b_490x1050.jpg
images.1plus1.ua/uploads/articles/000/963/235/ 66 KB
67 KB 376ms
374ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/000/963/235/2a9b9ae8c1874a906d0bcb255fa74b7b_490x1050.jpg?v=1652181813
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 5a4bf6765c70fc79d4a77d75bbd839f0054209a82412b838a05b070141ef0889

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 02:21:04 GMT
last-modified: Tue, 10 May 2022 11:23:34 GMT
server: nginx
etag: "fc7e2658bd1f9868a872f0295e5ecce9"
content-type: image/jpeg
cache-control: max-age=315360000
content-length: 67985
accept-ranges: bytes
x-1p1-cdn: MISS; Mon, 04 Jul 2022 02:21:04 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 b634e95cb4e072767b2c9faaa2728477_350x350.jpg
images.1plus1.ua/uploads/articles/000/859/720/ 13 KB
14 KB 352ms
350ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/000/859/720/b634e95cb4e072767b2c9faaa2728477_350x350.jpg?v=1645456207
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 8a224f5666106a0d1c78951d4dfb964ab63183d044119a68404f7c01c19f951d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 02:21:04 GMT
last-modified: Mon, 21 Feb 2022 15:10:07 GMT
server: nginx
etag: "b9d33f76e570821d980e3a7595b7f15a"
content-type: image/jpeg
cache-control: max-age=315360000
content-length: 13745
accept-ranges: bytes
x-1p1-cdn: MISS; Mon, 04 Jul 2022 02:21:04 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 3ef0edcf9a05d7422edf32bfc5510bc4_350x350.jpg
images.1plus1.ua/uploads/articles/000/841/054/ 13 KB
13 KB 364ms
362ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/000/841/054/3ef0edcf9a05d7422edf32bfc5510bc4_350x350.jpg?v=1644229512
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: f1f3fd397b3a2fe331f7c691c53f0b577d2cbd2398b84e4c3fc8fcb653570a2a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 02:21:04 GMT
last-modified: Mon, 07 Feb 2022 10:25:12 GMT
server: nginx
etag: "1e490b3e02de4533a0e0d3577347d4e7"
content-type: image/jpeg
cache-control: max-age=315360000
content-length: 13088
accept-ranges: bytes
x-1p1-cdn: MISS; Mon, 04 Jul 2022 02:21:04 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 96fb4455b12c0e0bfb8c5cee42aea643_350x350.jpg
images.1plus1.ua/uploads/articles/000/841/327/ 24 KB
25 KB 358ms
356ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/000/841/327/96fb4455b12c0e0bfb8c5cee42aea643_350x350.jpg?v=1644239449
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: ce7c4b304c61ab6f6bc5bc4d333177a66061d1b84c6ee3b0b322ec360f65dcc4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 02:21:04 GMT
last-modified: Mon, 07 Feb 2022 13:10:49 GMT
server: nginx
etag: "3b63edeebc085c7329eb132a56399239"
content-type: image/jpeg
cache-control: max-age=315360000
content-length: 25029
accept-ranges: bytes
x-1p1-cdn: MISS; Mon, 04 Jul 2022 02:21:04 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 d1734693cb79dbe3fefcf84fba0c63f0_350x350.jpg
images.1plus1.ua/uploads/articles/000/840/793/ 29 KB
29 KB 371ms
369ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/000/840/793/d1734693cb79dbe3fefcf84fba0c63f0_350x350.jpg?v=1644225067
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 16aec55d227d15b95ca9a2297e928565f7563468e81b0f92cfaff43c2aede381

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 02:21:04 GMT
last-modified: Mon, 07 Feb 2022 09:11:08 GMT
server: nginx
etag: "a679dc9f06348d06073cc07e617ecdc8"
content-type: image/jpeg
cache-control: max-age=315360000
content-length: 29355
accept-ranges: bytes
x-1p1-cdn: MISS; Mon, 04 Jul 2022 02:21:04 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 10c087244f4c6e30bfb2f60aff192542_140x140.jpg
images.1plus1.ua/uploads/articles/000/861/010/ 4 KB
4 KB 297ms
295ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/000/861/010/10c087244f4c6e30bfb2f60aff192542_140x140.jpg?v=1645539114
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: d807c12f029f4df6967f2f082f63eee8013a45f2125c9201b368bb4bb37f9361

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 02:21:04 GMT
last-modified: Tue, 22 Feb 2022 14:11:56 GMT
server: nginx
etag: "f4a4cdc50a9738d9bf7bef45569acf60"
content-type: image/jpeg
cache-control: max-age=315360000
content-length: 3652
accept-ranges: bytes
x-1p1-cdn: HIT; Mon, 04 Jul 2022 02:11:52 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 a71c7d36326abb6a722d3d45bb2520b3_140x140.jpg
images.1plus1.ua/uploads/articles/001/002/739/ 4 KB
4 KB 369ms
367ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/002/739/a71c7d36326abb6a722d3d45bb2520b3_140x140.jpg?v=1654869933
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: ac7d2fe900025cf93204a654c7e4e5d48d595c99f63f3e937a52c37458b738ce

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 02:21:04 GMT
last-modified: Fri, 10 Jun 2022 14:05:35 GMT
server: nginx
etag: "e3a43907dfc1cb6010ff91134ac2525e"
content-type: image/jpeg
cache-control: max-age=315360000
content-length: 4211
accept-ranges: bytes
x-1p1-cdn: MISS; Mon, 04 Jul 2022 02:21:04 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 c1216120fafc39242ef9765cdbaf30bc_140x140.jpg
images.1plus1.ua/uploads/articles/000/980/119/ 3 KB
3 KB 359ms
357ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/000/980/119/c1216120fafc39242ef9765cdbaf30bc_140x140.jpg?v=1653235122
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: ee734b7a7a90aca78f134641a456d1887253a2990eba06fd109bea1cb876e0b9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 02:21:04 GMT
last-modified: Sun, 22 May 2022 15:58:42 GMT
server: nginx
etag: "f2dccb03f9ca5a5fef8478c1e7099653"
content-type: image/jpeg
cache-control: max-age=315360000
content-length: 2844
accept-ranges: bytes
x-1p1-cdn: MISS; Mon, 04 Jul 2022 02:21:04 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 2786ec343e7e20b0048fa537131c925d_140x140.jpg
images.1plus1.ua/uploads/articles/000/885/247/ 4 KB
4 KB 365ms
363ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/000/885/247/2786ec343e7e20b0048fa537131c925d_140x140.jpg?v=1647507546
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 3effdf31b5136947e397969ccf1951035ba74e528e6271f1d87b90b70ad846e6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 02:21:04 GMT
last-modified: Thu, 17 Mar 2022 08:59:09 GMT
server: nginx
etag: "556966618b06ec01bda07959e09f46e4"
content-type: image/jpeg
cache-control: max-age=315360000
content-length: 4344
accept-ranges: bytes
x-1p1-cdn: MISS; Mon, 04 Jul 2022 02:21:04 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fc56fc7ba35d0d9e1bb58ecd5227c169_140x140.jpg
images.1plus1.ua/uploads/articles/000/833/425/ 4 KB
4 KB 414ms
412ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/000/833/425/fc56fc7ba35d0d9e1bb58ecd5227c169_140x140.jpg?v=1643635311
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 7761c8d15ae844c050903b7fe2de9930f2709586657365ee629b68d280736726

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 02:21:04 GMT
last-modified: Mon, 31 Jan 2022 13:21:53 GMT
server: nginx
etag: "8ea9fdf7b3ae569f63a0488f18e9783d"
content-type: image/jpeg
cache-control: max-age=315360000
content-length: 4046
accept-ranges: bytes
x-1p1-cdn: MISS; Mon, 04 Jul 2022 02:21:04 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 92d3195f325a4d45ee303ab9d892d5b3.190x105.jpg
images.1plus1.video/card-5/E2fzXbha/ 13 KB
13 KB 392ms
152ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/card-5/E2fzXbha/92d3195f325a4d45ee303ab9d892d5b3.190x105.jpg
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 18490029527d0166564d08d77d15347f5c7604cb916606860eb0bf458565ba9f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 02:21:04 GMT
last-modified: Tue, 15 Jun 2021 14:24:39 GMT
server: nginx
etag: "a87fa4df91a2dc0e28d9c245f9b31a56"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 13066
accept-ranges: bytes
x-1p1-cdn: BYPASS; Mon, 04 Jul 2022 02:21:04 GMT
expires: Mon, 11 Jul 2022 02:21:04 GMT

GET
H2 200 9fef5ac5c02b786d294d1ec518d81257.190x105.jpg
images.1plus1.video/card-5/IRHSLdka/ 11 KB
12 KB 385ms
218ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/card-5/IRHSLdka/9fef5ac5c02b786d294d1ec518d81257.190x105.jpg
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 8f9e71ad37578a2db5a8e702ba31316a65dc3f36b2883198adab4d8261631483

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 02:21:04 GMT
last-modified: Tue, 15 Jun 2021 14:24:45 GMT
server: nginx
etag: "2e74435d3edf5310a445de62177853fb"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 11649
accept-ranges: bytes
x-1p1-cdn: BYPASS; Mon, 04 Jul 2022 02:21:04 GMT
expires: Mon, 11 Jul 2022 02:21:04 GMT

GET
H2 200 9a92952634e23723a23e420e15b6f09d.190x105.jpg
images.1plus1.video/card-5/NCkBenm2/ 9 KB
9 KB 385ms
219ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/card-5/NCkBenm2/9a92952634e23723a23e420e15b6f09d.190x105.jpg
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 0fc2fc5d88d357fa83957e664039e6a19588081e55a215d8d077eed82d43beba

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 02:21:04 GMT
last-modified: Tue, 01 Jun 2021 10:56:33 GMT
server: nginx
etag: "5df517d83b1757de3cf407fdcd55b5a0"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 9392
accept-ranges: bytes
x-1p1-cdn: BYPASS; Mon, 04 Jul 2022 02:21:04 GMT
expires: Mon, 11 Jul 2022 02:21:04 GMT

GET
H2 200 9556af606060a6b58f92630ea068995e.190x105.jpg
images.1plus1.video/card-5/hu7lAxSR/ 8 KB
8 KB 319ms
217ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/card-5/hu7lAxSR/9556af606060a6b58f92630ea068995e.190x105.jpg
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: f98c3b183a8834fa2303d8c358f62cc42785540dec4bcca3bf682dcd893874bb

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 02:21:04 GMT
last-modified: Tue, 01 Jun 2021 10:56:41 GMT
server: nginx
etag: "7ea4a7d31c835975e1e8be8db6f4f88c"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 8104
accept-ranges: bytes
x-1p1-cdn: BYPASS; Mon, 04 Jul 2022 02:21:04 GMT
expires: Mon, 11 Jul 2022 02:21:04 GMT

GET
H2 200 1eda3950d64f35c64203c53fd9a9a786.190x105.jpg
images.1plus1.video/card-5/lCJAkGEa/ 10 KB
10 KB 297ms
198ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/card-5/lCJAkGEa/1eda3950d64f35c64203c53fd9a9a786.190x105.jpg
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 851ab1d0997cc0dd8c000ccb7d04106aafa3d5586dd097a74a0805301b8ec95d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 02:21:04 GMT
last-modified: Tue, 01 Jun 2021 10:56:28 GMT
server: nginx
etag: "c134988e94035ff0ee6cd435dde2c1e3"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 10297
accept-ranges: bytes
x-1p1-cdn: BYPASS; Mon, 04 Jul 2022 02:21:04 GMT
expires: Mon, 11 Jul 2022 02:21:04 GMT

GET
H/1.1 200
OK E2fzXbha Show response
1plus1.video/video/embed/ Frame 0E33 11 KB
6 KB 115ms
114ms Document
text/html 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://1plus1.video/video/embed/E2fzXbha?l=ua
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: b51b3fd769f6f90e1e3a40b9b412cbec4d8e2433ce6c3a86c0aba76f038b5edb

Request headers

Referer: https://1plus1.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Mon, 04 Jul 2022 02:21:04 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=15
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H2 200 fc4b2fd9690e913cf3f3b3e197f56eca.190x105.jpg
images.1plus1.video/card-5/muW5KxO2/ 10 KB
11 KB 214ms
131ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/card-5/muW5KxO2/fc4b2fd9690e913cf3f3b3e197f56eca.190x105.jpg
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: f37d4d26f9adb40c5edb56ade0aa60b59d5f5f7bdacab6d34a13b2a3f8e120fc

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 02:21:04 GMT
last-modified: Sun, 20 Feb 2022 21:21:45 GMT
server: nginx
etag: "a6b9b0f86e53737e95a49a0121b47c63"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 10570
accept-ranges: bytes
x-1p1-cdn: BYPASS; Mon, 04 Jul 2022 02:21:04 GMT
expires: Mon, 11 Jul 2022 02:21:04 GMT

GET
H2 200 c1cb9441b388591d2ecc2fa83bf8d466.190x105.jpg
images.1plus1.video/card-5/HaqwM4Sa/ 10 KB
11 KB 213ms
211ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/card-5/HaqwM4Sa/c1cb9441b388591d2ecc2fa83bf8d466.190x105.jpg
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 7f9a44771c2088ce273d74602d782522125915870f00d6adee316c0504c80de5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 02:21:04 GMT
last-modified: Sun, 13 Feb 2022 21:19:04 GMT
server: nginx
etag: "c7529270a49fbff3fad42166d1225751"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 10565
accept-ranges: bytes
x-1p1-cdn: BYPASS; Mon, 04 Jul 2022 02:21:04 GMT
expires: Mon, 11 Jul 2022 02:21:04 GMT

GET
H2 200 74cbea2cb555f441c35f7427ec961dc5.190x105.jpg
images.1plus1.video/card-5/M2VnPLy2/ 10 KB
11 KB 145ms
143ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/card-5/M2VnPLy2/74cbea2cb555f441c35f7427ec961dc5.190x105.jpg
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 727d017565f60a77f88f8753c1b297bb752bd86fae73e89ae9cff404d5de1902

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 02:21:04 GMT
last-modified: Sun, 06 Feb 2022 20:05:15 GMT
server: nginx
etag: "8f78ca40cd331ce47a33c3003c4c6d7a"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 10557
accept-ranges: bytes
x-1p1-cdn: BYPASS; Mon, 04 Jul 2022 02:21:04 GMT
expires: Mon, 11 Jul 2022 02:21:04 GMT

GET
H2 200 6a4fde5b971645afc15d66c54d158c70.190x105.jpg
images.1plus1.video/card-5/ka5ZKpIR/ 10 KB
11 KB 260ms
258ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/card-5/ka5ZKpIR/6a4fde5b971645afc15d66c54d158c70.190x105.jpg
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: ddcede6dc423a82c6a23bcd3624f799da8710d00831dc72a7e8eda1b4aa08f6a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 02:21:04 GMT
last-modified: Sun, 30 Jan 2022 21:38:38 GMT
server: nginx
etag: "818106c2fe1e7dded51af88d14bf7db7"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 10556
accept-ranges: bytes
x-1p1-cdn: BYPASS; Mon, 04 Jul 2022 02:21:04 GMT
expires: Mon, 11 Jul 2022 02:21:04 GMT

GET
H2 200 d4c17987516ae4f0155d208d421bc5e7.190x105.jpg
images.1plus1.video/card-5/H24ZKETa/ 10 KB
11 KB 259ms
257ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/card-5/H24ZKETa/d4c17987516ae4f0155d208d421bc5e7.190x105.jpg
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: ba742f176681a3603b31f011390722e48d49719c69a4d60584fe60bbaf29fb57

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 02:21:04 GMT
last-modified: Sun, 23 Jan 2022 21:02:16 GMT
server: nginx
etag: "6711292593b1059d64720be2dff63419"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 10538
accept-ranges: bytes
x-1p1-cdn: BYPASS; Mon, 04 Jul 2022 02:21:04 GMT
expires: Mon, 11 Jul 2022 02:21:04 GMT

GET
H2 200 337329a5e3fec02712e8d60b21e1412b_755x500.jpg
images.1plus1.ua/uploads/gallery/000/860/641/ 30 KB
30 KB 330ms
328ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/gallery/000/860/641/337329a5e3fec02712e8d60b21e1412b_755x500.jpg?v=1645530002
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: abee2ab95491ef1e29b65b7c025f035fc075327c87817750d1149ed782780477

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 02:21:04 GMT
last-modified: Tue, 22 Feb 2022 11:40:02 GMT
server: nginx
etag: "cde866112b4b81b54aa1bd45cc67011d"
content-type: image/jpeg
cache-control: max-age=315360000
content-length: 30780
accept-ranges: bytes
x-1p1-cdn: HIT; Mon, 04 Jul 2022 01:10:52 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 f151616dfa4225a5765c58f2fe77ae18_755x500.jpg
images.1plus1.ua/uploads/gallery/000/860/650/ 42 KB
42 KB 344ms
342ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/gallery/000/860/650/f151616dfa4225a5765c58f2fe77ae18_755x500.jpg?v=1645530034
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 48c780f7e651b6071883d1dbf7a21e38f4b9e9250335487cc846abc0b4cff053

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 02:21:04 GMT
last-modified: Tue, 22 Feb 2022 11:40:34 GMT
server: nginx
etag: "09e423317519e26fcd0c5fc1a026561b"
content-type: image/jpeg
cache-control: max-age=315360000
content-length: 42603
accept-ranges: bytes
x-1p1-cdn: HIT; Mon, 04 Jul 2022 01:10:52 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 b179b1a345011da2f620df40a3fba89a_755x500.jpg
images.1plus1.ua/uploads/gallery/000/860/659/ 25 KB
25 KB 413ms
411ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/gallery/000/860/659/b179b1a345011da2f620df40a3fba89a_755x500.jpg?v=1645530063
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 7e6edea54ce8e20a389520d8987ce05d3b0ad269008dd07de7600ed4b8e8d2ae

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 02:21:04 GMT
last-modified: Tue, 22 Feb 2022 11:41:03 GMT
server: nginx
etag: "aa2b1236fb5ac10089d752b01f89bdfb"
content-type: image/jpeg
cache-control: max-age=315360000
content-length: 25695
accept-ranges: bytes
x-1p1-cdn: MISS; Mon, 04 Jul 2022 02:21:04 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 6476cab202c46a67552db7f8e6293399_755x500.jpg
images.1plus1.ua/uploads/gallery/000/860/668/ 26 KB
26 KB 373ms
371ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/gallery/000/860/668/6476cab202c46a67552db7f8e6293399_755x500.jpg?v=1645530093
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: bbb05b94711d32b94bf45db19a44a6f68bc361a1374016744bfd911dc43c4e3c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 02:21:04 GMT
last-modified: Tue, 22 Feb 2022 11:41:33 GMT
server: nginx
etag: "1aa71e70bddf3967c0297a3b71f6dbc7"
content-type: image/jpeg
cache-control: max-age=315360000
content-length: 26725
accept-ranges: bytes
x-1p1-cdn: MISS; Mon, 04 Jul 2022 02:21:04 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 52e43f15d2888e2bea1a412d1f3df3f4_755x500.jpg
images.1plus1.ua/uploads/gallery/000/861/427/ 34 KB
34 KB 348ms
346ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/gallery/000/861/427/52e43f15d2888e2bea1a412d1f3df3f4_755x500.jpg?v=1645557790
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 1a1cbd003f02f0c1712e6de047260a8897034a6966acd5cccf3472fd1637ffb3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 02:21:04 GMT
last-modified: Tue, 22 Feb 2022 19:23:10 GMT
server: nginx
etag: "83a5e65aa6e0b9abe0e1d35df7ad25b8"
content-type: image/jpeg
cache-control: max-age=315360000
content-length: 35041
accept-ranges: bytes
x-1p1-cdn: MISS; Mon, 04 Jul 2022 02:21:04 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 83ff7b55149114842e5483a7bee20364_755x500.jpg
images.1plus1.ua/uploads/gallery/000/862/984/ 42 KB
43 KB 352ms
350ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/gallery/000/862/984/83ff7b55149114842e5483a7bee20364_755x500.jpg?v=1645633339
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 2314da4607398a6481be7b838cabed671605b3706f882c5435b677adfe8734b7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 02:21:04 GMT
last-modified: Wed, 23 Feb 2022 16:22:20 GMT
server: nginx
etag: "dabe971598e8a3e3683c6a552a2974ba"
content-type: image/jpeg
cache-control: max-age=315360000
content-length: 43269
accept-ranges: bytes
x-1p1-cdn: MISS; Mon, 04 Jul 2022 02:21:04 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 xgemius.js Show response
gaua.hit.gemius.pl/ 52 KB
14 KB 185ms
56ms Script
application/x-javascript 146.59.10.80
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/xgemius.js
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.10.80 , France, ASN16276 (OVH, FR),
Reverse DNS: ip80.ip-146-59-10.eu
Software: GHC /
Resource Hash: 229378c3a3e277ca91542f035d4386df50f091126b2acfd9bda191e8bf5368a8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 02:21:04 GMT
content-encoding: gzip
last-modified: Tue, 24 May 2022 16:52:19 GMT
server: GHC
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: max-age=43200
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 14031
expires: Mon, 04 Jul 2022 14:21:04 GMT

GET
H2 200 cm.js Show response
source.mmi.bemobile.ua/cm/ 52 KB
20 KB 239ms
65ms Script
application/javascript 194.247.175.23
BEMOBILE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://source.mmi.bemobile.ua/cm/cm.js
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.247.175.23 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software: nginx/1.13.0 /
Resource Hash: 5d1b56a762d63b6e9bfb8a70552ce75c1c3938c782f8d9de971ecc960836c451

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 02:21:04 GMT
content-encoding: gzip
last-modified: Wed, 06 Nov 2019 07:53:34 GMT
server: nginx/1.13.0
etag: W/"5dc27bfe-d0f6"
content-type: application/javascript; charset=utf-8
cache-control: no-cache
expires: Thu, 07 Nov 2019 07:53:34 GMT

GET
H2 200 pic.gif
pa.tns-ua.com/bug/ 56 B
138 B 240ms
77ms Image
image/gif 194.247.175.19
BEMOBILE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pa.tns-ua.com/bug/pic.gif?siteid=1plus1.ua&j=1&nocache=0.3483959263702159
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.247.175.19 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software: nginx/1.13.0 /
Resource Hash: 2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 02:21:04 GMT
cache-control: no-cache
server: nginx/1.13.0
expires: -1

GET
H2 200 sdk.js Show response
connect.facebook.net/uk_UA/ 3 KB
2 KB 137ms
44ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/uk_UA/sdk.js

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

79ddb902a60e533e2319d2de5a6e2af066eb3fb023546c67a4f4a4eea7c05210

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 2rGMqg70YsIqqFYKTwpwSw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: CQ/UFY+aFFkwMx2L2O/Wd2wn9iFUoME3jeqPR020oFm+lr8SmKkw17PwR3v2cdUOdqhrtXTjyiqz/xW0FFnskA==
x-fb-trip-id: 686109401
x-fb-content-md5: 996e8b2585044ecdef59bcdaeb04f69e
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 04 Jul 2022 02:21:04 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "c4abf895fc5000cca30fb4f925affc0a"
timing-allow-origin: *
priority: u=3,i
expires: Mon, 04 Jul 2022 02:33:23 GMT

GET
H2 200 hbw_master_298309_4139.js Show response
player.adtelligent.com/prebidlink/460250/ 120 KB
30 KB 49ms
49ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/prebidlink/460250/hbw_master_298309_4139.js
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebid/wrapper_hb_298309_4139.js?cb=19177
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 4c90a683d54591d4ddfc8a9ddc958e811c19a0b564b600e862fdc2b7c7b5256b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 02:21:04 GMT
content-encoding: gzip
last-modified: Thu, 30 Jun 2022 21:48:41 GMT
server: nginx
etag: W/"62be1a39-1df87"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Wed, 06 Jul 2022 02:21:04 GMT
cache-control: max-age=172800
x-proxy-cache: HIT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 81 KB
28 KB 137ms
50ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

888110a74f51f0c1a4ebb68099d1967cdccce78f8396c109c66589728311e055

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 02:21:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28043
x-xss-protection: 0
server: sffe
etag: "1263 / 860 of 1000 / last-modified: 1656713226"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 04 Jul 2022 02:21:04 GMT

GET
H/1.1 200
OK ovva.0.3.0.css
1plus1.video/static/player/css/ Frame 0E33 171 KB
26 KB 135ms
135ms Stylesheet
text/css 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://1plus1.video/static/player/css/ovva.0.3.0.css?v=58c2a35b92274ef0dc1c7f6cce597b04ab0c50de
Requested by: Host: 1plus1.video
URL: https://1plus1.video/video/embed/E2fzXbha?l=ua
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: 3dac64a94fcc4eae3c54f1f12824e9b82bebbec1acb3cb8b908f4ecc1f90e578

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/video/embed/E2fzXbha?l=ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 02:21:04 GMT
Content-Encoding: gzip
Last-Modified: Mon, 29 Nov 2021 13:08:40 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Wed, 03 Aug 2022 02:19:55 GMT

GET
H/1.1 200
OK ovva.0.3.0.js Show response
1plus1.video/static/player/js/ Frame 0E33 198 KB
69 KB 206ms
66ms Script
application/javascript 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=58c2a35b92274ef0dc1c7f6cce597b04ab0c50de
Requested by: Host: 1plus1.video
URL: https://1plus1.video/video/embed/E2fzXbha?l=ua
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: 517d4417f1918881abb8b87e7be918ca95b9eb50de3a5ef4a46e2e39626aba7b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/video/embed/E2fzXbha?l=ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 02:21:04 GMT
Content-Encoding: gzip
Last-Modified: Wed, 12 Jan 2022 10:01:09 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Wed, 03 Aug 2022 02:20:30 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 0E33 103 KB
39 KB 134ms
53ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-104502981-1

Requested by

Host: 1plus1.video
URL: https://1plus1.video/video/embed/E2fzXbha?l=ua

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ff078757e91cce22ca89cdcb1e6e9098edd89df232b1e4b98312942b16b4ee70

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 02:21:04 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40366
x-xss-protection: 0
last-modified: Mon, 04 Jul 2022 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 04 Jul 2022 02:21:04 GMT

GET
H2 200 modules.b4253c4a74219da558ee.js Show response
script.hotjar.com/ 243 KB
63 KB 140ms
44ms Script
application/javascript 52.222.236.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.b4253c4a74219da558ee.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1437498.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-63.fra56.r.cloudfront.net

Software

Resource Hash

8f244e407e374e5a35e20db52746d972e7e3a09d54952be4bbebb51a90c959e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 10:53:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 228478
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains
content-length: 64087
access-control-allow-origin: *
last-modified: Fri, 01 Jul 2022 10:52:14 GMT
etag: "bda2f6d20c6ee79ecef8722dadf19aea"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 94328d2509009edc0657f5c786a93e42.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: odL9HKnBMya2MGk_BD6qGVdHdN6k3lQoiWF_WWJToHQmlx-ZTz8tEg==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 132ms
38ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PWKM5Z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 4575
date: Mon, 04 Jul 2022 01:04:49 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 04 Jul 2022 03:04:49 GMT

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206300101/ 339 KB
120 KB 83ms
83ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206300101/show_ads_impl_fy2019.js?bust=31068309

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5c60b494be930d9e88a69441e91009240d7c601e478cc29015322ee224422f0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 02:21:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122421
x-xss-protection: 0
server: cafe
etag: 14241370678484154125
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Jul 2022 02:21:04 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220629/r20190131/ Frame 7C95 10 KB
5 KB 137ms
39ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220629/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1plus1.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 37114
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4414
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Jul 2022 16:02:30 GMT
etag: 10429905676100781186
expires: Sun, 17 Jul 2022 16:02:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 hb_298309_4139.js Show response
player.adtelligent.com/prebidlink/ex19177/ 374 KB
115 KB 57ms
56ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/prebidlink/ex19177/hb_298309_4139.js
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/460250/hbw_master_298309_4139.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 20449e789ae23b4c7ce8ac8822da7293591708bb9199ba89d662c5aefd5c897e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 02:21:04 GMT
content-encoding: gzip
last-modified: Thu, 30 Jun 2022 10:56:59 GMT
server: nginx
etag: W/"62bd817b-5d9c4"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Wed, 06 Jul 2022 02:21:04 GMT
cache-control: max-age=172800
x-proxy-cache: HIT

GET
H/1.1 200
OK / Show response
ghb.adtelligent.com/geo/ 139 B
404 B 220ms
26ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/geo/
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/460250/hbw_master_298309_4139.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 536d3e3143304d5b269dee2eca1defcd7c409be2ee5c41aefc23226095c5398a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 02:21:04 GMT
Server: Adtelligent
Content-Type: application/json
Access-Control-Allow-Origin: https://1plus1.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 139

GET
H/1.1 200
OK tracking Show response
ghb.adtelligent.com/adunit/ 43 B
426 B 220ms
27ms XHR
image/gif 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/adunit/tracking?event=11&type=0&client_id=298309&site_id=4139&full_page_url=https%3A%2F%2F1plus1.ua%2F&adid=648dsh.ok&features=16416&vpbv=N066&lifecycle_tte=1114
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/460250/hbw_master_298309_4139.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 02:21:04 GMT
Server: Adtelligent
Content-Type: image/gif
Access-Control-Allow-Origin: https://1plus1.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 43

GET
H/1.1 200
OK api.auth.0.0.5.js Show response
api.1plus1.video/static/js/ 108 KB
33 KB 181ms
135ms Script
application/javascript 195.137.240.88
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.1plus1.video/static/js/api.auth.0.0.5.js?v=58c2a35b92274ef0dc1c7f6cce597b04ab0c50de
Requested by: Host: api.1plus1.video
URL: https://api.1plus1.video/u/l.js?p=&l=ua&f=0&auth=1&login_profile=1
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.88 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front02.1plus1.ua
Software: nginx /
Resource Hash: 792972a6b7f330144c0cf22b9c63f8efaff4665dfb2b43868d0cbbaff721d100

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 02:21:04 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Apr 2022 11:59:04 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Wed, 03 Aug 2022 02:19:16 GMT

GET
H2 200 box-63c3a81830bf549dafe40b369003f751.html Show response
vars.hotjar.com/ Frame 03D1 2 KB
1 KB 130ms
40ms Document
text/html 18.66.139.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vars.hotjar.com/box-63c3a81830bf549dafe40b369003f751.html

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1437498.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-117.fra60.r.cloudfront.net

Software

Resource Hash

f05ac9ba83369cd58d06d8ee2e5f8d61c040d30d044e20752153f95577627dc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://1plus1.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 240065
cache-control: max-age=31536000
content-encoding: br
content-length: 1044
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 01 Jul 2022 07:39:59 GMT
etag: "e6fb1304cb60a0dea0f76f7077cb13c6"
last-modified: Thu, 30 Jun 2022 14:48:22 GMT
strict-transport-security: max-age=86400; includeSubDomains
vary: Accept-Encoding
via: 1.1 ed7f977b6d983a16331e3fe3f4764e9a.cloudfront.net (CloudFront)
x-amz-cf-id: d4ToDeaZkm4478Fdx-K7x2V_JUOAWc2YtuskgDuvmMCo4sW3P9WWNA==
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
x-robots-tag: none

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 385 B
694 B 154ms
63ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=1plus1.ua&callback=_gfp_s_&client=ca-pub-9111367348737651&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206300101/show_ads_impl_fy2019.js?bust=31068309

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28cb680f486692048141cc8d4577451f3509ebd757594abfd2befcf0940aa385

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 02:21:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 250
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.ae/adsid/ 107 B
792 B 140ms
48ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ae/adsid/integrator.js?domain=1plus1.ua

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206300101/show_ads_impl_fy2019.js?bust=31068309

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 04 Jul 2022 02:21:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 176ms
48ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=1plus1.ua

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206300101/show_ads_impl_fy2019.js?bust=31068309

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 04 Jul 2022 02:21:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 74ms
73ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2F1plus1.ua%2F&tn=DIV&cls=cookies%20open&ign=false&pw=1600&ph=1200&x=1575&y=1175

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 02:21:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 73ms
72ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2F1plus1.ua%2F&tn=HEADER&cls=header&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 02:21:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5FBE 603 B
68 B 151ms
66ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9111367348737651&output=html&adk=1812271804&adf=3025194257&lmt=1656901264&plat=1%3A16777216%2C2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2F1plus1.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656901264316&bpp=2&bdt=557&idt=186&shv=r20220629&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8537337792461&frm=20&pv=2&ga_vid=2063326827.1656901265&ga_sid=1656901265&ga_hid=1268243086&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C31065741%2C31068196%2C31068309%2C42531605&oid=2&pvsid=84074762634372&tmod=898549037&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=208

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206300101/show_ads_impl_fy2019.js?bust=31068309

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1plus1.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Jul 2022 02:21:04 GMT
expires: Mon, 04 Jul 2022 02:21:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 piwik.php
assay.1plus1.ua/ 43 B
145 B 71ms
70ms Image
image/gif 195.137.240.12
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assay.1plus1.ua/piwik.php?action_name=%D0%9E%D1%84%D1%96%D1%86%D1%96%D0%B9%D0%BD%D0%B8%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%D1%83%201%2B1&idsite=2&rec=1&r=984945&h=2&m=21&s=4&url=https%3A%2F%2F1plus1.ua%2F&_id=d8cd8622d10c66e9&_idts=1656901265&_idvc=1&_idn=0&_refts=0&_viewts=1656901265&send_image=1&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&gt_ms=207

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

195.137.240.12 , Ukraine, ASN29389 (ASN-UNIAN, UA),

Reverse DNS

assay.1plus1.ua

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 02:21:04 GMT
content-encoding: none
server: nginx
content-length: 43
x-frame-options: SAMEORIGIN
content-type: image/gif

GET
H/1.1 200
OK l.js Show response
api.1plus1.video/u/ Frame 0E33 898 B
2 KB 86ms
86ms Script
application/javascript 195.137.240.88
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.1plus1.video/u/l.js?p=128902&l=ua&f=0&auth=1&login_profile=1&_t=1656901264556
Requested by: Host: 1plus1.video
URL: https://1plus1.video/video/embed/E2fzXbha?l=ua
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.88 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front02.1plus1.ua
Software: nginx /
Resource Hash: 296cc6659eb2eb974d7c640f6e17c377d4a084a2f3df986d0c265dba2a73d8e0

Request headers

Referer: https://1plus1.video/
Origin: https://1plus1.video
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 04 Jul 2022 02:21:04 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: https://1plus1.video
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Keep-Alive: timeout=15
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame 0E33 123 KB
45 KB 55ms
54ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WPC3Q76

Requested by

Host: 1plus1.video
URL: https://1plus1.video/video/embed/E2fzXbha?l=ua

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f4ac8e0e1b5c8c343601c37b07d456d9de4027138415fb81fa63c9b06cded148

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 02:21:04 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46332
x-xss-protection: 0
last-modified: Mon, 04 Jul 2022 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 04 Jul 2022 02:21:04 GMT

GET
H/1.1 200
OK csyncs Show response
ghb.adtelligent.com/ 285 B
552 B 31ms
30ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/csyncs?aid1=437381
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/460250/hbw_master_298309_4139.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 7bb41cb01e8d4beee575e8407d30ea36e35b372e463778e8ad16813236423d53

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 02:21:04 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://1plus1.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 248

GET
H2 200 c.html Show response
cdn.admixer.net/scripts3/46506/ Frame 7AA9 738 B
510 B 105ms
103ms Document
text/html 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/46506/c.html?b=46506
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer: https://1plus1.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache: HIT
cache-control: max-age=31622400
content-encoding: gzip
content-type: text/html
date: Mon, 04 Jul 2022 02:21:04 GMT
etag: W/"62824272-2e2"
expires: Wed, 17 May 2023 12:25:25 GMT
last-modified: Mon, 16 May 2022 12:24:18 GMT
server: nginx
vary: Accept-Encoding
x-cached-since: 2022-05-16T12:25:26+00:00
x-id: fr5-up-gc30

GET
H2 200 a21031c0f6a0994b3314.b.js Show response
cdn.admixer.net/scripts3/46506/ 23 KB
8 KB 110ms
108ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/46506/a21031c0f6a0994b3314.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 680f6e9a0e9f9d8c145e11d6937f688ff4299215d44bf0a54368ffc6acdbfc51

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc30
date: Mon, 04 Jul 2022 02:21:04 GMT
content-encoding: gzip
last-modified: Mon, 16 May 2022 12:24:15 GMT
server: nginx
etag: W/"6282426f-5d41"
vary: Accept-Encoding
x-cached-since: 2022-06-21T14:43:36+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Thu, 22 Jun 2023 14:43:36 GMT

GET
H2 200 0a75d04ce9f53a1a35b6.b.js Show response
cdn.admixer.net/scripts3/46506/ 75 KB
20 KB 120ms
119ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/46506/0a75d04ce9f53a1a35b6.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: ecd2e45fcd6ed0f17eaefccd72cdb8253be8673636adcbf3f8902aeeed654fe2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc30
date: Mon, 04 Jul 2022 02:21:04 GMT
content-encoding: gzip
last-modified: Mon, 16 May 2022 12:24:04 GMT
server: nginx
etag: W/"62824264-12c39"
vary: Accept-Encoding
x-cached-since: 2022-06-21T14:43:19+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Thu, 22 Jun 2023 14:43:19 GMT

GET
H/1.1

200
OK

csync
sync.adtelligent.com/
Redirect Chain

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=b8b1ed26-78ef-4365-aa13-d23cdc14f7ec

0
407 B

566ms
289ms

Image
text/plain

62.149.0.72
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=b8b1ed26-78ef-4365-aa13-d23cdc14f7ec
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: HTTP/1.1
Server: 62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS: 0-72.cc86365-03-tmp.cc.colocall.com
Software: VertaMedia 1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 02:21:05 GMT
Server: VertaMedia 1.0
Etag: 5d36643577a3e139
Content-Length: 0

Redirect headers

location: https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=b8b1ed26-78ef-4365-aa13-d23cdc14f7ec
date: Mon, 04 Jul 2022 02:21:04 GMT
cache-control: no-store no-transform
server: nginx
content-length: 166
content-type: text/html; charset=utf-8

GET
H2

200

%7Buid%7D
sync.pubwise.io/usersync/adtellsspban/
Redirect Chain

https://sync.pubwise.io/usersync/adtellsspban/%7Buid%7D
https://sync.pubwise.io/usersync/adtellsspban/%7Buid%7D?zcc=1

43 B
92 B

94ms
94ms

Image
image/gif

147.75.198.217
PACKET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.pubwise.io/usersync/adtellsspban/%7Buid%7D?zcc=1
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Server: 147.75.198.217 Tokyo, Japan, ASN54825 (PACKET, US),
Reverse DNS: sync-1
Software: nginx /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 02:21:05 GMT
server: nginx

Redirect headers

location: https://sync.pubwise.io/usersync/adtellsspban/%7Buid%7D?zcc=1
date: Mon, 04 Jul 2022 02:21:05 GMT
server: nginx
content-type: text/html

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 0E33 49 KB
20 KB 116ms
57ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-104502981-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 4575
date: Mon, 04 Jul 2022 01:04:49 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 04 Jul 2022 03:04:49 GMT

GET
H2 200 fpdata.js Show response
gaua.hit.gemius.pl/ 278 B
392 B 58ms
57ms Script
application/x-javascript 146.59.10.80
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/fpdata.js?href=1plus1.ua
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.10.80 , France, ASN16276 (OVH, FR),
Reverse DNS: ip80.ip-146-59-10.eu
Software: GHC /
Resource Hash: 7cad3fc55004252e1248b88c496b574f5cfdf57188d88989544f4a81ccf2c6f7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 02:21:04 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
server: GHC
etag: PRIVATE7520710249
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: private, max-age=2592000
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 278
expires: Wed, 03 Aug 2022 02:21:04 GMT

GET
H2 200 lsget.html Show response
ls.hit.gemius.pl/ Frame 5694 5 KB
3 KB 230ms
95ms Document
text/html 146.59.30.108
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ls.hit.gemius.pl/lsget.html
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.30.108 , France, ASN16276 (OVH, FR),
Reverse DNS: ip108.ip-146-59-30.eu
Software: GHC /
Resource Hash: 46b5ebf7f40bb13bd710006ae54cb96f850805450f5450484964454a5656d287

Request headers

Referer: https://1plus1.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: none
cache-control: private, max-age=2592000
content-encoding: gzip
content-length: 2725
content-type: text/html;charset=utf-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Jul 2022 02:21:04 GMT
etag: PRIVATE7520710249
expires: Wed, 03 Aug 2022 02:21:04 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
p3p: CP="NOI DSP COR NID PSAo OUR IND"
server: GHC
vary: Accept-Encoding,Origin,User-Agent

GET
H/1.1 200
OK api.auth.0.0.5.js Show response
api.1plus1.video/static/js/ Frame 0E33 108 KB
33 KB 291ms
201ms Script
application/javascript 195.137.240.88
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.1plus1.video/static/js/api.auth.0.0.5.js?v=58c2a35b92274ef0dc1c7f6cce597b04ab0c50de
Requested by: Host: api.1plus1.video
URL: https://api.1plus1.video/u/l.js?p=128902&l=ua&f=0&auth=1&login_profile=1&_t=1656901264556
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.88 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front02.1plus1.ua
Software: nginx /
Resource Hash: 792972a6b7f330144c0cf22b9c63f8efaff4665dfb2b43868d0cbbaff721d100

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 02:21:04 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Apr 2022 11:59:04 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Wed, 03 Aug 2022 02:19:16 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/uk_UA/ 300 KB
86 KB 95ms
53ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/uk_UA/sdk.js?hash=9bbdc6bb2988339c8e6b0f62979fbab4

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/uk_UA/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3cb5d9faee285dc3a08d39d8ce31c83db8b5d5910e90bf3e3397b3a4c90d6ff4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://1plus1.ua/
Origin: https://1plus1.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: Ht1DUA65PijkioZgNkUSFw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 87678
x-fb-rlafr: 0
x-fb-debug: tj/fSFPblch9dgIZXS6z6qcGTapEvq/B8ZsR37oCtnPCOraqPwAEGhhLTUxU+CKO6ZXmzcN6nAvjJHR8Q9HRow==
x-fb-content-md5: 638bd1ff4f8dbd6eb525ab2bb9b759c1
x-frame-options: DENY
date: Mon, 04 Jul 2022 02:21:04 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "f80665ced71608f8318e0b566f13dcc1"
timing-allow-origin: *
priority: u=3,i
expires: Tue, 04 Jul 2023 02:05:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 191ms
72ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1268243086&t=pageview&_s=1&dl=https%3A%2F%2F1plus1.ua%2F&ul=en-us&de=UTF-8&dt=%D0%9E%D1%84%D1%96%D1%86%D1%96%D0%B9%D0%BD%D0%B8%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%D1%83%201%2B1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAEABAAAAAC~&jid=941056382&gjid=1288677769&cid=2063326827.1656901265&tid=UA-22507043-9&_gid=1031868237.1656901265&_r=1&gtm=2wg6t0PWKM5Z&z=928692027

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 02:21:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://1plus1.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 158ms
72ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1268243086&t=pageview&_s=1&dl=https%3A%2F%2F1plus1.ua%2F&ul=en-us&de=UTF-8&dt=%D0%9E%D1%84%D1%96%D1%86%D1%96%D0%B9%D0%BD%D0%B8%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%D1%83%201%2B1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAjAAEABAAAAAC~&jid=1268036162&gjid=301401930&cid=2063326827.1656901265&tid=UA-113262294-1&_gid=1031868237.1656901265&_r=1&gtm=2wg6t0PWKM5Z&z=666530549

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 02:21:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://1plus1.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_2022062801.js Show response
securepubads.g.doubleclick.net/gpt/ 374 KB
128 KB 235ms
51ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062801.js?cb=31068294

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

sffe /

Resource Hash

d7c2249c4f39bc0dbaceafeb7a4ab9f599441c6265927ad20920991fa22bf362

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 14:37:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42218
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 130514
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 08:35:24 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 03 Jul 2023 14:37:27 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 157 B
742 B 235ms
52ms XHR
application/json 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=1plus1.ua

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

3ab326af9dc6c82a2117248f99b169c68e64ef429ca3cfb75ddf9aa81e07c3a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 04 Jul 2022 02:21:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 106
x-xss-protection: 0
expires: Mon, 04 Jul 2022 02:21:05 GMT

GET
H2 200 cds.js Show response
pa.tns-ua.com/viewability/ 2 KB
3 KB 91ms
91ms Script
application/javascript 194.247.175.19
BEMOBILE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pa.tns-ua.com/viewability/cds.js
Requested by: Host: source.mmi.bemobile.ua
URL: https://source.mmi.bemobile.ua/cm/cm.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.247.175.19 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software: nginx/1.13.0 /
Resource Hash: 9cfc3a96cab0eb315783265b6db554e532e060952d409399cc7dd1d7e775b9a3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 02:21:04 GMT
last-modified: Mon, 02 Jul 2018 17:26:53 GMT
server: nginx/1.13.0
accept-ranges: bytes
etag: "5b3a605d-9c3"
content-length: 2499
content-type: application/javascript; charset=utf-8

GET
H/1.1 200
OK api.auth.css
api.1plus1.video/static/css/ 56 KB
9 KB 90ms
90ms Stylesheet
text/css 195.137.240.88
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.1plus1.video/static/css/api.auth.css?_t176401781202
Requested by: Host: client
URL: about:client
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.88 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front02.1plus1.ua
Software: nginx /
Resource Hash: a691ce0fb054d5f2128394b9ad9c5961d7c0cdc1804bc83d6760df78ee304d7f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 02:21:04 GMT
Content-Encoding: gzip
Last-Modified: Mon, 03 Aug 2020 07:12:56 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Wed, 03 Aug 2022 02:21:04 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 925 B
994 B 166ms
51ms Script
text/javascript 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=__api_auth_recaptcha_on_load__&render=explicit&hl=uk

Requested by

Host: api.1plus1.video
URL: https://api.1plus1.video/static/js/api.auth.0.0.5.js?v=58c2a35b92274ef0dc1c7f6cce597b04ab0c50de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c1664f45bc92def41dbd3f8d4bd057e6ce4003b168b33cfafcbca2ae19533209

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 02:21:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 581
x-xss-protection: 1; mode=block
expires: Mon, 04 Jul 2022 02:21:05 GMT

GET
H2

200

rexdot.js Show response
gaua.hit.gemius.pl/__/_1656901264919/
Redirect Chain

https://gaua.hit.gemius.pl/_1656901264919/rexdot.js?l=100&id=AjrqKCOxP8PKBji0fzFPYcU1XmENAbtLwaFZEcN9oWn.27&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2F1plus1.ua%2...
https://gaua.hit.gemius.pl/__/_1656901264919/rexdot.js?l=100&id=AjrqKCOxP8PKBji0fzFPYcU1XmENAbtLwaFZEcN9oWn.27&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2F1plus1.u...

169 B
471 B

166ms
166ms

Script
application/x-javascript

146.59.10.80
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/__/_1656901264919/rexdot.js?l=100&id=AjrqKCOxP8PKBji0fzFPYcU1XmENAbtLwaFZEcN9oWn.27&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2F1plus1.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=cJ3L2kFlOCNuJKfWs3pFMLXsHo2pCZLhTzGPU2j6m13.u7xHPPQHaaIhiPUzbfWOn8nJd5UjRr7QXCKPRa.l2c2v6Hut/ZDH3DYaMeLVAg/&ltime=291&fpdata=WLgaFqfIAAuQv3Hgpu91xqUvxwqW5P0_lBpWPdu6k2P.U7&fpcap=
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Server: 146.59.10.80 , France, ASN16276 (OVH, FR),
Reverse DNS: ip80.ip-146-59-10.eu
Software: GHC /
Resource Hash: 121ba6e535d032b52c9aeed68743ea7b7ba89bef6eed3a4bb6bf78e2ae474003

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 02:21:05 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 169
expires: Sun, 03 Jul 2022 02:21:05 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Jul 2022 02:21:04 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: /__/_1656901264919/rexdot.js?l=100&id=AjrqKCOxP8PKBji0fzFPYcU1XmENAbtLwaFZEcN9oWn.27&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2F1plus1.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=cJ3L2kFlOCNuJKfWs3pFMLXsHo2pCZLhTzGPU2j6m13.u7xHPPQHaaIhiPUzbfWOn8nJd5UjRr7QXCKPRa.l2c2v6Hut/ZDH3DYaMeLVAg/&ltime=291&fpdata=WLgaFqfIAAuQv3Hgpu91xqUvxwqW5P0_lBpWPdu6k2P.U7&fpcap=
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Sun, 03 Jul 2022 02:21:04 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 162ms
40ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1834787353214372&ev=fb_page_view&dl=https%3A%2F%2F1plus1.ua%2F&rl=&if=false&ts=1656901264922&sw=1600&sh=1200&at=

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 02:21:05 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Mon, 04 Jul 2022 02:21:05 GMT

GET
H2 200 cm.html Show response
pa.tns-ua.com/viewability/ Frame B7D5 3 KB
1 KB 73ms
73ms Document
text/html 194.247.175.19
BEMOBILE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pa.tns-ua.com/viewability/cm.html
Requested by: Host: pa.tns-ua.com
URL: https://pa.tns-ua.com/viewability/cds.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.247.175.19 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software: nginx/1.13.0 /
Resource Hash: 9b99450717649bd5715ae5cba0e064d8cc879abe705815792d66097163cfb576

Request headers

Referer: https://1plus1.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 04 Jul 2022 02:21:04 GMT
etag: W/"5b310387-b5f"
last-modified: Mon, 25 Jun 2018 15:00:23 GMT
server: nginx/1.13.0

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 139ms
48ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700&subset=cyrillic-ext,latin-ext

Requested by

Host: api.1plus1.video
URL: https://api.1plus1.video/static/css/api.auth.css?_t176401781202

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

efa5f8df07811ca584265a7f3b44e74687496ae792370392f6fec18f4c1ea30f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://api.1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 04 Jul 2022 02:02:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 04 Jul 2022 02:21:05 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 04 Jul 2022 02:21:05 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
437 B 109ms
33ms XHR
text/plain 2a00:1450:400c:c01::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-22507043-9&cid=2063326827.1656901265&jid=941056382&gjid=1288677769&_gid=1031868237.1656901265&_u=YAhAAEAAAAAAAC~&z=340954817

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c01::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e3ea156c91e5bd4f4ba41e6bb96d65b5b75f36e2afb3b33522b6deb06aa1b19d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 04 Jul 2022 02:21:05 GMT
content-type: text/plain
access-control-allow-origin: https://1plus1.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK api.auth.css
api.1plus1.video/static/css/ Frame 0E33 56 KB
9 KB 80ms
80ms Stylesheet
text/css 195.137.240.88
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.1plus1.video/static/css/api.auth.css?_t364103361993
Requested by: Host: client
URL: about:client
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.88 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front02.1plus1.ua
Software: nginx /
Resource Hash: a691ce0fb054d5f2128394b9ad9c5961d7c0cdc1804bc83d6760df78ee304d7f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 02:21:04 GMT
Content-Encoding: gzip
Last-Modified: Tue, 13 Apr 2021 11:47:41 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Wed, 03 Aug 2022 02:21:04 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ Frame 0E33 925 B
646 B 73ms
51ms Script
text/javascript 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=__api_auth_recaptcha_on_load__&render=explicit&hl=uk

Requested by

Host: api.1plus1.video
URL: https://api.1plus1.video/static/js/api.auth.0.0.5.js?v=58c2a35b92274ef0dc1c7f6cce597b04ab0c50de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c1664f45bc92def41dbd3f8d4bd057e6ce4003b168b33cfafcbca2ae19533209

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 02:21:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 581
x-xss-protection: 1; mode=block
expires: Mon, 04 Jul 2022 02:21:05 GMT

GET
H2 200 PageStatEntry Show response
sslpagestat.mmi.bemobile.ua/pagestat/ 36 B
131 B 363ms
65ms XHR
application/json 194.247.175.25
BEMOBILE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sslpagestat.mmi.bemobile.ua/pagestat/PageStatEntry?cookie=4692B548981F444F8B0860A7252DC044&time=1656901264893&location=https%3A%2F%2F1plus1.ua%2F&referrer=&is_flash=0&session_id=35013718&version=3.5.337_ua/1.83&sw=1600&sh=1200&scd=24&spd=24&tnscm_adn=inline_cm&param1=~cm_timer~&param2=0&param3=1200&param5=2&vt=d
Requested by: Host: source.mmi.bemobile.ua
URL: https://source.mmi.bemobile.ua/cm/cm.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.247.175.25 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 147b1111edda7e2c2f9d672b5649de2f2dc5d5cb9dda7905198aa883a4273013

Request headers

Accept: application/json
Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 04 Jul 2022 02:21:05 GMT
server: nginx/1.18.0
content-length: 36
content-type: application/json

GET
H2 200 pic.gif
pa.tns-ua.com/bug/ 56 B
229 B 67ms
65ms Image
image/gif 194.247.175.19
BEMOBILE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pa.tns-ua.com/bug/pic.gif?uid=4692B548981F444F8B0860A7252DC044&time=1656901265042
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.247.175.19 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software: nginx/1.13.0 /
Resource Hash: 2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 02:21:05 GMT
cache-control: no-cache
server: nginx/1.13.0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 0E33 5 KB
740 B 49ms
48ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700&subset=cyrillic-ext,latin-ext

Requested by

Host: api.1plus1.video
URL: https://api.1plus1.video/static/css/api.auth.css?_t364103361993

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

efa5f8df07811ca584265a7f3b44e74687496ae792370392f6fec18f4c1ea30f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://api.1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 04 Jul 2022 01:22:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 04 Jul 2022 02:21:05 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 04 Jul 2022 02:21:05 GMT

GET
H2 200 recaptcha__uk.js Show response
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ 397 KB
148 KB 127ms
40ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__uk.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=__api_auth_recaptcha_on_load__&render=explicit&hl=uk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08e819e60be247e943e3f4c3fddf82ce1160b8c68037e0331806a68bd814e632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1plus1.ua/
Origin: https://1plus1.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:26:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 320066
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 150553
x-xss-protection: 0
last-modified: Mon, 13 Jun 2022 04:02:51 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 30 Jun 2023 09:26:39 GMT

GET
H2 200 recaptcha__uk.js Show response
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ Frame 0E33 397 KB
147 KB 172ms
86ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__uk.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=__api_auth_recaptcha_on_load__&render=explicit&hl=uk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08e819e60be247e943e3f4c3fddf82ce1160b8c68037e0331806a68bd814e632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1plus1.video/
Origin: https://1plus1.video
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:26:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 320066
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 150553
x-xss-protection: 0
last-modified: Mon, 13 Jun 2022 04:02:51 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 30 Jun 2023 09:26:39 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 135ms
51ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-22507043-9&cid=2063326827.1656901265&jid=941056382&_u=YAhAAEAAAAAAAC~&z=2124356939

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 02:21:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ae/ads/ 42 B
501 B 136ms
50ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ae/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-22507043-9&cid=2063326827.1656901265&jid=941056382&_u=YAhAAEAAAAAAAC~&z=2124356939

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 02:21:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 config.json Show response
player.adtelligent.com/exchange_rates/298308/ 4 KB
2 KB 104ms
33ms XHR
application/json 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/exchange_rates/298308/config.json?cb=https%3A%2F%2F1plus1.ua%2F
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19177/hb_298309_4139.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: b970b1fb15a609a48ce9e68536d4795ed2e3294549fc05eed0bec59f62b574ee

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 04 Jul 2022 02:21:05 GMT
content-encoding: gzip
last-modified: Sat, 02 Jul 2022 00:02:17 GMT
server: nginx
etag: W/"62bf8b09-1173"
content-type: application/json
access-control-allow-origin: https://1plus1.ua
expires: Wed, 06 Jul 2022 02:21:05 GMT
cache-control: max-age=172800
x-proxy-cache: HIT

GET
H3 200 integrator.js Show response
adservice.google.ae/adsid/ 107 B
122 B 128ms
48ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ae/adsid/integrator.js?domain=1plus1.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062801.js?cb=31068294

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 04 Jul 2022 02:21:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 127ms
47ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=1plus1.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062801.js?cb=31068294

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 04 Jul 2022 02:21:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 158 KB
46 KB 378ms
299ms XHR
text/plain 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=84074762634372&correlator=74919174968632&eid=31068159%2C31068294%2C42531605&output=ldjh&gdfp_req=1&vrg=2022062801&ptt=17&impl=fifs&iu_parts=82479101%2C1plus1.ua%2CWeb_Interstitual&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=2&adks=2910912907&sfv=1-0-38&ecs=20220704&ists=1&fas=8&fsapi=false&eri=1&sc=1&cookie=ID%3De25bbca02a49bcec-22db3bffc4cd0057%3AT%3D1656901264%3ART%3D1656901264%3AS%3DALNI_MZMK_Rz9AsC2sihCFxEFv-iALErmQ&gpic=UID%3D0000082a807b8525%3AT%3D1656901264%3ART%3D1656901264%3AS%3DALNI_MZI4BG7zASWJGD0ZiqGA_zI2ww_ig&abxe=1&dt=1656901265207&lmt=1656901265&dlt=1656901263759&idt=1417&biw=1600&bih=1200&adxs=-9&adys=-9&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2F1plus1.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=2063326827.1656901265&ga_sid=1656901265&ga_hid=1268243086&ga_fc=true&btvi=-1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062801.js?cb=31068294

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

ccc34ccca1022c23dbe7b887699bd833054fe8b8fcd31dcd36f51c76f442c6c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 02:21:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47295
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://1plus1.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 472D 6 KB
4 KB 170ms
47ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062801.js?cb=31068294

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1plus1.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Jul 2022 02:21:05 GMT
expires: Tue, 04 Jul 2023 02:21:05 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads_2022062801.js Show response
securepubads.g.doubleclick.net/gpt/ 36 KB
13 KB 116ms
40ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022062801.js?cb=31068294

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062801.js?cb=31068294

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

sffe /

Resource Hash

96fa53f5c7ee449368b95af8f9b354851f7f47ef24a30c820df6fdfeabab17ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 10:43:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 401856
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13583
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 08:35:24 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 29 Jun 2023 10:43:29 GMT

POST
H2 200 bid Show response
a4p.adpartner.pro/hb/ 3 B
249 B 60ms
60ms XHR
application/json 51.83.220.94
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/hb/bid?tag=8048&sizes=1440x180&referer=https%3A%2F%2F1plus1.ua%2F
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19177/hb_298309_4139.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-03.adpartner.pro
Software: nginx /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://1plus1.ua
date: Mon, 04 Jul 2022 02:21:05 GMT
cache-control: no-store no-transform
access-control-allow-credentials: true
server: nginx
content-length: 3
content-type: application/json

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
271 B 111ms
36ms XHR
text/plain 147.75.85.234
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19177/hb_298309_4139.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://1plus1.ua
date: Mon, 04 Jul 2022 02:21:05 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 3
vary: origin, Accept-Encoding

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
210 B 113ms
34ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.7.0-pre&cb=4720125211

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19177/hb_298309_4139.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 04 Jul 2022 02:21:04 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://1plus1.ua
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
111 B 212ms
130ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19177/hb_298309_4139.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://1plus1.ua
date: Mon, 04 Jul 2022 02:21:03 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 KB
8 KB 233ms
158ms XHR
application/json 185.33.221.89
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19177/hb_298309_4139.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

ecc2c6a125ce84a408d53fa9fabf2cf6f5be01e99d620a89b5ad922fad689c33

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 04 Jul 2022 02:21:05 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 5.187.21.108; 5.187.21.108; 719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 91ca5d00-437f-46bb-894f-6bc89b6c424e
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://1plus1.ua
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 arj Show response
adtelligent-d.openx.net/w/1.0/ 73 B
375 B 104ms
32ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adtelligent-d.openx.net/w/1.0/arj?ju=https%3A%2F%2F1plus1.ua%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=4bd81a2a-7024-4a03-9239-bc74402c925a%2Ce0bccac1-ea0a-42cc-9d4d-765b942b3d94%2C78956e7d-378c-4ac2-8422-1d42e5ab7349%2Cd890a421-80dd-4d0e-8927-a6171d9bad31%2Cecaba6f0-f24e-4d56-8792-a9ea527346a6&nocache=1656901265255&pubcid=86b27987-dd71-4121-a089-327c9eba49c6&schain=1.0%2C1!adtelligent.com%2C298309%2C1%2C%2C%2C&aus=300x250%7C300x600%2C300x250%7C970x250%2C750x250%7C300x600%2C300x250%7C1440x180&divids=div-gpt-ad-1519059092931-2%2Cdiv-gpt-ad-1519059092931-0288026996%2Cdiv-gpt-ad-1519059092931-1%2Cdiv-gpt-ad-1519059092931-02003184821%2Capi-gpt-catfish-wrapper&aucs=%252F82479101%252F1plus1.ua%252F1plus1_300x250_2%2523div-gpt-ad-1519059092931-2%2C%252F82479101%252F1plus1.ua%252F1plus1_300x600%2523div-gpt-ad-1519059092931-02003184821%2C%252F82479101%252F1plus1.ua%252F1plus1_1250x250%2523div-gpt-ad-1519059092931-1%2C%252F82479101%252F1plus1.ua%252F1plus1_300x600%2523div-gpt-ad-1519059092931-02003184821%2C%252F82479101%252F1plus1.ua%252Fcatfish%2523api-gpt-catfish-wrapper&auid=541177132%2C541177132%2C541177132%2C541177132%2C541177132
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19177/hb_298309_4139.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/7f1e280 /
Resource Hash: da2cc9b499be1080e005553fb99c124cc4e1e3bbffeaae7a86f507c3e5b512ef

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 02:21:05 GMT
content-encoding: gzip
server: OXGW/7f1e280
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://1plus1.ua
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
171 B 113ms
36ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19177/hb_298309_4139.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://1plus1.ua
date: Mon, 04 Jul 2022 02:21:05 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

GET
H2

200

ROS Show response
pbjs.e-planning.net/hb/1/2e43c/1/1plus1.ua/
Redirect Chain

https://pbjs.e-planning.net/pbjs/1/2e43c/1/1plus1.ua/ROS?rnd=0.8590668362379317&e=300x250_0%3A300x250%2B300x250_1%3A300x250%2C300x600%2B300x250_2%3A300x250%2C300x600%2B970x250_0%3A970x250%2C750x250...
https://pbjs.e-planning.net/hb/1/2e43c/1/1plus1.ua/ROS?ct=1&r=pbjs&rnd=0.8590668362379317&e=300x250_0%3A300x250%2B300x250_1%3A300x250%2C300x600%2B300x250_2%3A300x250%2C300x600%2B970x250_0%3A970x250...

458 B
868 B

35ms
35ms

XHR
application/json

46.249.52.249
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pbjs.e-planning.net/hb/1/2e43c/1/1plus1.ua/ROS?ct=1&r=pbjs&rnd=0.8590668362379317&e=300x250_0%3A300x250%2B300x250_1%3A300x250%2C300x600%2B300x250_2%3A300x250%2C300x600%2B970x250_0%3A970x250%2C750x250%2B1440x180_0%3A1440x180&ur=https%3A%2F%2F1plus1.ua%2F&pbv=6.7.0-pre&ncb=1&vs=FFFFF&crs=UTF-8&fr=https%3A%2F%2F1plus1.ua%2F&e_pubcid=86b27987-dd71-4121-a089-327c9eba49c6
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Server: 46.249.52.249 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: 2b229fa865eb106077d1b9911b836203ccb3f38a234b07b4f5a7254b6274ae54

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 02:21:05 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://1plus1.ua
expires: Mon, 04 Jul 2022 02:21:05 GMT
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 458
x-sid: AMS-746

Redirect headers

date: Mon, 04 Jul 2022 02:21:05 GMT
server: openresty
access-control-allow-origin: https://1plus1.ua
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location: /hb/1/2e43c/1/1plus1.ua/ROS?ct=1&r=pbjs&rnd=0.8590668362379317&e=300x250_0%3A300x250%2B300x250_1%3A300x250%2C300x600%2B300x250_2%3A300x250%2C300x600%2B970x250_0%3A970x250%2C750x250%2B1440x180_0%3A1440x180&ur=https%3A%2F%2F1plus1.ua%2F&pbv=6.7.0-pre&ncb=1&vs=FFFFF&crs=UTF-8&fr=https%3A%2F%2F1plus1.ua%2F&e_pubcid=86b27987-dd71-4121-a089-327c9eba49c6
access-control-allow-credentials: true
content-type: text/html; charset=iso-8859-1
x-sid: AMS-746

POST
H/1.1 200
OK prebid.1.2.aspx Show response
inv-nets.admixer.net/ 977 B
1 KB 132ms
45ms XHR
text/javascript 146.0.227.109
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/prebid.1.2.aspx

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19177/hb_298309_4139.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

3b8c6f1c219043fcc2be07cb64df80eb52ee96a9ea36943c82c47fc2dd15e844

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 04 Jul 2022 02:21:05 GMT
Server: nginx
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: https://1plus1.ua
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Keep-Alive: timeout=25
Content-Length: 977
X-Xss-Protection: 0

POST
H2 200 v1 Show response
hb-api.omnitagjs.com/hb-api/prebid/ 180 B
524 B 128ms
52ms XHR
application/json 185.255.84.151
IGUANE-

General

Check archive.org

Show headers Download Go to

Full URL

https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2F1plus1.ua%2F&CanonicalUrl=https%3A%2F%2Fm.1plus1.ua%2F&PublisherDomain=https%3A%2F%2F1plus1.ua

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19177/hb_298309_4139.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.151 Ivry-sur-Seine, France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

bc2abfe139e2fdbc14796440a1208a90ee2d40afa2c233ff6d9714bf00b587f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 02:21:05 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://1plus1.ua
access-control-max-age: 3600
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 18
access-control-allow-headers: Accept-Encoding, Content-Type
content-length: 180
expires: 0

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 324 B
1 KB 238ms
90ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48254&zone_id=1767304&size_id=15&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=86b27987-dd71-4121-a089-327c9eba49c6%5E1&rf=https%3A%2F%2F1plus1.ua%2F&tg_i.pbadslot=%2F82479101%2F1plus1.ua%2F1plus1_300x250_2%23div-gpt-ad-1519059092931-2&tk_flint=pbjs_lite_v6.7.0-pre&x_source.tid=4bd81a2a-7024-4a03-9239-bc74402c925a&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F82479101%2F1plus1.ua%2F1plus1_300x250_2%23div-gpt-ad-1519059092931-2&slots=1&rand=0.14276049603857932
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19177/hb_298309_4139.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: b69757d5a23efa1f5b7a3d1eed944adce23b55e8c0f932c5e81b90dd3de0daaa

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 04 Jul 2022 02:21:05 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://1plus1.ua
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 324
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 352 B
1 KB 274ms
126ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48254&zone_id=1767304&size_id=15&alt_size_ids=10&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=86b27987-dd71-4121-a089-327c9eba49c6%5E1&rf=https%3A%2F%2F1plus1.ua%2F&tg_i.pbadslot=%2F82479101%2F1plus1.ua%2F1plus1_300x600%23div-gpt-ad-1519059092931-02003184821&tk_flint=pbjs_lite_v6.7.0-pre&x_source.tid=e0bccac1-ea0a-42cc-9d4d-765b942b3d94&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F82479101%2F1plus1.ua%2F1plus1_300x600%23div-gpt-ad-1519059092931-02003184821&slots=1&rand=0.9847358262798298
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19177/hb_298309_4139.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: e91cf6288ec4ed853e2739d3729f72b39bd8e88776fda20b457898388799627d

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 04 Jul 2022 02:21:05 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://1plus1.ua
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 352
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 323 B
1 KB 240ms
91ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48254&zone_id=1767304&size_id=57&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=86b27987-dd71-4121-a089-327c9eba49c6%5E1&rf=https%3A%2F%2F1plus1.ua%2F&tg_i.pbadslot=%2F82479101%2F1plus1.ua%2F1plus1_1250x250%23div-gpt-ad-1519059092931-1&tk_flint=pbjs_lite_v6.7.0-pre&x_source.tid=78956e7d-378c-4ac2-8422-1d42e5ab7349&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F82479101%2F1plus1.ua%2F1plus1_1250x250%23div-gpt-ad-1519059092931-1&slots=1&rand=0.8287171184692028
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19177/hb_298309_4139.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 3261dfa5cad802f2a2e130c487ddae485cc6cee37610e285f1e936452cb74793

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 04 Jul 2022 02:21:05 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://1plus1.ua
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 323
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 352 B
1 KB 413ms
264ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48254&zone_id=1767304&size_id=15&alt_size_ids=10&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=86b27987-dd71-4121-a089-327c9eba49c6%5E1&rf=https%3A%2F%2F1plus1.ua%2F&tg_i.pbadslot=%2F82479101%2F1plus1.ua%2F1plus1_300x600%23div-gpt-ad-1519059092931-02003184821&tk_flint=pbjs_lite_v6.7.0-pre&x_source.tid=d890a421-80dd-4d0e-8927-a6171d9bad31&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F82479101%2F1plus1.ua%2F1plus1_300x600%23div-gpt-ad-1519059092931-02003184821&slots=1&rand=0.40390912412824065
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19177/hb_298309_4139.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 0775d845477ec67d30df12f018643cd5ef6021da70d54ec1772ffee13e17acf9

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 04 Jul 2022 02:21:05 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://1plus1.ua
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 352
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK / Show response
ghb.adtelligent.com/v2/auction/ 3 KB
677 B 29ms
29ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/v2/auction/
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19177/hb_298309_4139.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 1a0bd43d72cdb652130131bebb879e21ff9055366fc96fc5ff9c8a3acb943a26

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 04 Jul 2022 02:21:05 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://1plus1.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 373

POST
H/1.1 200
OK / Show response
ghb1.adtelligent.com/v2/auction/ 2 KB
637 B 176ms
29ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb1.adtelligent.com/v2/auction/
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19177/hb_298309_4139.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e0df990919deefea7970a067bc4883d7d0b0a4271758cf451db2806766776c6e

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 04 Jul 2022 02:21:05 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://1plus1.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 333

POST
H2 200 i Show response
ads.adnuntius.delivery/ 7 KB
2 KB 229ms
158ms XHR
application/json 2606:4700:3030::6815:5525
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adnuntius.delivery/i?tzo=0&format=json
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19177/hb_298309_4139.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:5525 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f99dd979ee36413f4963de1246116ebeaab845a8975c94e6f5b87bbd973116a3

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 04 Jul 2022 02:21:05 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-adn-diagnostic-request-id: 4d408c3df1a959a7c4f330d1beb24d20
x-adn-backend-server-id: h6412ed8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1265
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BgcQmtJk6tPcf%2BsFnwUBQhGvsjVp54okiYmvz4XRSQnblNt3osn0o6MhIgOv0JzH3cJpSMnrvrnGXijHes9KkuUPb%2BxeX%2Bor%2FfyfE9Wy8wMyS7hs5CmD9zfoevp4T3T%2F0hq8xO9aShvPqICpSl2gJVJ0i6Xd"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://1plus1.ua
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 725462ac6a18741f-LHR
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
356 B 125ms
39ms XHR
application/json 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19177/hb_298309_4139.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://1plus1.ua
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
211 B 96ms
34ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.7.0-pre&cb=19569784465

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19177/hb_298309_4139.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 04 Jul 2022 02:21:04 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://1plus1.ua
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 325 B
1 KB 235ms
90ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2126352&size_id=15&eid_pubcid.org=86b27987-dd71-4121-a089-327c9eba49c6%5E1&rf=https%3A%2F%2F1plus1.ua%2F&tg_i.pbadslot=%2F82479101%2F1plus1.ua%2F1plus1_300x250_2%23div-gpt-ad-1519059092931-2&tk_flint=pbjs_lite_v6.7.0-pre&x_source.tid=4bd81a2a-7024-4a03-9239-bc74402c925a&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F82479101%2F1plus1.ua%2F1plus1_300x250_2%23div-gpt-ad-1519059092931-2&slots=1&rand=0.6316447205836848
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19177/hb_298309_4139.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: cd4ca82fa113fe41ab63699d0d37379b829ef235db6ccc4d77a13aa84f1bb03e

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 04 Jul 2022 02:21:05 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://1plus1.ua
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 325
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 353 B
1 KB 249ms
102ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2126352&size_id=15&alt_size_ids=10&eid_pubcid.org=86b27987-dd71-4121-a089-327c9eba49c6%5E1&rf=https%3A%2F%2F1plus1.ua%2F&tg_i.pbadslot=%2F82479101%2F1plus1.ua%2F1plus1_300x600%23div-gpt-ad-1519059092931-02003184821&tk_flint=pbjs_lite_v6.7.0-pre&x_source.tid=e0bccac1-ea0a-42cc-9d4d-765b942b3d94&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F82479101%2F1plus1.ua%2F1plus1_300x600%23div-gpt-ad-1519059092931-02003184821&slots=1&rand=0.8288783168448048
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19177/hb_298309_4139.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: bc8da5d75140640d8da53492b5070f6ea34c9c1a1c1b53f3069cca26d4bdac01

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 04 Jul 2022 02:21:05 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://1plus1.ua
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 353
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 324 B
1 KB 325ms
91ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2126352&size_id=57&eid_pubcid.org=86b27987-dd71-4121-a089-327c9eba49c6%5E1&rf=https%3A%2F%2F1plus1.ua%2F&tg_i.pbadslot=%2F82479101%2F1plus1.ua%2F1plus1_1250x250%23div-gpt-ad-1519059092931-1&tk_flint=pbjs_lite_v6.7.0-pre&x_source.tid=78956e7d-378c-4ac2-8422-1d42e5ab7349&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F82479101%2F1plus1.ua%2F1plus1_1250x250%23div-gpt-ad-1519059092931-1&slots=1&rand=0.6821932621062681
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19177/hb_298309_4139.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 33b8ded1db2bd4f9a1a277b066392692c7bf16d47959e31ac402661fdf5ef167

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 04 Jul 2022 02:21:05 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://1plus1.ua
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 324
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 353 B
1 KB 500ms
264ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2126352&size_id=15&alt_size_ids=10&eid_pubcid.org=86b27987-dd71-4121-a089-327c9eba49c6%5E1&rf=https%3A%2F%2F1plus1.ua%2F&tg_i.pbadslot=%2F82479101%2F1plus1.ua%2F1plus1_300x600%23div-gpt-ad-1519059092931-02003184821&tk_flint=pbjs_lite_v6.7.0-pre&x_source.tid=d890a421-80dd-4d0e-8927-a6171d9bad31&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F82479101%2F1plus1.ua%2F1plus1_300x600%23div-gpt-ad-1519059092931-02003184821&slots=1&rand=0.9852944047471888
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19177/hb_298309_4139.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: ab87721d1d1e549f3e63fc4500cbcd57774d725a989058eb89a50303500842d7

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 04 Jul 2022 02:21:05 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://1plus1.ua
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 353
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK hls.light.min.js Show response
1plus1.video/static/player/js/ Frame 0E33 153 KB
53 KB 69ms
69ms Script
application/javascript 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://1plus1.video/static/player/js/hls.light.min.js
Requested by: Host: 1plus1.video
URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=58c2a35b92274ef0dc1c7f6cce597b04ab0c50de
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: bd9072da49e87b2c3688527532eb51a54a6886366915be497e4e2de0c83e5859

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/video/embed/E2fzXbha?l=ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 02:21:05 GMT
Content-Encoding: gzip
Last-Modified: Mon, 11 Dec 2017 12:35:16 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Wed, 03 Aug 2022 02:18:22 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 131ms
51ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220629&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206300101/show_ads_impl_fy2019.js?bust=31068309

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

380e0c01b9199463a9871a0eb5a39a50919e13cc85d027cf8b9733dcd35c99dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 04 Jul 2022 02:21:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10567
x-xss-protection: 0

GET
H2 200 337329a5e3fec02712e8d60b21e1412b_755x500.jpg
images.1plus1.ua/uploads/gallery/000/860/641/ 30 KB
30 KB 65ms
65ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/gallery/000/860/641/337329a5e3fec02712e8d60b21e1412b_755x500.jpg?v=1645530002
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/build/js/app.js?id=ff35a9d53833cf45c98e
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: abee2ab95491ef1e29b65b7c025f035fc075327c87817750d1149ed782780477

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 02:21:05 GMT
last-modified: Tue, 22 Feb 2022 11:40:02 GMT
server: nginx
etag: "cde866112b4b81b54aa1bd45cc67011d"
content-type: image/jpeg
cache-control: max-age=315360000
content-length: 30780
accept-ranges: bytes
x-1p1-cdn: HIT; Mon, 04 Jul 2022 01:10:52 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 f151616dfa4225a5765c58f2fe77ae18_755x500.jpg
images.1plus1.ua/uploads/gallery/000/860/650/ 42 KB
42 KB 67ms
67ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/gallery/000/860/650/f151616dfa4225a5765c58f2fe77ae18_755x500.jpg?v=1645530034
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/build/js/app.js?id=ff35a9d53833cf45c98e
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 48c780f7e651b6071883d1dbf7a21e38f4b9e9250335487cc846abc0b4cff053

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 02:21:05 GMT
last-modified: Tue, 22 Feb 2022 11:40:34 GMT
server: nginx
etag: "09e423317519e26fcd0c5fc1a026561b"
content-type: image/jpeg
cache-control: max-age=315360000
content-length: 42603
accept-ranges: bytes
x-1p1-cdn: HIT; Mon, 04 Jul 2022 01:10:52 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK E2fzXbha Show response
1plus1.video/video/embed/ Frame 0E33 11 KB
6 KB 108ms
107ms Document
text/html 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://1plus1.video/video/embed/E2fzXbha?autoplay=0&l=ua
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: 9804388cba17d2c3d7a1151cd43e79ce3d6b5ff470cef3f85fd2669c12ceacd5

Request headers

Referer: https://1plus1.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Mon, 04 Jul 2022 02:21:05 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=15
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H2 200 92d3195f325a4d45ee303ab9d892d5b3.custom.jpg
images.1plus1.video/card-5/E2fzXbha/ Frame 0E33 112 KB
0 91ms
90ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/card-5/E2fzXbha/92d3195f325a4d45ee303ab9d892d5b3.custom.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 02:21:05 GMT
last-modified: Tue, 15 Jun 2021 14:24:37 GMT
server: nginx
etag: "c7be8b09dd21bd3fc4aad93543f193e6"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 486113
accept-ranges: bytes
x-1p1-cdn: BYPASS; Mon, 04 Jul 2022 02:21:05 GMT
expires: Mon, 11 Jul 2022 02:21:05 GMT

GET
DATA 200
OK truncated
/ Frame 0E33 369 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5f9ecc527406b9b72bc3a9f4527892dcf842584b7e6aeb7ce816a4c7c8803954

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
fonts.gstatic.com/s/opensans/v29/ Frame 0E33 0
0

GET memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/ Frame 0E33 0
0

GET
H2 200 gplayer.js Show response
gaua.hit.gemius.pl/ Frame 0E33 22 KB
6 KB 56ms
56ms Script
application/x-javascript 146.59.10.80
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/gplayer.js
Requested by: Host: 1plus1.video
URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=58c2a35b92274ef0dc1c7f6cce597b04ab0c50de
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.10.80 , France, ASN16276 (OVH, FR),
Reverse DNS: ip80.ip-146-59-10.eu
Software: GHC /
Resource Hash: 8ea36d679c5c9dd3d5582d5f55c70ef4d7e3cf8d5360f8c45a637587483f6ee1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 02:21:05 GMT
content-encoding: gzip
last-modified: Tue, 24 May 2022 16:52:19 GMT
server: GHC
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: max-age=43200
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 5978
expires: Mon, 04 Jul 2022 14:21:05 GMT

GET
H/1.1 200
OK 128902 Show response
api.1plus1.video/v2/ua/recommendation_projects/ Frame 0E33 3 KB
2 KB 95ms
94ms XHR
application/json 195.137.240.88
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.1plus1.video/v2/ua/recommendation_projects/128902?cid=E2fzXbha&vct=3&_t587429833633
Requested by: Host: 1plus1.video
URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=58c2a35b92274ef0dc1c7f6cce597b04ab0c50de
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.88 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front02.1plus1.ua
Software: nginx /
Resource Hash: 420acc2ce36c2f0c592b45eac0a8d66ccd940200b89134883a63ff2c224d823c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 04 Jul 2022 02:21:05 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://1plus1.video
Cache-Control: no-store, no-cache, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Keep-Alive: timeout=15
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET gemiuslib.js
gaua.hit.gemius.pl/ Frame 0E33 0
0

GET api.chat.0.0.1.js
api.1plus1.video/static/js/ Frame 0E33 0
0

GET ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 0E33 0
0

GET b1ac6f7602909d192d06385c796ae330.220x330.jpg
images.1plus1.video/playlist-1/96592/ Frame 0E33 0
0

GET 08889206d0bc6f22496fd04b86041fed.220x330.jpg
images.1plus1.video/playlist-1/326/ Frame 0E33 0
0

GET e2811c3b984e91c24e364696bb27bc38.220x330.jpg
images.1plus1.video/playlist-1/93/ Frame 0E33 0
0

GET 19a348d8fe46d988addecabea5bddcd4.220x330.jpg
images.1plus1.video/playlist-1/70406/ Frame 0E33 0
0

GET 580fc007f314b6c7a87ec2f320914a1a.220x330.jpg
images.1plus1.video/playlist-1/5589/ Frame 0E33 0
0

GET 370c2b73c5a49b7670bbcbdc1171051f.220x330.jpg
images.1plus1.video/playlist-1/3467/ Frame 0E33 0
0

GET 220x330.jpg
images.1plus1.video/playlist-1/3093/ Frame 0E33 0
0

GET 200x335.jpg
images.1plus1.video/playlist-1/172/ Frame 0E33 0
0

GET fa026e772cfd5e39f5c43fb03bea1247.220x330.jpg
images.1plus1.video/playlist-1/101800/ Frame 0E33 0
0

GET 68f1d6db63b02b275cfc2427fb1527bd.220x330.jpg
images.1plus1.video/playlist-1/229/ Frame 0E33 0
0

GET f0ee1990bc109bdc1d80ced614848fbe.220x330.jpg
images.1plus1.video/playlist-1/118669/ Frame 0E33 0
0

GET
H/1.1 200
OK ovva.0.3.0.css
1plus1.video/static/player/css/ Frame 0E33 171 KB
26 KB 70ms
70ms Stylesheet
text/css 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://1plus1.video/static/player/css/ovva.0.3.0.css?v=58c2a35b92274ef0dc1c7f6cce597b04ab0c50de
Requested by: Host: 1plus1.video
URL: https://1plus1.video/video/embed/E2fzXbha?autoplay=0&l=ua
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: 3dac64a94fcc4eae3c54f1f12824e9b82bebbec1acb3cb8b908f4ecc1f90e578

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/video/embed/E2fzXbha?autoplay=0&l=ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 02:21:05 GMT
Content-Encoding: gzip
Last-Modified: Mon, 29 Nov 2021 13:08:40 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Wed, 03 Aug 2022 02:19:55 GMT

GET
H/1.1 200
OK ovva.0.3.0.js Show response
1plus1.video/static/player/js/ Frame 0E33 198 KB
69 KB 137ms
136ms Script
application/javascript 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=58c2a35b92274ef0dc1c7f6cce597b04ab0c50de
Requested by: Host: 1plus1.video
URL: https://1plus1.video/video/embed/E2fzXbha?autoplay=0&l=ua
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: 517d4417f1918881abb8b87e7be918ca95b9eb50de3a5ef4a46e2e39626aba7b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/video/embed/E2fzXbha?autoplay=0&l=ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 02:21:05 GMT
Content-Encoding: gzip
Last-Modified: Wed, 12 Jan 2022 10:01:09 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Wed, 03 Aug 2022 02:20:30 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 0E33 103 KB
39 KB 47ms
47ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-104502981-1

Requested by

Host: 1plus1.video
URL: https://1plus1.video/video/embed/E2fzXbha?autoplay=0&l=ua

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ff078757e91cce22ca89cdcb1e6e9098edd89df232b1e4b98312942b16b4ee70

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 02:21:05 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40366
x-xss-protection: 0
last-modified: Mon, 04 Jul 2022 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 04 Jul 2022 02:21:05 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 168ms
61ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206300101/show_ads_impl_fy2019.js?bust=31068309

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 02:21:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 04 Jul 2022 02:21:05 GMT

GET
H3 200 container.html Show response
45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 64BA 6 KB
3 KB 122ms
39ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062801.js?cb=31068294

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1plus1.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Jul 2022 02:21:05 GMT
expires: Tue, 04 Jul 2023 02:21:05 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1892 13 KB
5 KB 132ms
46ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1plus1.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 23740
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 03 Jul 2022 19:45:25 GMT
expires: Mon, 03 Jul 2023 19:45:25 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5509 783 B
533 B 55ms
55ms Document
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

78aa9e144f1e30e5739fa73d9ad4dbd01e06853dac52a3267ed0b4345a9e316e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Dlp2EZaghLolnj-QmLn1KQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://1plus1.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-Dlp2EZaghLolnj-QmLn1KQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 04 Jul 2022 02:21:05 GMT
expires: Mon, 04 Jul 2022 02:21:05 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 css2
fonts.googleapis.com/ Frame 64BA 4 KB
636 B 134ms
56ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: 45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com
URL: https://45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 04 Jul 2022 01:00:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 04 Jul 2022 02:21:05 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 04 Jul 2022 02:21:05 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame DD58 2 KB
902 B 119ms
68ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: 45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com
URL: https://45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 00:56:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5086
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Jul 2022 00:56:19 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/ Frame DD58 21 KB
8 KB 96ms
45ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/abg_lite_fy2021.js

Requested by

Host: 45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com
URL: https://45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 00:16:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7484
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8671
x-xss-protection: 0
server: cafe
etag: 18116328616323621410
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Jul 2022 00:16:21 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame DD58 3 KB
1 KB 94ms
44ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/window_focus_fy2021.js

Requested by

Host: 45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com
URL: https://45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 01:59:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1313
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Jul 2022 01:59:12 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DD58 138 KB
42 KB 142ms
59ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com
URL: https://45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 02:21:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43256
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1656329918998510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 04 Jul 2022 02:21:05 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame DD58 17 KB
7 KB 103ms
53ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com
URL: https://45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 02:06:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 876
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 16921397534319471551
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Jul 2022 02:06:29 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame DD58 0
0 47ms
46ms Image
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS79BdF17b7zPpjx25FIjkAjVXi9H5a643zEMeHE-UcRuzcUht-97bcR5DgaZjV0MzIJZ1Btq4tYEP9Bn89rKk3z_tSvw
Requested by: Host: 45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com
URL: https://45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 21b2dfe42abab24529e209ac1efa07c6.js Show response
www.gstatic.com/mysidia/ Frame DD58 31 KB
13 KB 122ms
40ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/21b2dfe42abab24529e209ac1efa07c6.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com
URL: https://45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b97d2c98f8bac4ee72d075d577db22903f83ae9a2742b9caef94f0842b459348

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 12:45:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 221708
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13060
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 20:43:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 29 Sep 2022 12:45:57 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/elements/html/ Frame 64BA 19 KB
8 KB 112ms
65ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: 45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com
URL: https://45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ae2e1dc0161fa05e80b225682868a9bfbab08c503b2429f06339d4487f160ac2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 01:22:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3516
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8263
x-xss-protection: 0
server: cafe
etag: 17157773748623750166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Jul 2022 01:22:29 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 64BA 205 B
229 B 117ms
40ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: 45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com
URL: https://45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 23:18:28 GMT
x-content-type-options: nosniff
age: 10957
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 03 Jul 2023 23:18:28 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 64BA 604 B
628 B 129ms
52ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: 45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com
URL: https://45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 17:47:54 GMT
x-content-type-options: nosniff
age: 30791
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 03 Jul 2023 17:47:54 GMT

GET
H/1.1 200
OK l.js Show response
api.1plus1.video/u/ Frame 0E33 898 B
2 KB 96ms
95ms Script
application/javascript 195.137.240.88
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.1plus1.video/u/l.js?p=128902&l=ua&f=0&auth=1&login_profile=1&_t=1656901265806
Requested by: Host: 1plus1.video
URL: https://1plus1.video/video/embed/E2fzXbha?autoplay=0&l=ua
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.88 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front02.1plus1.ua
Software: nginx /
Resource Hash: 338c4f1f2a838c436f7bc2edc15b10fa69acafbb1fe9e6d1417d358c48939001

Request headers

Referer: https://1plus1.video/
Origin: https://1plus1.video
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 04 Jul 2022 02:21:05 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: https://1plus1.video
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Keep-Alive: timeout=15
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame 0E33 123 KB
45 KB 55ms
55ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WPC3Q76

Requested by

Host: 1plus1.video
URL: https://1plus1.video/video/embed/E2fzXbha?autoplay=0&l=ua

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

18ca855b34e8088b569c94341610b79cb68a708fa3f4a707eea6f2bd55d7089d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 02:21:05 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46334
x-xss-protection: 0
last-modified: Mon, 04 Jul 2022 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 04 Jul 2022 02:21:05 GMT

GET
H3 200 integrator.js Show response
adservice.google.ae/adsid/ 107 B
122 B 54ms
53ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ae/adsid/integrator.js?domain=1plus1.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062801.js?cb=31068294

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 04 Jul 2022 02:21:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 54ms
54ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=1plus1.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062801.js?cb=31068294

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 04 Jul 2022 02:21:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 0E33 49 KB
20 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-104502981-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 4576
date: Mon, 04 Jul 2022 01:04:49 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 04 Jul 2022 03:04:49 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 336 KB
64 KB 797ms
796ms XHR
text/plain 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=84074762634372&correlator=356048920912054&eid=31068159%2C31068294%2C42531605&output=ldjh&gdfp_req=1&vrg=2022062801&ptt=17&impl=fifs&iu_parts=82479101%2C1plus1.ua%2C1plus1_300x250_2%2C1plus1_300x600%2C1plus1_1250x250%2Ccatfish&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F3%2C%2F0%2F1%2F5&prev_iu_szs=300x250%2C300x600%7C300x250%2C970x250%7C750x250%2C300x600%7C300x250%2C1440x180&ifi=3&adks=695559250%2C2969865101%2C3836652839%2C3477903051%2C2198103003&sfv=1-0-38&ecs=20220704&fsapi=false&prev_scp=Project_1plus1%3DMain%26hb_rfBid%3D0%26excl_cat%3DPREPOST%7CProject_1plus1%3DMain%26hb_rfBid%3D0%26excl_cat%3DPREPOST%7CProject_1plus1%3DMain%26hb_rfBid%3D0%26hb_div_id%3Ddiv-gpt-ad-1519059092931-1%26is_vmhbmp%3Dtrue%26hb_override_id%3D610102%26hb_buyer_id%3D6515%26hb_r_id%3D24d34bcc06c030b%26hb_site_id%3D4139%26hb_format%3Dbanner%26hb_size%3D970x250%26hb_pb%3D13.10%26hb_adid%3D9805fd15e56d5da%26hb_bidder%3DadtelligentMarket%26excl_cat%3DPREPOST%7CProject_1plus1%3DOther%26hb_rfBid%3D0%26excl_cat%3DPREPOST%7CProject_1plus1%3Dother%26hb_rfBid%3D0%26hb_div_id%3Dapi-gpt-catfish-wrapper%26is_vmhbmp%3Dtrue%26hb_override_id%3D610110%26hb_buyer_id%3D6515%26hb_r_id%3D26057f91688192d%26hb_site_id%3D4139%26hb_native_icon%3Dhttps%253A%252F%252Fcdn01.basis.net%252F112100%252F112053%252FxHHZL0j3w4SM5DQW.png%26hb_native_image%3Dhttps%253A%252F%252Fcdn01.basis.net%252F112100%252F112053%252FfUU6TWnnomzp7B5G.png%26hb_native_linkurl%3Dhttps%253A%252F%252Fad.doubleclick.net%252Fddm%252Ftrackclk%252FN428001.3027484BASISDSP%252FB28046834.339929458%253Bdc_trk_aid%253D531665840%253Bdc_trk_cid%253D173832590%253Bu%253D488843%25257C6266411231064841913%25257C%25257C1plus1.ua%25257CQUADIENT005CP_%25255BCTR%25255D_Display_Geo%252528National%252529%25257CWEB%25257C2151486%25257C6104041%253Bdc_lat%253D%253Bdc_rdid%253D%253Btag_for_child_directed_treatment%253D%253Btfua%253D%253Bltd%253D%26hb_native_brand%3DQuadient%26hb_native_body%3DDownload%2520the%2520most%2520popular%2520guide.%2520You%27ll%2520have%2520everything%2520you%2520need%2520to%2520make%2520the%2520right%2520decision%2520-%2520right%2520at%2520your%2520fingertips!%26hb_native_title%3DPostage%2520Meter%2520Buyer%25E2%2580%2599s%2520Guide%26hb_format%3Dnative%26hb_size%3D0x0%26hb_pb%3D11.00%26hb_adid%3D9970daefb1459e8%26hb_bidder%3DadtelligentMarket%26excl_cat%3DPREPOST&eri=1&cust_params=hbmp_loc%3Dhttps%253A%252F%252F1plus1.ua%252F&sc=1&cookie=ID%3De25bbca02a49bcec%3AT%3D1656901264%3AS%3DALNI_Ma5RZ1sukxQ_cPbhyxk81vLQ9lJyA&gpic=UID%3D0000082a807b8525%3AT%3D1656901264%3ART%3D1656901264%3AS%3DALNI_MZI4BG7zASWJGD0ZiqGA_zI2ww_ig&abxe=1&dt=1656901265841&lmt=1656901265&dlt=1656901263759&idt=1417&biw=1600&bih=1200&adxs=299%2C983%2C315%2C983%2C80&adys=686%2C2374%2C4431%2C4960%2C1020&ucis=2%7C3%7C4%7C5%7C6&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2F1plus1.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=314x0%7C300x0%7C1176x120%7C300x0%7C1600x-1&msz=314x0%7C300x0%7C1176x0%7C300x0%7C1600x-1&fws=0%2C0%2C0%2C0%2C512&ohw=0%2C0%2C0%2C0%2C0&ga_vid=2063326827.1656901265&ga_sid=1656901265&ga_hid=1268243086&ga_fc=true&btvi=0%7C1%7C2%7C3%7C0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062801.js?cb=31068294

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

9b02749b81bd30a9e80864ceb21e4f68a3b8b3727fbbee10165c0b181c1bdfb2

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13665046492732844651/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13665046492732844651/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COSGiZuW3vgCFcV24Aodh-MJlQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/13665046492732844651/index.html,child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9398474255730865772/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9398474255730865772/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COKGiZuW3vgCFcV24Aodh-MJlQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/9398474255730865772/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13665046492732844651/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13665046492732844651/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COSGiZuW3vgCFcV24Aodh-MJlQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/13665046492732844651/index.html,child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9398474255730865772/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9398474255730865772/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COKGiZuW3vgCFcV24Aodh-MJlQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/9398474255730865772/index.html
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
google-creative-id: -1,-1,138272579647,-1,138272579770
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65170
x-xss-protection: 0
google-lineitem-id: -1,-1,5083406588,-1,5083352054
pragma: no-cache
server: cafe
google-mediationtag-id: -2
date: Mon, 04 Jul 2022 02:21:06 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://1plus1.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5509 0
0 79ms
78ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220629&jk=84074762634372&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H/1.1 200
OK api.auth.0.0.5.js Show response
api.1plus1.video/static/js/ Frame 0E33 108 KB
33 KB 69ms
69ms Script
application/javascript 195.137.240.88
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.1plus1.video/static/js/api.auth.0.0.5.js?v=58c2a35b92274ef0dc1c7f6cce597b04ab0c50de
Requested by: Host: api.1plus1.video
URL: https://api.1plus1.video/u/l.js?p=128902&l=ua&f=0&auth=1&login_profile=1&_t=1656901265806
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.88 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front02.1plus1.ua
Software: nginx /
Resource Hash: 792972a6b7f330144c0cf22b9c63f8efaff4665dfb2b43868d0cbbaff721d100

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 02:21:05 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Apr 2022 11:59:04 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Wed, 03 Aug 2022 02:19:16 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 6059 1 KB
749 B 40ms
39ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com
URL: https://45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 46493
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Jul 2022 13:26:12 GMT
etag: 48472445140208031
expires: Mon, 04 Jul 2022 13:26:12 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 jM248wiKq0YW9gJU5iyZLO601i5VwbJBYGHxrXeF70U.js Show response
pagead2.googlesyndication.com/bg/ Frame 1892 36 KB
13 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jM248wiKq0YW9gJU5iyZLO601i5VwbJBYGHxrXeF70U.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ccdb8f3088aab4616f60254e62c992ceeb4d62e55c1b2416061f1ad7785ef45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 01:42:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2343
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13786
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 08:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Jul 2023 01:42:02 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 6059
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEC2P-0dfZB7k7DQyVwhyRDA&google_cver=1&google_push=ARnp8GDeTT86C6orZOkYulFWMRYC9-pYElDjECuG5Im-pSOpzUbQlS07xBECf1h4O9RBG2nR9sP5-T2yvs1YeOlsCfh5WN9Pm5E
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzkyNjQyNDA3NDE0MjY3MTA5OQ==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEC2P-0dfZB7k7DQyVwhyRDA&google_cver=1

43 B
398 B

60ms
33ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEC2P-0dfZB7k7DQyVwhyRDA&google_cver=1
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 02:21:06 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type: image/gif
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Mon, 04 Jul 2022 02:21:06 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEC2P-0dfZB7k7DQyVwhyRDA&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6059
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELzf5omyKR7KuJdsS8LOioA&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELzf5omyKR7KuJdsS8LOioA&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=N3pVV215cDExTzhiSFk1&google_gid=CAESELzf5omyKR7KuJdsS8LOioA&google_cver=1&google_push=ARnp8GAuOlr-RCNuW69Mqo7fGedHkOLDS6ZHhNH0Pv54xhu...

170 B
188 B

82ms
48ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=N3pVV215cDExTzhiSFk1&google_gid=CAESELzf5omyKR7KuJdsS8LOioA&google_cver=1&google_push=ARnp8GAuOlr-RCNuW69Mqo7fGedHkOLDS6ZHhNH0Pv54xhuHUN7EYYOOytVTTih9tV3Z33DeBbuheOFHwHYZVYqZikw5LIhzdQJq

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 02:21:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 04 Jul 2022 02:21:05 GMT
Server: PingMatch/658332f#658332fc5aaa95d8a9be88d89d84d3c319923363 i-0ec0c6ff59ec4bd79@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=N3pVV215cDExTzhiSFk1&google_gid=CAESELzf5omyKR7KuJdsS8LOioA&google_cver=1&google_push=ARnp8GAuOlr-RCNuW69Mqo7fGedHkOLDS6ZHhNH0Pv54xhuHUN7EYYOOytVTTih9tV3Z33DeBbuheOFHwHYZVYqZikw5LIhzdQJq
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6059
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEL5zKaNhxk7Z_ofjZb_rh2A&google_cver=1&google_push=ARnp8GAgpsgVzMvuMWAIGAMmcna0wheG3IkZQRBHRkoVteCOXGIUGJEaoulTO38KnkKBxCqEz5fCB4nU-_6PJSy-...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ARnp8GAgpsgVzMvuMWAIGAMmcna0wheG3IkZQRBHRkoVteCOXGIUGJEaoulTO38KnkKBxCqEz5fCB4nU-_6PJSy-hed9HkWcMgS0

170 B
188 B

126ms
49ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ARnp8GAgpsgVzMvuMWAIGAMmcna0wheG3IkZQRBHRkoVteCOXGIUGJEaoulTO38KnkKBxCqEz5fCB4nU-_6PJSy-hed9HkWcMgS0

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 02:21:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 04 Jul 2022 02:21:06 GMT
Server: MT3 4475 c1dc35a master zrh-pixel-x8 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ARnp8GAgpsgVzMvuMWAIGAMmcna0wheG3IkZQRBHRkoVteCOXGIUGJEaoulTO38KnkKBxCqEz5fCB4nU-_6PJSy-hed9HkWcMgS0
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 04 Jul 2022 02:21:05 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 6059
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEKuh5hEQZcvK3NSXN2q78h0&google_cver=1&google_push=ARnp8GDfl10-QKvFl8RDHMrBsczvVbV_FuQgZ4JFO14xC-giqs5ON36SR1ry9M1zeBV_Wsq0J2hSHBbJRO0UomLS96VG4-U...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ARnp8GDfl10-QKvFl8RDHMrBsczvVbV_FuQgZ4JFO14xC-giqs5ON36SR1ry9M1zeBV_Wsq0J2hSHBbJRO0UomLS96VG4-U4JGrR&google_hm=MzExMTA2NTk3OTM3MDQ1MT...

170 B
329 B

49ms
49ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ARnp8GDfl10-QKvFl8RDHMrBsczvVbV_FuQgZ4JFO14xC-giqs5ON36SR1ry9M1zeBV_Wsq0J2hSHBbJRO0UomLS96VG4-U4JGrR&google_hm=MzExMTA2NTk3OTM3MDQ1MTc4NA%3D%3D

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 02:21:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 04 Jul 2022 02:21:06 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ARnp8GDfl10-QKvFl8RDHMrBsczvVbV_FuQgZ4JFO14xC-giqs5ON36SR1ry9M1zeBV_Wsq0J2hSHBbJRO0UomLS96VG4-U4JGrR&google_hm=MzExMTA2NTk3OTM3MDQ1MTc4NA%3D%3D
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6059
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEO59nEZc4_Sn0iV1Q7izoK0&google_cver=1&google_push=ARnp8GBGyE_r-c8yiNvurRtCLVtGceo2SHpUlWM0sdGTplES6FGzFtCnbcWPpbkIokIlJmUg56oHJRcv_Nd6gc_FTtMKGxX...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEO59nEZc4_Sn0iV1Q7izoK0&google_cver=1&google_push=ARnp8GBGyE_r-c8yiNvurRtCLVtGceo2SHpUlWM0sdGTplES6FGzFtCnbcWPpbkIokIlJmUg56oHJRcv_Nd6gc_FTtMKG...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ARnp8GBGyE_r-c8yiNvurRtCLVtGceo2SHpUlWM0sdGTplES6FGzFtCnbcWPpbkIokIlJmUg56oHJRcv_Nd6gc_FTtMKGxXgN1s

170 B
188 B

67ms
49ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ARnp8GBGyE_r-c8yiNvurRtCLVtGceo2SHpUlWM0sdGTplES6FGzFtCnbcWPpbkIokIlJmUg56oHJRcv_Nd6gc_FTtMKGxXgN1s

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 02:21:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ARnp8GBGyE_r-c8yiNvurRtCLVtGceo2SHpUlWM0sdGTplES6FGzFtCnbcWPpbkIokIlJmUg56oHJRcv_Nd6gc_FTtMKGxXgN1s
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6059
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDCwnarYqXtT6XVzYRxWtD8&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEDCwnarYqXtT6XVzYRxWtD8&google_push=AR...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDCwnarYqXtT6XVzYRxWtD8&google_hm=YsJOktFmdcWRqLEGyGo8JwAACgMAAAAB&google_nid=index&google_push=ARnp8GCcvXCkFf-HaW9NvVAmilLO170vZ8_8T...

170 B
188 B

49ms
49ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDCwnarYqXtT6XVzYRxWtD8&google_hm=YsJOktFmdcWRqLEGyGo8JwAACgMAAAAB&google_nid=index&google_push=ARnp8GCcvXCkFf-HaW9NvVAmilLO170vZ8_8TB_68c41SxiYVZrpXFN_bkqddutB_AuubRAHXWXZ3yHmIeMUWmmMrrjvsOIpYEz5

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 02:21:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Jul 2022 02:21:06 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pBQbtz02sUvKxpka354AEPMJEOYBOZUOdgEMCQg1JiQRjVYB24gTCEgim2kdY1%2F47PYXLq1cVBmxLjASIMNxjzGN9srNs8IVsZi%2FE7KIsgiG%2Fh2Jmua0MDuToSV6H7KGeI3TBqV953mBOg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDCwnarYqXtT6XVzYRxWtD8&google_hm=YsJOktFmdcWRqLEGyGo8JwAACgMAAAAB&google_nid=index&google_push=ARnp8GCcvXCkFf-HaW9NvVAmilLO170vZ8_8TB_68c41SxiYVZrpXFN_bkqddutB_AuubRAHXWXZ3yHmIeMUWmmMrrjvsOIpYEz5
cache-control: no-cache
cf-ray: 725462b2293076e7-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6059
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEGH29RzP7jp35c8Lj-BxV1Y&google_cver=1&google_push=ARnp8GDiXXDnwRy28cXzrqm6yYc_vXwOUWduw861vTGWOsy5Jn1EofWHyTpRpUuhJwT5HlcvY8CLbMnIAKMqHixCS...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEGH29RzP7jp35c8Lj-BxV1Y&google_cver=1&google_push=ARnp8GDiXXDnwRy28cXzrqm6yYc_vXwOUWduw861vTGWOsy5Jn1EofWHyTpRpUuhJwT5HlcvY8CLbMnIAKMqHixCS...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ARnp8GDiXXDnwRy28cXzrqm6yYc_vXwOUWduw861vTGWOsy5Jn1EofWHyTpRpUuhJwT5HlcvY8CLbMnIAKMqHixCSFKBAo8v6oH4&google_hm=E6rtKGZH6hokrbkvRfWZNCq6

170 B
188 B

48ms
48ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ARnp8GDiXXDnwRy28cXzrqm6yYc_vXwOUWduw861vTGWOsy5Jn1EofWHyTpRpUuhJwT5HlcvY8CLbMnIAKMqHixCSFKBAo8v6oH4&google_hm=E6rtKGZH6hokrbkvRfWZNCq6

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 02:21:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 04 Jul 2022 02:21:06 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ARnp8GDiXXDnwRy28cXzrqm6yYc_vXwOUWduw861vTGWOsy5Jn1EofWHyTpRpUuhJwT5HlcvY8CLbMnIAKMqHixCSFKBAo8v6oH4&google_hm=E6rtKGZH6hokrbkvRfWZNCq6
Access-Control-Allow-Credentials: true
Connection: close
X-Sovrn-Pod: ad_ap2sea1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 6059 0
232 B 149ms
46ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KIWrV1ZXWUltAyqBzweSuQHFPoKMQRhaIL2o1xoek4oKdBGgpUONForBZQBRZvN1fVeygs

Requested by

Host: 45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com
URL: https://45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 02:21:06 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H/1.1 200
OK api.auth.css
api.1plus1.video/static/css/ Frame 0E33 56 KB
9 KB 69ms
69ms Stylesheet
text/css 195.137.240.88
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.1plus1.video/static/css/api.auth.css?_t1438814261395
Requested by: Host: client
URL: about:client
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.88 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front02.1plus1.ua
Software: nginx /
Resource Hash: a691ce0fb054d5f2128394b9ad9c5961d7c0cdc1804bc83d6760df78ee304d7f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 02:21:06 GMT
Content-Encoding: gzip
Last-Modified: Mon, 03 Aug 2020 07:12:56 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Wed, 03 Aug 2022 02:21:06 GMT

GET
H3 200 edue1xTc5YuiZOhJi4VIA_c20CetZt5T9y7Q3cNnrTA.js Show response
pagead2.googlesyndication.com/bg/ Frame 27ED 36 KB
14 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/edue1xTc5YuiZOhJi4VIA_c20CetZt5T9y7Q3cNnrTA.js

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79db9ed714dce58ba264e8498b854803f736d027ad66de53f72ed0ddc367ad30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 07:04:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 242195
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13936
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 08:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 01 Jul 2023 07:04:31 GMT

GET
H3 200 api.js Show response
www.google.com/recaptcha/ Frame 0E33 925 B
602 B 48ms
48ms Script
text/javascript 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=__api_auth_recaptcha_on_load__&render=explicit&hl=uk

Requested by

Host: api.1plus1.video
URL: https://api.1plus1.video/static/js/api.auth.0.0.5.js?v=58c2a35b92274ef0dc1c7f6cce597b04ab0c50de

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c1664f45bc92def41dbd3f8d4bd057e6ce4003b168b33cfafcbca2ae19533209

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 02:21:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 581
x-xss-protection: 1; mode=block
expires: Mon, 04 Jul 2022 02:21:06 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 1892 0
9 B 39ms
38ms Image
text/plain 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?f-jpIA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 02:21:06 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 css
fonts.googleapis.com/ Frame 0E33 5 KB
667 B 47ms
47ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700&subset=cyrillic-ext,latin-ext

Requested by

Host: api.1plus1.video
URL: https://api.1plus1.video/static/css/api.auth.css?_t1438814261395

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

efa5f8df07811ca584265a7f3b44e74687496ae792370392f6fec18f4c1ea30f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://api.1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 04 Jul 2022 01:23:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 04 Jul 2022 02:21:06 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 04 Jul 2022 02:21:06 GMT

GET
H3 200 recaptcha__uk.js Show response
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ Frame 0E33 397 KB
147 KB 118ms
39ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__uk.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=__api_auth_recaptcha_on_load__&render=explicit&hl=uk

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08e819e60be247e943e3f4c3fddf82ce1160b8c68037e0331806a68bd814e632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1plus1.video/
Origin: https://1plus1.video
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:26:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 320067
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 150553
x-xss-protection: 0
last-modified: Mon, 13 Jun 2022 04:02:51 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 30 Jun 2023 09:26:39 GMT

GET
H/1.1 200
OK hls.light.min.js Show response
1plus1.video/static/player/js/ Frame 0E33 153 KB
53 KB 68ms
68ms Script
application/javascript 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://1plus1.video/static/player/js/hls.light.min.js
Requested by: Host: 1plus1.video
URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=58c2a35b92274ef0dc1c7f6cce597b04ab0c50de
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: bd9072da49e87b2c3688527532eb51a54a6886366915be497e4e2de0c83e5859

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/video/embed/E2fzXbha?autoplay=0&l=ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 02:21:06 GMT
Content-Encoding: gzip
Last-Modified: Mon, 11 Dec 2017 12:35:16 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Wed, 03 Aug 2022 02:18:22 GMT

GET
H2 200 92d3195f325a4d45ee303ab9d892d5b3.custom.jpg
images.1plus1.video/card-5/E2fzXbha/ Frame 0E33 475 KB
476 KB 77ms
76ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/card-5/E2fzXbha/92d3195f325a4d45ee303ab9d892d5b3.custom.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: bc612c0463c547f2d209aebf6d513fe30242194a0c14739ac81495248c0c4d66

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 02:21:06 GMT
last-modified: Tue, 15 Jun 2021 14:24:37 GMT
server: nginx
etag: "c7be8b09dd21bd3fc4aad93543f193e6"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 486113
accept-ranges: bytes
x-1p1-cdn: BYPASS; Mon, 04 Jul 2022 02:21:06 GMT
expires: Mon, 11 Jul 2022 02:21:06 GMT

GET
DATA 200
OK truncated
/ Frame 0E33 369 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5f9ecc527406b9b72bc3a9f4527892dcf842584b7e6aeb7ce816a4c7c8803954

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
fonts.gstatic.com/s/opensans/v29/ Frame 0E33 24 KB
24 KB 38ms
38ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700&subset=cyrillic-ext,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b800f039c220f9ae4506d735f9ff593d6872c7a8ad4050da17dd8f2dcd76b6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://1plus1.video
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 20:10:55 GMT
x-content-type-options: nosniff
age: 540611
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 27 Jun 2023 20:10:55 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/ Frame 0E33 44 KB
44 KB 45ms
45ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700&subset=cyrillic-ext,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://1plus1.video
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 23:32:09 GMT
x-content-type-options: nosniff
age: 528537
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44800
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 27 Jun 2023 23:32:09 GMT

GET
H2 200 gplayer.js Show response
gaua.hit.gemius.pl/ Frame 0E33 22 KB
6 KB 55ms
55ms Script
application/x-javascript 146.59.10.80
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/gplayer.js
Requested by: Host: 1plus1.video
URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=58c2a35b92274ef0dc1c7f6cce597b04ab0c50de
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.10.80 , France, ASN16276 (OVH, FR),
Reverse DNS: ip80.ip-146-59-10.eu
Software: GHC /
Resource Hash: 8ea36d679c5c9dd3d5582d5f55c70ef4d7e3cf8d5360f8c45a637587483f6ee1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 02:21:06 GMT
content-encoding: gzip
last-modified: Tue, 24 May 2022 16:52:19 GMT
server: GHC
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: max-age=43200
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 5978
expires: Mon, 04 Jul 2022 14:21:06 GMT

GET
H/1.1 200
OK 128902 Show response
api.1plus1.video/v2/ua/recommendation_projects/ Frame 0E33 3 KB
2 KB 115ms
115ms XHR
application/json 195.137.240.88
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.1plus1.video/v2/ua/recommendation_projects/128902?cid=E2fzXbha&vct=3&_t672257234994
Requested by: Host: 1plus1.video
URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=58c2a35b92274ef0dc1c7f6cce597b04ab0c50de
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.88 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front02.1plus1.ua
Software: nginx /
Resource Hash: 52a0e22d16803d4e51088788ed33270265457717d1d64145905ed3abcd9d792e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 04 Jul 2022 02:21:06 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://1plus1.video
Cache-Control: no-store, no-cache, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Keep-Alive: timeout=15
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 gemiuslib.js Show response
gaua.hit.gemius.pl/ Frame 0E33 50 KB
13 KB 67ms
66ms Script
application/x-javascript 146.59.10.80
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/gemiuslib.js
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/gplayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.10.80 , France, ASN16276 (OVH, FR),
Reverse DNS: ip80.ip-146-59-10.eu
Software: GHC /
Resource Hash: 2cb0ec77d4a1357c426f57e0902f8e2dca5ba6c33937990a15be829288d4823e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 02:21:06 GMT
content-encoding: gzip
last-modified: Tue, 24 May 2022 16:52:19 GMT
server: GHC
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: max-age=43200
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 13494
expires: Mon, 04 Jul 2022 14:21:06 GMT

GET
H/1.1 200
OK api.chat.0.0.1.js Show response
api.1plus1.video/static/js/ Frame 0E33 33 KB
13 KB 131ms
131ms Script
application/javascript 195.137.240.88
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.1plus1.video/static/js/api.chat.0.0.1.js
Requested by: Host: 1plus1.video
URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=58c2a35b92274ef0dc1c7f6cce597b04ab0c50de
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.88 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front02.1plus1.ua
Software: nginx /
Resource Hash: e2b2134adf52398755a5e6428ee95f6a6f99db6b82530f2b3e964c5be470cfe0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 02:21:06 GMT
Content-Encoding: gzip
Last-Modified: Wed, 23 Feb 2022 14:15:30 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Wed, 03 Aug 2022 02:19:23 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 0E33 373 KB
125 KB 62ms
61ms Script
text/javascript 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: 1plus1.video
URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=58c2a35b92274ef0dc1c7f6cce597b04ab0c50de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

662a701e1568bc9c60eb966d8c2200f4441a233d50746596c2cd23ac0240dc62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 02:21:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126951
x-xss-protection: 0
expires: Mon, 04 Jul 2022 02:21:06 GMT

GET
H2 200 08889206d0bc6f22496fd04b86041fed.220x330.jpg
images.1plus1.video/playlist-1/326/ Frame 0E33 91 KB
91 KB 131ms
125ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/326/08889206d0bc6f22496fd04b86041fed.220x330.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 176cec0c0610df2346dd22066f273900fa263f1071814b001d07ffbd654b9eda

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 02:21:06 GMT
last-modified: Sat, 13 Feb 2021 11:59:34 GMT
server: nginx
etag: "70c7ed91bbef141e65887484066b2093"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 93213
accept-ranges: bytes
x-1p1-cdn: BYPASS; Mon, 04 Jul 2022 02:21:06 GMT
expires: Mon, 11 Jul 2022 02:21:06 GMT

GET
H2 200 220x330.jpg
images.1plus1.video/playlist-1/3093/ Frame 0E33 10 KB
10 KB 91ms
84ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/3093/220x330.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 0fb1468e01fc61820e905556d9a6bfd354404ea647b17db099f5913efa77658a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 02:21:06 GMT
last-modified: Fri, 27 Oct 2017 06:57:22 GMT
server: nginx
etag: "0d77b2184841ac8a117fae5b4a32808f"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 9804
accept-ranges: bytes
x-1p1-cdn: BYPASS; Mon, 04 Jul 2022 02:21:06 GMT
expires: Mon, 11 Jul 2022 02:21:06 GMT

GET
H2 200 19a348d8fe46d988addecabea5bddcd4.220x330.jpg
images.1plus1.video/playlist-1/70406/ Frame 0E33 83 KB
83 KB 90ms
84ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/70406/19a348d8fe46d988addecabea5bddcd4.220x330.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 6e1fab0987211581657a25273dce874d533e7aec592668da6e72ef855ad0759c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 02:21:06 GMT
last-modified: Wed, 03 Mar 2021 14:22:50 GMT
server: nginx
etag: "ccd267cf844bad94a287cbf9cf26821e"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 85082
accept-ranges: bytes
x-1p1-cdn: BYPASS; Mon, 04 Jul 2022 02:21:06 GMT
expires: Mon, 11 Jul 2022 02:21:06 GMT

GET
H2 200 370c2b73c5a49b7670bbcbdc1171051f.220x330.jpg
images.1plus1.video/playlist-1/3467/ Frame 0E33 21 KB
22 KB 129ms
124ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/3467/370c2b73c5a49b7670bbcbdc1171051f.220x330.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: cfd5a04c696bf13721ea7b8d1094c8432135fc5f9d457ecf2c1d80bcf87e2235

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 02:21:06 GMT
last-modified: Mon, 04 Jan 2021 09:14:05 GMT
server: nginx
etag: "327c4784d853ead9eb1f0309f353b8d9"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 21916
accept-ranges: bytes
x-1p1-cdn: BYPASS; Mon, 04 Jul 2022 02:21:06 GMT
expires: Mon, 11 Jul 2022 02:21:06 GMT

GET
H2 200 200x335.jpg
images.1plus1.video/playlist-1/172/ Frame 0E33 9 KB
9 KB 99ms
95ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/172/200x335.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 3414b58bed1def0f8a1f6eb4d0a00aefe269558f7c83e4991514f7557906d5d8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 02:21:06 GMT
last-modified: Fri, 27 Oct 2017 06:55:21 GMT
server: nginx
etag: "0f22fa88b853950fb893bc821641989a"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 9066
accept-ranges: bytes
x-1p1-cdn: BYPASS; Mon, 04 Jul 2022 02:21:06 GMT
expires: Mon, 11 Jul 2022 02:21:06 GMT

GET
H2 200 580fc007f314b6c7a87ec2f320914a1a.220x330.jpg
images.1plus1.video/playlist-1/5589/ Frame 0E33 82 KB
83 KB 120ms
116ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/5589/580fc007f314b6c7a87ec2f320914a1a.220x330.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: ae0b2fa6956c5bbeab3ebb80e69bc0d313506fbf6d9a75fdd41d3511d8aeb120

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 02:21:06 GMT
last-modified: Wed, 26 Jan 2022 08:14:28 GMT
server: nginx
etag: "3917fa01fa34fdfd43db5b1c15071af1"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 84258
accept-ranges: bytes
x-1p1-cdn: BYPASS; Mon, 04 Jul 2022 02:21:06 GMT
expires: Mon, 11 Jul 2022 02:21:06 GMT

GET
H2 200 f0ee1990bc109bdc1d80ced614848fbe.220x330.jpg
images.1plus1.video/playlist-1/118669/ Frame 0E33 84 KB
84 KB 138ms
135ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/118669/f0ee1990bc109bdc1d80ced614848fbe.220x330.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: e52ce9aedd00c17de0baddbfc8112577c1a48f3d1c8aee25953a53feb7281d7c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 02:21:06 GMT
last-modified: Thu, 23 Sep 2021 09:37:45 GMT
server: nginx
etag: "cd80b64d6e8b1fb3fb0449e270085489"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 85922
accept-ranges: bytes
x-1p1-cdn: BYPASS; Mon, 04 Jul 2022 02:21:06 GMT
expires: Mon, 11 Jul 2022 02:21:06 GMT

GET
H2 200 68f1d6db63b02b275cfc2427fb1527bd.220x330.jpg
images.1plus1.video/playlist-1/229/ Frame 0E33 118 KB
119 KB 100ms
98ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/229/68f1d6db63b02b275cfc2427fb1527bd.220x330.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: a3eb4ecc51f5edd11da1af7ad648fb4ff5efda6460f4c1584903390d82a8ddec

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 02:21:06 GMT
last-modified: Tue, 04 Jun 2019 10:01:26 GMT
server: nginx
etag: "8844ae94e5155e3c5e8df6159529af3a"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 121065
accept-ranges: bytes
x-1p1-cdn: BYPASS; Mon, 04 Jul 2022 02:21:06 GMT
expires: Mon, 11 Jul 2022 02:21:06 GMT

GET
H2 200 b1ac6f7602909d192d06385c796ae330.220x330.jpg
images.1plus1.video/playlist-1/96592/ Frame 0E33 63 KB
64 KB 100ms
97ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/96592/b1ac6f7602909d192d06385c796ae330.220x330.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 23f6147ca5720cc69303cdbdf8ddeb002ec83b6eb14d3c914d16f965b792b32e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 02:21:06 GMT
last-modified: Mon, 29 Mar 2021 06:16:13 GMT
server: nginx
etag: "7fce4d861b6eeccb81f0a025c5d3765c"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 64943
accept-ranges: bytes
x-1p1-cdn: BYPASS; Mon, 04 Jul 2022 02:21:06 GMT
expires: Mon, 11 Jul 2022 02:21:06 GMT

GET
H2 200 fa026e772cfd5e39f5c43fb03bea1247.220x330.jpg
images.1plus1.video/playlist-1/101800/ Frame 0E33 77 KB
78 KB 146ms
143ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/101800/fa026e772cfd5e39f5c43fb03bea1247.220x330.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 7f4b62d09dc30ffd1f6943c722fc053199beca02c3a5962264608d05ec583484

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 02:21:06 GMT
last-modified: Thu, 23 Sep 2021 09:32:32 GMT
server: nginx
etag: "1ac7c7bca48ad0b6bf49709fb825bd52"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 79302
accept-ranges: bytes
x-1p1-cdn: BYPASS; Mon, 04 Jul 2022 02:21:06 GMT
expires: Mon, 11 Jul 2022 02:21:06 GMT

GET
H2 200 e2811c3b984e91c24e364696bb27bc38.220x330.jpg
images.1plus1.video/playlist-1/93/ Frame 0E33 73 KB
73 KB 161ms
159ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/93/e2811c3b984e91c24e364696bb27bc38.220x330.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 623b8ed926c2eb6436ec5a876949f4986eea52ccb69a6a0064164dd9d6361179

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 02:21:06 GMT
last-modified: Sat, 30 Oct 2021 07:14:20 GMT
server: nginx
etag: "a24e7612ca888c6a3f26a9c9ad42fb7a"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 74890
accept-ranges: bytes
x-1p1-cdn: BYPASS; Mon, 04 Jul 2022 02:21:06 GMT
expires: Mon, 11 Jul 2022 02:21:06 GMT

GET
H2 200 fpdata.js Show response
gaua.hit.gemius.pl/ Frame 0E33 281 B
353 B 55ms
55ms Script
application/x-javascript 146.59.10.80
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/fpdata.js?href=1plus1.video
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/gemiuslib.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.10.80 , France, ASN16276 (OVH, FR),
Reverse DNS: ip80.ip-146-59-10.eu
Software: GHC /
Resource Hash: b909b4a146f98b3df02d19a45056c848c2a610df5752180c92c2afeef3548980

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 02:21:06 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
server: GHC
etag: PRIVATE7520710249
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: private, max-age=2592000
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 281
expires: Wed, 03 Aug 2022 02:21:06 GMT

GET
H2 200 lsget.html Show response
ls.hit.gemius.pl/ Frame 9E30 5 KB
3 KB 58ms
58ms Document
text/html 146.59.30.108
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ls.hit.gemius.pl/lsget.html
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/gemiuslib.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.30.108 , France, ASN16276 (OVH, FR),
Reverse DNS: ip108.ip-146-59-30.eu
Software: GHC /
Resource Hash: 0c6d7c39a50745368a2c1566bd478cb60be5807a949674f42c5ac34a1dbc854f

Request headers

Referer: https://1plus1.video/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: none
cache-control: private, max-age=2592000
content-encoding: gzip
content-length: 2719
content-type: text/html;charset=utf-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Jul 2022 02:21:06 GMT
etag: PRIVATE7520710249
expires: Wed, 03 Aug 2022 02:21:06 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
p3p: CP="NOI DSP COR NID PSAo OUR IND"
server: GHC
vary: Accept-Encoding,Origin,User-Agent

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 90ms
90ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220629&jk=84074762634372&bg=!zs2lzYnNAAaLlKKnq5Q7ACkAdvg8Wuk029KfpIfV0siQHslFMW92xjMtdJfPLKQBISqISksP3h8TfAIAAACoUgAAAAJoAQcKAFMRzBaesbtQWW2_qGXNxWdNgCo7iWYPcUa5XP0lOyVeXODEcR3a7bfmj9mPrbqdMpFm_DOuSOTcGFnmNXjZ1Y7nKQDNJAAfNhbjZCxvJi9r-UKpl5kCj0lyKtQrcXDy4FB-1S2kr-zPIpTsoeRs2m8Ek8MGIeK6v5qHFdma2Ojh1tL6aOpKnYy-UsVNXLm3GFlaF-vDdSCCKQaehgCk57YGUB2_RG8zj5_xQuPCe9PRub86_5EFUZ0EFh9sBAQlrn2no7npVVdjXuxJS1z5IJKRHM8QoJSPm206cYlya6AucJos1y3OwpEZ_1CkHBV1h24GeiXnMTIesluHR4foCg_HtUJzP2-FPK1um2UPaYR9V5EIYPZ3VqSzfwfvNlXGcq1BogHJSM990xVQ9XInOm4LMccUnUOvfUUu_cqEjdYQKztddIerLTyeQOFiw5teLknvvHVMk7d8NnuNrPGrHl-sQt4stHBOddNA9pIFkaiERghqvjcnsaxI_QLjuqhxxJ9qTz539TmJ258fyTCqrQeeYS14l4N4I0VrcX-WrlHww2Jx7r6LexwetYfJMZY7RdZTbQ1wrI_gS3jIPhqjuGtywLGnhGjO9Exm1OQMEPswuH36hjiaH0ybk_iT1VFy6NZiUoCfFiKIA9feYxy3FqVpM7zvKs25HIYQwHuJQsvURSLcHWz4UdXn3eZWim8oS8c0H1XtwCvWWrnhYW--UU1Wd6v5gCcu1EKr7vt7wEaVqUhTJ7IBaL9zWqn3lX_ZIyNM2gGOIqUg1CZy8rebG-hHV0JlmCPGRUwzAnn4LKEleyaYs8ufl5ISSwrrum57_JYFoXEY_o4htn1wpcsFTQooUhYAihS0ToZpkuK8bEGGuQKYF8Zppf9bKVMiChiRwApmnb_JeCsRpHvTYhdz_oPeH1bjFYWnTTWzQHwp35yEuPNz8gFbFChgmYGDj738JJozUgvLL6Biinj4HYAGC90J1q_O7OA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 container.html Show response
45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B877 6 KB
3 KB 52ms
52ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062801.js?cb=31068294

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1plus1.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Jul 2022 02:21:05 GMT
expires: Tue, 04 Jul 2023 02:21:05 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 015D 6 KB
3 KB 47ms
47ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062801.js?cb=31068294

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1plus1.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Jul 2022 02:21:05 GMT
expires: Tue, 04 Jul 2023 02:21:05 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 54F2 6 KB
3 KB 44ms
44ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062801.js?cb=31068294

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1plus1.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Jul 2022 02:21:05 GMT
expires: Tue, 04 Jul 2023 02:21:05 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9398474255730865772/ Frame E305 87 KB
27 KB 41ms
41ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9398474255730865772/index.html

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5da6dddf993973d461962f09ed2fcdbb6c1d811cca3a584c081d71defba2dfbd

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 412664
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 27865
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Wed, 29 Jun 2022 07:43:22 GMT
expires: Thu, 29 Jun 2023 07:43:22 GMT
last-modified: Thu, 10 Dec 2020 08:33:16 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame B877 0
0 80ms
80ms Fetch
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CYpDjkU7CYqL6OMXtgQeHx6eoCa60y8Vg_cHc_-QM_JjdhvgeEAEg_f-FI2C7BqAB3o6KhQPIAQmpAup6QJmSTLQ-4AIAqAMByANIqgTdAU_QhTPFxYidWm62ZpVP9rQvcawbQsfrehBdSyxxRPXgKHm0c_vUamy7hRGVnjo_NNLv5gBnzuj-MnjtJbxCABy0fG-AQAe_S88xc7Nn6dKsyL86RskG_9kzR_R9ASZwlGB-cwuKI4d7yDhsptNPi72dsau6bDajuUNgPhmlrT95mxPZcdBK19rytdHLJJWp9L2sRy39YNmZ7lr_P-VOV9I2qbGpWhzWHrTu27E_sjQP8BJaeThL2X6R3gdBnabWtvYHMnR96WONhOdywpS3SzHAU7vm4j4vaWGcMLxUwAS36rCwrQPgBAGSBQQIBBgBkgUECAUYBKAGLoAHivH1eqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEIjPCtIIEQiA4YAQEAEYHTICqgI6AoBAgAoDyAsB2BMK0BUBgBcBshceChwIABIUcHViLTkxMzgyNDc2NTM3NTQ1MzMY1dsW&sigh=GZ5fezrP9d8&uach_m=[UACH]&template_id=419
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s22-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/ Frame B877 21 KB
8 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/abg_lite_fy2021.js

Requested by

Host: 45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com
URL: https://45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 00:16:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7485
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8671
x-xss-protection: 0
server: cafe
etag: 18116328616323621410
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Jul 2022 00:16:21 GMT

GET
H3 200 bridge3.520.0_uk.html Show response
imasdk.googleapis.com/js/core/ Frame CA27 633 KB
204 KB 133ms
40ms Document
text/html 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.520.0_uk.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

151cd6258615872f6feccae709aa8351ba4df8a8b10033430ff1affba448399d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1plus1.video/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 518489
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 209277
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Tue, 28 Jun 2022 02:19:37 GMT
expires: Wed, 28 Jun 2023 02:19:37 GMT
last-modified: Tue, 28 Jun 2022 02:15:03 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 0E33 44 KB
16 KB 167ms
76ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 02:21:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 04 Jul 2022 02:21:06 GMT

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 0E33 107 B
122 B 49ms
47ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=1plus1.video

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 04 Jul 2022 02:21:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/ Frame 015D 21 KB
8 KB 40ms
38ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/abg_lite_fy2021.js

Requested by

Host: 45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com
URL: https://45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 00:16:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7485
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8671
x-xss-protection: 0
server: cafe
etag: 18116328616323621410
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Jul 2022 00:16:21 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 015D 8 KB
716 B 49ms
48ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: 45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com
URL: https://45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 04 Jul 2022 01:08:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 04 Jul 2022 02:21:06 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 04 Jul 2022 02:21:06 GMT

GET
H3 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220627_RC00/ Frame 015D 14 KB
3 KB 120ms
39ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220627_RC00/outstream.min.css

Requested by

Host: 45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com
URL: https://45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 14:10:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 562217
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2798
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 10:52:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 27 Jun 2023 14:10:49 GMT

GET
H3 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220627_RC00/ Frame 015D 354 KB
123 KB 241ms
159ms Script
text/javascript 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220627_RC00/outstream.min.js

Requested by

Host: 45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com
URL: https://45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e91b740e0aebfa7aeeff33dd62379b9920fd9419282ba124be588f8670fec89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 14:10:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 562217
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 125445
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 10:52:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 27 Jun 2023 14:10:49 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame 015D 17 KB
7 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com
URL: https://45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 02:06:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 877
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 16921397534319471551
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Jul 2022 02:06:29 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 015D 0
0 48ms
46ms Image
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT78ygvj9aEWz86f_y1vC1fiwImdjp866w-FEFwj59wSmP9A8oCa1-73w-5me5QO93pm2eEo76vsV4VUc_tnG7AoBM9iA
Requested by: Host: 45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com
URL: https://45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 54F2 22 KB
7 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com
URL: https://45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 02 Jul 2022 12:32:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 136109
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 02 Jul 2023 12:32:37 GMT

GET
H2 200 creative.js Show response
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame 54F2 26 KB
10 KB 115ms
38ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js

Requested by

Host: 45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com
URL: https://45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e72a4d605e3d5af4047f1f34af4008981be221e0809e57805c6011c451f81c14

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 02:21:06 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
fastly-original-body-size: 8874
age: 16974
x-jsd-version: 1.13.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19165-FRA, cache-lcy19278-LCY
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"682b-2ihEYwqesMldd0dS8BiHEV2ELiA"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=golBWj%2BsUl%2FDmugyf5yLFrLTepmyJuG6qDZWMZhGa9vKrFw33tEVXy6aEQSaVjJ46uKaHnuR2Fr0tX88TKGGykPx%2B3%2FC6xnJ9aq8WXD7fPjQHFkOfaR%2BFZLD6tJnnWyK66kQd8Yg09HOGmSMYxk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 725462b658d18e14-LHR

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 54F2 138 KB
42 KB 52ms
52ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com
URL: https://45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 02:21:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43256
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1656329918998510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 04 Jul 2022 02:21:06 GMT

POST
H/1.1 204
No Content multitracking Show response
ghb.adtelligent.com/adunit/ 0
220 B 64ms
64ms XHR
text/plain 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/adunit/multitracking
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/460250/hbw_master_298309_4139.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://1plus1.ua
Date: Mon, 04 Jul 2022 02:21:06 GMT
Access-Control-Allow-Credentials: true
Server: Adtelligent
Connection: Keep-Alive
X-Robots-Tag: noindex

GET
H2 200 redot.js Show response
gaua.hit.gemius.pl/_1656901266848/ Frame 0E33 2 B
201 B 64ms
63ms Script
application/x-javascript 146.59.10.80
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/_1656901266848/redot.js?l=107&id=ByA1NmOpnbt8LmYqyjQkWrd8.l0YgocyqLXiHjiJayv.h7&et=data&hsrc=3&extra=_EC%3Dstreamcontent%7C_SPI%3D1656901266928%7C_SP%3DE2fzXbha%7C_SPD%3D1plus1.ua%7C_SPV%3D100%7C_SPR%3D665x400%7C_SC%3DE2fzXbha%7CcurrentDomain%3D1plus1.ua%7CcurrentNetwork%3Dhome%7CprojectID%3D128902%7C_SCV%3D100%7Cmute%3Dfalse%7C_SCR%3D665x400%7C_SCT%3DStarodavni%20tradiciyi%20guculivsirovariv%20ta%20sekreti%20virobnictva%20karpatskih%20tverdih%20siriv%7CvideoType%3D3%7CUserType%3DNotAuthorized%7CCategory%3DENT_AVT_1P1%7C_SCD%3D3189%7C_SCTE%3DVideo%7C_SCPD%3D20210612%7C_SCTY%3D1%2F00%7CcontentType%3Dfun%7C_SCTT%3D1&eventid=0&fr=3&tz=0&fv=-&href=https%3A%2F%2F1plus1.video%2Fvideo%2Fembed%2FE2fzXbha%3Fautoplay%3D0%26l%3Dua&ref=https%3A%2F%2F1plus1.ua%2F&screen=1600x1200r1000&col=24&window=665x400&vis=1&lsdata=i3MVeiQG2fFhFtCtZwu6ERYmkjbJO48YD7yvAQEMvhr.R7gFYQ7btEg9zkZ60wkCK7_cAs3wx90XMbo1075p0Onz8gti/AjfpqxuWnn3DF/&ltime=110&fpdata=-TURNEDOFF
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/gemiuslib.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.10.80 , France, ASN16276 (OVH, FR),
Reverse DNS: ip80.ip-146-59-10.eu
Software: GHC /
Resource Hash: 75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 02:21:06 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 2
expires: Sun, 03 Jul 2022 02:21:06 GMT

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame E305 9 KB
3 KB 57ms
56ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9398474255730865772/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 09:36:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60292
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 04 Jul 2022 09:36:14 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame E305 26 KB
10 KB 57ms
56ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9398474255730865772/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 16:13:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36444
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 04 Jul 2022 16:13:42 GMT

GET
H2 200 gsap_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame E305 60 KB
24 KB 111ms
47ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9398474255730865772/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 02:21:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24155
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:23:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 04 Jul 2022 02:21:06 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6CD0 143 B
163 B 55ms
54ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: 45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com
URL: https://45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 1818
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Mon, 04 Jul 2022 01:50:48 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame B877 3 KB
1 KB 55ms
55ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/window_focus_fy2021.js

Requested by

Host: 45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com
URL: https://45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 01:59:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1314
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Jul 2022 01:59:12 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B877 138 KB
42 KB 58ms
57ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com
URL: https://45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 02:21:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43256
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1656329918998510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 04 Jul 2022 02:21:06 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 54F2 0
0 95ms
74ms Fetch
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssyu_xcBEnj-UzSOZJCFg_oOk9hd6vhbiQNxMx5aISN1RgIbfiaJ-ryOsDg-VtGFocJz8ACOdlfnYi2W4R5fEAZtveY6FIw6JG9cBc0-hjla-DmJH8wjcYLJ4ooTHydqD1BmUyV8NtS5IW1RUf2HFUh4qw71iCUEKY0v8swkZR19n613a1VVB8HS2zzW3MwxxrYBR5J_AESAp6X28Z5xWloio5glUSO1I3BTgot-JOqIpepMmED6HIvWtMqJwVut9ye3scXwXDbKPzgTOlTo-Mmg6oaQ_McVucPZRanx4ai-7V4RNAwuP2h4qmica0ok4BmeQ&sig=Cg0ArKJSzHHq067fLOSVEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com
URL: https://45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 04 Jul 2022 02:21:06 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6CD0
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

68ms
68ms

Document
text/html

2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: 45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com
URL: https://45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 04 Jul 2022 02:21:07 GMT
expires: Mon, 04 Jul 2022 02:21:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 04 Jul 2022 02:21:06 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame B877 17 KB
7 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com
URL: https://45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 02:06:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 877
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 16921397534319471551
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Jul 2022 02:06:29 GMT

GET
DATA 200
OK truncated
/ Frame 54F2 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 80393f33ac80acbeafb4fe2ab75d89a477acf81049fe91f943c81bdf750b9456

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 54F2 0
0 151ms
72ms Fetch
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvwSK_1KF9yO6eV4NeT6MahbAm2fecZLO-QyDuqURc8dLnEvEwtqx2J3t3H5EYcm_oE6PWkwKZkrF234_nBKPDeh-wfgVxEMqIe6oa8AT19DAerW2kZ-2Lykn62ePYMoFytc_gzZ56yKjAJn_1E-atTuhg2z2lBdEyCn0cVSXaa76_qMUa1BTnsg-7KBvQdfbie7szm_CYiyKHsh1lXBdWXVI0Yx8xYCfHNfTt1dOlwuKbzpi77SvJ8kfO1GxCs0_fCjRn6vCbXPDrVH0q5bu_3jRqATZtks_7rnPqG6OZcPPqnL6cxgotOXq5SYjh6wRauI1HO&sig=Cg0ArKJSzH_5kwSpSmj_EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 04 Jul 2022 02:21:07 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 04 Jul 2022 02:21:07 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame B877 0
0 48ms
47ms Image
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSYTNq61_HjWbFMl2P9kysqjAE0ig9ZJHjTg3_zYLHQvcYhI80ddmoKNXPorin6Do3YXJXwo-B00TP8eYbQRoanW5iUMg
Requested by: Host: 45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com
URL: https://45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 edue1xTc5YuiZOhJi4VIA_c20CetZt5T9y7Q3cNnrTA.js Show response
pagead2.googlesyndication.com/bg/ Frame E305 36 KB
14 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/edue1xTc5YuiZOhJi4VIA_c20CetZt5T9y7Q3cNnrTA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79db9ed714dce58ba264e8498b854803f736d027ad66de53f72ed0ddc367ad30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 07:04:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 242196
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13936
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 08:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 01 Jul 2023 07:04:31 GMT

GET
DATA 200
OK truncated
/ Frame B877 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c1f3ab6460bd7cf844b4bd7591402547978fd9095bda1bedd5bb20ed9ee9a11d

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 204 csi
csi.gstatic.com/ Frame 015D 0
327 B 413ms
38ms Ping
image/gif 142.250.201.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~l5648fyt&c=4628096955848&slotId=2314048477924&qqid=COGGiZuW3vgCFcV24Aodh-MJlQ&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220627_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.201.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: par21s23-in-f3.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 02:21:07 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 015D 9 KB
9 KB 142ms
51ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 20:29:43 GMT
x-content-type-options: nosniff
age: 539484
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9644
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 27 Jun 2023 20:29:43 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 015D 15 KB
15 KB 128ms
38ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 11:07:47 GMT
x-content-type-options: nosniff
age: 573200
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 27 Jun 2023 11:07:47 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 015D 0
20 B 83ms
83ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CUhlZkU7CYqH6OMXtgQeHx6eoCbP_vNFqkZqV-ZoQ8C4QASD9_4UjYLsGyAEFqQLqekCZkky0PqgDAcgDmwSqBNkBT9B7MJiNpGmJYY76hGOz3mEr465qB8o5riJwtXZGhCMEqLsk8hi5Hfm-WwlmdM_whzzTGOwC9-2CmPLj3z5S1Adi0hmRYgW1ZLxHKKn5VE9LgMFPEEyuzTlVUpKoP_hWYLbfVPvs_555iR3RWkbU7mTUH75ZWsVflYpOA6kILRtQa2FKyUrHnz1AqMsk9wAYZu-QSvdpLpw2d3c5hZJx3P5IVDjGmPwU2uinM9fzs9_U854isZ0CoRgU0jnmNkkUTJsSLzFP5sL1AGt2rKhmEUtTil1elhwHLsAElq3HhfwD4AQDkAYBoAZ5gAeDtJltqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDyAsB4AsBgAwBsBOwnLAP0BMA2BMDiBQE2BQB0BUB-BYBgBcB&eventType=clickstring&clientTime=1656901267170&ai=CUhlZkU7CYqH6OMXtgQeHx6eoCbP_vNFqkZqV-ZoQ8C4QASD9_4UjYLsGyAEFqQLqekCZkky0PqgDAcgDmwSqBNkBT9B7MJiNpGmJYY76hGOz3mEr465qB8o5riJwtXZGhCMEqLsk8hi5Hfm-WwlmdM_whzzTGOwC9-2CmPLj3z5S1Adi0hmRYgW1ZLxHKKn5VE9LgMFPEEyuzTlVUpKoP_hWYLbfVPvs_555iR3RWkbU7mTUH75ZWsVflYpOA6kILRtQa2FKyUrHnz1AqMsk9wAYZu-QSvdpLpw2d3c5hZJx3P5IVDjGmPwU2uinM9fzs9_U854isZ0CoRgU0jnmNkkUTJsSLzFP5sL1AGt2rKhmEUtTil1elhwHLsAElq3HhfwD4AQDkAYBoAZ5gAeDtJltqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDyAsB4AsBgAwBsBOwnLAP0BMA2BMDiBQE2BQB0BUB-BYBgBcB

Requested by

Host: 45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com
URL: https://45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 02:21:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 015D 22 KB
14 KB 158ms
58ms XHR
text/xml 173.194.76.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-DpTkGI102W5Sw44c0RFuuh7-yfWfIGTseDUgPLw2hxzyU8NXx7xMp3YsopKeAalCS9b6XdqwYPrKxzcl7CxaAAye78Jw&cry=1&dbm_d=AKAmf-A_PXgROjUpcn2O28ByKQU_Vllk_CYwKAYkDnQrktB-Mq1VWIGN_XgW4HJ87HLI5Q6NVEBzCn2rWEHvuDzD1EyTiat5RKPSdKnxTRXgJffPAS5jpLgtQ2qJuvnaRXQTul-MlBT_NsWpRAngpZq45uNVB4ntNQdjTG7OJwBaxOV_xrXeF61ouv6tvLgnBXNj_FyFy0oAS-6hzdloCCIdLRDi--IYIlP9M5j6Smo0gPRmRPNNApVQsOJsXpq1T9yYqHHBrbODvhoXXqxZMxUpkfWPKZl87fPm2OEPXTmdtKBUqHD3j9f9ZwsLveJSjIkJhW0mbnVXR5lIyfcBO-LUt67mCPiZwLkGopBtV-vGKBiMdcnqssjsm2g11JwCaM8hC0Kw6MkbGpimucG6ZgnsY8KHdJ_UZyBRcADeRyjZaNddGYJ8DpA_rZ2O2mmNu40SHiobl2jWSmwb2XJLEYx_mCKLluXpTed95tYo4ANnfmIi7-B8qEI5ynrtWyNuuzUATq7dBCa008_C_a5UWXulDcBcnUWpKEP0I4IpLwmaXWFRYtU7_aT6G7sLiKjax6HlTdE0m5C3mbcyaJ9_bOO33Di-T66KP3EKX4BXQKRFwcc2UPPKILSnSixRqamXd0aFlvnzf-TszDzhQg5x_i9pcYeRP6TftDQ3IxGiMo1p4SusNtJco4CeEqWAmSeUmPuihw8h4IpE5Y31EkN1EtnpsNHMMn61464MKNMm1z9CMozbudeGIFCxM95ea8Wb_2-8-sTabCH3c_1H-POd3o-o2LmTTpPHmehkNeq98DcqsZwfEpYa6nxBV0jttLVxnwnfd4njRzvtNq1ZMVqs_i_1foxFDwKmiuvUq0aay3ahwLNuXzmEbF2tF_egIbIM_PsoWoqjU3tBN0g-5g3TJWY62FlZPJ-WdKnAImeMovfU_QQFRsRnewvfRnGz8rK1x2GOLL9dZ8iTKqOqRRWyClUsTGdnzkzP_orvgiKv7X2_WqbbTtTZNWfb-xpKb0eOY-niRG8V1B8kb61cfHP2dt1sFz_0iOkm3Leb3QxUgobXFN4okkv70nxsjRkZjtbr02yaG9YHA6TFIBwCk8j-WMBcJo7cPODO3d_RYYVbf0AzHAQ7TYKZeX-ULVvVk-2R-Cefx0-9GzcmPhzW5qzkIccTsA5LaHzHSudH8tbLeJjA8FeWttzo3q0i4xT30GujXiG3oXC3LZnHIiKsNMQ7rQZYqwb2D1oZJj8KBhNvv6HcanMA670TxrOrscLJO-SL4ujq3MYQ2vBxBnPSZuC6Pc0ch3VmMk6CeqTunQbZ2UiiyZfIJZdklOJrcyUoQJhZWuC0XkLgcSrJ-LPuP6RyoX-jLimLOsWTiNgL3o4qG5KtUpG2uAlvF_AGuxFfPEXj7dnk0P4hraegiuzOBc-61emypS6x6u1j7tRoT9yw_hoFXKAbZKlCAGPHgSEtd9iA9eVeNtuaA2sSuHch62NW3KsfnnsgsWCu4kf7_IzFFaKjc7E80ZA05M7WCBJ-9mZyK77EOltB3McNTGtVFyi1IRkFge4kTfZmbGzoVcvA7WE-W3Ic4D9AVs4FZAKw70kFXLYwtpFsdnSTeV1dz3FmX3UoZACmuC2U5ODXwrGUwnCrw1raMKV6D9CY1ucJqdcSX_Zh7Awm1ebfkpaR-U3KM9hytV26xa9DlU35xIzHk86agnlUn2PVrkTWcM2Ho66Fs7TO4H_QQwNosByZRSIKogNhtCUFzs4fU30uaPK18o-JtaEy6Mw2Jzm9caXMWz1D7wnxZT4hN1WDWgQibbaYfOd6Vk9oDYb3xJmyefYvi86kzSahUma_7pSV50gcL44JYjox0Q6uPGz7dlwCLS-noV-Xlht5xbO_N0D7eeKx9Z3w40u1bjOBqag4s1mlxa39xgfgPhcNi7Ke1HzcRDjHRuQvq4s51n43P4dMAyLaSGgOOMyo7gZXQHdf1iSxYsnGdYQKxvKsTwqO1j_PYLUJjI8t3oKPvDv0nGKXWg-cpxxMqWOb_eTjrsrWgIuSKYU0OQ34pt6h7-W3X9PwjJyHOK8-B4F3g_1OCmj3IolZbHXt19Dk_NoV7WPcBTe95YbfQUqEnmRUl4zOABoP1AJuyar9zF8XFsRt67kjSHVL0oTMFRyHmgAOFMyUAJRRPNNzfCWD5knWJIqFSth6nREpJwkmiLXux5KM7noD0eMAB3nKw4f0WBRO4w_kNhGxFhuBippG6e-AWZJ1DKLg7NQOAb5hUeEOjTAeEoZg21u2k9UhOWFflOgapJaDgC8t1G0cXif2d524wdN0X5ZdlCKrd9ZOIYizxJsWiQVEPkx-eqUbzNR52LraNO1dtaa5ryNygdFqbKACzmo4vKrkls7JqRCNs5CBHtGkVYqNYIi7flYYQvhIrWXZXTveRsiMQskesJegy74-Q-ALIQE_qQtR0szHO1088_UryC_mSEYONPoVWPxq5d_YHb8a0hq24d9YwZ3BaSn2pcPIrf_Hhk8dSjUboP_USKYIo-8emC3U6LjH-NtV501M_Ztali_Wpu-BFUSzfY7uSTLxWCkUZyrJmXIOSndYKtZ77lF78_tQFEm3gjeggzubnloZIuXfv4U6nj8bViYY7xMKegokpgevjwShWuV_xkrBlID5AqkgMm1soJwrEu3cu4vx-UAcH3bUQRdVIhBNJm5E_FccJ6BktVt_Lw0LMHxSuh_fmxuzX8WVszsjG0yrm7B6qNXWXmTPcAxci8M801AesFX_7UgN4w4crX-vuzRhcm3iDfIDlWEr-p6b21dNzmd4rK2Qo1UI_6LMovirbm-ORgvOE-ksFHW4rYlpChVVpaUpFKw7qdRkiiMpKNjeSss3Ba2rBRRnRnb8Q4uiJPyUrykoXd38Ka7LDbp8yxVQ7h04KdPzg47JgG0oJeGGtD5szRqGGeOmE0P0UY_fhMtbfj7zn8zqMP81OUJDMEIgSDRDDjJYYpKb6C0T5w2y2CZZMm4XORJfiue71dse5pns0DR45bmad6Axo5XJzRSPISLujHUs7Jr-zqzqOpsJ8lpovRPfc--htE5oiYq6MaPWnc2xaBB29yEy0OqrrCs4GfvOIbWlLuRnepglXC7lmwYhANJZ3tdto-r2jfpoPy___NvEgQ2U3fgqRtWrhhpCEVzmzgdjg8RKPtt82q2vwz9xF9rbJklHGFS3xE5r0fc4akAyVdAkQbkogCK6d9LLfurSZE08FTu_4q6261oJg57veD8EqJ0J4hzV0B2hfx9cl69RTAobdPO9buzK6R0l9juInvZXsTdOBMTVDxyq08ghPYAINaqFXenJVt1fgT2hMR4GeRFaUkRcZKMSz9WsR2MtE9r343NK2e4SLx8EM3P6Lxw3SSvyFk_emGlZDNzkEthDIPCw1VUDg-FSW_Hwu1Xb9NJxnwYyIFCU-YQuifd6gc-FjFFjxt4mp8MBypkEP2CdUgWFKSEPXPoEDM7eKHDCRDlos72z6Eg-1r_VyI2XVpYcJOcldDWVHKl-AdXosXVX4icOV0R5avG_YnieBQ&cid=CAASJeRoa2om-m3upQMZ5gt5AwKYfJ3bMXbx4aCBVuntC6QPWi3tS3Q&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220627_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.76.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ws-in-f154.1e100.net

Software

cafe /

Resource Hash

1ffabd3c51a646b79107862e39aa8446e0f6f87d822e87e21c23bf3bd47411e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 02:21:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14229
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 015D 0
0 95ms
95ms Fetch
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CPMPUkU7CYqH6OMXtgQeHx6eoCbP_vNFqkZqV-ZoQ8C4QASD9_4UjYLsGyAEFqQLqekCZkky0PqgDAaoE1gFP0HswmI2kaYlhjvqEY7PeYSvjrmoHyjmuInC1dkaEIwSouyTyGLkd-b5bCWZ0z_CHPNMY7AL37YKY8uPfPlLUB2LSGZFiBbVkvEcoqflUT0uAwU8QTK7NOVVSkqg_-FZgtt9U--z_nnmJHdFaRtTuZNQfvllaxV-Vik4DqQgtG1BrYUrJSsefPUCoyyT3ABhm75BK92kunDZ3dzndk7s5bYoCqgIUcUt3Zb3JcP5EeLV_AF89Kyy8EqjYEP61oqtBbJehJmH-LWKGFvoQOnE9U5UzyAE7wASWrceF_APgBAOIBc79r45BkgUGCAMQAxgBkgUGCBsQAxgBkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZ5gAeDtJltqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwoQwcJGGIebjs0B0ggRCIDhgBAQARgdMgKqAjoCgECACgPICwGwE7CcsA_IE46_meAD0BMA2BMDiBQE2BQB0BUBgBcBshceChwIABIUcHViLTkxMzgyNDc2NTM3NTQ1MzMY1dsW&sigh=GqTMEq_NF9I&uach_m=[UACH]&cid=CAQSPACNIrLM1BNdFly-yVu8mQHGxwOt28-UbEl2-hCqFMhEQU78I5T-rs7gxbgHiHb409JYiMjigN4cyipnJQ&vt=10
Requested by: Host: 45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com
URL: https://45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s22-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 95F1 1 KB
749 B 39ms
38ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com
URL: https://45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 46495
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Jul 2022 13:26:12 GMT
etag: 48472445140208031
expires: Mon, 04 Jul 2022 13:26:12 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 015D 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 24128f77cf43c4cf1d19a29f2edff7ff69d990d2b8b286526eb696713f5042cc

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK / Show response
api.1plus1.video/home/vmap/ Frame CA27 750 B
1 KB 84ms
83ms XHR
application/xml 195.137.240.88
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.1plus1.video/home/vmap/?s=1plus1.ua&r=YUhSMGNITTZMeTh4Y0d4MWN6RXVkV0V2&w=665&h=400&c=E2fzXbha&d=web&p1v=0&pid=128902
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.520.0_uk.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.88 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front02.1plus1.ua
Software: nginx /
Resource Hash: 8feec4048c408cc892379926dc703cd302a0a79634d5bfb7e40a961a6c50c836

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 04 Jul 2022 02:21:07 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: application/xml
Access-Control-Allow-Origin: https://imasdk.googleapis.com
Cache-Control: no-store, no-cache, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Keep-Alive: timeout=15
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 95F1
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEB9uOJilA6TyUCx5P0WdlEI&google_cver=1&google_push=ARnp8GAZxdQBET2aLcwWY9N3WLyU9vuZq-7TL1lSw279dNBVrWpQgrRE9UdFdPI7JedSJ2MXQedAjNoDcNa...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ARnp8GAZxdQBET2aLcwWY9N3WLyU9vuZq-7TL1lSw279dNBVrWpQgrRE9UdFdPI7JedSJ2MXQedAjNoDcNa2nwMzrYzvT182f3om&google_hm=qBvuCUpUTyW5clHnF3nR9Gw

170 B
188 B

49ms
49ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ARnp8GAZxdQBET2aLcwWY9N3WLyU9vuZq-7TL1lSw279dNBVrWpQgrRE9UdFdPI7JedSJ2MXQedAjNoDcNa2nwMzrYzvT182f3om&google_hm=qBvuCUpUTyW5clHnF3nR9Gw

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 02:21:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Jul 2022 02:21:06 GMT
via: 1.1 google
server: Apache-Coyote/1.1
status: 302
p3p: CP="NOI DSP COR NID CUR OUR NOR"
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ARnp8GAZxdQBET2aLcwWY9N3WLyU9vuZq-7TL1lSw279dNBVrWpQgrRE9UdFdPI7JedSJ2MXQedAjNoDcNa2nwMzrYzvT182f3om&google_hm=qBvuCUpUTyW5clHnF3nR9Gw
cache-control: no-cache, must-revalidate
content-type: text/html;charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 95F1 0
12 B 48ms
47ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IX6p6feoVGvaUV5C_kYIUsptIGIKKd

Requested by

Host: 45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com
URL: https://45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 02:21:07 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ 87 KB
28 KB 107ms
35ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19177/hb_298309_4139.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 02:21:07 GMT
content-encoding: gzip
last-modified: Wed, 29 Dec 2021 12:30:46 GMT
server: nginx
etag: W/"61cc54f6-15c19"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 05 Jul 2022 02:21:07 GMT

GET r1.62a26dc282e3e1.36686457;cb=1656901265933153
rtr.innovid.com/ Frame 015D 0
0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 963C 15 KB
6 KB 105ms
36ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=1plus1.ua

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

5e5c9149be229df7c934f8cd1acf1b3cc9e04e29cbbe6cbe0e2d726e79930cff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://1plus1.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-length: 6144
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 04 Jul 2022 02:21:07 GMT
server-processing-duration-in-ticks: 2034
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 87 KB
28 KB 102ms
36ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 02:21:07 GMT
content-encoding: gzip
last-modified: Tue, 03 May 2022 11:21:00 GMT
server: nginx
etag: W/"6271101c-15b58"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 05 Jul 2022 02:21:07 GMT

GET
H2 200 r1.62a26dc282e3e1.36686457;cb=1656901265933153 Show response
rtr.innovid.com/ Frame 015D 9 KB
9 KB 83ms
29ms XHR
text/xml 2a05:d01c:1d8:8102:95d9:9814:5eb1:9b73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtr.innovid.com/r1.62a26dc282e3e1.36686457;cb=1656901265933153?ivc_adstxt_domain=google.com&ivc_adstxt_publisher=pub-9138247653754533&ivc_appid=&ivc_campaignid=17478450894&ivc_creativeid=430148999&ivc_orderid=28362746&ivc_dealid=&ivc_publisherid=1&ivc_site=15111889383&ivc_dsp=dv360&ivc_dbmtoken=AD1EzRQAAABmCl4KDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhEIzv2vjkGoAu3NcrAC-o_DDUAB0gIqGAAiEwjhhomblt74AhXFduAKHYfjCZUoATABOJGalfmaEEACSAFYmIQgEIebjs0BpvTU-nYWpeEa5dQ5P5BFWA
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220627_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8102:95d9:9814:5eb1:9b73 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: cebc9fa1ad16eea9b59549b0a11266123a182f797ed6535a1b1ae51406879d60

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 04 Jul 2022 02:21:07 GMT
cache-control: no-cache
content-type: text/xml
content-length: 8881
expires: -1

GET
H2

200

sid Show response
mug.criteo.com/ Frame 963C
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=1plus1.ua&sn=ChromeSyncframe&so=0&topUrl=1plus1.ua&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=RRBr7Xx3NFdoVlJPbEdPQ0xXaDVKcXhjZmpZdjYvOE5OUjE3OFN3NnJXWVpaOUFPRWZyWjB2VlFURVJsYVVleEVOR09JTEZsY01vS1ZWeVVnczB4bHNJMUh0MGYzeWVVL0NzWUUrdTVHZWM5T1gxT2NJK3ViV0dhUG1yVk...

427 B
629 B

121ms
38ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=RRBr7Xx3NFdoVlJPbEdPQ0xXaDVKcXhjZmpZdjYvOE5OUjE3OFN3NnJXWVpaOUFPRWZyWjB2VlFURVJsYVVleEVOR09JTEZsY01vS1ZWeVVnczB4bHNJMUh0MGYzeWVVL0NzWUUrdTVHZWM5T1gxT2NJK3ViV0dhUG1yVkxzL04zcnlrV3AzT3Fuam12QS83NkhrOWxNRDI0SXpORkJiRUF2eDNHNm5uSUk2MU40Q1ZuR01OejhXeHBZaUZxNEdROHF6SWZQS3RHR2JaR296ZnhXVUJWYlI3Z0FKYWJrajRXWGFJSFF4eTdTaHlMWUdHNG52M3EzYURCNUppZWZJYUNWL2JoSXVOY1dTU3NUcVVLOTBDTVBqYkxlZz09fA&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

45a65ca6f7c6c876d56db7c35a6807da330e622201ec16e1a7dff27fe10fe0e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 02:21:06 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 4908
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 04 Jul 2022 02:21:07 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=RRBr7Xx3NFdoVlJPbEdPQ0xXaDVKcXhjZmpZdjYvOE5OUjE3OFN3NnJXWVpaOUFPRWZyWjB2VlFURVJsYVVleEVOR09JTEZsY01vS1ZWeVVnczB4bHNJMUh0MGYzeWVVL0NzWUUrdTVHZWM5T1gxT2NJK3ViV0dhUG1yVkxzL04zcnlrV3AzT3Fuam12QS83NkhrOWxNRDI0SXpORkJiRUF2eDNHNm5uSUk2MU40Q1ZuR01OejhXeHBZaUZxNEdROHF6SWZQS3RHR2JaR296ZnhXVUJWYlI3Z0FKYWJrajRXWGFJSFF4eTdTaHlMWUdHNG52M3EzYURCNUppZWZJYUNWL2JoSXVOY1dTU3NUcVVLOTBDTVBqYkxlZz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1473
content-length: 541
expires: 0

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 015D 41 KB
15 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220627_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 11:26:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 399282
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Jun 2023 11:26:25 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 015D 0
54 B 340ms
38ms Ping
image/gif 142.250.201.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~l5648fz7&c=4628096955848&slotId=2314048477924&qqid=COGGiZuW3vgCFcV24Aodh-MJlQ&fb=outstream-lima&gpm_i=3&gpm_c=3&gpm_a=3&smb=1000&br=800&mt=video%2Fmp4&vs=640x360&ulv=1&cll=0&vast_v=2.0&vmfc=3&vhc=0&msm=1&aits=0&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=0&umsem=0&ape=1&met.4=videopreviewvisible.1dq
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220627_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.201.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: par21s23-in-f3.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 02:21:07 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 206
Partial Content v_10000.kbps800.mp4
s-video.innovid.com/DCO/915882/1655218801120/media/ Frame 015D 34 KB
0 152ms
40ms Media
video/mp4 23.35.236.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s-video.innovid.com/DCO/915882/1655218801120/media/v_10000.kbps800.mp4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-233.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range: bytes=0-

Response headers

x-amz-version-id: QF9ihP.TJ6rqNm5W_Kz5N8SUEHQa4TLn
Last-Modified: Tue, 14 Jun 2022 15:16:52 GMT
Server: AmazonS3
x-amz-request-id: 1FAZ8724KPZ5KP4S
ETag: "67c89a68ab3cb3b4778e5edb44f84223"
Content-Type: video/mp4
Content-Range: bytes 0-869380/869381
Date: Mon, 04 Jul 2022 02:21:07 GMT
x-amz-replication-status: COMPLETED
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 869381
x-amz-id-2: Ak17aIlr2wsX4Ao0PI4ReOc2ZqQUI6JD85yNOEi8lA6sCLVNbyi6rtGTJy4/elHtDSRVscDUPnU=

POST
H2 204 csi
csi.gstatic.com/ Frame 015D 0
54 B 339ms
38ms Ping
image/gif 142.250.201.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~l5648gc0&c=4628096955848&slotId=2314048477924&qqid=COGGiZuW3vgCFcV24Aodh-MJlQ&fb=outstream-lima&gpm_i=3&gpm_c=3&gpm_a=3&smb=1000&br=800&mt=video%2Fmp4&vs=640x360&ple=1&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Frtr.innovid.com%252Fr1.62a26dc282e3e1.36686457%253Bcb%253D1656901265933153%253Fivc_adstxt_domain%253Dgoogle.com%2526ivc_adstxt_publisher%253Dpub-9138247653754533%2526ivc_appid%253D%2526ivc_campaignid%253D17478450894%2526ivc_creativeid%253D430148999%2526ivc_orderid%253D28362746%2526ivc_dealid%253D%2526ivc_publisherid%253D1%2526ivc_site%253D15111889383%2526ivc_dsp%253Ddv360%2526ivc_dbmtoken%253DAD1EzRQAAABmCl4KDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhEIzv2vjkGoAu3NcrAC-o_DDUAB0gIqGAAiEwjhhomblt74AhXFduAKHYfjCZUoATABOJGalfmaEEACSAFYmIQgEIebjs0BpvTU-nYWpeEa5dQ5P5BFWA&encoded_body_size=0&transfer_size=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220627_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.201.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: par21s23-in-f3.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 02:21:07 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame EBB4 23 KB
9 KB 39ms
39ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 483184
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8727
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 28 Jun 2022 12:08:03 GMT
expires: Wed, 28 Jun 2023 12:08:03 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 edue1xTc5YuiZOhJi4VIA_c20CetZt5T9y7Q3cNnrTA.js Show response
pagead2.googlesyndication.com/bg/ Frame EBB4 36 KB
14 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/edue1xTc5YuiZOhJi4VIA_c20CetZt5T9y7Q3cNnrTA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79db9ed714dce58ba264e8498b854803f736d027ad66de53f72ed0ddc367ad30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 07:04:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 242196
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13936
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 08:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 01 Jul 2023 07:04:31 GMT

GET
H/1.1 206
Partial Content v_10000.kbps800.mp4
s-video.innovid.com/DCO/915882/1655218801120/media/ Frame 015D 17 KB
18 KB 115ms
38ms Media
video/mp4 23.35.236.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s-video.innovid.com/DCO/915882/1655218801120/media/v_10000.kbps800.mp4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-233.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 5d119e479a9613ec2d6af7619852368634db0662111058f425985d93dd0278b0

Request headers

Referer: https://45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range: bytes=851968-

Response headers

x-amz-version-id: QF9ihP.TJ6rqNm5W_Kz5N8SUEHQa4TLn
Last-Modified: Tue, 14 Jun 2022 15:16:52 GMT
Server: AmazonS3
x-amz-request-id: 1FAZ8724KPZ5KP4S
ETag: "67c89a68ab3cb3b4778e5edb44f84223"
Content-Type: video/mp4
Content-Range: bytes 851968-869380/869381
Date: Mon, 04 Jul 2022 02:21:07 GMT
x-amz-replication-status: COMPLETED
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17413
x-amz-id-2: Ak17aIlr2wsX4Ao0PI4ReOc2ZqQUI6JD85yNOEi8lA6sCLVNbyi6rtGTJy4/elHtDSRVscDUPnU=

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame EBB4 0
20 B 75ms
75ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=B-C0Uk07CYsH5EsyRmLAPoNaE4AgAAAAAOAHgBAI&bg=!wcKlwobNAAaLlKKnq5Q7ACkAdvg8WjmpnaOF8OfM2KNrvcsxthzLgtZOenjwRiXSzhPIzkfOS_wtNAIAAABWUgAAAAJoAQeZAtGugERnacE1RTmno8zywUsngwXYJ4i4HsK-TyKN0fXm8A5hJR2k2nGRPY__BzVSCjjJcsuFk3SdjJFXG1SJeYGu8hNDN_JvMVxpLB6NPr306AQrNZVEfnvarJTRzHZDknxx8aVP2IV0G1sLeYd2OGetlHKz5h3bqVba3H1DMf4ngCX9MyySuWkOY0vpTvr8L8NxqGOju9KguJQFX2uWy1Ht_02gD9LSKweJRq3Y19VNdx5aeXDlZZwwhM3us8xHS38SK_lSMJ9992I2KwDwBzS6w9v6R5N_Htlv29x4ssR1SzwSfzV8cpPaHDKyfrL438p1abnenKEDGx-_Q5xokk-G9k9geur8r_TErtz1yYgQx5QHTZn26_6Mb4hNpZOu8qYaQVgUMcCUhUA72lQ3GU1TOPmxtWvUjA0CCq4VIQsel0B7_YT7YRViMfXNdDNEoy_Nl_5Ka6TBV-dzCC29MqDicvlhN2PeND96Q4Mc661n1_8QyEal1lc_u5Sx5561wftFkrITougZ2_7i_hxOHX3mlbBceNzSQx-dWsb5c_Tv14pMCpqdgTvsKqyEXEyXl0tnPkHV6EOykcxbIFgD07xMbCwiJM5CGbZ_tEoR85G50uWj09-N6nB1ZnWlZYnFf8E-3gMYk1YO0y5Stjq84YtF80v8zW8j71GHKMx_lwFT9AyOXuaihZHlWyq-K6bDwVevpPEeCoeRXouLiRChYHNmc3abR3gCioKGW82dGd2XmDde58601tQlB6J_T06BW8OhayKIzNEGwMYeMTFrw_3nCwmpcziq7O_OXFwJ5kbGlYumuD0wDphhhQfyzews_dLI4LupoyYGvmoUkHrV5o8L7jSiNpKMcwrW7c2gVT4aE8Q_Mr2J_6rw3qR3gijFk9MQX_ayOE4pVhOP5dMO_ITvTY6uxAuMrYqYuW-3M48zaWq4dUhBHwN9sBzYkpOvGDYz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 02:21:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 206
Partial Content v_10000.kbps800.mp4
s-video.innovid.com/DCO/915882/1655218801120/media/ Frame 015D 809 KB
0 50ms
50ms Media
video/mp4 23.35.236.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s-video.innovid.com/DCO/915882/1655218801120/media/v_10000.kbps800.mp4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-233.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range: bytes=32768-

Response headers

x-amz-version-id: QF9ihP.TJ6rqNm5W_Kz5N8SUEHQa4TLn
Last-Modified: Tue, 14 Jun 2022 15:16:52 GMT
Server: AmazonS3
x-amz-request-id: 1FAZ8724KPZ5KP4S
ETag: "67c89a68ab3cb3b4778e5edb44f84223"
Content-Type: video/mp4
Content-Range: bytes 32768-869380/869381
Date: Mon, 04 Jul 2022 02:21:07 GMT
x-amz-replication-status: COMPLETED
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 836613
x-amz-id-2: Ak17aIlr2wsX4Ao0PI4ReOc2ZqQUI6JD85yNOEi8lA6sCLVNbyi6rtGTJy4/elHtDSRVscDUPnU=

POST
H/1.1 204
No Content multitracking Show response
ghb.adtelligent.com/adunit/ 0
220 B 26ms
25ms XHR
text/plain 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/adunit/multitracking
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/460250/hbw_master_298309_4139.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://1plus1.ua
Date: Mon, 04 Jul 2022 02:21:07 GMT
Access-Control-Allow-Credentials: true
Server: Adtelligent
Connection: Keep-Alive
X-Robots-Tag: noindex

GET
H2

200

1x1.gif
ag.innovid.com/ Frame 015D
Redirect Chain

https://s.innovid.com/1x1.gif?project_hash=1gt6if&client_id=6995&video_id=915882&channel_id=2927448&publisher_id=4847&placement_tag_id=0&project_state=2&r=1656901267583&placement_hash=16dgfe&audien...
https://ag.innovid.com/1x1.gif?project_hash=1gt6if&client_id=6995&video_id=915882&channel_id=2927448&publisher_id=4847&placement_tag_id=0&project_state=2&r=1656901267583&placement_hash=16dgfe&audie...

43 B
296 B

142ms
29ms

Image
image/gif

2a05:d01c:1d8:8101:7677:5b33:71a6:2d38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/1x1.gif?project_hash=1gt6if&client_id=6995&video_id=915882&channel_id=2927448&publisher_id=4847&placement_tag_id=0&project_state=2&r=1656901267583&placement_hash=16dgfe&audience_id=30386533&action=play&version_id=10000&session_id=3546f6807bb7522cf54e8ac26efa4b5399f522da&ivc_exdata=ivc_adstxt_domain%3Dgoogle.com%26ivc_adstxt_publisher%3Dpub-9138247653754533%26ivc_appid%3D%26ivc_campaignid%3D17478450894%26ivc_creativeid%3D430148999%26ivc_orderid%3D28362746%26ivc_dealid%3D%26ivc_publisherid%3D1%26ivc_site%3D15111889383%26ivc_dsp%3Ddv360%26ivc_dbmtoken%3DAD1EzRQAAABmCl4KDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhEIzv2vjkGoAu3NcrAC-o_DDUAB0gIqGAAiEwjhhomblt74AhXFduAKHYfjCZUoATABOJGalfmaEEACSAFYmIQgEIebjs0BpvTU-nYWpeEa5dQ5P5BFWA%26audience_id%3D30386533%26version_id%3D10000%26iv_geo_dma%3D%26iv_geo_country%3DGB%26iv_geo_city%3D%26iv_geo_state%3D%26iv_geo_zip%3D%26iv_geo_lat%3D51.4964%26iv_geo_lon%3D-0.1224
Protocol: H2
Server: 2a05:d01c:1d8:8101:7677:5b33:71a6:2d38 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 02:21:08 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 1
expires: -1

Redirect headers

pragma: no-cache
date: Mon, 04 Jul 2022 02:21:08 GMT
server: nginx
content-type: text/plain
location: https://ag.innovid.com/1x1.gif?project_hash=1gt6if&client_id=6995&video_id=915882&channel_id=2927448&publisher_id=4847&placement_tag_id=0&project_state=2&r=1656901267583&placement_hash=16dgfe&audience_id=30386533&action=play&version_id=10000&session_id=3546f6807bb7522cf54e8ac26efa4b5399f522da&ivc_exdata=ivc_adstxt_domain%3Dgoogle.com%26ivc_adstxt_publisher%3Dpub-9138247653754533%26ivc_appid%3D%26ivc_campaignid%3D17478450894%26ivc_creativeid%3D430148999%26ivc_orderid%3D28362746%26ivc_dealid%3D%26ivc_publisherid%3D1%26ivc_site%3D15111889383%26ivc_dsp%3Ddv360%26ivc_dbmtoken%3DAD1EzRQAAABmCl4KDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhEIzv2vjkGoAu3NcrAC-o_DDUAB0gIqGAAiEwjhhomblt74AhXFduAKHYfjCZUoATABOJGalfmaEEACSAFYmIQgEIebjs0BpvTU-nYWpeEa5dQ5P5BFWA%26audience_id%3D30386533%26version_id%3D10000%26iv_geo_dma%3D%26iv_geo_country%3DGB%26iv_geo_city%3D%26iv_geo_state%3D%26iv_geo_zip%3D%26iv_geo_lat%3D51.4964%26iv_geo_lon%3D-0.1224
cache-control: no-cache
content-length: 0
expires: -1

GET
H2 200 dc_oe=ChMIgY_dm5be-AIVzAgGAB0gKwGMEAAYACCk-cZSQhMI4YaJm5be-AIVxXbgCh2H4wmV;met=1;acvw=sv%3D929%26v%3D20220627%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%...
ade.googlesyndication.com/ddm/activity/ Frame 015D 42 B
494 B 177ms
81ms Image
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIgY_dm5be-AIVzAgGAB0gKwGMEAAYACCk-cZSQhMI4YaJm5be-AIVxXbgCh2H4wmV;met=1;acvw=sv%3D929%26v%3D20220627%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D13000%26vmtime%3D5%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D223845271%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1656901268085;dc_rfl=[URL_SIGNALS];ecn1=1;etm1=0;eid1=11;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 02:21:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 015D 42 B
64 B 55ms
53ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CUhlZkU7CYqH6OMXtgQeHx6eoCbP_vNFqkZqV-ZoQ8C4QASD9_4UjYLsGyAEFqQLqekCZkky0PqgDAcgDmwSqBNkBT9B7MJiNpGmJYY76hGOz3mEr465qB8o5riJwtXZGhCMEqLsk8hi5Hfm-WwlmdM_whzzTGOwC9-2CmPLj3z5S1Adi0hmRYgW1ZLxHKKn5VE9LgMFPEEyuzTlVUpKoP_hWYLbfVPvs_555iR3RWkbU7mTUH75ZWsVflYpOA6kILRtQa2FKyUrHnz1AqMsk9wAYZu-QSvdpLpw2d3c5hZJx3P5IVDjGmPwU2uinM9fzs9_U854isZ0CoRgU0jnmNkkUTJsSLzFP5sL1AGt2rKhmEUtTil1elhwHLsAElq3HhfwD4AQDkAYBoAZ5gAeDtJltqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDyAsB4AsBgAwBsBOwnLAP0BMA2BMDiBQE2BQB0BUB-BYBgBcB&sigh=dUxuMZt4DQI&label=part2viewed&ad_mt=6&acvw=sv%3D929%26v%3D20220627%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D13000%26vmtime%3D5%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D223845271%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1656901268085

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 02:21:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

1x1.gif
ag.innovid.com/ Frame 015D
Redirect Chain

https://s.innovid.com/1x1.gif?project_hash=1gt6if&client_id=6995&video_id=915882&channel_id=2927448&publisher_id=4847&placement_tag_id=0&project_state=2&r=1656901267583&placement_hash=16dgfe&audien...
https://ag.innovid.com/1x1.gif?project_hash=1gt6if&client_id=6995&video_id=915882&channel_id=2927448&publisher_id=4847&placement_tag_id=0&project_state=2&r=1656901267583&placement_hash=16dgfe&audie...

43 B
295 B

143ms
30ms

Image
image/gif

2a05:d01c:1d8:8101:7677:5b33:71a6:2d38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/1x1.gif?project_hash=1gt6if&client_id=6995&video_id=915882&channel_id=2927448&publisher_id=4847&placement_tag_id=0&project_state=2&r=1656901267583&placement_hash=16dgfe&audience_id=30386533&action=init&version_id=10000&session_id=3546f6807bb7522cf54e8ac26efa4b5399f522da&ivc_exdata=ivc_adstxt_domain%3Dgoogle.com%26ivc_adstxt_publisher%3Dpub-9138247653754533%26ivc_appid%3D%26ivc_campaignid%3D17478450894%26ivc_creativeid%3D430148999%26ivc_orderid%3D28362746%26ivc_dealid%3D%26ivc_publisherid%3D1%26ivc_site%3D15111889383%26ivc_dsp%3Ddv360%26ivc_dbmtoken%3DAD1EzRQAAABmCl4KDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhEIzv2vjkGoAu3NcrAC-o_DDUAB0gIqGAAiEwjhhomblt74AhXFduAKHYfjCZUoATABOJGalfmaEEACSAFYmIQgEIebjs0BpvTU-nYWpeEa5dQ5P5BFWA%26audience_id%3D30386533%26version_id%3D10000%26iv_geo_dma%3D%26iv_geo_country%3DGB%26iv_geo_city%3D%26iv_geo_state%3D%26iv_geo_zip%3D%26iv_geo_lat%3D51.4964%26iv_geo_lon%3D-0.1224
Protocol: H2
Server: 2a05:d01c:1d8:8101:7677:5b33:71a6:2d38 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 02:21:08 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 1
expires: -1

Redirect headers

pragma: no-cache
date: Mon, 04 Jul 2022 02:21:08 GMT
server: nginx
content-type: text/plain
location: https://ag.innovid.com/1x1.gif?project_hash=1gt6if&client_id=6995&video_id=915882&channel_id=2927448&publisher_id=4847&placement_tag_id=0&project_state=2&r=1656901267583&placement_hash=16dgfe&audience_id=30386533&action=init&version_id=10000&session_id=3546f6807bb7522cf54e8ac26efa4b5399f522da&ivc_exdata=ivc_adstxt_domain%3Dgoogle.com%26ivc_adstxt_publisher%3Dpub-9138247653754533%26ivc_appid%3D%26ivc_campaignid%3D17478450894%26ivc_creativeid%3D430148999%26ivc_orderid%3D28362746%26ivc_dealid%3D%26ivc_publisherid%3D1%26ivc_site%3D15111889383%26ivc_dsp%3Ddv360%26ivc_dbmtoken%3DAD1EzRQAAABmCl4KDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhEIzv2vjkGoAu3NcrAC-o_DDUAB0gIqGAAiEwjhhomblt74AhXFduAKHYfjCZUoATABOJGalfmaEEACSAFYmIQgEIebjs0BpvTU-nYWpeEa5dQ5P5BFWA%26audience_id%3D30386533%26version_id%3D10000%26iv_geo_dma%3D%26iv_geo_country%3DGB%26iv_geo_city%3D%26iv_geo_state%3D%26iv_geo_zip%3D%26iv_geo_lat%3D51.4964%26iv_geo_lon%3D-0.1224
cache-control: no-cache
content-length: 0
expires: -1

GET
H2 200 uuid
rtr.innovid.com/placement/16dgfe/ Frame 015D 0
214 B 32ms
29ms Image
text/plain 2a05:d01c:1d8:8102:95d9:9814:5eb1:9b73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtr.innovid.com/placement/16dgfe/uuid?cb=c5137464-31bd-b7bf-4afc-3bfc4baebdea
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8102:95d9:9814:5eb1:9b73 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 02:21:08 GMT
cache-control: no-cache
content-length: 0
expires: -1

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 015D 0
397 B 103ms
87ms Image
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstYDYcJHXSNCuC4B5IV_SZljMr6CV905MfRvXfxqAP0bqkrKh-PRd71gqllBOjKl4nPxvyjQzWT4mAfq5ZeEboHbbVlYZBYG0qWFi5ETEo2PmmabhLK1l6p8XrgcA9ath4HCLbHVPOefq72TpGgk7Oxq0SnIcQgYc50lqEf_6ArNGZ_6z90QAhGL-aThh3oh6DvlN2fT0i3SPKNyqlHZcrucOwT_QKOImPfxX_FRU3ZShbX9se-r42Uq_KsWHqB6V0E3D0EQIeYAtKZGq-4HLZIfAto6X1iq56McNT-3GOqakLGaYUTD0GJCO0YuSO8dbbTE_UQL9zn8jzQYH3JVzVda1eVmCmtvT3V_JBKBkROPelZpuzDbi5gSYSyh92D2n_CZyrjcXv2DZnOyVyQjx_AQaFk_EscAV6E8iSBQHGD-L-BvLjVDWtCTD6_PgpAS0iXnaHiibDFPClwvX9wP5ZK48r76f0-vRM4CAu4mwU5Mj-nFUePbks6NpZazd7yPa5s9uGQ3h5hMrvlSag62PXttv8SzWLRWhBPcmbE6bhIgTA4X6da4xO251BHgvcpCp-RROZbdyRuLEqPT0IYPkEpjOe9Dyhr_78sEsAMN7kZ0j40HVeNV-fsIO6jwSKUYlDvvp26rWx6vJIvTksPmSVThONevrUiqlyv-kl5J-CQOzLnA-oBzq14kaX2K2R71DBikejaIDId9ZGQFDLKj-8vtxcDWlsqMrXOYk6Mx26LEHK6bYMtUkCoG8HXYcGoR-gXHFHemU0oUmImpeWZ0yXydkqs-jehRn44IBoLLG8qqPIruyj40gR0edQ0NFcs3aNGGcx33PjyVIFZDF1aBiOd56nfLjbu6dZwwHi4qr-rkKs7aZpyuOoOXYyYZbaUgKyN_MaivKBDQgPRbyAYKAbp-_US96jAJHbgtaCCgtsq8C_D-MSJ6j4x7KOPu9BrgTK5V0nAX6_vF31nbdpyS5DKq-WXyLKl7uI3cKy4W8LdgmFQea9NIm2vjUCYue5Sw-6iLazQY7qM0z0ARWmVy53PB_VEwcReFxcLTbHat_baBgS1VX_SbP7ieB7Jvf0rSJbHNy31GP2IepBW7W-ye6oFUcyqg8aExPWzFQg&sai=AMfl-YRZ9ue2aY78NGgA76UVKJkx5bFx3LPqdcP7-_FBhrKuKOoq0IJxdnCP0YNYL1IGGUYNmYH3yaDawF8ypoxaydI18bhTuKLWf3EW5mV8sj4ifOPvsmDj5ba9ity1V1Uxoz1qE6jzP8b221XVB409lrGigVGKO9QcseVFStS-L9gPR4DWeCD4FJsCjf8dETnQn4YBLNtq-kC_VCNUZwSg7RtG&sig=Cg0ArKJSzF1RihHhVbZmEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Mon, 04 Jul 2022 02:21:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 pixel
googleads.g.doubleclick.net/xbbe/ Frame 015D 0
0 52ms
50ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM7sbhDtzXIYh5uOzQEgATAB&v=APEucNUGi-sPzAhFJDPDvflcAs8sO7DUNO2RpTCTGObQZTK8k_eaq0GYYOUrM-mRtTDBeP5hyqo4hZisXl1F0DNIVbVVc6RIpA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 015D 0
20 B 74ms
72ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 02:21:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMIgY_dm5be-AIVzAgGAB0gKwGMEAAYACCk-cZSQhMI4YaJm5be-AIVxXbgCh2H4wmV;met=1;acvw=sv%3D929%26v%3D20220627%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos...
ade.googlesyndication.com/ddm/activity/ Frame 015D 42 B
107 B 176ms
81ms Image
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIgY_dm5be-AIVzAgGAB0gKwGMEAAYACCk-cZSQhMI4YaJm5be-AIVxXbgCh2H4wmV;met=1;acvw=sv%3D929%26v%3D20220627%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D13000%26vmtime%3D5%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D223845271%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1656901268085;ecn1=1;etm1=0;eid1=200101;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 02:21:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 015D 42 B
64 B 80ms
79ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuY1EC7D0ApUD8J6W6kyi1hZJYwZLLlcV6F7cwF2KgApu_51JoY6rAPZQxP_G3oekrFzP07VTtekeQXUdpNZbxW-9Rc8VF-g9c8ADl5_wGg83Q3_FiAAt7HQWi3&sai=AMfl-YRb7FcISq3_KiLScL0iJISrquc7UGaeBbN869UxteC-QS1o_EMXfhe65foSXgdr3IRVIwaeEz7gmqbghE7xhBIfpLm_Lv-kAZ9IcQ2g8cZKeG5XSeCMYEiftwGb&sig=Cg0ArKJSzGv3DcdprmW8EAE&cid=CAASJeRoa2om-m3upQMZ5gt5AwKYfJ3bMXbx4aCBVuntC6QPWi3tS3Q&id=lidarv&acvw=sv%3D929%26v%3D20220627%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D13000%26vmtime%3D5%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D223845271%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1656901268085&avm=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 02:21:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 015D 42 B
64 B 53ms
51ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CUhlZkU7CYqH6OMXtgQeHx6eoCbP_vNFqkZqV-ZoQ8C4QASD9_4UjYLsGyAEFqQLqekCZkky0PqgDAcgDmwSqBNkBT9B7MJiNpGmJYY76hGOz3mEr465qB8o5riJwtXZGhCMEqLsk8hi5Hfm-WwlmdM_whzzTGOwC9-2CmPLj3z5S1Adi0hmRYgW1ZLxHKKn5VE9LgMFPEEyuzTlVUpKoP_hWYLbfVPvs_555iR3RWkbU7mTUH75ZWsVflYpOA6kILRtQa2FKyUrHnz1AqMsk9wAYZu-QSvdpLpw2d3c5hZJx3P5IVDjGmPwU2uinM9fzs9_U854isZ0CoRgU0jnmNkkUTJsSLzFP5sL1AGt2rKhmEUtTil1elhwHLsAElq3HhfwD4AQDkAYBoAZ5gAeDtJltqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDyAsB4AsBgAwBsBOwnLAP0BMA2BMDiBQE2BQB0BUB-BYBgBcB&sigh=dUxuMZt4DQI&label=vast_creativeview&ad_mt=6&acvw=sv%3D929%26v%3D20220627%26cb%3Dout%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D13000%26vmtime%3D5%26is%3D18%26i0%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D223845271%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1656901268085

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 02:21:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 015D 0
17 B 716ms
493ms Ping
image/gif 2404:6800:4002:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~l5648gc1&c=4628096955848&slotId=2314048477924&qqid=COGGiZuW3vgCFcV24Aodh-MJlQ&fb=outstream-lima&gpm_i=3&gpm_c=3&gpm_a=3&smb=1000&br=800&mt=video%2Fmp4&vs=640x360&dm=13000&event_name=first_play&asset_bytes=187952&video_bytes=0&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=11&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=2&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=ff.1qn~videopreviewstarted.1qp
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220627_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4002:80e::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 02:21:08 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 400 / Show response
graph.facebook.com/v2.2/ 202 B
603 B 166ms
61ms XHR
application/json 2a03:2880:f02d:110:face:b00c:0:2
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://graph.facebook.com/v2.2/?fields=og_object{engagement}&id=https://1plus1.uahttps://1plus1.video/video/embed/E2fzXbha?l=ua

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/build/js/app.js?id=ff35a9d53833cf45c98e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:110:face:b00c:0:2 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c71e95bdbd1530a38828dda20abf1e853b9a07b4cd6132842b6a200e052f446d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
www-authenticate: OAuth "Facebook Platform" "invalid_request" "(#2) Service temporarily unavailable"
x-fb-rev: 1005785665
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 149
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: zPgrYOzF5mlexrljnw93fHPpaq5TeCGeFRYEbTMe6tAr5UIDfFLwfrzTvSW/weCGxzkZpQSoiNoMD/z0F/If6Q==
x-fb-trace-id: H8mHoEqCJpR
date: Mon, 04 Jul 2022 02:21:08 GMT
vary: Origin, Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-fb-request-id: AnL-qAYm4ex_ENIllK17UzD
cache-control: no-store
facebook-api-version: v7.0
expires: Sat, 01 Jan 2000 00:00:00 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 102ms
35ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2F1plus1.ua%2F&domain=1plus1.ua&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://1plus1.ua
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://1plus1.ua
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Mon, 04 Jul 2022 02:21:08 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 2652
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2F1plus1.ua%2F&domain=1plus1.ua&cw=1&pbt=1&lsw=1
https://mug.criteo.com/sid?cpp=YZwOh3xUZHdZSDJ4Nk01c3Bmbm1ZZlBzclo3cHlmWHNtNFNCZW4xcS93RzZhYzU5ZDh0OXZnVkM5YkhCSmlBZHJYN0FCd3ZhQW8zclpYemFObnR6dXVYZmU0b1VQaHMvRGtXbGtLbUVHZy9zVXljUC91enVWdDI5MHNJeF...

409 B
661 B

37ms
37ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=YZwOh3xUZHdZSDJ4Nk01c3Bmbm1ZZlBzclo3cHlmWHNtNFNCZW4xcS93RzZhYzU5ZDh0OXZnVkM5YkhCSmlBZHJYN0FCd3ZhQW8zclpYemFObnR6dXVYZmU0b1VQaHMvRGtXbGtLbUVHZy9zVXljUC91enVWdDI5MHNJeFc4VU1uL2ozMHhiR1Z1NEE0cnhLRWN3MEwwSnlQMnU3VlJ4aloyZEY4TjM2U1dLZkVoY21LODd6YVpWdWw4dFpqVWQrbDMzQUJJM0dBcmJPY1g5RXdRS1Z4V3BRWDNMTVAwTDg3V0lPSHVCMlo2bG9UZlhzZDVyVHZ6d05NOXMwVVl5WlVyNjUyVHlwdHcvSjQ5Znh4VjlxNWNpMzRiQT09fA&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

f2ff4f71b1dbaf67d8a0446572ba0138037482f146c1d3675a6d79d5106f9649

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 02:21:08 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 3561
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 04 Jul 2022 02:21:08 GMT
location: https://mug.criteo.com/sid?cpp=YZwOh3xUZHdZSDJ4Nk01c3Bmbm1ZZlBzclo3cHlmWHNtNFNCZW4xcS93RzZhYzU5ZDh0OXZnVkM5YkhCSmlBZHJYN0FCd3ZhQW8zclpYemFObnR6dXVYZmU0b1VQaHMvRGtXbGtLbUVHZy9zVXljUC91enVWdDI5MHNJeFc4VU1uL2ozMHhiR1Z1NEE0cnhLRWN3MEwwSnlQMnU3VlJ4aloyZEY4TjM2U1dLZkVoY21LODd6YVpWdWw4dFpqVWQrbDMzQUJJM0dBcmJPY1g5RXdRS1Z4V3BRWDNMTVAwTDg3V0lPSHVCMlo2bG9UZlhzZDVyVHZ6d05NOXMwVVl5WlVyNjUyVHlwdHcvSjQ5Znh4VjlxNWNpMzRiQT09fA&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://1plus1.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1370
content-length: 541
expires: 0

POST
H/1.1 200 692.json Show response
id5-sync.com/g/v2/ 454 B
1 KB 125ms
39ms XHR
application/json 141.95.98.70
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/692.json

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19177/hb_298309_4139.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.70 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216620.ip-141-95-98.eu

Software

Resource Hash

19a2a70441fd0a053e8d2aedb2010ae3484a0e551ecb3a10a57580263f461b7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 04 Jul 2022 02:21:08 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
p3p: CP="CAO PSA OUR"
access-control-allow-origin: https://1plus1.ua
access-control-allow-credentials: true
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json;charset=UTF-8
transfer-encoding: chunked

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 103ms
35ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Mon, 04 Jul 2022 02:21:08 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 1075
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

POST
H/1.1 204
No Content multitracking Show response
ghb.adtelligent.com/adunit/ 0
220 B 26ms
26ms XHR
text/plain 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/adunit/multitracking
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/460250/hbw_master_298309_4139.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://1plus1.ua
Date: Mon, 04 Jul 2022 02:21:08 GMT
Access-Control-Allow-Credentials: true
Server: Adtelligent
Connection: Keep-Alive
X-Robots-Tag: noindex

POST
H2 200 PageStatEntry Show response
sslpagestat.mmi.bemobile.ua/pagestat/ 36 B
130 B 75ms
74ms XHR
application/json 194.247.175.25
BEMOBILE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sslpagestat.mmi.bemobile.ua/pagestat/PageStatEntry
Requested by: Host: source.mmi.bemobile.ua
URL: https://source.mmi.bemobile.ua/cm/cm.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.247.175.25 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 147b1111edda7e2c2f9d672b5649de2f2dc5d5cb9dda7905198aa883a4273013

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 04 Jul 2022 02:21:09 GMT
server: nginx/1.18.0
content-length: 36
content-type: application/json

GET
H2 200 PageStatEntry Show response
sslpagestat.mmi.bemobile.ua/pagestat/ 36 B
130 B 72ms
72ms XHR
application/json 194.247.175.25
BEMOBILE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sslpagestat.mmi.bemobile.ua/pagestat/PageStatEntry?cookie=4692B548981F444F8B0860A7252DC044&time=1656901269922&location=https%3A%2F%2F1plus1.ua%2F&referrer=&is_flash=0&session_id=35013718&version=3.5.337_ua/1.83&sw=1600&sh=1200&scd=24&spd=24&tnscm_adn=inline_cm&param1=~cm_timer~&param2=5&param3=1200&param4=2190&param5=7&vt=d
Requested by: Host: source.mmi.bemobile.ua
URL: https://source.mmi.bemobile.ua/cm/cm.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.247.175.25 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 147b1111edda7e2c2f9d672b5649de2f2dc5d5cb9dda7905198aa883a4273013

Request headers

Accept: application/json
Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 04 Jul 2022 02:21:09 GMT
server: nginx/1.18.0
content-length: 36
content-type: application/json

GET
H3 200 dc_oe=ChMIgY_dm5be-AIVzAgGAB0gKwGMEAAYACCk-cZSQhMI4YaJm5be-AIVxXbgCh2H4wmV;met=1;acvw=sv%3D929%26v%3D20220627%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,169,299%26tos%3D2029,0,0,0,0%...
ade.googlesyndication.com/ddm/activity/ Frame 015D 42 B
63 B 161ms
76ms Image
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIgY_dm5be-AIVzAgGAB0gKwGMEAAYACCk-cZSQhMI4YaJm5be-AIVxXbgCh2H4wmV;met=1;acvw=sv%3D929%26v%3D20220627%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,169,299%26tos%3D2029,0,0,0,0%26mtos%3D2029,2029,2029,2029,2029%26amtos%3D0,0,0,0,0%26mcvt%3D2029%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2230%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D4%26pst%3D202%26dur%3D13000%26vmtime%3D2240%26dtos%3D2029%26dtoss%3D1%26dvs%3D2029%26dfvs%3D2029%26dvpt%3D2230%26is%3D275%26i0%3D18%26ic%3D16777473%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D223845271%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,2029;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1656901268085;ecn1=1;etm1=0;eid1=200000;

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 02:21:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 015D 42 B
64 B 76ms
75ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuY1EC7D0ApUD8J6W6kyi1hZJYwZLLlcV6F7cwF2KgApu_51JoY6rAPZQxP_G3oekrFzP07VTtekeQXUdpNZbxW-9Rc8VF-g9c8ADl5_wGg83Q3_FiAAt7HQWi3&sai=AMfl-YRb7FcISq3_KiLScL0iJISrquc7UGaeBbN869UxteC-QS1o_EMXfhe65foSXgdr3IRVIwaeEz7gmqbghE7xhBIfpLm_Lv-kAZ9IcQ2g8cZKeG5XSeCMYEiftwGb&sig=Cg0ArKJSzGv3DcdprmW8EAE&cid=CAASJeRoa2om-m3upQMZ5gt5AwKYfJ3bMXbx4aCBVuntC6QPWi3tS3Q&id=lidarv&acvw=sv%3D929%26v%3D20220627%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,169,299%26tos%3D2029,0,0,0,0%26mtos%3D2029,2029,2029,2029,2029%26amtos%3D0,0,0,0,0%26mcvt%3D2029%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2230%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D4%26pst%3D202%26dur%3D13000%26vmtime%3D2240%26dtos%3D2029%26dtoss%3D1%26dvs%3D2029%26dfvs%3D2029%26dvpt%3D2230%26is%3D275%26i0%3D18%26ic%3D16777473%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D223845271%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,2029&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1656901268085

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 02:21:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fonts.gstatic.com
URL: https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2

Domain: fonts.gstatic.com
URL: https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Domain: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/gemiuslib.js

Domain: api.1plus1.video
URL: https://api.1plus1.video/static/js/api.chat.0.0.1.js

Domain: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Domain: images.1plus1.video
URL: https://images.1plus1.video/playlist-1/96592/b1ac6f7602909d192d06385c796ae330.220x330.jpg

Domain: images.1plus1.video
URL: https://images.1plus1.video/playlist-1/326/08889206d0bc6f22496fd04b86041fed.220x330.jpg

Domain: images.1plus1.video
URL: https://images.1plus1.video/playlist-1/93/e2811c3b984e91c24e364696bb27bc38.220x330.jpg

Domain: images.1plus1.video
URL: https://images.1plus1.video/playlist-1/70406/19a348d8fe46d988addecabea5bddcd4.220x330.jpg

Domain: images.1plus1.video
URL: https://images.1plus1.video/playlist-1/5589/580fc007f314b6c7a87ec2f320914a1a.220x330.jpg

Domain: images.1plus1.video
URL: https://images.1plus1.video/playlist-1/3467/370c2b73c5a49b7670bbcbdc1171051f.220x330.jpg

Domain: images.1plus1.video
URL: https://images.1plus1.video/playlist-1/3093/220x330.jpg

Domain: images.1plus1.video
URL: https://images.1plus1.video/playlist-1/172/200x335.jpg

Domain: images.1plus1.video
URL: https://images.1plus1.video/playlist-1/101800/fa026e772cfd5e39f5c43fb03bea1247.220x330.jpg

Domain: images.1plus1.video
URL: https://images.1plus1.video/playlist-1/229/68f1d6db63b02b275cfc2427fb1527bd.220x330.jpg

Domain: images.1plus1.video
URL: https://images.1plus1.video/playlist-1/118669/f0ee1990bc109bdc1d80ced614848fbe.220x330.jpg

Domain: rtr.innovid.com
URL: https://rtr.innovid.com/r1.62a26dc282e3e1.36686457;cb=1656901265933153?ivc_adstxt_domain=google.com&ivc_adstxt_publisher=pub-9138247653754533&ivc_appid=&ivc_campaignid=17478450894&ivc_creativeid=430148999&ivc_orderid=28362746&ivc_dealid=&ivc_publisherid=1&ivc_site=15111889383&ivc_dsp=dv360&ivc_dbmtoken=AD1EzRQAAABmCl4KDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhEIzv2vjkGoAu3NcrAC-o_DDUAB0gIqGAAiEwjhhomblt74AhXFduAKHYfjCZUoATABOJGalfmaEEACSAFYmIQgEIebjs0BpvTU-nYWpeEa5dQ5P5BFWA

Verdicts & Comments Add Verdict or Comment

144 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

63 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.1plus1.video/	1970-01-20 21:46:13	Name: _opov_sid_ Value: tme79nrd9a3266l9oqn24kg4ku
1plus1.ua/	1970-01-21 06:31:49	Name: _opov_hid_l Value: 4d94fa98-5f5f-5492-b614-ff49e570d435
.1plus1.ua/	1970-01-20 21:46:16	Name: _opov_sid_ Value: tme79nrd9a3266l9oqn24kg4ku
1plus1.ua/	1970-01-20 13:40:56	Name: _pk_id.2.1c86 Value: d8cd8622d10c66e9.1656901265.1.1656901265.1656901265.
1plus1.ua/	1970-01-20 04:15:03	Name: _pk_ses.2.1c86 Value: *
1plus1.ua/	1969-12-31 23:59:59	Name: Value: store.test
.1plus1.ua/	1970-01-20 21:46:13	Name: _ga Value: GA1.2.2063326827.1656901265
.1plus1.ua/	1970-01-20 04:16:27	Name: _gid Value: GA1.2.1031868237.1656901265
.1plus1.ua/	1970-01-20 04:15:01	Name: _gat_UA-22507043-9 Value: 1
.1plus1.ua/	1970-01-20 04:15:01	Name: _gat_UA-113262294-1 Value: 1
.1plus1.ua/	1970-01-20 13:43:49	Name: __gfp_64b Value: WLgaFqfIAAuQv3Hgpu91xqUvxwqW5P0_lBpWPdu6k2P.U7\|1656901264
.1plus1.ua/	1970-01-20 13:36:37	Name: __gpi Value: UID=0000082a807b8525:T=1656901264:RT=1656901264:S=ALNI_MZI4BG7zASWJGD0ZiqGA_zI2ww_ig
a4p.adpartner.pro/	1970-01-20 05:41:25	Name: apuid Value: b8b1ed26-78ef-4365-aa13-d23cdc14f7ec
.1plus1.ua/	1970-01-20 13:00:37	Name: _hjSessionUser_1437498 Value: eyJpZCI6IjUwNzRjYzg0LTU5NTItNTZkMS1iNWY5LWUxOTAwNGFhOGRmMyIsImNyZWF0ZWQiOjE2NTY5MDEyNjQ4MjUsImV4aXN0aW5nIjpmYWxzZX0=
.1plus1.ua/	1970-01-20 04:15:03	Name: _hjFirstSeen Value: 1
1plus1.ua/	1970-01-20 04:15:01	Name: _hjIncludedInSessionSample Value: 1
.1plus1.ua/	1970-01-20 04:15:03	Name: _hjSession_1437498 Value: eyJpZCI6IjUxNDExNjMwLTIxOWQtNGJmNy1hZTFjLThiMDJlNGU1ZjczNCIsImNyZWF0ZWQiOjE2NTY5MDEyNjQ4NjEsImluU2FtcGxlIjp0cnVlfQ==
.1plus1.ua/	1970-01-20 04:15:03	Name: _hjAbsoluteSessionInProgress Value: 0
1plus1.ua/	1970-01-20 04:58:13	Name: _pbjs_userid_consent_data Value: 3524755945110770
.1plus1.ua/	1970-01-20 13:00:37	Name: _pubcid Value: 86b27987-dd71-4121-a089-327c9eba49c6
.prebid.a-mo.net/	1970-01-20 13:00:37	Name: __amc Value: 1_1656901265_1656901265
pbjs.e-planning.net/	1969-12-31 23:59:59	Name: CT Value: 1
.admixer.net/	1970-01-20 06:24:37	Name: am-uid Value: 725130c225884185aabd62052c16ab7e
.e-planning.net/	1970-01-22 17:34:13	Name: E Value: AAgimyrfUI45e92P
.adtelligent.com/	1970-01-20 05:44:18	Name: vmuid Value: 5d36643577a3e139
.adtelligent.com/	1970-01-20 05:44:18	Name: a307558 Value: b8b1ed26-78ef-4365-aa13-d23cdc14f7ec
.adnxs.com/	1970-01-20 06:24:37	Name: icu Value: ChgI4axaEAoYASABKAEwkZ2JlgY4AUABSAEQkZ2JlgYYAA..
.adnxs.com/	1970-01-20 06:24:37	Name: uuid2 Value: 3381877682555507841
.ads.adnuntius.delivery/	1970-01-20 04:58:13	Name: usi Value: lws1!adnfp26906fb92473276f
.ads.adnuntius.delivery/	1969-12-31 23:59:59	Name: sessionId Value: 884a1ab77dd87c574f24abbcbba897fb
.ads.adnuntius.delivery/	1970-01-20 04:27:37	Name: i Value: 0AAAAAQAA
.ads.adnuntius.delivery/	1970-01-20 04:27:37	Name: r Value: 0AAAAAQAA
.ads.adnuntius.delivery/	1970-01-20 04:27:37	Name: s Value: 0AAAAAQAA
.ads.adnuntius.delivery/	1970-01-20 04:27:37	Name: v Value: 0AAAAAQAA
.ads.adnuntius.delivery/	1970-01-20 04:27:37	Name: c Value: 0AAAAAQAA
.doubleclick.net/	1970-01-20 13:36:37	Name: IDE Value: AHWqTUlH6MY5M65WfwRJ6TtxMi6ZIIWmsdm2yd-E0dx9CXAi4WWLniVLA8zOkijTciU
.1plus1.ua/	1970-01-20 13:36:37	Name: __gads Value: ID=e25bbca02a49bcec:T=1656901264:S=ALNI_Ma5RZ1sukxQ_cPbhyxk81vLQ9lJyA
.rubiconproject.com/	1970-01-20 13:00:37	Name: khaos Value: L5648EPK-5-6Q0K
.rubiconproject.com/	1970-01-20 13:00:37	Name: audit Value: 1\|hLZGFuTafB0eM7sbw/itLaJvvWgC/Qcxgndhc+y7+ZAdY+/zvkQ2dAI1BOuyOcrMfr2w3YCIInLgcRgjl6EitUxkBIWMWoVW3OlDu/ORdD8=
1plus1.video/	1970-01-21 06:31:49	Name: _opov_hid_l Value: 21fa32f6-3c03-5fbe-a7c0-ededb5a66cfc
.yahoo.com/	1970-01-20 13:00:58	Name: A3 Value: d=AQABBJJOwmICEARji8Cg7uvV8hZECe5abzgFEgEBAQGgw2LMYgAAAAAA_eMAAA&S=AQAAAt7nawCPGOYHo_IOuNVFV9w
.turn.com/	1970-01-20 08:34:13	Name: uid Value: 7926424074142671099
.mathtag.com/	1970-01-20 13:40:56	Name: uuid Value: 033262c2-4e91-4000-9634-bcef91aafe6e
.mathtag.com/	1970-01-20 04:58:13	Name: mt_mop Value: 4:1656901265
.w55c.net/	1970-01-20 13:45:15	Name: wfivefivec Value: 7zUWmyp11O8bHY5
.de17a.com/	1970-01-20 12:53:25	Name: guid Value: 1.6191080479178293301
.w55c.net/	1970-01-20 04:58:13	Name: matchgoogle Value: 5
.casalemedia.com/	1970-01-20 13:00:37	Name: CMID Value: YsJOktFmdcWRqLEGyGo8JwAA
.casalemedia.com/	1970-01-20 06:24:37	Name: CMPS Value: 2563
.casalemedia.com/	1970-01-20 06:24:37	Name: CMPRO Value: 2563
.casalemedia.com/	1970-01-20 06:24:37	Name: CMTS Value: 2431
.lijit.com/	1970-01-20 13:00:37	Name: ljt_reader Value: E6rtKGZH6hokrbkvRfWZNCq6
.hit.gemius.pl/	1970-01-20 13:43:49	Name: Gdyn Value: KlGnfMXGQMQGQ3FXBiPF7HsissGMB1ooL6nxmG78TxsWlpaiGsRP7eHiGKGGqjARgGl8leB2GQRPgSVgRMSG
1plus1.ua/	1970-01-20 04:15:03	Name: hbmp_cap_h Value: eyJhdXRvbWF0YWRDX21rcCI6MX0=
1plus1.ua/	1970-01-20 04:16:19	Name: hbmp_cap_d Value: eyJhdXRvbWF0YWRDX21rcCI6MX0=
.doubleclick.net/	1970-01-20 04:15:04	Name: DSID Value: NO_DATA
.ctnsnet.com/	1970-01-20 13:00:37	Name: cid_a81bee094a544f25b97251e71779d1f4 Value: 1
.ctnsnet.com/	1970-01-20 13:00:37	Name: gid_CAESEB9uOJilA6TyUCx5P0WdlEI Value: 1
.criteo.com/	1970-01-20 13:36:37	Name: uid Value: d985f85c-afd5-4308-be7c-07de6a43b475
.innovid.com/	1970-01-20 06:24:37	Name: uuid Value: 087e0545-724d-49e7-8631-65c08f1d3d9a-20220703 22:21:07
.id5-sync.com/	1970-01-20 06:24:37	Name: id5 Value: bc6d2341-80b1-427e-a4c6-0db2f4507677#1656901268887#1
.1plus1.ua/	1970-01-20 13:36:37	Name: cto_bundle Value: iQSL-V9FS1c5ZUphVkElMkJXcXJaZGZxdUM1cjFacjh6WlRoOTN1Wjh1SjJ4RkNDZ3pTSnVLRU0xamc5ckhYQUUwZzRDeFFPdk9VRGNXcVJubU9iMCUyRmJuZ2hGTzhsUzJ3Z0lTQnJiQUpkeGZ4MGclMkZUQUw1ZU9yNnM3WWNKTnU3SzRDcFpsYndURnZjNTBicmxHbXJaVSUyRm9sV3pPZyUzRCUzRA
.1plus1.ua/	1970-01-20 13:36:37	Name: cto_bidid Value: r1iDqF9Ud0VoYU9XVnJSRGhBSDFkQVQxQTZ3VjRwV01QQm5HMEVkYnpwb0NMS2JKbFBFckJrSkVmQWRNT3VxNDYxVjMwTlZrMHozTWcxekptckNNemV3OTdrbm5xOEV4dklOMyUyQnclMkZCRVYySW9OMDQlM0Q

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://1plus1.ua/(Line 2026) Message: Allow attribute will take precedence over 'allowfullscreen'.
security	error	URL: https://45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html(Line 12) Message: Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/9398474255730865772/index.html".
javascript	error	URL: https://45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Message: Access to XMLHttpRequest at 'https://rtr.innovid.com/r1.62a26dc282e3e1.36686457;cb=1656901265933153?ivc_adstxt_domain=google.com&ivc_adstxt_publisher=pub-9138247653754533&ivc_appid=&ivc_campaignid=17478450894&ivc_creativeid=430148999&ivc_orderid=28362746&ivc_dealid=&ivc_publisherid=1&ivc_site=15111889383&ivc_dsp=dv360&ivc_dbmtoken=AD1EzRQAAABmCl4KDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhEIzv2vjkGoAu3NcrAC-o_DDUAB0gIqGAAiEwjhhomblt74AhXFduAKHYfjCZUoATABOJGalfmaEEACSAFYmIQgEIebjs0BpvTU-nYWpeEa5dQ5P5BFWA' from origin 'https://45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com' has been blocked by CORS policy: The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute.
network	error	URL: https://rtr.innovid.com/r1.62a26dc282e3e1.36686457;cb=1656901265933153?ivc_adstxt_domain=google.com&ivc_adstxt_publisher=pub-9138247653754533&ivc_appid=&ivc_campaignid=17478450894&ivc_creativeid=430148999&ivc_orderid=28362746&ivc_dealid=&ivc_publisherid=1&ivc_site=15111889383&ivc_dsp=dv360&ivc_dbmtoken=AD1EzRQAAABmCl4KDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhEIzv2vjkGoAu3NcrAC-o_DDUAB0gIqGAAiEwjhhomblt74AhXFduAKHYfjCZUoATABOJGalfmaEEACSAFYmIQgEIebjs0BpvTU-nYWpeEa5dQ5P5BFWA Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://graph.facebook.com/v2.2/?fields=og_object{engagement}&id=https://1plus1.uahttps://1plus1.video/video/embed/E2fzXbha?l=ua Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1plus1.ua
1plus1.video
45b7f4277b3606e07384a3d88061ab53.safeframe.googlesyndication.com
a4p.adpartner.pro
ad.turn.com
ade.googlesyndication.com
ads.adnuntius.delivery
adservice.google.ae
adservice.google.com
adtelligent-d.openx.net
ag.innovid.com
ap.lijit.com
api.1plus1.video
assay.1plus1.ua
bid.g.doubleclick.net
bidder.criteo.com
cdn.admixer.net
cdn.jsdelivr.net
cm.g.doubleclick.net
connect.facebook.net
csi.gstatic.com
d5p.de17a.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
gaua.hit.gemius.pl
gcm.ctnsnet.com
ghb.adtelligent.com
ghb1.adtelligent.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
graph.facebook.com
gum.criteo.com
hb-api.omnitagjs.com
hbopenbid.pubmatic.com
ib.adnxs.com
id5-sync.com
images.1plus1.ua
images.1plus1.video
imasdk.googleapis.com
inv-nets.admixer.net
ls.hit.gemius.pl
mug.criteo.com
onetag-sys.com
pa.tns-ua.com
pagead2.googlesyndication.com
partner.googleadservices.com
pbjs.e-planning.net
player.adtelligent.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prebid.a-mo.net
r.turn.com
rtr.innovid.com
s-video.innovid.com
s.innovid.com
s0.2mdn.net
script.hotjar.com
securepubads.g.doubleclick.net
source.mmi.bemobile.ua
sslpagestat.mmi.bemobile.ua
ssum-sec.casalemedia.com
static.criteo.net
static.hotjar.com
stats.g.doubleclick.net
sync.adtelligent.com
sync.mathtag.com
sync.pubwise.io
tpc.googlesyndication.com
vars.hotjar.com
www.facebook.com
www.google-analytics.com
www.google.ae
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
api.1plus1.video
fonts.gstatic.com
gaua.hit.gemius.pl
images.1plus1.video
imasdk.googleapis.com
rtr.innovid.com
104.18.18.126
141.95.98.70
142.250.185.162
142.250.185.226
142.250.201.163
146.0.227.109
146.59.10.80
146.59.30.108
147.75.198.217
147.75.85.234
172.217.18.2
173.194.76.154
178.250.0.157
178.250.0.165
18.66.139.117
18.66.97.10
185.184.8.90
185.255.84.151
185.29.132.241
185.33.221.89
185.64.189.112
194.247.175.19
194.247.175.23
194.247.175.25
195.137.240.100
195.137.240.108
195.137.240.12
195.137.240.21
195.137.240.88
2001:678:cb4:bbbb::11
213.155.156.166
23.35.236.233
2404:6800:4002:80e::2003
2602:803:c004:200::140
2606:4700:3030::6815:5525
2606:4700::6810:5714
2a00:1450:4001:806::200a
2a00:1450:4001:80b::2004
2a00:1450:4001:80b::2008
2a00:1450:4001:80f::2003
2a00:1450:4001:810::2002
2a00:1450:4001:811::2001
2a00:1450:4001:811::2003
2a00:1450:4001:812::2002
2a00:1450:4001:812::2003
2a00:1450:4001:812::200a
2a00:1450:4001:828::2006
2a00:1450:4001:829::2002
2a00:1450:4001:829::200e
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2001
2a00:1450:400c:c01::9c
2a02:2638:1::3
2a02:2638::1c
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f02d:110:face:b00c:0:2
2a03:2880:f11c:8083:face:b00c:0:25de
2a03:90c0:41:2801::254
2a05:d018:d29:3605:733c:ed5f:ba2e:ed39
2a05:d01c:1d8:8101:3228:f44e:fd20:fc96
2a05:d01c:1d8:8101:7677:5b33:71a6:2d38
2a05:d01c:1d8:8102:95d9:9814:5eb1:9b73
2a0c:5c81:5142::2
35.186.193.173
35.244.159.8
45.133.44.3
46.249.52.249
51.75.86.98
51.83.220.94
52.222.236.63
54.93.71.13
62.149.0.72
63.251.14.3
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
0775d845477ec67d30df12f018643cd5ef6021da70d54ec1772ffee13e17acf9
08e819e60be247e943e3f4c3fddf82ce1160b8c68037e0331806a68bd814e632
08eb23ff14f9a46ee4882c1d442cdd3c99385b8f3febcbed8ebe464688976320
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0c6d7c39a50745368a2c1566bd478cb60be5807a949674f42c5ac34a1dbc854f
0d445a74d3a246cfcc740a2089396539a39b2a86534a69eeab2fb5bf9de93e9f
0e91b740e0aebfa7aeeff33dd62379b9920fd9419282ba124be588f8670fec89
0f4116c2f3eb90f22f0851486373a2955bbf1b831e2183114cac19576847f445
0fb1468e01fc61820e905556d9a6bfd354404ea647b17db099f5913efa77658a
0fc2fc5d88d357fa83957e664039e6a19588081e55a215d8d077eed82d43beba
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
121ba6e535d032b52c9aeed68743ea7b7ba89bef6eed3a4bb6bf78e2ae474003
147b1111edda7e2c2f9d672b5649de2f2dc5d5cb9dda7905198aa883a4273013
151cd6258615872f6feccae709aa8351ba4df8a8b10033430ff1affba448399d
16aec55d227d15b95ca9a2297e928565f7563468e81b0f92cfaff43c2aede381
176cec0c0610df2346dd22066f273900fa263f1071814b001d07ffbd654b9eda
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18490029527d0166564d08d77d15347f5c7604cb916606860eb0bf458565ba9f
18ca855b34e8088b569c94341610b79cb68a708fa3f4a707eea6f2bd55d7089d
19a2a70441fd0a053e8d2aedb2010ae3484a0e551ecb3a10a57580263f461b7b
1a0bd43d72cdb652130131bebb879e21ff9055366fc96fc5ff9c8a3acb943a26
1a1cbd003f02f0c1712e6de047260a8897034a6966acd5cccf3472fd1637ffb3
1a97b6ad77b7b2d964adcf284bba0a1305fcc7eae64b28da2befe69f8656a411
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
1ffabd3c51a646b79107862e39aa8446e0f6f87d822e87e21c23bf3bd47411e2
20449e789ae23b4c7ce8ac8822da7293591708bb9199ba89d662c5aefd5c897e
229378c3a3e277ca91542f035d4386df50f091126b2acfd9bda191e8bf5368a8
2314da4607398a6481be7b838cabed671605b3706f882c5435b677adfe8734b7
23bc455e88fbf46b47c43d527b1ee2ebc56e78ddc2cd2e265db7a78b41fda2a9
23f6147ca5720cc69303cdbdf8ddeb002ec83b6eb14d3c914d16f965b792b32e
24128f77cf43c4cf1d19a29f2edff7ff69d990d2b8b286526eb696713f5042cc
28cb680f486692048141cc8d4577451f3509ebd757594abfd2befcf0940aa385
296cc6659eb2eb974d7c640f6e17c377d4a084a2f3df986d0c265dba2a73d8e0
29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb
2b229fa865eb106077d1b9911b836203ccb3f38a234b07b4f5a7254b6274ae54
2b7f68582252a22f529528a5bcd334c5d727a7e972d2808677aaee4a4ba20259
2cb0ec77d4a1357c426f57e0902f8e2dca5ba6c33937990a15be829288d4823e
2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3261dfa5cad802f2a2e130c487ddae485cc6cee37610e285f1e936452cb74793
338c4f1f2a838c436f7bc2edc15b10fa69acafbb1fe9e6d1417d358c48939001
33b8ded1db2bd4f9a1a277b066392692c7bf16d47959e31ac402661fdf5ef167
3414b58bed1def0f8a1f6eb4d0a00aefe269558f7c83e4991514f7557906d5d8
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
36cb7a40b0ac2e45a4e00c15135d9364ac253a99f7b0511ed6d54bc2de5154ad
380e0c01b9199463a9871a0eb5a39a50919e13cc85d027cf8b9733dcd35c99dc
3ab326af9dc6c82a2117248f99b169c68e64ef429ca3cfb75ddf9aa81e07c3a4
3b800f039c220f9ae4506d735f9ff593d6872c7a8ad4050da17dd8f2dcd76b6a
3b8c6f1c219043fcc2be07cb64df80eb52ee96a9ea36943c82c47fc2dd15e844
3cb5d9faee285dc3a08d39d8ce31c83db8b5d5910e90bf3e3397b3a4c90d6ff4
3dac64a94fcc4eae3c54f1f12824e9b82bebbec1acb3cb8b908f4ecc1f90e578
3effdf31b5136947e397969ccf1951035ba74e528e6271f1d87b90b70ad846e6
3fdf445b8cfc96cac2dc15cf848136734465e421404c4af45aa2edf8aac271e1
420acc2ce36c2f0c592b45eac0a8d66ccd940200b89134883a63ff2c224d823c
45a65ca6f7c6c876d56db7c35a6807da330e622201ec16e1a7dff27fe10fe0e6
46b5ebf7f40bb13bd710006ae54cb96f850805450f5450484964454a5656d287
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48c780f7e651b6071883d1dbf7a21e38f4b9e9250335487cc846abc0b4cff053
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
4c90a683d54591d4ddfc8a9ddc958e811c19a0b564b600e862fdc2b7c7b5256b
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
517d4417f1918881abb8b87e7be918ca95b9eb50de3a5ef4a46e2e39626aba7b
52a0e22d16803d4e51088788ed33270265457717d1d64145905ed3abcd9d792e
536d3e3143304d5b269dee2eca1defcd7c409be2ee5c41aefc23226095c5398a
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
54aee54e1aa9fe5c4a304b2f16226324c09f0c422ff9a0bb9445cb858ae42197
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a4bf6765c70fc79d4a77d75bbd839f0054209a82412b838a05b070141ef0889
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5c60b494be930d9e88a69441e91009240d7c601e478cc29015322ee224422f0e
5d119e479a9613ec2d6af7619852368634db0662111058f425985d93dd0278b0
5d1b56a762d63b6e9bfb8a70552ce75c1c3938c782f8d9de971ecc960836c451
5da6dddf993973d461962f09ed2fcdbb6c1d811cca3a584c081d71defba2dfbd
5e38610da08b4ce64af08d5fb45a599b48369d6154f94cb607a69dbba7017a59
5e5c9149be229df7c934f8cd1acf1b3cc9e04e29cbbe6cbe0e2d726e79930cff
5f9ecc527406b9b72bc3a9f4527892dcf842584b7e6aeb7ce816a4c7c8803954
6030223b5a0f8cb565b817fed301a66ff90780dd7c180bc73cb1ae921d871a9b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99
623b8ed926c2eb6436ec5a876949f4986eea52ccb69a6a0064164dd9d6361179
662a701e1568bc9c60eb966d8c2200f4441a233d50746596c2cd23ac0240dc62
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
67318e1c9ea0047b035276d21690ea657f781686c5fb857f4f80ba1084ea3671
680f6e9a0e9f9d8c145e11d6937f688ff4299215d44bf0a54368ffc6acdbfc51
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
6927c24b0af36e882d5042b98d4a3565048a436e64c3ddcd5baf4e072a542f68
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e1fab0987211581657a25273dce874d533e7aec592668da6e72ef855ad0759c
714576ef1d7b58980b7658ae9b8b4d74a223fba87934dc442db4098873e179a3
727d017565f60a77f88f8753c1b297bb752bd86fae73e89ae9cff404d5de1902
75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070
75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2
7761c8d15ae844c050903b7fe2de9930f2709586657365ee629b68d280736726
77639b450a3179e657341017374b6b46eaa79cf1e02cd816c53feb97db03bf6c
78aa9e144f1e30e5739fa73d9ad4dbd01e06853dac52a3267ed0b4345a9e316e
792972a6b7f330144c0cf22b9c63f8efaff4665dfb2b43868d0cbbaff721d100
79db9ed714dce58ba264e8498b854803f736d027ad66de53f72ed0ddc367ad30
79ddb902a60e533e2319d2de5a6e2af066eb3fb023546c67a4f4a4eea7c05210
7bb41cb01e8d4beee575e8407d30ea36e35b372e463778e8ad16813236423d53
7cad3fc55004252e1248b88c496b574f5cfdf57188d88989544f4a81ccf2c6f7
7e6edea54ce8e20a389520d8987ce05d3b0ad269008dd07de7600ed4b8e8d2ae
7f4b62d09dc30ffd1f6943c722fc053199beca02c3a5962264608d05ec583484
7f9a44771c2088ce273d74602d782522125915870f00d6adee316c0504c80de5
80393f33ac80acbeafb4fe2ab75d89a477acf81049fe91f943c81bdf750b9456
84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30
851ab1d0997cc0dd8c000ccb7d04106aafa3d5586dd097a74a0805301b8ec95d
888110a74f51f0c1a4ebb68099d1967cdccce78f8396c109c66589728311e055
8a224f5666106a0d1c78951d4dfb964ab63183d044119a68404f7c01c19f951d
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8ccdb8f3088aab4616f60254e62c992ceeb4d62e55c1b2416061f1ad7785ef45
8ea36d679c5c9dd3d5582d5f55c70ef4d7e3cf8d5360f8c45a637587483f6ee1
8f244e407e374e5a35e20db52746d972e7e3a09d54952be4bbebb51a90c959e2
8f9e71ad37578a2db5a8e702ba31316a65dc3f36b2883198adab4d8261631483
8feec4048c408cc892379926dc703cd302a0a79634d5bfb7e40a961a6c50c836
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
96fa53f5c7ee449368b95af8f9b354851f7f47ef24a30c820df6fdfeabab17ab
9804388cba17d2c3d7a1151cd43e79ce3d6b5ff470cef3f85fd2669c12ceacd5
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
98e39a85d1174c620ab799a1fd146e98394864d6ac1c94ee032217d982238145
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b02749b81bd30a9e80864ceb21e4f68a3b8b3727fbbee10165c0b181c1bdfb2
9b99450717649bd5715ae5cba0e064d8cc879abe705815792d66097163cfb576
9baa8b454d8fb2173b9edc864f62fe0e3119faa407aea571c9674ebe20085ddd
9cfc3a96cab0eb315783265b6db554e532e060952d409399cc7dd1d7e775b9a3
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6
a3eb4ecc51f5edd11da1af7ad648fb4ff5efda6460f4c1584903390d82a8ddec
a465f8f64b04557d4b857f47133d7405afddf56e08011d751affe567133afdd3
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5af34b74868f58da2483e0ad87af7bfb087d4fc23ee86139a4fba443bb66e5f
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
a691ce0fb054d5f2128394b9ad9c5961d7c0cdc1804bc83d6760df78ee304d7f
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
ab87721d1d1e549f3e63fc4500cbcd57774d725a989058eb89a50303500842d7
abee2ab95491ef1e29b65b7c025f035fc075327c87817750d1149ed782780477
ac7d2fe900025cf93204a654c7e4e5d48d595c99f63f3e937a52c37458b738ce
ae0b2fa6956c5bbeab3ebb80e69bc0d313506fbf6d9a75fdd41d3511d8aeb120
ae2e1dc0161fa05e80b225682868a9bfbab08c503b2429f06339d4487f160ac2
aff07859ecbbac7c3e97c830c66c57764964a3dc12d0f8d14688bcaad8d976f9
b51b3fd769f6f90e1e3a40b9b412cbec4d8e2433ce6c3a86c0aba76f038b5edb
b69757d5a23efa1f5b7a3d1eed944adce23b55e8c0f932c5e81b90dd3de0daaa
b909b4a146f98b3df02d19a45056c848c2a610df5752180c92c2afeef3548980
b970b1fb15a609a48ce9e68536d4795ed2e3294549fc05eed0bec59f62b574ee
b97d2c98f8bac4ee72d075d577db22903f83ae9a2742b9caef94f0842b459348
ba742f176681a3603b31f011390722e48d49719c69a4d60584fe60bbaf29fb57
bbb05b94711d32b94bf45db19a44a6f68bc361a1374016744bfd911dc43c4e3c
bc2abfe139e2fdbc14796440a1208a90ee2d40afa2c233ff6d9714bf00b587f7
bc612c0463c547f2d209aebf6d513fe30242194a0c14739ac81495248c0c4d66
bc8da5d75140640d8da53492b5070f6ea34c9c1a1c1b53f3069cca26d4bdac01
bd9072da49e87b2c3688527532eb51a54a6886366915be497e4e2de0c83e5859
c1664f45bc92def41dbd3f8d4bd057e6ce4003b168b33cfafcbca2ae19533209
c1f3ab6460bd7cf844b4bd7591402547978fd9095bda1bedd5bb20ed9ee9a11d
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c71e95bdbd1530a38828dda20abf1e853b9a07b4cd6132842b6a200e052f446d
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ccc34ccca1022c23dbe7b887699bd833054fe8b8fcd31dcd36f51c76f442c6c9
cd4ca82fa113fe41ab63699d0d37379b829ef235db6ccc4d77a13aa84f1bb03e
ce192f9f9abe37c4a23cd53224b50073fdf395e13a3a5bda93f4cc7d713cd1a0
ce7c4b304c61ab6f6bc5bc4d333177a66061d1b84c6ee3b0b322ec360f65dcc4
cebc9fa1ad16eea9b59549b0a11266123a182f797ed6535a1b1ae51406879d60
cf625927327c24ad69bba582df478bf480a18cf643e813292073fb2d0ff6a8c6
cfd5a04c696bf13721ea7b8d1094c8432135fc5f9d457ecf2c1d80bcf87e2235
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d2d5b38dab063f33a17e743518b185ec00efbb4494c46f3b58571dfdc56958fc
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d7c2249c4f39bc0dbaceafeb7a4ab9f599441c6265927ad20920991fa22bf362
d807c12f029f4df6967f2f082f63eee8013a45f2125c9201b368bb4bb37f9361
da2cc9b499be1080e005553fb99c124cc4e1e3bbffeaae7a86f507c3e5b512ef
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
ddcede6dc423a82c6a23bcd3624f799da8710d00831dc72a7e8eda1b4aa08f6a
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0df990919deefea7970a067bc4883d7d0b0a4271758cf451db2806766776c6e
e2b2134adf52398755a5e6428ee95f6a6f99db6b82530f2b3e964c5be470cfe0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3ea156c91e5bd4f4ba41e6bb96d65b5b75f36e2afb3b33522b6deb06aa1b19d
e52ce9aedd00c17de0baddbfc8112577c1a48f3d1c8aee25953a53feb7281d7c
e6ab2c1f9d44117b891343d44495f2f7bce4695d2390b57b6ddd7d6243e90828
e72a4d605e3d5af4047f1f34af4008981be221e0809e57805c6011c451f81c14
e91cf6288ec4ed853e2739d3729f72b39bd8e88776fda20b457898388799627d
ecc2c6a125ce84a408d53fa9fabf2cf6f5be01e99d620a89b5ad922fad689c33
ecd2e45fcd6ed0f17eaefccd72cdb8253be8673636adcbf3f8902aeeed654fe2
ee734b7a7a90aca78f134641a456d1887253a2990eba06fd109bea1cb876e0b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef7b9a12392620e93cbf0de3947b91ff2a05a32e6a4c61468adfa5befccf64eb
efa5f8df07811ca584265a7f3b44e74687496ae792370392f6fec18f4c1ea30f
f05ac9ba83369cd58d06d8ee2e5f8d61c040d30d044e20752153f95577627dc6
f1f3fd397b3a2fe331f7c691c53f0b577d2cbd2398b84e4c3fc8fcb653570a2a
f2ff4f71b1dbaf67d8a0446572ba0138037482f146c1d3675a6d79d5106f9649
f37d4d26f9adb40c5edb56ade0aa60b59d5f5f7bdacab6d34a13b2a3f8e120fc
f3aa6b021bc45554639438646953173347b1d881478b50ca862d5d7700088a60
f4ac8e0e1b5c8c343601c37b07d456d9de4027138415fb81fa63c9b06cded148
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f759e4f69ed7f5bc9885b959b6ed6af990369670e279772f82bd7c5c5108bcd9
f7c4dd14f86219495debe24598115337ba14e4319dda983e869dfa9e1b29d63b
f7d679ac3eacbeb4ab5801b3f1dd63d710fad1c3d44440be04f102adb53a6bcb
f82740c25cd3082328eed81c5e2e08d0d6baf9d9c1ffcb772c42faab4ddcb84b
f94f7ed00bf647ee790a23576c2f00740c46f251831a343595f914b0ece97d1b
f98c3b183a8834fa2303d8c358f62cc42785540dec4bcca3bf682dcd893874bb
f99dd979ee36413f4963de1246116ebeaab845a8975c94e6f5b87bbd973116a3
fa1e91b87103157f908a9ee3b3c0eab74ab3c71026f7538071c715a009f73b7a
fb28e529eb48422c4f3150357d137cfa2fba6055291e5e75ad8239da66074888
fe0abf3c4bd85393310780feb423d41c8886c3a9f5f36de8fb9153eacc572d33
ff078757e91cce22ca89cdcb1e6e9098edd89df232b1e4b98312942b16b4ee70
ff3ae49d160812d67552eddd8cde0a5b4bae37c20ebdcf47784a74f6f23be809

1plus1.ua Open in urlscan Pro 195.137.240.100 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

319 Requests

90 %HTTPS

45 %IPv6

46 Domains

78 Subdomains

67 IPs

13 Countries

7331 kBTransfer

15083 kBSize

63 Cookies

28 Outgoing links

Page URL History

Redirected requests

319 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

1plus1.ua Open in urlscan Pro
195.137.240.100 Public Scan

Screenshot
Live screenshot

Full Image

319
Requests

90 %
HTTPS

45 %
IPv6

46
Domains

78
Subdomains

67
IPs

13
Countries

7331 kB
Transfer

15083 kB
Size

63
Cookies

319 HTTP transactions
5 data transactions