urlscan.io logo urlscan.io
SecurityTrails logo

1plus1.ua Open in urlscan Pro
195.137.240.80  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://1plus1.ua/
Effective URL: https://1plus1.ua/
Submission: On November 20 via api from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 96 IPs in 15 countries across 88 domains to perform 370 HTTP transactions. The main IP is 195.137.240.80, located in Ukraine and belongs to ASN-UNIAN, UA. The main domain is 1plus1.ua. The Cisco Umbrella rank of the primary domain is 633608.
TLS certificate: Issued by R3 on November 12th 2022. Valid for: 3 months.
This is the only time 1plus1.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 10 195.137.240.80 29389 (ASN-UNIAN)
5 195.137.240.108 29389 (ASN-UNIAN)
16 2a00:1450:400... 15169 (GOOGLE)
53 195.137.240.20 29389 (ASN-UNIAN)
3 2a00:1450:400... 15169 (GOOGLE)
9 195.137.240.88 29389 (ASN-UNIAN)
4 45.133.44.4 7018 (ATT-INTER...)
2 195.137.240.12 29389 (ASN-UNIAN)
4 2a03:90c0:41:... 199524 (GCORE)
1 18.66.97.53 16509 (AMAZON-02)
1 8 54.37.238.28 16276 (OVH)
1 194.247.175.23 196831 (BEMOBILE-AS)
4 194.247.175.19 196831 (BEMOBILE-AS)
2 2a03:2880:f01... 32934 (FACEBOOK)
5 2a00:1450:400... 15169 (GOOGLE)
1 52.222.236.122 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
7 2a0c:5c81:514... 55081 (24SHELLS)
1 18.66.147.62 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 3 13.248.245.213 16509 (AMAZON-02)
2 3 54.38.197.123 16276 (OVH)
2 62.149.1.122 15497 (COLOCALL ...)
1 72.251.249.13 32475 (SINGLEHOP...)
2 145.239.237.56 16276 (OVH)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a03:2880:f11... 32934 (FACEBOOK)
3 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 146.0.227.109 29066 (VELIANET-...)
1 185.184.8.90 204995 (RTB-HOUSE...)
8 2602:803:c003... 26667 (RUBICONPR...)
1 147.75.85.234 54825 (PACKET)
1 185.255.84.151 200271 (IGUANE-)
2 185.64.189.112 62713 (AS-PUBMATIC)
1 2 185.172.90.252 49981 (WORLDSTREAM)
6 35.244.159.8 15169 (GOOGLE)
2 2a02:2638::24 44788 (ASN-CRITE...)
2 51.89.9.251 16276 (OVH)
1 104.21.26.154 13335 (CLOUDFLAR...)
3 194.247.175.26 196831 (BEMOBILE-AS)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
42 2606:4700:20:... 13335 (CLOUDFLAR...)
10 2a00:1450:400... 15169 (GOOGLE)
2 2 66.155.71.150 13768 (COGECO-PEER1)
5 18 142.250.185.226 15169 (GOOGLE)
2 2 2a05:d018:d29... 16509 (AMAZON-02)
4 6 37.157.2.239 198622 (ADFORM)
1 35.227.252.103 15169 (GOOGLE)
3 3 213.19.147.44 26120 (RHYTHMONE)
2 2 185.89.210.101 29990 (ASN-APPNEX)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2600:1901:0:7... 15169 (GOOGLE)
2 2a02:fa8:8806... 41041 (VCLK-EU-SE)
2 4 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
6 6 142.250.74.198 15169 (GOOGLE)
4 4 84.200.5.215 44066 (DE-FIRSTC...)
2 78.46.85.162 24940 (HETZNER-AS)
3 5 104.111.239.217 16625 (AKAMAI-AS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 148.251.139.77 24940 (HETZNER-AS)
3 13.41.118.175 16509 (AMAZON-02)
1 148.251.246.187 24940 (HETZNER-AS)
2 18.66.147.120 16509 (AMAZON-02)
3 13.32.121.49 16509 (AMAZON-02)
2 2a02:2638::3 44788 (ASN-CRITE...)
6 3.11.224.13 16509 (AMAZON-02)
1 2 2a02:2638::1c 44788 (ASN-CRITE...)
2 178.250.0.157 44788 (ASN-CRITE...)
2 162.19.138.118 16276 (OVH)
3 2.18.233.180 16625 (AKAMAI-AS)
2 104.109.78.125 16625 (AKAMAI-AS)
18 2606:4700:10:... 13335 (CLOUDFLAR...)
3 3 185.29.134.248 30419 (MEDIAMATH...)
1 1 2620:116:800d... 16509 (AMAZON-02)
5 52.223.40.198 16509 (AMAZON-02)
1 2 185.89.210.90 29990 (ASN-APPNEX)
3 4 35.227.248.159 15169 (GOOGLE)
1 2a04:4e42:600... 54113 (FASTLY)
1 2600:1f18:659... 14618 (AMAZON-AES)
2 198.47.127.19 62713 (AS-PUBMATIC)
2 2 2a05:d018:24:... 16509 (AMAZON-02)
2 2 52.31.236.55 16509 (AMAZON-02)
1 54.78.254.47 16509 (AMAZON-02)
1 1 151.1.205.165 3242 (ASN-ITNET)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
2 2 34.111.131.239 396982 (GOOGLE-CL...)
1 185.15.245.81 24961 (MYLOC-AS ...)
2 2 52.49.92.250 16509 (AMAZON-02)
1 1 212.82.100.182 34010 (YAHOO-IRD)
1 1 3.126.56.137 16509 (AMAZON-02)
1 1 54.76.86.77 16509 (AMAZON-02)
1 34.98.67.61 396982 (GOOGLE-CL...)
2 52.49.35.210 16509 (AMAZON-02)
1 162.55.236.225 24940 (HETZNER-AS)
2 2 151.101.66.49 54113 (FASTLY)
1 1 2.18.233.201 16625 (AKAMAI-AS)
1 1 44.207.237.180 14618 (AMAZON-AES)
4 7 52.95.126.160 16509 (AMAZON-02)
1 104.111.215.191 16625 (AKAMAI-AS)
1 1 52.208.205.2 16509 (AMAZON-02)
3 5 69.173.144.139 26667 (RUBICONPR...)
2 2 18.159.93.136 16509 (AMAZON-02)
1 141.95.98.65 16276 (OVH)
4 4 69.173.144.165 26667 (RUBICONPR...)
2 3 52.46.151.131 16509 (AMAZON-02)
1 2620:1ec:21::14 8068 (MICROSOFT...)
2 2 213.155.156.183 1299 (TWELVE99 ...)
6 185.64.190.80 62713 (AS-PUBMATIC)
1 178.250.2.151 44788 (ASN-CRITE...)
2 198.47.127.20 3257 (GTT-BACKB...)
1 1 141.94.170.77 16276 (OVH)
1 34.91.62.186 396982 (GOOGLE-CL...)
370 96
10    195.137.240.80 (Ukraine)

ASN29389 (ASN-UNIAN, UA)
PTR: front02.1plus1.ua
1plus1.ua
5    195.137.240.108 (Ukraine)

ASN29389 (ASN-UNIAN, UA)
PTR: front03.1plus1.ua
1plus1.video
16    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
53    195.137.240.20 (Ukraine)

ASN29389 (ASN-UNIAN, UA)
PTR: images.1plus1.ua
images.1plus1.ua
images.1plus1.video
3    2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
9    195.137.240.88 (Ukraine)

ASN29389 (ASN-UNIAN, UA)
PTR: front02.1plus1.ua
api.1plus1.video
4    45.133.44.4 (Philadelphia, United States)

ASN7018 (ATT-INTERNET4, US)
player.adtelligent.com
2    195.137.240.12 (Ukraine)

ASN29389 (ASN-UNIAN, UA)
PTR: assay.1plus1.ua
assay.1plus1.ua
4    2a03:90c0:41:2801::254 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)
cdn.admixer.net
1    18.66.97.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-53.fra56.r.cloudfront.net
static.hotjar.com
8    54.37.238.28 (Poland)

ASN16276 (OVH, FR)
PTR: ip28.ip-54-37-238.eu
gaua.hit.gemius.pl
1    194.247.175.23 (Ukraine)

ASN196831 (BEMOBILE-AS, UA)
source.mmi.bemobile.ua
4    194.247.175.19 (Ukraine)

ASN196831 (BEMOBILE-AS, UA)
pa.tns-ua.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
5    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
partner.googleadservices.com
1    52.222.236.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-122.fra56.r.cloudfront.net
script.hotjar.com
4    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
4    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
7    2a0c:5c81:5142::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)
ghb.adtelligent.com
ghb1.adtelligent.com
ghb2.adtelligent.com
1    18.66.147.62 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-62.fra60.r.cloudfront.net
vars.hotjar.com
1    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
4    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
3    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
3    54.38.197.123 (France)

ASN16276 (OVH, FR)
PTR: app-ngx-pl-01.adpartner.pro
a4p.adpartner.pro
2    62.149.1.122 (Vyshhorod, Ukraine)

ASN15497 (COLOCALL Internet Data Center ColoCALL, UA)
sync.adtelligent.com
1    72.251.249.13 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
2    145.239.237.56 (France)

ASN16276 (OVH, FR)
PTR: ip56.ip-145-239-237.eu
ls.hit.gemius.pl
6    2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
3    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
d522c7cada94c1c946e5cd3957ab2fe0.safeframe.googlesyndication.com
1    2a00:1450:400c:c07::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    146.0.227.109 (Ascension Island)

ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE)
inv-nets.admixer.net
1    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
prebid-eu.creativecdn.com
8    2602:803:c003:200::31 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    147.75.85.234 (Schiphol, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
1    185.255.84.151 (France)

ASN200271 (IGUANE-, FR)
hb-api.omnitagjs.com
2    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
2    185.172.90.252 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: ads.us.e-planning.net
pbjs.e-planning.net
6    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
adtelligent-d.openx.net
eu-u.openx.net
us-u.openx.net
2    2a02:2638::24 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
2    51.89.9.251 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu
onetag-sys.com
1    104.21.26.154 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
ads.adnuntius.delivery
3    194.247.175.26 (Ukraine)

ASN196831 (BEMOBILE-AS, UA)
sslpagestat.mmi.bemobile.ua
2    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
42    2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)
as.ad4m.at
ad4m.at
assets.ad4m.at
10    2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    66.155.71.150 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
18    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
cm.g.doubleclick.net
2    2a05:d018:d29:3602:574e:c78f:197:6bf7 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
6    37.157.2.239 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
dmp.adform.net
1    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
3    213.19.147.44 (United Kingdom)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
2    185.89.210.101 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
secure.adnxs.com
2    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
2    2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
prod-rtb.ad4mat.net
2    2a02:fa8:8806:13::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)
dclk-match.dotomi.com
4    2606:4700::6812:19ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    2a00:1450:4001:82b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    2606:4700:20::ac43:444e (United States)

ASN13335 (CLOUDFLARENET, US)
static-de.ad4mat.net
6    142.250.74.198 (Glen Cove, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f6.1e100.net
ad.doubleclick.net
4    84.200.5.215 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
www.telefonica-partner.de
www.lead-alliance.net
2    78.46.85.162 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: nonstopads1.sunbonet.de
partner.o2online.de
partner.blau.de
5    104.111.239.217 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com
www.awin1.com
www.zenaps.com
1    2606:4700::6812:7f05 (United States)

ASN13335 (CLOUDFLARENET, US)
www.conrad.de
1    148.251.139.77 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.77.139.251.148.clients.your-server.de
banner.congstar.de
3    13.41.118.175 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-41-118-175.eu-west-2.compute.amazonaws.com
track.webgains.com
1    148.251.246.187 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.187.246.251.148.clients.your-server.de
tm.simptrack.com
2    18.66.147.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-120.fra60.r.cloudfront.net
analytics.webgains.io
3    13.32.121.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-49.fra60.r.cloudfront.net
cdn.track.production.webgains.team
2    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
6    3.11.224.13 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-11-224-13.eu-west-2.compute.amazonaws.com
api.webgains.io
2    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
2    162.19.138.118 (France)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu
id5-sync.com
3    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
18    2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
3    185.29.134.248 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    2620:116:800d:21:b314:a0ef:ab7c:d546 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
5    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
2    185.89.210.90 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
4    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com
pixel.tapad.com
1    2a04:4e42:600::300 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
1    2600:1f18:6593:f607:11a7:cf56:2b1f:dc6 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
dmp.v.fwmrm.net
2    198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    2a05:d018:24:b002:eb7b:3a65:f7da:a48f (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
sync.tidaltv.com
2    52.31.236.55 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-236-55.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    54.78.254.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
loadeu.exelator.com
1    151.1.205.165 (Rogeno, Italy)

ASN3242 (ASN-ITNET, IT)
bn01.er.bemail.it
1    85.114.159.93 (Tuttlingen, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
2    34.111.131.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com
idsync.frontend.weborama.fr
1    185.15.245.81 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
dmp.theadex.com
2    52.49.92.250 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-92-250.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
1    212.82.100.182 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com
cms.analytics.yahoo.com
1    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    54.76.86.77 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-86-77.eu-west-1.compute.amazonaws.com
aa.agkn.com
1    34.98.67.61 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 61.67.98.34.bc.googleusercontent.com
odr.mookie1.com
2    52.49.35.210 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-35-210.eu-west-1.compute.amazonaws.com
beacon.krxd.net
1    162.55.236.225 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.225.236.55.162.clients.your-server.de
sync.richaudience.com
2    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com
pixel.mathtag.com
1    44.207.237.180 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-207-237-180.compute-1.amazonaws.com
usermatch.krxd.net
7    52.95.126.160 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    104.111.215.191 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com
tags.bluekai.com
1    52.208.205.2 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-205-2.eu-west-1.compute.amazonaws.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
5    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    18.159.93.136 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-93-136.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu
lb.eu-1-id5-sync.com
4    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
3    52.46.151.131 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
2    213.155.156.183 (Uppsala, Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-183.teliacarrier-cust.com
d5p.de17a.com
6    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
simage2.pubmatic.com
1    178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
2    198.47.127.20 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image4.pubmatic.com
simage4.pubmatic.com
1    141.94.170.77 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-6.cloudy.ovh
pixel.onaudience.com
1    34.91.62.186 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com
um.simpli.fi
Apex Domain
Subdomains		 Transfer
49 1plus1.ua
1plus1.ua — Cisco Umbrella Rank: 633608
images.1plus1.ua
assay.1plus1.ua
4 MB
42 ad4m.at
as.ad4m.at — Cisco Umbrella Rank: 28280
ad4m.at — Cisco Umbrella Rank: 9541
assets.ad4m.at — Cisco Umbrella Rank: 36321
2 MB
34 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 41
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190
stats.g.doubleclick.net — Cisco Umbrella Rank: 78
cm.g.doubleclick.net — Cisco Umbrella Rank: 203
ad.doubleclick.net — Cisco Umbrella Rank: 173
190 KB
30 1plus1.video
1plus1.video — Cisco Umbrella Rank: 203104
api.1plus1.video — Cisco Umbrella Rank: 248226
images.1plus1.video — Cisco Umbrella Rank: 495723
1 MB
23 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 101
d522c7cada94c1c946e5cd3957ab2fe0.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 136
280 KB
19 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 439
eus.rubiconproject.com — Cisco Umbrella Rank: 541
pixel.rubiconproject.com — Cisco Umbrella Rank: 307
token.rubiconproject.com — Cisco Umbrella Rank: 544
31 KB
18 zeotap.com
spl.zeotap.com — Cisco Umbrella Rank: 2717
mwzeom.zeotap.com — Cisco Umbrella Rank: 2386
5 KB
15 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 449
ads.pubmatic.com — Cisco Umbrella Rank: 458
image6.pubmatic.com — Cisco Umbrella Rank: 662
image2.pubmatic.com — Cisco Umbrella Rank: 882
simage2.pubmatic.com — Cisco Umbrella Rank: 671
image4.pubmatic.com — Cisco Umbrella Rank: 822
simage4.pubmatic.com
44 KB
13 adtelligent.com
player.adtelligent.com — Cisco Umbrella Rank: 6186
ghb.adtelligent.com — Cisco Umbrella Rank: 6055
sync.adtelligent.com — Cisco Umbrella Rank: 4017
ghb1.adtelligent.com — Cisco Umbrella Rank: 7046
ghb2.adtelligent.com — Cisco Umbrella Rank: 9463
150 KB
10 amazon-adsystem.com
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 915
s.amazon-adsystem.com — Cisco Umbrella Rank: 279
7 KB
10 google.com
adservice.google.com — Cisco Umbrella Rank: 72
www.google.com — Cisco Umbrella Rank: 2
3 KB
10 gemius.pl
gaua.hit.gemius.pl — Cisco Umbrella Rank: 64696
ls.hit.gemius.pl — Cisco Umbrella Rank: 12859
47 KB
8 webgains.io
analytics.webgains.io — Cisco Umbrella Rank: 17892
api.webgains.io — Cisco Umbrella Rank: 57986
63 KB
7 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 691
gum.criteo.com — Cisco Umbrella Rank: 390
mug.criteo.com — Cisco Umbrella Rank: 2725
dis.criteo.com — Cisco Umbrella Rank: 631
2 KB
7 openx.net
adtelligent-d.openx.net — Cisco Umbrella Rank: 26450
rtb.openx.net — Cisco Umbrella Rank: 1473
eu-u.openx.net — Cisco Umbrella Rank: 1956
us-u.openx.net — Cisco Umbrella Rank: 407
4 KB
6 adform.net
c1.adform.net — Cisco Umbrella Rank: 582
dmp.adform.net — Cisco Umbrella Rank: 4100
3 KB
5 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 341
1 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 43
imasdk.googleapis.com — Cisco Umbrella Rank: 413
348 KB
5 admixer.net
cdn.admixer.net — Cisco Umbrella Rank: 46950
inv-nets.admixer.net — Cisco Umbrella Rank: 2481
85 KB
4 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 400
1 KB
4 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 446
pixel.mathtag.com — Cisco Umbrella Rank: 842
2 KB
4 awin1.com
www.awin1.com — Cisco Umbrella Rank: 15574
3 KB
4 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 745
s.tribalfusion.com — Cisco Umbrella Rank: 1840
2 KB
4 ad4mat.net
prod-rtb.ad4mat.net — Cisco Umbrella Rank: 99097
static-de.ad4mat.net — Cisco Umbrella Rank: 135123
8 KB
4 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 426
ib.adnxs.com — Cisco Umbrella Rank: 209
3 KB
4 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 416
cms.analytics.yahoo.com — Cisco Umbrella Rank: 835
ups.analytics.yahoo.com — Cisco Umbrella Rank: 280
3 KB
4 gstatic.com
www.gstatic.com
fonts.gstatic.com
398 KB
4 google.de
adservice.google.de — Cisco Umbrella Rank: 8709
www.google.de — Cisco Umbrella Rank: 5922
2 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
40 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 185
169 KB
4 tns-ua.com
pa.tns-ua.com — Cisco Umbrella Rank: 164907
4 KB
4 bemobile.ua
source.mmi.bemobile.ua — Cisco Umbrella Rank: 342091
sslpagestat.mmi.bemobile.ua — Cisco Umbrella Rank: 361157
20 KB
3 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 530
usermatch.krxd.net — Cisco Umbrella Rank: 1283
942 B
3 webgains.team
cdn.track.production.webgains.team — Cisco Umbrella Rank: 57421
27 KB
3 webgains.com
track.webgains.com — Cisco Umbrella Rank: 45190
6 KB
3 adpartner.pro
a4p.adpartner.pro — Cisco Umbrella Rank: 8982
767 B
3 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 339
1 KB
3 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 625
script.hotjar.com — Cisco Umbrella Rank: 763
vars.hotjar.com — Cisco Umbrella Rank: 824
72 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 53
144 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4495
562 B
2 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 281
1 KB
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 533
854 B
2 crwdcntrl.net
bcp.crwdcntrl.net — Cisco Umbrella Rank: 744
1 KB
2 weborama.fr
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 24650
681 B
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 197
2 KB
2 tidaltv.com
sync.tidaltv.com — Cisco Umbrella Rank: 1315
753 B
2 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 479
1 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 623
57 KB
2 lead-alliance.net
www.lead-alliance.net — Cisco Umbrella Rank: 74155
730 B
2 telefonica-partner.de
www.telefonica-partner.de — Cisco Umbrella Rank: 73310
512 B
2 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 3287
207 B
2 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 519
2 KB
2 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 559
978 B
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 723
356 B
2 e-planning.net
pbjs.e-planning.net — Cisco Umbrella Rank: 7264
2 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 139
89 KB
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 752
612 B
1 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 3206
419 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 355
706 B
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1158
396 B
1 imrworldwide.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com — Cisco Umbrella Rank: 12929
215 B
1 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 508
145 B
1 richaudience.com
sync.richaudience.com — Cisco Umbrella Rank: 1870
361 B
1 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 929
356 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 434
525 B
1 theadex.com
dmp.theadex.com — Cisco Umbrella Rank: 20614
84 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1442
596 B
1 bemail.it
bn01.er.bemail.it — Cisco Umbrella Rank: 124792
659 B
1 exelator.com
loadeu.exelator.com — Cisco Umbrella Rank: 7303
324 B
1 fwmrm.net
dmp.v.fwmrm.net — Cisco Umbrella Rank: 10937
411 B
1 taboola.com
trc.taboola.com — Cisco Umbrella Rank: 636
166 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 615
493 B
1 simptrack.com
tm.simptrack.com — Cisco Umbrella Rank: 89682
891 B
1 congstar.de
banner.congstar.de — Cisco Umbrella Rank: 85917
517 B
1 conrad.de
www.conrad.de — Cisco Umbrella Rank: 62594
639 B
1 zenaps.com
www.zenaps.com — Cisco Umbrella Rank: 19106
699 B
1 blau.de
partner.blau.de — Cisco Umbrella Rank: 106057
1 KB
1 o2online.de
partner.o2online.de — Cisco Umbrella Rank: 80510
1 KB
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 262
17 KB
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1004
574 B
1 adnuntius.delivery
ads.adnuntius.delivery — Cisco Umbrella Rank: 33895
2 KB
1 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 3711
524 B
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 881
271 B
1 creativecdn.com
prebid-eu.creativecdn.com — Cisco Umbrella Rank: 6054
172 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 106
185 B
1 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 599
277 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 860
694 B
0 admanmedia.com Failed
cs.admanmedia.com Failed
370 88
Domain Requested by
37 images.1plus1.ua 1plus1.ua
18 assets.ad4m.at as.ad4m.at
18 cm.g.doubleclick.net 5 redirects d522c7cada94c1c946e5cd3957ab2fe0.safeframe.googlesyndication.com
1plus1.ua
eu-u.openx.net
spl.zeotap.com
16 images.1plus1.video 1plus1.ua
15 mwzeom.zeotap.com 1plus1.ua
spl.zeotap.com
12 ad4m.at as.ad4m.at
ad4m.at
12 as.ad4m.at 1plus1.ua
as.ad4m.at
d522c7cada94c1c946e5cd3957ab2fe0.safeframe.googlesyndication.com
ad4m.at
10 tpc.googlesyndication.com 1plus1.ua
d522c7cada94c1c946e5cd3957ab2fe0.safeframe.googlesyndication.com
10 1plus1.ua 1 redirects 1plus1.ua
9 api.1plus1.video 1plus1.ua
api.1plus1.video
1plus1.video
client
imasdk.googleapis.com
9 pagead2.googlesyndication.com 1plus1.ua
pagead2.googlesyndication.com
d522c7cada94c1c946e5cd3957ab2fe0.safeframe.googlesyndication.com
www.googletagservices.com
8 fastlane.rubiconproject.com player.adtelligent.com
8 gaua.hit.gemius.pl 1 redirects 1plus1.ua
gaua.hit.gemius.pl
1plus1.video
7 aax-eu.amazon-adsystem.com 4 redirects 1plus1.ua
ads.pubmatic.com
7 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
1plus1.ua
6 api.webgains.io analytics.webgains.io
6 ad.doubleclick.net 6 redirects
6 www.google.com api.1plus1.video
1plus1.ua
d522c7cada94c1c946e5cd3957ab2fe0.safeframe.googlesyndication.com
5 pixel.rubiconproject.com 3 redirects 1plus1.ua
5 match.adsrvr.org eu-u.openx.net
spl.zeotap.com
1plus1.ua
ads.pubmatic.com
5 c1.adform.net 4 redirects ads.pubmatic.com
5 ghb.adtelligent.com player.adtelligent.com
5 1plus1.video 1plus1.ua
1plus1.video
4 token.rubiconproject.com 4 redirects
4 pixel.tapad.com 3 redirects 1plus1.ua
4 www.awin1.com 2 redirects as.ad4m.at
4 d522c7cada94c1c946e5cd3957ab2fe0.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 adservice.google.com pagead2.googlesyndication.com
securepubads.g.doubleclick.net
imasdk.googleapis.com
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
4 www.googletagservices.com 1plus1.ua
d522c7cada94c1c946e5cd3957ab2fe0.safeframe.googlesyndication.com
4 pa.tns-ua.com 1plus1.ua
source.mmi.bemobile.ua
pa.tns-ua.com
4 cdn.admixer.net 1plus1.ua
cdn.admixer.net
4 player.adtelligent.com 1plus1.ua
player.adtelligent.com
3 simage2.pubmatic.com ads.pubmatic.com
3 image2.pubmatic.com ads.pubmatic.com
3 s.amazon-adsystem.com 2 redirects 1plus1.ua
3 sync.mathtag.com 3 redirects
3 spl.zeotap.com player.adtelligent.com
spl.zeotap.com
3 eu-u.openx.net player.adtelligent.com
eu-u.openx.net
3 ads.pubmatic.com player.adtelligent.com
ads.pubmatic.com
3 cdn.track.production.webgains.team as.ad4m.at
3 track.webgains.com as.ad4m.at
3 sslpagestat.mmi.bemobile.ua source.mmi.bemobile.ua
3 fonts.googleapis.com api.1plus1.video
d522c7cada94c1c946e5cd3957ab2fe0.safeframe.googlesyndication.com
3 a4p.adpartner.pro 2 redirects player.adtelligent.com
3 eb2.3lift.com 2 redirects player.adtelligent.com
3 adservice.google.de pagead2.googlesyndication.com
securepubads.g.doubleclick.net
3 www.googletagmanager.com 1plus1.ua
1plus1.video
2 d5p.de17a.com 2 redirects
2 x.bidswitch.net 2 redirects
2 sync-tm.everesttech.net 2 redirects
2 beacon.krxd.net spl.zeotap.com
1plus1.ua
2 bcp.crwdcntrl.net 2 redirects
2 idsync.frontend.weborama.fr 2 redirects
2 dpm.demdex.net 2 redirects
2 sync.tidaltv.com 2 redirects
2 image6.pubmatic.com spl.zeotap.com
ads.pubmatic.com
2 ib.adnxs.com 1 redirects spl.zeotap.com
2 us-u.openx.net eu-u.openx.net
2 eus.rubiconproject.com player.adtelligent.com
eus.rubiconproject.com
2 id5-sync.com player.adtelligent.com
2 mug.criteo.com 1plus1.ua
2 gum.criteo.com 1 redirects
2 static.criteo.net player.adtelligent.com
static.criteo.net
2 analytics.webgains.io track.webgains.com
2 www.lead-alliance.net 2 redirects
2 www.telefonica-partner.de 2 redirects
2 static-de.ad4mat.net as.ad4m.at
2 s.tribalfusion.com d522c7cada94c1c946e5cd3957ab2fe0.safeframe.googlesyndication.com
2 a.tribalfusion.com 2 redirects
2 dclk-match.dotomi.com d522c7cada94c1c946e5cd3957ab2fe0.safeframe.googlesyndication.com
2 prod-rtb.ad4mat.net 1plus1.ua
2 imasdk.googleapis.com 1plus1.video
imasdk.googleapis.com
2 fonts.gstatic.com fonts.googleapis.com
2 secure.adnxs.com 2 redirects
2 sync.1rx.io 2 redirects
2 pr-bh.ybp.yahoo.com 2 redirects
2 pixel-sync.sitescout.com 2 redirects
2 www.gstatic.com www.google.com
2 onetag-sys.com player.adtelligent.com
2 bidder.criteo.com player.adtelligent.com
2 pbjs.e-planning.net 1 redirects 1plus1.ua
2 hbopenbid.pubmatic.com player.adtelligent.com
2 ls.hit.gemius.pl gaua.hit.gemius.pl
2 sync.adtelligent.com 1plus1.ua
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 connect.facebook.net 1plus1.ua
connect.facebook.net
2 assay.1plus1.ua 1plus1.ua
1 simage4.pubmatic.com ads.pubmatic.com
1 um.simpli.fi ads.pubmatic.com
1 pixel.onaudience.com 1 redirects
1 image4.pubmatic.com ads.pubmatic.com
1 dis.criteo.com ads.pubmatic.com
1 px.ads.linkedin.com 1plus1.ua
1 lb.eu-1-id5-sync.com player.adtelligent.com
1 obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com 1 redirects
1 tags.bluekai.com spl.zeotap.com
1 usermatch.krxd.net 1 redirects
1 pixel.mathtag.com 1 redirects
1 sync.richaudience.com spl.zeotap.com
1 odr.mookie1.com spl.zeotap.com
1 aa.agkn.com 1 redirects
1 ups.analytics.yahoo.com 1 redirects
1 cms.analytics.yahoo.com 1 redirects
1 dmp.theadex.com spl.zeotap.com
1 dsp.adfarm1.adition.com 1 redirects
1 bn01.er.bemail.it 1 redirects
1 loadeu.exelator.com spl.zeotap.com
1 dmp.v.fwmrm.net spl.zeotap.com
1 trc.taboola.com spl.zeotap.com
1 dmp.adform.net spl.zeotap.com
1 cms.quantserve.com 1 redirects
1 tm.simptrack.com as.ad4m.at
1 banner.congstar.de as.ad4m.at
1 www.conrad.de as.ad4m.at
1 www.zenaps.com 1 redirects
1 partner.blau.de as.ad4m.at
1 partner.o2online.de as.ad4m.at
1 s0.2mdn.net imasdk.googleapis.com
1 sync.targeting.unrulymedia.com 1 redirects
1 rtb.openx.net d522c7cada94c1c946e5cd3957ab2fe0.safeframe.googlesyndication.com
1 www.google.de 1plus1.ua
1 ads.adnuntius.delivery player.adtelligent.com
1 ghb2.adtelligent.com player.adtelligent.com
1 ghb1.adtelligent.com player.adtelligent.com
1 adtelligent-d.openx.net player.adtelligent.com
1 hb-api.omnitagjs.com player.adtelligent.com
1 prebid.a-mo.net player.adtelligent.com
1 prebid-eu.creativecdn.com player.adtelligent.com
1 inv-nets.admixer.net player.adtelligent.com
1 stats.g.doubleclick.net www.google-analytics.com
1 www.facebook.com 1plus1.ua
1 ap.lijit.com 1plus1.ua
1 partner.googleadservices.com pagead2.googlesyndication.com
1 vars.hotjar.com static.hotjar.com
1 script.hotjar.com static.hotjar.com
1 source.mmi.bemobile.ua 1plus1.ua
1 static.hotjar.com 1plus1.ua
0 cs.admanmedia.com Failed player.adtelligent.com
370 139
Subject Issuer Validity Valid
1plus1.ua
R3		 2022-11-12 -
2023-02-10		 3 months crt.sh
*.1plus1.video
Go Daddy Secure Certificate Authority - G2		 2022-07-13 -
2023-08-14		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
images.1plus1.ua
R3		 2022-10-14 -
2023-01-12		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
player.adtelligent.com
R3		 2022-11-18 -
2023-02-16		 3 months crt.sh
assay.1plus1.ua
R3		 2022-11-10 -
2023-02-08		 3 months crt.sh
*.admixer.net
Sectigo RSA Domain Validation Secure Server CA		 2022-06-08 -
2023-06-21		 a year crt.sh
*.hotjar.com
Amazon		 2022-10-25 -
2023-11-23		 a year crt.sh
*.hit.gemius.pl
Sectigo ECC Domain Validation Secure Server CA		 2022-09-13 -
2023-09-25		 a year crt.sh
*.mmi.bemobile.ua
Sectigo RSA Domain Validation Secure Server CA		 2022-01-14 -
2023-02-03		 a year crt.sh
juke.mmi.tns-ua.com
R3		 2022-10-03 -
2023-01-01		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-08-29 -
2022-11-27		 3 months crt.sh
ghb.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2022-10-04 -
2023-01-02		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-17 -
2023-04-12		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.a-mo.net
R3		 2022-09-05 -
2022-12-04		 3 months crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2022-06-21 -
2023-07-21		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
ghb1.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2022-10-07 -
2023-01-05		 3 months crt.sh
ghb2.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2022-10-07 -
2023-01-05		 3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-31 -
2023-01-26		 3 months crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-30 -
2023-05-30		 a year crt.sh
adpartner.pro
R3		 2022-09-04 -
2022-12-03		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
prod-rtb.ad4mat.net
GTS CA 1D4		 2022-10-15 -
2023-01-13		 3 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-08-09 -
2023-09-10		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
www.awin1.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-18 -
2023-04-19		 a year crt.sh
*.webgains.com
Amazon		 2022-06-14 -
2023-07-13		 a year crt.sh
simptrack.com
R3		 2022-10-10 -
2023-01-08		 3 months crt.sh
*.webgains.io
Amazon		 2022-08-23 -
2023-09-21		 a year crt.sh
cdn.track.production.webgains.team
Amazon		 2022-09-29 -
2023-10-28		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-11-08 -
2023-02-04		 3 months crt.sh
*.id5-sync.com
R3		 2022-11-09 -
2023-02-07		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
*.v.fwmrm.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-09 -
2023-12-10		 a year crt.sh
*.exelator.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-08 -
2023-06-10		 a year crt.sh
dmp.theadex.com
R3		 2022-10-26 -
2023-01-24		 3 months crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-24 -
2023-03-27		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-20 -
2023-10-19		 a year crt.sh
*.richaudience.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-11 -
2023-03-10		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2022-02-26 -
2023-03-01		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2022-11-09 -
2023-02-07		 3 months crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2022-07-20 -
2023-07-19		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh

This page contains 42 frames:

Primary Page: https://1plus1.ua/
Frame ID: 5E0C44A84B74934B58A8001601150B96
Requests: 149 HTTP requests in this frame

Frame: https://1plus1.video/video/embed/E2fzXbha?l=ua
Frame ID: FB8FE8F534C1540C3D17915B29D3FDCE
Requests: 31 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
Frame ID: 19295921F6336C28A31727C1E619D0D1
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/51428/c.html?b=51428
Frame ID: 016153CDAF162A371E31A49F497D2798
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-c6ca1c87e308a39aabb76b56ba54398b.html
Frame ID: 8BCD8B625F1F72637569DE8D04310B87
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7632246187727089&output=html&adk=1812271804&adf=3025194257&lmt=1668903735&plat=1%3A16777216%2C2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2F1plus1.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668903735223&bpp=3&bdt=643&idt=216&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7734101080132&frm=20&pv=2&ga_vid=1276797235.1668903735&ga_sid=1668903735&ga_hid=288471120&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C31070969%2C44774292&oid=2&pvsid=1366485123648970&tmod=1100233364&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=236
Frame ID: C98A46BC5257529EA3033CD1A677B8F2
Requests: 1 HTTP requests in this frame

Frame: https://cs.admanmedia.com/981e2a0ec1c40493e59b139b8db4f728.gif?puid=[UID]&redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D737612%26extuid%3D%5BUID%5D
Frame ID: 41518E6E375AA7D3C68D0852BC37C387
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D738167%26extuid%3D%24UID
Frame ID: FF0E0A4409FB592E95183401FFB6A8FA
Requests: 1 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: 686D7C3F484C7C72EAF194022327EC2A
Requests: 1 HTTP requests in this frame

Frame: https://pa.tns-ua.com/viewability/cm.html
Frame ID: 5EDF85A7661DD8C163BEA82CDD2D8AEB
Requests: 1 HTTP requests in this frame

Frame: https://d522c7cada94c1c946e5cd3957ab2fe0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D0D5AD0E803564284F521668A2C042FB
Requests: 1 HTTP requests in this frame

Frame: https://d522c7cada94c1c946e5cd3957ab2fe0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A4C9C331B0F221CDE6CD07CBB1585A0F
Requests: 3 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1ht5gqaebjdqwqfmxb82qkhbpmzmwpk6wj6tm6sx2e01cb8afqfye7yc8s73kmyp66abw73mfgjbgcgt7jwsk88c4h1tzd9yjd6z1k2vt0nwpgphfdpd8xn88nmm26axh7238y5q2f7y8zm7v32bzyr2k503az4mt47pzf4ntvkf9pv7fhwtv9venz0y0y8a0x9m8waxwdbf9bxgzc8ey2t6fn0ckdj4rtfeeb3pq9dkt23h6keyvw3sjmq62nkznfffd15v032jte9ddk6wb1tmwx6nvvj71y2pdjsnbn8tm8rsk5sf1ycss92q967py68qdvcbhaharq6kadk7vwyembm42fekcwddj46vqj3dabfs9n94adf3d1kggt87635rjfhw8y8h9rw45pwrd3h1xd222m776bp8hs31ebtycxma39jv0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7noCOHN5Y73MCICH9u8PsO6xuA-Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTkxMzgyNDc2NTM3NTQ1MzPIAQmpAnNp6beoUrE-4AIAqAMBqgTmAU_QozgceZiGFrsV4Mp4ooabpTWh1ub3DnmhgojzmAlJphSLBdc0KEaICZSXH-_yK2xzurGZTwwysZ1S5jFRKrqwTbTk7z0YNwWgCnpcBKLNPkakbE5F-reezz-NiDB6BmrlgvcHRS-RhvMXIB8wKlcUTscS9sNiBSRN_FOJn1-qATQWHOPWrNBSyEowHnRxIPV4dwYeQNgFhED0mEvZhD6OtHnXnHXvgJbTpYu3SdCD0gWAQSwZ5pQ-fRCr370HnyXg4_lEswFbN9nUfWPtymUDIZIjBwKCJGSRhULqVXE249aoOk5h4AQBgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0WLp3quZieU725fxsU_d-C_hqRxA%26client%3Dca-pub-9138247653754533%26adurl%3D
Frame ID: 2D73C772A79A657CD8F79EF0B3E2BE59
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
Frame ID: 8063780375C84C57172AAFD4FABA2346
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B63C62CD00156E8FFC55968250DDA3B4
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 0B79501636A5F8563CEC618369BF8F30
Requests: 1 HTTP requests in this frame

Frame: https://d522c7cada94c1c946e5cd3957ab2fe0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 95EB74D30965AF73AF405C8CCF0D1174
Requests: 10 HTTP requests in this frame

Frame: https://d522c7cada94c1c946e5cd3957ab2fe0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 639231C93EE0735A50F92B5415ACE84D
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1gk7tpv3t2kd8fdq93qg55q3d182pj4tmm8kp2nm797s7nnknzw19qxq2210p48qpt981x1v8yq02mrzn05expbjmr6f8nn1t6jn3ybd3dyghwvf7kcmvjqh6mr1dw1qnmdv2r6ekeavazp876hpj2apgp8tpnhrsa17fcswaz6h6cnbha4e1ttk6h8eszqke42qsb1ntjvy18kdp1t734avbfnka7yp4gbqbcygrm9gbanj8m5d8msfg9h45sg1fbchjmw07x3wvrm0tqe3qsy4369nnkrwz7shajer51rx3ymhf7kbm3tfd9mrvz578rtt0e5t7xs9jjtqqyn086rrcet0z0dqr6v4b0vc62d1702wm255y10aeb9xmvxrb6jnrpvqsgpx59j5n4xd4xrvcscsz7rhjmeca9k71t3wnymqm1rj0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdkEwOHN5Y968JpnH7_UPpPqP2AGQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTkxMzgyNDc2NTM3NTQ1MzPIAQmpAnNp6beoUrE-4AIAqAMBqgTnAU_QKcrMD_b-7peUfxkthYOMunm24e0DI-INrMaqFQ5DNp06vQedkKxH3dt4f2CR3m_rYF00uk-eool6vwYuazz7UMeStn0aHmmr2fbp9JorRwJ1cNVwPf5hvVl9J8YAz3Tsp78Lk4NjCwrEqFKGkwh0O-Bqtwd8ZLrHIUyffCBpP44lwaN2edDPwjumshGlFWlw7yMu7cqqIQ7g1CJ1GuXPNTruW7JcgbO4YmyuGoYmo869dVb_PKfakXsC4EhV9z94QIYwMbqN4OG6XtXidx3bNylGfr4gJ9oe2-grbrGcdzeNwlMlPuAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1RJfO3b-eHNUHrwov7MT7gjHbKyQ%26client%3Dca-pub-9138247653754533%26adurl%3D
Frame ID: ABE94FD63B113D65B852734BE73FEA4C
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4682162E7B283C09601C0769F5F92EC5
Requests: 4 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1jhjsjbt1djta5zsdv9g29hj007a9tgkmgcshve19dqcydv92xh7h9mmq17cf457h8pyzmxdtb0vradmkpx7eqjwkyh113d2tsrkqx3d02wsqb4ym75y65vrk6ffm1tzvtxnjphdpk8v05saxy7k77268vk413k6r7rcspt1m9e6fna3etv5h4dkxf6b1pw5jbmc9mw13bp570hjjca6k11cfzrj2p4kbfhv17zcwekxxzhy8c7z07kkq8rr75vsna482a6d1swwnd05pqvjgqrk4yqcgvc40bz1x02yjnwk3nnf5q2ytg546j5k6cw1aay921dy45vqaafefs7w4th7yqz3kh3vry7bhf6qxf9tk651yqfmx2fp0g9bs2ebraxjgxer9nd8tfcd1vqghzebz54bk82we0qwysf4mj0619zyj6kb4&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiCvMOHN5Y9-8JpnH7_UPpPqP2AGQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTkxMzgyNDc2NTM3NTQ1MzPIAQmpAnNp6beoUrE-4AIAqAMBqgTrAU_QzsQih9DZgRZM0-KBjm7-DvIEEtWweExJmhGPYX0Zg-_9FxCsONT8VFNXvtqpEzEgfHh1h3cwfKI2hKHM3U5bVekJ4mmsejc3w3cWyb3icNet9mevGhTTG8kL-qi5L7iMfVmNpi3BZjabLCarp62qK4d9vp6S_-zSUehjFXh7VfQjgp-Oy_zJQyoF5-4HB4DlBW90c3nOc9xGBD1AGHbvKqpwEenAA04geL-dpowEOl2CKqGykkfglbHH6XoCDbQFYEcDxj_9V0k5eGg0g6CJm1J843H4dWUSIJ_ycE81d0PKlHDVXpuDzlngBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0lkC4PmeXnyEaGSDV9531Rh83x6A%26client%3Dca-pub-9138247653754533%26adurl%3D
Frame ID: 75C9CF3DFA4B889FFF1A18E03D62411D
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F42B975A3155A4ACA93E9D9F681134A1
Requests: 4 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: E434DC566D55AEBB8471F8EAF9080676
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=192347%2C19491%2C14019&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=f0b2334245fcc0dffe85dd19a417d825%2F72909429410786143&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1668903737128&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k5xc6sdsccj88x1h0aqcpw9je84xh5k36fgz0j8dd4vzqbdz5vwkrk448e0b7s5qtfy4xaf55pzmqnr08q9k8k11dm5mm90v8b0x5z869w0sd1mqkncjttdjedgx1tstmpbdw3wr7hgs2car1fjdec847dk7btp46bh47r53d247cay7jv0s3mc3wv5qemr4h19stmb079ptreszybbkf4ywc76hj30aprjw0wgdpf47r8100w2t2hx30amjct5s010xfvh6b4jevgvx7zg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC7noCOHN5Y73MCICH9u8PsO6xuA-Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTkxMzgyNDc2NTM3NTQ1MzPIAQmpAnNp6beoUrE-4AIAqAMBqgTmAU_QozgceZiGFrsV4Mp4ooabpTWh1ub3DnmhgojzmAlJphSLBdc0KEaICZSXH-_yK2xzurGZTwwysZ1S5jFRKrqwTbTk7z0YNwWgCnpcBKLNPkakbE5F-reezz-NiDB6BmrlgvcHRS-RhvMXIB8wKlcUTscS9sNiBSRN_FOJn1-qATQWHOPWrNBSyEowHnRxIPV4dwYeQNgFhED0mEvZhD6OtHnXnHXvgJbTpYu3SdCD0gWAQSwZ5pQ-fRCr370HnyXg4_lEswFbN9nUfWPtymUDIZIjBwKCJGSRhULqVXE249aoOk5h4AQBgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0WLp3quZieU725fxsU_d-C_hqRxA%2526client%253Dca-pub-9138247653754533%2526adurl%253D&y=1&s=&z=0
Frame ID: FB0FE53A2C9D07ECD8D82E8160FBEEA9
Requests: 11 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.546.0_uk.html
Frame ID: 966F63E77C5EB88BAD5788B6AF1CD2F3
Requests: 2 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: F8458C3C3A3F2FC3EA56B94114D81BE2
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 9B37FFA5CDF3988381C393987F9723E8
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=321034%2C15255%2C117569&b=wbKFdf1jUxkV1TEHRH2tXtp2gZfKTAT69a5%2C23Yh6fAqfMAJtVHWHkt8tREbaWT7TKBTg%2Cz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSW&f=gzdf8fdrUWBQeTPHbH8txCj718HdTQTM6Ce%2C4PGSEfX5CwQRSGH9HdtzCjWrtZTpT1EUK%2C8QjCDfM8FeE9zhgHJHEtqC4gZCPTwT1MUk&c=300&d=250&e=&g=17d042f3ab08dd98b6d634ae4de7d75f%2F9936139167091613381&i=111584%2C25174%2C29981&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1668903737545&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gtfc5f5p94ksnpbb2t4mw2545edfxz73sbycvw0fq632bjrh776tzqcz5pmbk2v62z7q4ptm0h81z13c86gq1999c5bjbj9nx7exj6awa2jhbhs6rzjmkpr0pjg2vrxctn0fgkt488stdqrwcp9aptwpzv22hgvshv4stxbe994hmq2sgx9c649tpetqqqc86bv3gzy33fgbhyrkxezwh817qmeqmn1h7nw58m3n75a7kfjrfkp8yw19agcfc4v1w9ewrapr5amtk6fz9j0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCdkEwOHN5Y968JpnH7_UPpPqP2AGQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTkxMzgyNDc2NTM3NTQ1MzPIAQmpAnNp6beoUrE-4AIAqAMBqgTnAU_QKcrMD_b-7peUfxkthYOMunm24e0DI-INrMaqFQ5DNp06vQedkKxH3dt4f2CR3m_rYF00uk-eool6vwYuazz7UMeStn0aHmmr2fbp9JorRwJ1cNVwPf5hvVl9J8YAz3Tsp78Lk4NjCwrEqFKGkwh0O-Bqtwd8ZLrHIUyffCBpP44lwaN2edDPwjumshGlFWlw7yMu7cqqIQ7g1CJ1GuXPNTruW7JcgbO4YmyuGoYmo869dVb_PKfakXsC4EhV9z94QIYwMbqN4OG6XtXidx3bNylGfr4gJ9oe2-grbrGcdzeNwlMlPuAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1RJfO3b-eHNUHrwov7MT7gjHbKyQ%2526client%253Dca-pub-9138247653754533%2526adurl%253D&y=1&s=&z=0
Frame ID: C0E70BCC9B7F7419DC88BDC9227D2C1A
Requests: 14 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=321735%2C319925%2C169080&b=D8qh3fWwh2Rdqa3HmH9t1tegVphWTmTgbtV%2CeZqa3fgVHZPYrSjHZHet1tXZr2FjTQTYdU1%2CD8qh3fWwhGGGBa3HmH9t1tkbKKTWTmTgbtV&f=d9DSEfPkH5r7BCEHjHwtqC8MDzc3T4T1rUj%2CD8qh3fWwh24eGT3HmH9twCkQjqHWTmTgbtV%2Cd9DSEfPkHpppJTEHjHwtqC54wwC3T4T1rUj&c=300&d=250&e=&g=b2c0f8cee676de65fd64169b5c484543%2F12942053561564023625&i=110819%2C83339%2C65760&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1668903737554&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g29gf1qb6xz3mkn5x4y00jyaatkprv016hy859kdcdvgffktas4k00rgen378x83jysy7yj030far6rxf1vkjp0c0cgskf14j929k62aehrvtgmtjp53rwb8rykewzyz0rxc6de9048q7kmzmke5b0d0zevyf8zavc1s2t3g834yx9xmkr7x34jsa15ef6vm3tbdq5cmgrb2qzym45vr9wd26mkgj3m7f5c0xwrxxnke3qhbn14b0wqzfk52pp2kf59jvyp9c0wga4zyb00%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiCvMOHN5Y9-8JpnH7_UPpPqP2AGQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTkxMzgyNDc2NTM3NTQ1MzPIAQmpAnNp6beoUrE-4AIAqAMBqgTrAU_QzsQih9DZgRZM0-KBjm7-DvIEEtWweExJmhGPYX0Zg-_9FxCsONT8VFNXvtqpEzEgfHh1h3cwfKI2hKHM3U5bVekJ4mmsejc3w3cWyb3icNet9mevGhTTG8kL-qi5L7iMfVmNpi3BZjabLCarp62qK4d9vp6S_-zSUehjFXh7VfQjgp-Oy_zJQyoF5-4HB4DlBW90c3nOc9xGBD1AGHbvKqpwEenAA04geL-dpowEOl2CKqGykkfglbHH6XoCDbQFYEcDxj_9V0k5eGg0g6CJm1J843H4dWUSIJ_ycE81d0PKlHDVXpuDzlngBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0lkC4PmeXnyEaGSDV9531Rh83x6A%2526client%253Dca-pub-9138247653754533%2526adurl%253D&y=1&s=&z=0
Frame ID: 06F31A4DBBB2D8F497D3F7D125369386
Requests: 16 HTTP requests in this frame

Frame: https://tm.simptrack.com/tm/a/channel/tracker/f5bfe45bb2?pub=ad4mat
Frame ID: 378330781C2FE52A0390D9AC92994456
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161562&gdpr=0&gdpr_consent=
Frame ID: F26A5484002C7DE316D2526DBFEC0898
Requests: 11 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1668903736339&gdpr=0
Frame ID: C30C3E7772C036D1591482862E5EB55E
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161562&gdpr=0&gdpr_consent=
Frame ID: 488B248E6D766A1806F50AAF6A44E797
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8&gdpr=0
Frame ID: 95C66EA925F2FAE84103E2A771C26F9E
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=0
Frame ID: 16643B5C8CED6A679AC24ECDBFDDE589
Requests: 10 HTTP requests in this frame

Frame: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=aa886939-d386-4429-5d25-8448ff4b21c8&reqId=53e0299b-95fe-4d3d-70dc-5a42a5c9ac9e&zdid=1361&cmp=0
Frame ID: F34DF4CF502DE658CA6EEE57DC23F051
Requests: 34 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=5A2D5A56-8744-4E8D-8693-9300D2F1536D&gdpr=0&gdpr_consent=
Frame ID: EA1917F5171339CB47FE48472F2B1E97
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2985599642028976788
Frame ID: 807BF23C291173781A0584851449C45C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:5da66379-733b-4600-a404-3d30ac5e6104&gdpr=0&gdpr_consent=
Frame ID: 83619CF4252510A2A400B2F72B7642B5
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 8CC8859FC73A34DB64FD6E106A1C1BF3
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=5A2D5A56-8744-4E8D-8693-9300D2F1536D&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: D1991382777D6EDBB0656A4F75FC1A03
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4478709472869750710&gdpr=0&gdpr_consent=
Frame ID: D65D1A60C9256C2E1750FB82FE08FDBD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Офіційний сайт каналу 1+1Kyivstar

Page URL History Show full URLs

  1. http://1plus1.ua/ HTTP 301
    https://1plus1.ua/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • hit\.gemius\.pl/xgemius\.js
  • hit\.gemius\.pl
  • xgemius\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • piwik\.js|piwik\.php
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • analytics\.webgains\.io
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

370
Requests

86 %
HTTPS

32 %
IPv6

88
Domains

139
Subdomains

96
IPs

15
Countries

9210 kB
Transfer

15224 kB
Size

121
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://1plus1.ua/ HTTP 301
    https://1plus1.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 96
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=29e3d03a-c0f6-4fe2-a898-4f4d49ad0ad5
Request Chain 110
  • https://gaua.hit.gemius.pl/_1668903735950/rexdot.js?l=100&sendf=8&id=AjrqKCOxP8PKBji0fzFPYcU1XmENAbtLwaFZEcN9oWn.27&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2F1plus1.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=5ycarj4KVytOpcd42Rvndpa7jbyPR5Or1ZUMYyO83nL.u7GB9U2jn6CA3.f.2TEn6VRFSExvVEwa6lDTl.WjJK1rSNAS/OBpTfY5LG7_Zx/&fpdata=-TURNEDOFF&ltime=373&inner=_ver%3D331%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=63797337225f64eb HTTP 301
  • https://gaua.hit.gemius.pl/__/_1668903735950/rexdot.js?l=100&sendf=8&id=AjrqKCOxP8PKBji0fzFPYcU1XmENAbtLwaFZEcN9oWn.27&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2F1plus1.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=5ycarj4KVytOpcd42Rvndpa7jbyPR5Or1ZUMYyO83nL.u7GB9U2jn6CA3.f.2TEn6VRFSExvVEwa6lDTl.WjJK1rSNAS/OBpTfY5LG7_Zx/&fpdata=-TURNEDOFF&ltime=373&inner=_ver%3D331%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=63797337225f64eb
Request Chain 140
  • https://pbjs.e-planning.net/pbjs/1/2e43c/1/1plus1.ua/ROS?rnd=0.773842147478927&e=300x250_0%3A300x250%2B300x250_1%3A300x250%2C300x600%2B300x250_2%3A300x250%2C300x600%2B970x250_0%3A970x250%2C750x250%2B1440x180_0%3A1440x180&ur=https%3A%2F%2F1plus1.ua%2F&pbv=6.25.1-d&ncb=1&vs=FFFFF&crs=UTF-8&fr=https%3A%2F%2F1plus1.ua%2F&gdpr=0&e_pubcid=72ccc80c-3ac5-4c4c-9648-2dec046a6e25 HTTP 302
  • https://pbjs.e-planning.net/hb/1/2e43c/1/1plus1.ua/ROS?ct=1&r=pbjs&rnd=0.773842147478927&e=300x250_0%3A300x250%2B300x250_1%3A300x250%2C300x600%2B300x250_2%3A300x250%2C300x600%2B970x250_0%3A970x250%2C750x250%2B1440x180_0%3A1440x180&ur=https%3A%2F%2F1plus1.ua%2F&pbv=6.25.1-d&ncb=1&vs=FFFFF&crs=UTF-8&fr=https%3A%2F%2F1plus1.ua%2F&gdpr=0&e_pubcid=72ccc80c-3ac5-4c4c-9648-2dec046a6e25
Request Chain 170
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEHVlt99di2YRwOLjhKzUe_U&google_cver=1&google_push=ASkJ3FZNfIOAfwP57t7t-VZRRRgu8DW5bPeC5ucLQ21MS8yuwrs-JuXML7PgYBiPrU-oIFYLnweOj_NrxXHkVxeubJEIoua_oZSA HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=8&google_gid=CAESEHVlt99di2YRwOLjhKzUe_U&google_cver=1&google_push=ASkJ3FZNfIOAfwP57t7t-VZRRRgu8DW5bPeC5ucLQ21MS8yuwrs-JuXML7PgYBiPrU-oIFYLnweOj_NrxXHkVxeubJEIoua_oZSA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=rdWV_sXITFWKMO3EoT2KkmN5czg
Request Chain 171
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEFXgWu9AelanOtlGFWccjsM&google_cver=1&google_push=ASkJ3Fa2RDfOqWfGDinUQRaPWPD9iw-2smlYgikh1c5CWPbFj9KciOSaurnVn_w0-DIalB8lQgyNdNMroAzpzToUFsy5h6hoXZG9 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3Fa2RDfOqWfGDinUQRaPWPD9iw-2smlYgikh1c5CWPbFj9KciOSaurnVn_w0-DIalB8lQgyNdNMroAzpzToUFsy5h6hoXZG9&google_hm=NTUyMTkyMzA2MDkwODEzNDk2MQ%3D%3D
Request Chain 172
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPSQxdNfGcTYCskTre7bu4E&google_cver=1&google_push=ASkJ3FZbd9qPZnZZJYR7OU-LHHn7Ff-IRxWNlEfsWZnoOcMwZIUa3JxYIVT40Bd4VbAxVh94LLAE_z3Vo8xCqkJ8yIKjwOjCjNhI HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEPSQxdNfGcTYCskTre7bu4E&google_cver=1&google_push=ASkJ3FZbd9qPZnZZJYR7OU-LHHn7Ff-IRxWNlEfsWZnoOcMwZIUa3JxYIVT40Bd4VbAxVh94LLAE_z3Vo8xCqkJ8yIKjwOjCjNhI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzE0NzY2NDg5NTA1MDkwOTg5Mw&google_push=ASkJ3FZbd9qPZnZZJYR7OU-LHHn7Ff-IRxWNlEfsWZnoOcMwZIUa3JxYIVT40Bd4VbAxVh94LLAE_z3Vo8xCqkJ8yIKjwOjCjNhI
Request Chain 174
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEPmPioVP5N0JKpTx0JPMcvc&google_cver=1&google_push=ASkJ3FaOw12_3N87s8MNdhWqWFUHJ8VKlHEzYgulS4829aZgTjrBnGSbEagLNJNs5IbTf6QzZbIEgYIiAsO8YAKuBQtUYQi2qfHP HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=ASkJ3FaOw12_3N87s8MNdhWqWFUHJ8VKlHEzYgulS4829aZgTjrBnGSbEagLNJNs5IbTf6QzZbIEgYIiAsO8YAKuBQtUYQi2qfHP&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1668903736793 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-b7b4fc17-c3ce-48d5-b2e2-d325f0f02427-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DASkJ3FaOw12_3N87s8MNdhWqWFUHJ8VKlHEzYgulS4829aZgTjrBnGSbEagLNJNs5IbTf6QzZbIEgYIiAsO8YAKuBQtUYQi2qfHP%26google_hm%3DA7e0_BfDzkjVsuLTJfDwJCc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ASkJ3FaOw12_3N87s8MNdhWqWFUHJ8VKlHEzYgulS4829aZgTjrBnGSbEagLNJNs5IbTf6QzZbIEgYIiAsO8YAKuBQtUYQi2qfHP&google_hm=A7e0_BfDzkjVsuLTJfDwJCc
Request Chain 175
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEI7xDlbflHQ0ukZ_YPMK05Q&google_cver=1&google_push=ASkJ3Fb0tMY53zzKKtIsKvSpyGsg5Xv0tvAdSBg88-Q4XqrdVjpmwnx9_HUHSkw5LNM0GnnDcVOWpHuJ0mr3in2UCIAwuJ11Tzjn HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=ASkJ3Fb0tMY53zzKKtIsKvSpyGsg5Xv0tvAdSBg88-Q4XqrdVjpmwnx9_HUHSkw5LNM0GnnDcVOWpHuJ0mr3in2UCIAwuJ11Tzjn&google_gid=CAESEI7xDlbflHQ0ukZ_YPMK05Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTM5MTg4MTg1MDIzNTIyNzkwNDQ5Ng%3D%3D&google_push=ASkJ3Fb0tMY53zzKKtIsKvSpyGsg5Xv0tvAdSBg88-Q4XqrdVjpmwnx9_HUHSkw5LNM0GnnDcVOWpHuJ0mr3in2UCIAwuJ11Tzjn
Request Chain 176
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEI2FmzYLXbbJHALBQ1Xe-ZQ&google_cver=1&google_push=ASkJ3FZosiflYDotHo7fG47tIvEzqJDzn0s080F3kx31z0HhDCjhTKAKb30WMRU1RcykJax1DkbCY53Snpxt7OemMsg7m77TRRh3 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEI2FmzYLXbbJHALBQ1Xe-ZQ%26google_cver%3D1%26google_push%3DASkJ3FZosiflYDotHo7fG47tIvEzqJDzn0s080F3kx31z0HhDCjhTKAKb30WMRU1RcykJax1DkbCY53Snpxt7OemMsg7m77TRRh3 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NDQ3ODcwOTQ3Mjg2OTc1MDcxMA%3D%3D&google_gid=CAESEI2FmzYLXbbJHALBQ1Xe-ZQ&google_cver=1&google_push=ASkJ3FZosiflYDotHo7fG47tIvEzqJDzn0s080F3kx31z0HhDCjhTKAKb30WMRU1RcykJax1DkbCY53Snpxt7OemMsg7m77TRRh3
Request Chain 220
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEE2fJMLV3V_eRh6Z6iCWc3c&google_cver=1&google_push=ASkJ3FY-YofuGr5qNe410NStH4DtBaGG0KT1WM9kmX6iEs-YMknAaHuETlkZ_4_AhKHxZmpWKX7zyAFGsT7xHWJnl4dMr23Z76Yl_A&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DASkJ3FY-YofuGr5qNe410NStH4DtBaGG0KT1WM9kmX6iEs-YMknAaHuETlkZ_4_AhKHxZmpWKX7zyAFGsT7xHWJnl4dMr23Z76Yl_A%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEE2fJMLV3V_eRh6Z6iCWc3c&google_cver=1&google_push=ASkJ3FY-YofuGr5qNe410NStH4DtBaGG0KT1WM9kmX6iEs-YMknAaHuETlkZ_4_AhKHxZmpWKX7zyAFGsT7xHWJnl4dMr23Z76Yl_A&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DASkJ3FY-YofuGr5qNe410NStH4DtBaGG0KT1WM9kmX6iEs-YMknAaHuETlkZ_4_AhKHxZmpWKX7zyAFGsT7xHWJnl4dMr23Z76Yl_A%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 223
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEE2fJMLV3V_eRh6Z6iCWc3c&google_cver=1&google_push=ASkJ3FZRuJh38auw_nfHo088RbupjeDHDP8x0TnZC4vVHeoKjQRksoteoG69cNkd_kakeJC9ryo-vPmPE8Or6FbwLVcENXbB7WAT&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DASkJ3FZRuJh38auw_nfHo088RbupjeDHDP8x0TnZC4vVHeoKjQRksoteoG69cNkd_kakeJC9ryo-vPmPE8Or6FbwLVcENXbB7WAT%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEE2fJMLV3V_eRh6Z6iCWc3c&google_cver=1&google_push=ASkJ3FZRuJh38auw_nfHo088RbupjeDHDP8x0TnZC4vVHeoKjQRksoteoG69cNkd_kakeJC9ryo-vPmPE8Or6FbwLVcENXbB7WAT&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DASkJ3FZRuJh38auw_nfHo088RbupjeDHDP8x0TnZC4vVHeoKjQRksoteoG69cNkd_kakeJC9ryo-vPmPE8Or6FbwLVcENXbB7WAT%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 240
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117703V1226132702M%26subid%3Dviewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CPf7wfO-u_sCFWuF_Qcdh10OkA;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117703V1226132702M%26subid%3Dviewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://www.telefonica-partner.de/tpv.php?t=117703V1226132702M&subid=viewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=117703V1226132702M&subid=viewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2022112001221878702816337X117703V1226132702MSviewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&cons=0&spid=2022112001221878702816337X117703V1226132702MSviewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth&wfid=117703&partnerid=12218
Request Chain 243
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D113752V1225131106M%26subid%3DviewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_pre=CP20wvO-u_sCFVGK_QcdlnMJjw;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D113752V1225131106M%26subid%3DviewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://www.telefonica-partner.de/tpv.php?t=113752V1225131106M&subid=viewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=113752V1225131106M&subid=viewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2022112001221878702816339X113752V1225131106MSviewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&cons=0
Request Chain 246
  • https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtVoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.zenaps.com/cshow.php?pvr=63e83310-6869-11ed-adce-2234a4c513ba&v=11354&r=412871&q=377129&s=2470185&viewref3=oneidD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtVoneid__suite_Netmix_Reach43_TopRotaMonth&pv=1&gdpr=0&gdpr_consent= HTTP 302
  • https://www.conrad.de/ztpv.php?awc=11354_412871_1668903737_63e83310-6869-11ed-adce-2234a4c513ba&insert=AW&&gdpr=0&gdpr_consent=
Request Chain 262
  • https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid23Yh6fAqfMAJtVHWHkt8tREbaWT7TKBTgoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CPClzfO-u_sCFXDzEQgdDU8Oqw;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid23Yh6fAqfMAJtVHWHkt8tREbaWT7TKBTgoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid23Yh6fAqfMAJtVHWHkt8tREbaWT7TKBTgoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1668903737_641d4cd1-6869-11ed-9f2f-2266c0ccb091
Request Chain 294
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2F1plus1.ua%2F&domain=1plus1.ua&cw=1&pbt=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=J0-1rnx5OUxNMnA3VWdXYzV0T1Fsa1BVcUhaUXRqNFdHdXhidWFVN3JVei8zMWRaTWZKbWR2MUJaSGk2aDg0elBtNC9vSUZKMkk2bkNwbVZmajZhTk5kbGdjYjBuZmFwUG9SUUY4Q04vODF2aHFyclBkUDJXaUgwVnkwVDVQc0tTU0dPUTZ0ZmhWZW40d05ibk1Bdm10Qlc5aVZFQnBjRE1VT25oUTZYNVBrRHdTUkdpUVlpeVNCOFhBbzRkd3hOVTNBeGFhWTVBWXEwU3Vmd3FJK1RGOHR2L2tybzBpeDdPaURxUEE0OTBUT21SWHV3PXw&cppv=2
Request Chain 302
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=29e3d03a-c0f6-4fe2-a898-4f4d49ad0ad5
Request Chain 303
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=5da66379-733b-4600-a404-3d30ac5e6104
Request Chain 304
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&&val=fpkmpX-ZIv5lyHKscMg8_Syed6hlkyGseM6ABCL4
Request Chain 305
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3147664895050909893
Request Chain 308
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGYerEsq6G0lerB9neJgkHA&google_cver=1
Request Chain 311
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Daa886939-d386-4429-5d25-8448ff4b21c8%26reqId%3D53e0299b-95fe-4d3d-70dc-5a42a5c9ac9e%26zdid%3D1361 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Daa886939-d386-4429-5d25-8448ff4b21c8%26reqId%3D53e0299b-95fe-4d3d-70dc-5a42a5c9ac9e%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=d350f000-c9e4-4019-ae76-c33cdf0bbe9b&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=aa886939-d386-4429-5d25-8448ff4b21c8&reqId=53e0299b-95fe-4d3d-70dc-5a42a5c9ac9e&zdid=1361
Request Chain 317
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=aa886939-d386-4429-5d25-8448ff4b21c8&reqId=53e0299b-95fe-4d3d-70dc-5a42a5c9ac9e&zdid=1361 HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=aa886939-d386-4429-5d25-8448ff4b21c8&reqId=53e0299b-95fe-4d3d-70dc-5a42a5c9ac9e&zdid=1361&s_h=1 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=4d7d611a-dadf-48a0-91a6-0a97b5adba6c&zpartnerid=317&gdpr=1&gdpr_consent=
Request Chain 318
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=aa886939-d386-4429-5d25-8448ff4b21c8&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Daa886939-d386-4429-5d25-8448ff4b21c8%26reqId%3D53e0299b-95fe-4d3d-70dc-5a42a5c9ac9e%26zdid%3D1361 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=aa886939-d386-4429-5d25-8448ff4b21c8&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Daa886939-d386-4429-5d25-8448ff4b21c8%26reqId%3D53e0299b-95fe-4d3d-70dc-5a42a5c9ac9e%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=65116546366224656253879846267361715270&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=aa886939-d386-4429-5d25-8448ff4b21c8&reqId=53e0299b-95fe-4d3d-70dc-5a42a5c9ac9e&zdid=1361
Request Chain 320
  • https://bn01.er.bemail.it/zeotap.php?_bid=aa886939-d386-4429-5d25-8448ff4b21c8&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=aa886939-d386-4429-5d25-8448ff4b21c8&reqId=53e0299b-95fe-4d3d-70dc-5a42a5c9ac9e&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=BE1-2022112001-13659-0.020611001668903740-0e54444c17ce0d4f14f81a8a5696f01d&zdid=533&env=mWeb
Request Chain 321
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Daa886939-d386-4429-5d25-8448ff4b21c8%26reqId%3D53e0299b-95fe-4d3d-70dc-5a42a5c9ac9e%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=7167886983472281754&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=aa886939-d386-4429-5d25-8448ff4b21c8&reqId=53e0299b-95fe-4d3d-70dc-5a42a5c9ac9e&zdid=1361
Request Chain 322
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=aa886939-d386-4429-5d25-8448ff4b21c8 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=aa886939-d386-4429-5d25-8448ff4b21c8
Request Chain 323
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=aa886939-d386-4429-5d25-8448ff4b21c8&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Daa886939-d386-4429-5d25-8448ff4b21c8%26reqId%3D53e0299b-95fe-4d3d-70dc-5a42a5c9ac9e%26zdid%3D1361 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=aa886939-d386-4429-5d25-8448ff4b21c8&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Daa886939-d386-4429-5d25-8448ff4b21c8%26reqId%3D53e0299b-95fe-4d3d-70dc-5a42a5c9ac9e%26zdid%3D1361&bounce=1&random=222179624 HTTP 302
  • https://mwzeom.zeotap.com/mw?webouuid=7AM3mf1VuTzKi2NnK7tyc.&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=aa886939-d386-4429-5d25-8448ff4b21c8&reqId=53e0299b-95fe-4d3d-70dc-5a42a5c9ac9e&zdid=1361
Request Chain 325
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=aa886939-d386-4429-5d25-8448ff4b21c8?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=aa886939-d386-4429-5d25-8448ff4b21c8&reqId=53e0299b-95fe-4d3d-70dc-5a42a5c9ac9e&zdid=1361 HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=aa886939-d386-4429-5d25-8448ff4b21c8?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=aa886939-d386-4429-5d25-8448ff4b21c8&reqId=53e0299b-95fe-4d3d-70dc-5a42a5c9ac9e&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?pid=6330babf1dab9342281cf35680271384&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=aa886939-d386-4429-5d25-8448ff4b21c8&reqId=53e0299b-95fe-4d3d-70dc-5a42a5c9ac9e&zdid=1361
Request Chain 326
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
  • https://ups.analytics.yahoo.com/ups/58697/cms?partner_id=ZTAP HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=y-nULayBxE2orXgoIL421qRIZNWpbzud5L6Q--~A&zpartnerid=570&env=mWeb
Request Chain 327
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=aa886939-d386-4429-5d25-8448ff4b21c8&reqId=53e0299b-95fe-4d3d-70dc-5a42a5c9ac9e&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=9MhQKoDjAsvKbmhD1UeFbdd0rthDLDEP%2BS41iYitP1U%3D
Request Chain 331
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Daa886939-d386-4429-5d25-8448ff4b21c8%26reqId%3D53e0299b-95fe-4d3d-70dc-5a42a5c9ac9e%26zdid%3D1361 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Daa886939-d386-4429-5d25-8448ff4b21c8%26reqId%3D53e0299b-95fe-4d3d-70dc-5a42a5c9ac9e%26zdid%3D1361&_test=Y3lzPAAAASg8WQAr HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=Y3lzPAAAASg8WQAr&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=aa886939-d386-4429-5d25-8448ff4b21c8&reqId=53e0299b-95fe-4d3d-70dc-5a42a5c9ac9e&zdid=1361&_test=Y3lzPAAAASg8WQAr
Request Chain 332
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Daa886939-d386-4429-5d25-8448ff4b21c8%26reqId%3D53e0299b-95fe-4d3d-70dc-5a42a5c9ac9e%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=5da66379-733b-4600-a404-3d30ac5e6104&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=aa886939-d386-4429-5d25-8448ff4b21c8&reqId=53e0299b-95fe-4d3d-70dc-5a42a5c9ac9e&zdid=1361
Request Chain 333
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=aa886939-d386-4429-5d25-8448ff4b21c8&reqId=53e0299b-95fe-4d3d-70dc-5a42a5c9ac9e&zdid=1361 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=aa886939-d386-4429-5d25-8448ff4b21c8&reqId=53e0299b-95fe-4d3d-70dc-5a42a5c9ac9e&zdid=1361
Request Chain 334
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=aa886939-d386-4429-5d25-8448ff4b21c8&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=aa886939-d386-4429-5d25-8448ff4b21c8&reqId=53e0299b-95fe-4d3d-70dc-5a42a5c9ac9e&zdid=1361 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=aa886939-d386-4429-5d25-8448ff4b21c8&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=aa886939-d386-4429-5d25-8448ff4b21c8&reqId=53e0299b-95fe-4d3d-70dc-5a42a5c9ac9e&zdid=1361&dcc=t
Request Chain 336
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Daa886939-d386-4429-5d25-8448ff4b21c8%26reqId%3D53e0299b-95fe-4d3d-70dc-5a42a5c9ac9e%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=aa886939-d386-4429-5d25-8448ff4b21c8&reqId=53e0299b-95fe-4d3d-70dc-5a42a5c9ac9e&zdid=1361
Request Chain 337
  • https://pixel.rubiconproject.com/token?pid=41544&puid=aa886939-d386-4429-5d25-8448ff4b21c8&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=aa886939-d386-4429-5d25-8448ff4b21c8&reqId=53e0299b-95fe-4d3d-70dc-5a42a5c9ac9e&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=LAOM70GX-1S-2Z32&env=mWeb&zpartnerid=1770&gdpr=1
Request Chain 338
  • https://x.bidswitch.net/syncd?dsp_id=461&user_group=1&expires=5&user_id=aa886939-d386-4429-5d25-8448ff4b21c8&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BBSW_UID%7D%26env%3DmWeb%26zpartnerid%3D1771%26gdpr%3D1%26gdpr_consent%3D%7Bconsent_string%7D%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Daa886939-d386-4429-5d25-8448ff4b21c8%26reqId%3D53e0299b-95fe-4d3d-70dc-5a42a5c9ac9e%26zdid%3D1361 HTTP 302
  • https://x.bidswitch.net/ul_cb/syncd?dsp_id=461&user_group=1&expires=5&user_id=aa886939-d386-4429-5d25-8448ff4b21c8&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BBSW_UID%7D%26env%3DmWeb%26zpartnerid%3D1771%26gdpr%3D1%26gdpr_consent%3D%7Bconsent_string%7D%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Daa886939-d386-4429-5d25-8448ff4b21c8%26reqId%3D53e0299b-95fe-4d3d-70dc-5a42a5c9ac9e%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=302a874d-30fe-4835-b8fc-09aabc309c7e&env=mWeb&zpartnerid=1771&gdpr=1&gdpr_consent={consent_string}&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=aa886939-d386-4429-5d25-8448ff4b21c8&reqId=53e0299b-95fe-4d3d-70dc-5a42a5c9ac9e&zdid=1361
Request Chain 346
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEC273ia5WMS9pcJAcbB9m94&google_cver=1
Request Chain 347
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFPTTcwR1gtMVMtMlozMg==&gdpr=0
Request Chain 348
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=HsmcSkrOQMOSf-5WW1TUKw&rk=usync-other&gdpr=0 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=HsmcSkrOQMOSf-5WW1TUKw&gdpr=0
Request Chain 349
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTRjZmI2ZDkzZjZjYjdkZjA1MzQzZmQwZWFlZDA5ODY1ZmViMzZlZg&gdpr=0
Request Chain 351
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=LoobtV7dTaK1qjDGHZTlKA&rk=usync-na&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=LoobtV7dTaK1qjDGHZTlKA&gdpr=0
Request Chain 352
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LAOM70GX-1S-2Z32&gdpr=0
Request Chain 353
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/3QMOFHC3ISVTm1WlZdtNqsn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5521923060908134961
Request Chain 356
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2985599642028976788
Request Chain 357
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:5da66379-733b-4600-a404-3d30ac5e6104&gdpr=0&gdpr_consent=
Request Chain 359
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=5A2D5A56-8744-4E8D-8693-9300D2F1536D&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=5A2D5A56-8744-4E8D-8693-9300D2F1536D&redir=true&gdpr=0&gdpr_consent=&dcc=t
Request Chain 360
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4478709472869750710&gdpr=0&gdpr_consent=
Request Chain 361
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Wi1aVodETo2Gk5MA0vFTbQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 362
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=5da66379-733b-4600-a404-3d30ac5e6104
Request Chain 363
  • https://pixel.onaudience.com/?partner=214&mapped=5A2D5A56-8744-4E8D-8693-9300D2F1536D&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Request Chain 364
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NUEyRDVBNTYtODc0NC00RThELTg2OTMtOTMwMEQyRjE1MzZE&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 365
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKAwTWCYA7xztOf00h3f8fI&google_cver=1
Request Chain 367
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3147664895050909893

370 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
1plus1.ua/
Redirect Chain
  • http://1plus1.ua/
  • https://1plus1.ua/
301 KB
69 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1plus1.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
195.137.240.80 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
front02.1plus1.ua
Software
nginx /
Resource Hash
ef594ffbeb9ecf07b43cf04f4e3b534af93c9c8cf4b7c0b76bb08fc3fee304a7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Cache-Control
no-cache, private
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Sun, 20 Nov 2022 00:22:14 GMT
Keep-Alive
timeout=15
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding

Redirect headers

Connection
keep-alive
Content-Length
178
Content-Type
text/html
Date
Sun, 20 Nov 2022 00:22:13 GMT
Keep-Alive
timeout=15
Location
https://1plus1.ua/
Server
nginx
desktop.css
1plus1.ua/build/css/ 		136 KB
33 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://1plus1.ua/build/css/desktop.css?id=c39a6fec71f6f36b6aef
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
195.137.240.80 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
front02.1plus1.ua
Software
nginx /
Resource Hash
2b7f68582252a22f529528a5bcd334c5d727a7e972d2808677aaee4a4ba20259

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 20 Nov 2022 00:22:14 GMT
Content-Encoding
gzip
Last-Modified
Mon, 27 Jun 2022 13:34:00 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=604800
Connection
keep-alive
Keep-Alive
timeout=15
Expires
Sun, 27 Nov 2022 00:22:14 GMT
api.0.3.0.js
1plus1.video/static/player/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1plus1.video/static/player/js/api.0.3.0.js
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
front03.1plus1.ua
Software
nginx /
Resource Hash
a5af34b74868f58da2483e0ad87af7bfb087d4fc23ee86139a4fba443bb66e5f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 20 Nov 2022 00:22:14 GMT
Content-Encoding
gzip
Last-Modified
Thu, 27 Jun 2019 14:17:47 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
keep-alive
Keep-Alive
timeout=15
Expires
Tue, 20 Dec 2022 00:19:33 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		143 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6224c9a892da8a5a42b865d71312b8afb2f0fd16fe33a3b8e4a54e0e910ce496
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:15 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49185
x-xss-protection
0
server
cafe
etag
16631322154173019058
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 20 Nov 2022 00:22:15 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		143 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7632246187727089
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
13d8a627dc93f7abb28f3188a686a67da61bac54d7ff4a2845e489af5455c358
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1plus1.ua/
Origin
https://1plus1.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:15 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49052
x-xss-protection
0
server
cafe
etag
1861226033852127430
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 20 Nov 2022 00:22:15 GMT
d97000c9915c066679cdbca79e0c2464_1050x960.jpg
images.1plus1.ua/uploads/articles/001/167/616/ 		110 KB
111 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.1plus1.ua/uploads/articles/001/167/616/d97000c9915c066679cdbca79e0c2464_1050x960.jpg?v=1668513839
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
images.1plus1.ua
Software
nginx /
Resource Hash
7cddb82115dc2cad07836d02b428ddc84d73a3e54d2bb23e9aa332097225747c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:15 GMT
last-modified
Tue, 15 Nov 2022 12:25:37 GMT
server
nginx
etag
"bb3285f8d131a6454e7104dafacc7e3c"
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
113002
x-1p1-cdn
MISS; Sun, 20 Nov 2022 00:22:15 GMT
expires
Thu, 31 Dec 2037 23:55:55 GMT
d997d0e8a70c2f1c6f365bfb97348cda_1050x960.png
images.1plus1.ua/uploads/articles/001/170/973/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.1plus1.ua/uploads/articles/001/170/973/d997d0e8a70c2f1c6f365bfb97348cda_1050x960.png?v=1668767836
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
images.1plus1.ua
Software
nginx /
Resource Hash
c9a06cac4fe63810cc312538821dcacf6363d982c2bf6a50ad4ed2936bd5d6cc

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:15 GMT
last-modified
Fri, 18 Nov 2022 10:55:01 GMT
server
nginx
etag
"43eb8aa769a59c4f28a8ccc49a3d21ed"
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
content-length
1302944
x-1p1-cdn
MISS; Sun, 20 Nov 2022 00:22:15 GMT
expires
Thu, 31 Dec 2037 23:55:55 GMT
c93c6c02e64df1afb90c2cfaf56c17af_1050x960.jpg
images.1plus1.ua/uploads/articles/000/837/292/ 		86 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.1plus1.ua/uploads/articles/000/837/292/c93c6c02e64df1afb90c2cfaf56c17af_1050x960.jpg?v=1643815775
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
images.1plus1.ua
Software
nginx /
Resource Hash
397241284c4b2768d7456e491c3c3c82e3f6cd268c67bb2fa80f8539a8aef9fb

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:15 GMT
last-modified
Wed, 02 Feb 2022 15:29:37 GMT
server
nginx
etag
"f24c229359ed194b764f69054541f1c8"
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
88013
x-1p1-cdn
MISS; Sun, 20 Nov 2022 00:22:15 GMT
expires
Thu, 31 Dec 2037 23:55:55 GMT
147c5f537447979aa425fa91c33da398_1050x960.jpg
images.1plus1.ua/uploads/articles/001/165/237/ 		137 KB
137 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.1plus1.ua/uploads/articles/001/165/237/147c5f537447979aa425fa91c33da398_1050x960.jpg?v=1668420004
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
images.1plus1.ua
Software
nginx /
Resource Hash
4155e360a106b86bcd01915be50a7d6fc025691d9d8e0f339ef439f1358213bd

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:15 GMT
last-modified
Mon, 14 Nov 2022 10:00:05 GMT
server
nginx
etag
"eee0b2f49922bb7cb3bfd6f0be695e8c"
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
139941
x-1p1-cdn
MISS; Sun, 20 Nov 2022 00:22:15 GMT
expires
Thu, 31 Dec 2037 23:55:55 GMT
c47a347f6a4a9e55e291a2bf33ef0761_210x150.jpg
images.1plus1.ua/uploads/articles/001/164/826/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.1plus1.ua/uploads/articles/001/164/826/c47a347f6a4a9e55e291a2bf33ef0761_210x150.jpg?v=1668412892
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
images.1plus1.ua
Software
nginx /
Resource Hash
2fe4836430a377f67538986f4cbefc51ed9b7ef7537abc4d57cdc1ed312508a0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:15 GMT
last-modified
Mon, 14 Nov 2022 13:44:34 GMT
server
nginx
etag
"09267c26ea4025d1335c36daa3bb7423"
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
7376
x-1p1-cdn
MISS; Sun, 20 Nov 2022 00:22:15 GMT
expires
Thu, 31 Dec 2037 23:55:55 GMT
e08ec49117fccecdf6ce4152907a209a_210x150.jpg
images.1plus1.ua/uploads/articles/001/159/957/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.1plus1.ua/uploads/articles/001/159/957/e08ec49117fccecdf6ce4152907a209a_210x150.jpg?v=1668000955
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
images.1plus1.ua
Software
nginx /
Resource Hash
8d03673bdb38cd2472faa49e77089961aacd346205a99d6007d2f0236563ed5b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:15 GMT
last-modified
Wed, 09 Nov 2022 13:35:56 GMT
server
nginx
etag
"8a93fe25dec119f3ef44b94b382b4018"
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
7868
x-1p1-cdn
MISS; Sun, 20 Nov 2022 00:22:15 GMT
expires
Thu, 31 Dec 2037 23:55:55 GMT
be9c898521362ee536a717f1acce329c_210x150.jpeg
images.1plus1.ua/uploads/articles/001/138/198/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.1plus1.ua/uploads/articles/001/138/198/be9c898521362ee536a717f1acce329c_210x150.jpeg?v=1666793099
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
images.1plus1.ua
Software
nginx /
Resource Hash
bc5e9b73d737dacb15a7dd445b746e28fba4864a3b1e184a8793a8a4b07eaba2

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:15 GMT
last-modified
Wed, 26 Oct 2022 14:04:59 GMT
server
nginx
etag
"00f506424b3e9b73ccc21a404bb99095"
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
8873
x-1p1-cdn
MISS; Sun, 20 Nov 2022 00:22:15 GMT
expires
Thu, 31 Dec 2037 23:55:55 GMT
4ce64a00b9e2d1b0212829f934cadf0d_210x150.jpg
images.1plus1.ua/uploads/articles/001/149/178/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.1plus1.ua/uploads/articles/001/149/178/4ce64a00b9e2d1b0212829f934cadf0d_210x150.jpg?v=1667395463
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
images.1plus1.ua
Software
nginx /
Resource Hash
58992c45ffa95bd202e9187cc9ebb80225911bfe7a4c45c37abe8e9ee830667e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:15 GMT
last-modified
Wed, 02 Nov 2022 13:24:24 GMT
server
nginx
etag
"6ed1f9ed634f813138d155cdeb5341ab"
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
5654
x-1p1-cdn
MISS; Sun, 20 Nov 2022 00:22:15 GMT
expires
Thu, 31 Dec 2037 23:55:55 GMT
bc3f2e0d61609fb0695bdffb7fea84d6_210x150.png
images.1plus1.ua/uploads/articles/001/156/261/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.1plus1.ua/uploads/articles/001/156/261/bc3f2e0d61609fb0695bdffb7fea84d6_210x150.png?v=1667898144
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
images.1plus1.ua
Software
nginx /
Resource Hash
4e4f8f2b650d27c85ec7005783d9d39ae82a54172fcf23329a81388ee2837d3b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:15 GMT
last-modified
Tue, 08 Nov 2022 09:02:24 GMT
server
nginx
etag
"19a3d9aeb9b0d0f08f6252208740b58f"
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
content-length
49841
x-1p1-cdn
MISS; Sun, 20 Nov 2022 00:22:15 GMT
expires
Thu, 31 Dec 2037 23:55:55 GMT
41c09b2152990fdd3125f7178b81647d_210x150.png
images.1plus1.ua/uploads/articles/001/167/436/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.1plus1.ua/uploads/articles/001/167/436/41c09b2152990fdd3125f7178b81647d_210x150.png?v=1668512513
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
images.1plus1.ua
Software
nginx /
Resource Hash
4d47c1ca3d82a56c25eb8670f9ecbe93721581fab2d02ff5cfec1ebbe5c1c376

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:15 GMT
last-modified
Tue, 15 Nov 2022 11:41:54 GMT
server
nginx
etag
"fb1863df25364393cc42079f368bcd46"
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
content-length
43817
x-1p1-cdn
MISS; Sun, 20 Nov 2022 00:22:15 GMT
expires
Thu, 31 Dec 2037 23:55:55 GMT
e26d8ed33cb4dac37f9a46f8f50a39fa_210x150.jpg
images.1plus1.ua/uploads/articles/000/757/480/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.1plus1.ua/uploads/articles/000/757/480/e26d8ed33cb4dac37f9a46f8f50a39fa_210x150.jpg?v=1637328484
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
images.1plus1.ua
Software
nginx /
Resource Hash
f141c4804f5922f85bebcc912a51c399d218f36f96aa3361b845d00643fa8264

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:15 GMT
last-modified
Fri, 19 Nov 2021 13:28:04 GMT
server
nginx
etag
"38eaa3b98930e9037e36d568e0b90c9a"
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
8012
x-1p1-cdn
MISS; Sun, 20 Nov 2022 00:22:15 GMT
expires
Thu, 31 Dec 2037 23:55:55 GMT
061fb5ab9be430c6ca5ff48d92ed0676_210x150.jpg
images.1plus1.ua/uploads/articles/001/172/512/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.1plus1.ua/uploads/articles/001/172/512/061fb5ab9be430c6ca5ff48d92ed0676_210x150.jpg?v=1668812628
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
images.1plus1.ua
Software
nginx /
Resource Hash
6422f2c551d075ba22afd66575ce2cb24865bca4c67d81369e7bbfd0cdfe6f93

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:15 GMT
last-modified
Fri, 18 Nov 2022 23:03:50 GMT
server
nginx
etag
"a5d77a88b91bd3a3441d264c32af1903"
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
4119
x-1p1-cdn
MISS; Sun, 20 Nov 2022 00:22:15 GMT
expires
Thu, 31 Dec 2037 23:55:55 GMT
8a334a4e05e65169a74577ee321ea02e_210x150.jpg
images.1plus1.ua/uploads/articles/001/171/792/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.1plus1.ua/uploads/articles/001/171/792/8a334a4e05e65169a74577ee321ea02e_210x150.jpg?v=1668782514
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
images.1plus1.ua
Software
nginx /
Resource Hash
2ee685fd2ec940b0dfae9c6e490f9fdc64b2a5e47d2898577dc6308d9ce8394d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:15 GMT
last-modified
Fri, 18 Nov 2022 14:41:56 GMT
server
nginx
etag
"be0943af702b2b3462b9300570a8b587"
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
7924
x-1p1-cdn
MISS; Sun, 20 Nov 2022 00:22:15 GMT
expires
Thu, 31 Dec 2037 23:55:55 GMT
a42c6f084a6e7eaf137fc3ddd5ea9786_210x150.jpg
images.1plus1.ua/uploads/articles/001/171/606/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.1plus1.ua/uploads/articles/001/171/606/a42c6f084a6e7eaf137fc3ddd5ea9786_210x150.jpg?v=1668775440
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
images.1plus1.ua
Software
nginx /
Resource Hash
16fce2fc06098924253d797fbf18040dd0881c9db76920604157794050827e53

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:15 GMT
last-modified
Fri, 18 Nov 2022 12:44:03 GMT
server
nginx
etag
"7b9cb16e41a7304ab6ad11d1d6e2c91a"
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
6630
x-1p1-cdn
MISS; Sun, 20 Nov 2022 00:22:15 GMT
expires
Thu, 31 Dec 2037 23:55:55 GMT
21ed0c0ff27bb8b4edbaa716078c9e01_210x150.jpg
images.1plus1.ua/uploads/articles/001/170/091/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.1plus1.ua/uploads/articles/001/170/091/21ed0c0ff27bb8b4edbaa716078c9e01_210x150.jpg?v=1668694090
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
images.1plus1.ua
Software
nginx /
Resource Hash
37517d427912ff59ee0d7fabc6b1d0cc4184b5aff93436279ce707fcef32e311

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:15 GMT
last-modified
Thu, 17 Nov 2022 14:11:36 GMT
server
nginx
etag
"b0022e6c7c7645703ea86f22eedb442e"
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
4458
x-1p1-cdn
MISS; Sun, 20 Nov 2022 00:22:15 GMT
expires
Thu, 31 Dec 2037 23:55:55 GMT
gtm.js
www.googletagmanager.com/ 		146 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PWKM5Z
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2204be79bb578c0c4fda4fd9eaa67a109ed9728e89aacf67f34ea156f351e546
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:15 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52446
x-xss-protection
0
last-modified
Sun, 20 Nov 2022 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 20 Nov 2022 00:22:15 GMT
app.js
1plus1.ua/build/js/ 		315 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1plus1.ua/build/js/app.js?id=ff35a9d53833cf45c98e
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
195.137.240.80 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
front02.1plus1.ua
Software
nginx /
Resource Hash
3fdf445b8cfc96cac2dc15cf848136734465e421404c4af45aa2edf8aac271e1

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 20 Nov 2022 00:22:14 GMT
Content-Encoding
gzip
Last-Modified
Thu, 20 Jan 2022 11:37:07 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=604800
Connection
keep-alive
Keep-Alive
timeout=15
Expires
Sun, 27 Nov 2022 00:22:14 GMT
l.js
api.1plus1.video/u/ 		895 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.1plus1.video/u/l.js?p=&l=ua&f=0&auth=1&login_profile=1
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
195.137.240.88 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
front02.1plus1.ua
Software
nginx /
Resource Hash
05f3123a31d48faacc7c4cbbce13cc915e2bca98f0ad2d1237f06ef8f4944e98

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 20 Nov 2022 00:22:15 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
https://1plus1.ua
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=15
Expires
Thu, 19 Nov 1981 08:52:00 GMT
wrapper_hb_298309_4139.js
player.adtelligent.com/prebid/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/prebid/wrapper_hb_298309_4139.js?cb=19316
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx /
Resource Hash
1d09013d3a41d98fb51611338090332b2513522dde37404c17e1c809878e97f3

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires
Tue, 22 Nov 2022 00:22:15 GMT
date
Sun, 20 Nov 2022 00:22:15 GMT
content-encoding
gzip
last-modified
Thu, 17 Nov 2022 15:56:06 GMT
server
nginx
etag
W/"63765996-6c4"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=172800
x-proxy-cache
HIT
piwik.js
assay.1plus1.ua/ 		57 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assay.1plus1.ua/piwik.js
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
195.137.240.12 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
assay.1plus1.ua
Software
nginx /
Resource Hash
714576ef1d7b58980b7658ae9b8b4d74a223fba87934dc442db4098873e179a3
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:15 GMT
content-encoding
gzip
last-modified
Tue, 08 Jan 2019 00:15:41 GMT
server
nginx
etag
W/"5c33ebad-e3b1"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
loader2.js
cdn.admixer.net/scripts3/ 		176 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/loader2.js
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
7728946db189aa5afd0b17d585fd24521909793a688ec2ef72c019a8bf92dc97

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc34
date
Sun, 20 Nov 2022 00:22:15 GMT
content-encoding
gzip
last-modified
Thu, 17 Nov 2022 09:22:42 GMT
server
nginx
etag
W/"6375fd62-2c101"
x-cached-since
2022-11-20T00:14:30+00:00
content-type
application/javascript
cache-control
max-age=600
cache
HIT
expires
Thu, 17 Nov 2022 09:34:09 GMT
hotjar-1437498.js
static.hotjar.com/c/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-1437498.js?sv=6
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-53.fra56.r.cloudfront.net
Software
/
Resource Hash
78644c31284bdee663418e2ca2e704cd7cc4d4a76eda0909fe178b7ecdb020f0
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Sun, 20 Nov 2022 00:22:15 GMT
via
1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
1
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
etag
W/617174cdc33c3327a19c9fcd8bb1edb6
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
x-amz-cf-id
v0n7U1m96Lct_aV4DNcZICkG-CL4Cyr9-cWdQaDKOo5kJ29SMZOCMA==
1plus1_2020-Bold.woff2
1plus1.ua/build/fonts/ 		40 KB
40 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://1plus1.ua/build/fonts/1plus1_2020-Bold.woff2?162ea61293c1251c9d38ebfbb41955e8
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/build/css/desktop.css?id=c39a6fec71f6f36b6aef
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
195.137.240.80 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
front02.1plus1.ua
Software
nginx /
Resource Hash
f7d679ac3eacbeb4ab5801b3f1dd63d710fad1c3d44440be04f102adb53a6bcb

Request headers

Referer
https://1plus1.ua/build/css/desktop.css?id=c39a6fec71f6f36b6aef
Origin
https://1plus1.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 20 Nov 2022 00:22:14 GMT
Last-Modified
Tue, 12 Oct 2021 22:31:59 GMT
Server
nginx
Content-Type
font/woff2
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
40500
Expires
Sun, 27 Nov 2022 00:22:14 GMT
1plus1_2020-Regular.woff2
1plus1.ua/build/fonts/ 		38 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://1plus1.ua/build/fonts/1plus1_2020-Regular.woff2?90bfe5ae3558a09fc8e59e35be273ed8
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/build/css/desktop.css?id=c39a6fec71f6f36b6aef
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
195.137.240.80 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
front02.1plus1.ua
Software
nginx /
Resource Hash
fa1e91b87103157f908a9ee3b3c0eab74ab3c71026f7538071c715a009f73b7a

Request headers

Referer
https://1plus1.ua/build/css/desktop.css?id=c39a6fec71f6f36b6aef
Origin
https://1plus1.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 20 Nov 2022 00:22:14 GMT
Last-Modified
Tue, 12 Oct 2021 22:31:59 GMT
Server
nginx
Content-Type
font/woff2
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
39364
Expires
Sun, 27 Nov 2022 00:22:14 GMT
dancingStars__slide.jpg
1plus1.ua/build/images/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1plus1.ua/build/images/dancingStars__slide.jpg?c8c69a3b3ba47ad12f574e642cd8ff97
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/build/css/desktop.css?id=c39a6fec71f6f36b6aef
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
195.137.240.80 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
front02.1plus1.ua
Software
nginx /
Resource Hash
77639b450a3179e657341017374b6b46eaa79cf1e02cd816c53feb97db03bf6c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.ua/build/css/desktop.css?id=c39a6fec71f6f36b6aef
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 20 Nov 2022 00:22:15 GMT
Last-Modified
Tue, 09 Nov 2021 09:53:25 GMT
Server
nginx
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
34003
Expires
Sun, 27 Nov 2022 00:22:15 GMT
1plus1_2020-RegularOblique.woff2
1plus1.ua/build/fonts/ 		43 KB
43 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://1plus1.ua/build/fonts/1plus1_2020-RegularOblique.woff2?c64da9994c0baf83a13910fe8cea8652
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/build/css/desktop.css?id=c39a6fec71f6f36b6aef
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
195.137.240.80 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
front02.1plus1.ua
Software
nginx /
Resource Hash
67318e1c9ea0047b035276d21690ea657f781686c5fb857f4f80ba1084ea3671

Request headers

Referer
https://1plus1.ua/build/css/desktop.css?id=c39a6fec71f6f36b6aef
Origin
https://1plus1.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 20 Nov 2022 00:22:15 GMT
Last-Modified
Tue, 12 Oct 2021 22:31:59 GMT
Server
nginx
Content-Type
font/woff2
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
43528
Expires
Sun, 27 Nov 2022 00:22:15 GMT
1plus1_2020-Black.woff2
1plus1.ua/build/fonts/ 		38 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://1plus1.ua/build/fonts/1plus1_2020-Black.woff2?7d9bb787c86f7fe8b7258cdeee70c3bd
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/build/css/desktop.css?id=c39a6fec71f6f36b6aef
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
195.137.240.80 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
front02.1plus1.ua
Software
nginx /
Resource Hash
fb28e529eb48422c4f3150357d137cfa2fba6055291e5e75ad8239da66074888

Request headers

Referer
https://1plus1.ua/build/css/desktop.css?id=c39a6fec71f6f36b6aef
Origin
https://1plus1.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 20 Nov 2022 00:22:15 GMT
Last-Modified
Tue, 12 Oct 2021 22:31:59 GMT
Server
nginx
Content-Type
font/woff2
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
38848
Expires
Sun, 27 Nov 2022 00:22:15 GMT
1plus1_2020-Light.woff2
1plus1.ua/build/fonts/ 		40 KB
40 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://1plus1.ua/build/fonts/1plus1_2020-Light.woff2?cfb0332de68c76eefb11f8e7b649bf5b
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/build/css/desktop.css?id=c39a6fec71f6f36b6aef
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
195.137.240.80 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
front02.1plus1.ua
Software
nginx /
Resource Hash
ff3ae49d160812d67552eddd8cde0a5b4bae37c20ebdcf47784a74f6f23be809

Request headers

Referer
https://1plus1.ua/build/css/desktop.css?id=c39a6fec71f6f36b6aef
Origin
https://1plus1.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 20 Nov 2022 00:22:15 GMT
Last-Modified
Tue, 12 Oct 2021 22:31:59 GMT
Server
nginx
Content-Type
font/woff2
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
40576
Expires
Sun, 27 Nov 2022 00:22:15 GMT
8a334a4e05e65169a74577ee321ea02e_770x420.jpg
images.1plus1.ua/uploads/articles/001/171/792/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.1plus1.ua/uploads/articles/001/171/792/8a334a4e05e65169a74577ee321ea02e_770x420.jpg?v=1668782518
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
images.1plus1.ua
Software
nginx /
Resource Hash
49fe0811375c5c80bf4b60765f8675533efe054945a25a222f16d2fdbef294d8

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:15 GMT
last-modified
Fri, 18 Nov 2022 14:42:00 GMT
server
nginx
etag
"c8654f335f3aff72811d5ed9d58dbca1"
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
45016
x-1p1-cdn
HIT; Sun, 20 Nov 2022 00:11:22 GMT
expires
Thu, 31 Dec 2037 23:55:55 GMT
e26d8ed33cb4dac37f9a46f8f50a39fa_490x1050.jpg
images.1plus1.ua/uploads/articles/000/757/480/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.1plus1.ua/uploads/articles/000/757/480/e26d8ed33cb4dac37f9a46f8f50a39fa_490x1050.jpg?v=1637328484
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
images.1plus1.ua
Software
nginx /
Resource Hash
746826c1aee497891f41c97911faf8c7ec3801715445c96059368486f0b65e54

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:15 GMT
last-modified
Fri, 19 Nov 2021 13:28:05 GMT
server
nginx
etag
"aa21ae9cd012345a860740ee19e488c8"
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
43103
x-1p1-cdn
MISS; Sun, 20 Nov 2022 00:22:15 GMT
expires
Thu, 31 Dec 2037 23:55:55 GMT
21ed0c0ff27bb8b4edbaa716078c9e01_770x420.jpg
images.1plus1.ua/uploads/articles/001/170/091/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.1plus1.ua/uploads/articles/001/170/091/21ed0c0ff27bb8b4edbaa716078c9e01_770x420.jpg?v=1668694093
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
images.1plus1.ua
Software
nginx /
Resource Hash
7cd827fb92bcd9fc2feb1ea3aae9b3b7887a24f66ec46930f8f6c90afd2609e3

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:15 GMT
last-modified
Thu, 17 Nov 2022 14:12:09 GMT
server
nginx
etag
"c054fccc053b88904810070fb2e04f71"
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
29132
x-1p1-cdn
MISS; Sun, 20 Nov 2022 00:22:15 GMT
expires
Thu, 31 Dec 2037 23:55:55 GMT
41c09b2152990fdd3125f7178b81647d_770x420.png
images.1plus1.ua/uploads/articles/001/167/436/ 		454 KB
455 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.1plus1.ua/uploads/articles/001/167/436/41c09b2152990fdd3125f7178b81647d_770x420.png?v=1668512515
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
images.1plus1.ua
Software
nginx /
Resource Hash
73249429a1a85bf4f411248739f96010d3ec42e832062424c50a743ba0114bbf

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:15 GMT
last-modified
Tue, 15 Nov 2022 11:41:56 GMT
server
nginx
etag
"9049413f9cb4a13f1e99c1586bf5f3e6"
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
content-length
465181
x-1p1-cdn
HIT; Sun, 20 Nov 2022 00:11:22 GMT
expires
Thu, 31 Dec 2037 23:55:55 GMT
2a9b9ae8c1874a906d0bcb255fa74b7b_490x1050.jpg
images.1plus1.ua/uploads/articles/000/963/235/ 		66 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.1plus1.ua/uploads/articles/000/963/235/2a9b9ae8c1874a906d0bcb255fa74b7b_490x1050.jpg?v=1652181813
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
images.1plus1.ua
Software
nginx /
Resource Hash
5a4bf6765c70fc79d4a77d75bbd839f0054209a82412b838a05b070141ef0889

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:15 GMT
last-modified
Tue, 10 May 2022 11:23:34 GMT
server
nginx
etag
"fc7e2658bd1f9868a872f0295e5ecce9"
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
67985
x-1p1-cdn
MISS; Sun, 20 Nov 2022 00:22:15 GMT
expires
Thu, 31 Dec 2037 23:55:55 GMT
b634e95cb4e072767b2c9faaa2728477_350x350.jpg
images.1plus1.ua/uploads/articles/000/859/720/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.1plus1.ua/uploads/articles/000/859/720/b634e95cb4e072767b2c9faaa2728477_350x350.jpg?v=1645456207
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
images.1plus1.ua
Software
nginx /
Resource Hash
8a224f5666106a0d1c78951d4dfb964ab63183d044119a68404f7c01c19f951d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:15 GMT
last-modified
Mon, 21 Feb 2022 15:10:07 GMT
server
nginx
etag
"b9d33f76e570821d980e3a7595b7f15a"
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
13745
x-1p1-cdn
MISS; Sun, 20 Nov 2022 00:22:15 GMT
expires
Thu, 31 Dec 2037 23:55:55 GMT
3ef0edcf9a05d7422edf32bfc5510bc4_350x350.jpg
images.1plus1.ua/uploads/articles/000/841/054/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.1plus1.ua/uploads/articles/000/841/054/3ef0edcf9a05d7422edf32bfc5510bc4_350x350.jpg?v=1644229512
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
images.1plus1.ua
Software
nginx /
Resource Hash
f1f3fd397b3a2fe331f7c691c53f0b577d2cbd2398b84e4c3fc8fcb653570a2a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:15 GMT
last-modified
Mon, 07 Feb 2022 10:25:12 GMT
server
nginx
etag
"1e490b3e02de4533a0e0d3577347d4e7"
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
13088
x-1p1-cdn
MISS; Sun, 20 Nov 2022 00:22:15 GMT
expires
Thu, 31 Dec 2037 23:55:55 GMT
96fb4455b12c0e0bfb8c5cee42aea643_350x350.jpg
images.1plus1.ua/uploads/articles/000/841/327/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.1plus1.ua/uploads/articles/000/841/327/96fb4455b12c0e0bfb8c5cee42aea643_350x350.jpg?v=1644239449
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
images.1plus1.ua
Software
nginx /
Resource Hash
ce7c4b304c61ab6f6bc5bc4d333177a66061d1b84c6ee3b0b322ec360f65dcc4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:15 GMT
last-modified
Mon, 07 Feb 2022 13:10:49 GMT
server
nginx
etag
"3b63edeebc085c7329eb132a56399239"
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
25029
x-1p1-cdn
MISS; Sun, 20 Nov 2022 00:22:15 GMT
expires
Thu, 31 Dec 2037 23:55:55 GMT
d1734693cb79dbe3fefcf84fba0c63f0_350x350.jpg
images.1plus1.ua/uploads/articles/000/840/793/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.1plus1.ua/uploads/articles/000/840/793/d1734693cb79dbe3fefcf84fba0c63f0_350x350.jpg?v=1644225067
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
images.1plus1.ua
Software
nginx /
Resource Hash
16aec55d227d15b95ca9a2297e928565f7563468e81b0f92cfaff43c2aede381

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:15 GMT
last-modified
Mon, 07 Feb 2022 09:11:08 GMT
server
nginx
etag
"a679dc9f06348d06073cc07e617ecdc8"
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
29355
x-1p1-cdn
MISS; Sun, 20 Nov 2022 00:22:15 GMT
expires
Thu, 31 Dec 2037 23:55:55 GMT
10c087244f4c6e30bfb2f60aff192542_140x140.jpg
images.1plus1.ua/uploads/articles/000/861/010/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.1plus1.ua/uploads/articles/000/861/010/10c087244f4c6e30bfb2f60aff192542_140x140.jpg?v=1645539114
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
images.1plus1.ua
Software
nginx /
Resource Hash
d807c12f029f4df6967f2f082f63eee8013a45f2125c9201b368bb4bb37f9361

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:15 GMT
last-modified
Tue, 22 Feb 2022 14:11:56 GMT
server
nginx
etag
"f4a4cdc50a9738d9bf7bef45569acf60"
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
3652
x-1p1-cdn
MISS; Sun, 20 Nov 2022 00:22:15 GMT
expires
Thu, 31 Dec 2037 23:55:55 GMT
9da3f01e570b8a62d591bb08b3891fd5_140x140.png
images.1plus1.ua/uploads/articles/001/133/830/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.1plus1.ua/uploads/articles/001/133/830/9da3f01e570b8a62d591bb08b3891fd5_140x140.png?v=1666378682
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
images.1plus1.ua
Software
nginx /
Resource Hash
92041182fcc3c5360775d050db26696d325f66110658bcf563a4d1046ba0125f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:15 GMT
last-modified
Fri, 21 Oct 2022 18:58:02 GMT
server
nginx
etag
"464c857a9953e9f8e069a81472c26686"
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
content-length
24216
x-1p1-cdn
MISS; Sun, 20 Nov 2022 00:22:15 GMT
expires
Thu, 31 Dec 2037 23:55:55 GMT
3c1e1d9fce7e48a3524cbcf47dad1346_140x140.jpg
images.1plus1.ua/uploads/articles/001/097/878/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.1plus1.ua/uploads/articles/001/097/878/3c1e1d9fce7e48a3524cbcf47dad1346_140x140.jpg?v=1663315728
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
images.1plus1.ua
Software
nginx /
Resource Hash
47548feea43cf88831b574cabfc5b7df371388a1e78856f9fb7ed81de4676d22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:15 GMT
last-modified
Fri, 16 Sep 2022 08:08:48 GMT
server
nginx
etag
"b4913e8e033cc5b9ac53b225d1b3edba"
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
3766
x-1p1-cdn
MISS; Sun, 20 Nov 2022 00:22:15 GMT
expires
Thu, 31 Dec 2037 23:55:55 GMT
f8e670099b35be64983f9897f4e6bdb6_140x140.jpg
images.1plus1.ua/uploads/articles/001/037/671/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.1plus1.ua/uploads/articles/001/037/671/f8e670099b35be64983f9897f4e6bdb6_140x140.jpg?v=1657801679
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
images.1plus1.ua
Software
nginx /
Resource Hash
4596b3d166f6e8609c22c2c710e14944bf6dfdf65b6eb8f8e3106628d390385a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:15 GMT
last-modified
Thu, 14 Jul 2022 12:27:59 GMT
server
nginx
etag
"fa8d98c12377f81bc679bc80f4f69816"
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
4707
x-1p1-cdn
MISS; Sun, 20 Nov 2022 00:22:15 GMT
expires
Thu, 31 Dec 2037 23:55:55 GMT
e0986beb47e21ded981cc0f92685e782_140x140.jpg
images.1plus1.ua/uploads/articles/001/029/724/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.1plus1.ua/uploads/articles/001/029/724/e0986beb47e21ded981cc0f92685e782_140x140.jpg?v=1657181867
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
images.1plus1.ua
Software
nginx /
Resource Hash
3b0464081ea585a89a02303644ebb231f4cbf5ce95d349a3fcd277b15acbe9f6

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:15 GMT
last-modified
Thu, 07 Jul 2022 08:17:48 GMT
server
nginx
etag
"97395a5ea5b286a352afe6c2cef41eef"
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
5025
x-1p1-cdn
MISS; Sun, 20 Nov 2022 00:22:15 GMT
expires
Thu, 31 Dec 2037 23:55:55 GMT
92d3195f325a4d45ee303ab9d892d5b3.190x105.jpg
images.1plus1.video/card-5/E2fzXbha/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.1plus1.video/card-5/E2fzXbha/92d3195f325a4d45ee303ab9d892d5b3.190x105.jpg
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
images.1plus1.ua
Software
nginx /
Resource Hash
18490029527d0166564d08d77d15347f5c7604cb916606860eb0bf458565ba9f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:15 GMT
last-modified
Tue, 15 Jun 2021 14:24:39 GMT
server
nginx
etag
"a87fa4df91a2dc0e28d9c245f9b31a56"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
13066
x-1p1-cdn
BYPASS; Sun, 20 Nov 2022 00:22:15 GMT
expires
Sun, 27 Nov 2022 00:22:15 GMT
9fef5ac5c02b786d294d1ec518d81257.190x105.jpg
images.1plus1.video/card-5/IRHSLdka/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.1plus1.video/card-5/IRHSLdka/9fef5ac5c02b786d294d1ec518d81257.190x105.jpg
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
images.1plus1.ua
Software
nginx /
Resource Hash
8f9e71ad37578a2db5a8e702ba31316a65dc3f36b2883198adab4d8261631483

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:15 GMT
last-modified
Tue, 15 Jun 2021 14:24:45 GMT
server
nginx
etag
"2e74435d3edf5310a445de62177853fb"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
11649
x-1p1-cdn
BYPASS; Sun, 20 Nov 2022 00:22:15 GMT
expires
Sun, 27 Nov 2022 00:22:15 GMT
9a92952634e23723a23e420e15b6f09d.190x105.jpg
images.1plus1.video/card-5/NCkBenm2/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.1plus1.video/card-5/NCkBenm2/9a92952634e23723a23e420e15b6f09d.190x105.jpg
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
images.1plus1.ua
Software
nginx /
Resource Hash
0fc2fc5d88d357fa83957e664039e6a19588081e55a215d8d077eed82d43beba

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:15 GMT
last-modified
Tue, 01 Jun 2021 10:56:33 GMT
server
nginx
etag
"5df517d83b1757de3cf407fdcd55b5a0"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
9392
x-1p1-cdn
BYPASS; Sun, 20 Nov 2022 00:22:15 GMT
expires
Sun, 27 Nov 2022 00:22:15 GMT
9556af606060a6b58f92630ea068995e.190x105.jpg
images.1plus1.video/card-5/hu7lAxSR/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.1plus1.video/card-5/hu7lAxSR/9556af606060a6b58f92630ea068995e.190x105.jpg
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
images.1plus1.ua
Software
nginx /
Resource Hash
f98c3b183a8834fa2303d8c358f62cc42785540dec4bcca3bf682dcd893874bb

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:15 GMT
last-modified
Tue, 01 Jun 2021 10:56:41 GMT
server
nginx
etag
"7ea4a7d31c835975e1e8be8db6f4f88c"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
8104
x-1p1-cdn
BYPASS; Sun, 20 Nov 2022 00:22:15 GMT
expires
Sun, 27 Nov 2022 00:22:15 GMT
1eda3950d64f35c64203c53fd9a9a786.190x105.jpg
images.1plus1.video/card-5/lCJAkGEa/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.1plus1.video/card-5/lCJAkGEa/1eda3950d64f35c64203c53fd9a9a786.190x105.jpg
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
images.1plus1.ua
Software
nginx /
Resource Hash
851ab1d0997cc0dd8c000ccb7d04106aafa3d5586dd097a74a0805301b8ec95d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:15 GMT
last-modified
Tue, 01 Jun 2021 10:56:28 GMT
server
nginx
etag
"c134988e94035ff0ee6cd435dde2c1e3"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
10297
x-1p1-cdn
BYPASS; Sun, 20 Nov 2022 00:22:15 GMT
expires
Sun, 27 Nov 2022 00:22:15 GMT
E2fzXbha
1plus1.video/video/embed/ Frame FB8F 		11 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1plus1.video/video/embed/E2fzXbha?l=ua
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
front03.1plus1.ua
Software
nginx /
Resource Hash
b47424e5e00e72a9c771c8b5d01eb2a30f846c3b38b2613aab2692db3596a4b8

Request headers

Referer
https://1plus1.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Sun, 20 Nov 2022 00:22:15 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=15
Pragma
no-cache
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
48d74967a7fb54c2cf6df7b12a0eea49.190x105.jpg
images.1plus1.video/card-6/H2qwlKg2/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.1plus1.video/card-6/H2qwlKg2/48d74967a7fb54c2cf6df7b12a0eea49.190x105.jpg
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
images.1plus1.ua
Software
nginx /
Resource Hash
24e7aea27b4dff26bf745dbf3d8e68b4c27d0846008401b71796c2c2154a73bc

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:15 GMT
last-modified
Sun, 13 Nov 2022 22:09:28 GMT
server
nginx
etag
"676129690e350c99dd82262fd7a37475"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
12406
x-1p1-cdn
BYPASS; Sun, 20 Nov 2022 00:22:15 GMT
expires
Sun, 27 Nov 2022 00:22:15 GMT
bce09c7680e988dc8b9128d629f32bb7.190x105.jpg
images.1plus1.video/card-6/HaqwFoSa/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.1plus1.video/card-6/HaqwFoSa/bce09c7680e988dc8b9128d629f32bb7.190x105.jpg
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
images.1plus1.ua
Software
nginx /
Resource Hash
8fe0fdb2b9207a73e3ef2838107287c40fbe1257c485a07e7f9af8207c23ad24

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:15 GMT
last-modified
Sun, 06 Nov 2022 22:30:31 GMT
server
nginx
etag
"d7474b89ade683c29fcb70630ec3191f"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
12433
x-1p1-cdn
BYPASS; Sun, 20 Nov 2022 00:22:15 GMT
expires
Sun, 27 Nov 2022 00:22:15 GMT
9476628aa8f3aec77169149edb23192d.190x105.jpg
images.1plus1.video/card-6/oRGs5fDC/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.1plus1.video/card-6/oRGs5fDC/9476628aa8f3aec77169149edb23192d.190x105.jpg
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
images.1plus1.ua
Software
nginx /
Resource Hash
d6b49756d33011a4890d6987aa02c915e192b7b241627bb179fb38154aa6f963

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:15 GMT
last-modified
Sun, 30 Oct 2022 19:17:52 GMT
server
nginx
etag
"cbc9b8fe7616565197c3780b28c5ed67"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
12419
x-1p1-cdn
BYPASS; Sun, 20 Nov 2022 00:22:15 GMT
expires
Sun, 27 Nov 2022 00:22:15 GMT
6a42bf816f07e23224977bc63de9c2ae.190x105.jpg
images.1plus1.video/card-6/H2qwU8P2/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.1plus1.video/card-6/H2qwU8P2/6a42bf816f07e23224977bc63de9c2ae.190x105.jpg
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
images.1plus1.ua
Software
nginx /
Resource Hash
d6b49756d33011a4890d6987aa02c915e192b7b241627bb179fb38154aa6f963

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:15 GMT
last-modified
Sun, 23 Oct 2022 18:47:38 GMT
server
nginx
etag
"cbc9b8fe7616565197c3780b28c5ed67"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
12419
x-1p1-cdn
BYPASS; Sun, 20 Nov 2022 00:22:15 GMT
expires
Sun, 27 Nov 2022 00:22:15 GMT
29a1581579575c25a7e1bcd10bcee847.190x105.jpg
images.1plus1.video/card-6/qC0UAIp2/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.1plus1.video/card-6/qC0UAIp2/29a1581579575c25a7e1bcd10bcee847.190x105.jpg
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
images.1plus1.ua
Software
nginx /
Resource Hash
d6b49756d33011a4890d6987aa02c915e192b7b241627bb179fb38154aa6f963

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:15 GMT
last-modified
Sun, 16 Oct 2022 20:08:26 GMT
server
nginx
etag
"cbc9b8fe7616565197c3780b28c5ed67"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
12419
x-1p1-cdn
BYPASS; Sun, 20 Nov 2022 00:22:15 GMT
expires
Sun, 27 Nov 2022 00:22:15 GMT
52e43f15d2888e2bea1a412d1f3df3f4_755x500.jpg
images.1plus1.ua/uploads/gallery/000/861/427/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.1plus1.ua/uploads/gallery/000/861/427/52e43f15d2888e2bea1a412d1f3df3f4_755x500.jpg?v=1645557790
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
images.1plus1.ua
Software
nginx /
Resource Hash
1a1cbd003f02f0c1712e6de047260a8897034a6966acd5cccf3472fd1637ffb3

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:15 GMT
last-modified
Tue, 22 Feb 2022 19:23:10 GMT
server
nginx
etag
"83a5e65aa6e0b9abe0e1d35df7ad25b8"
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
35041
x-1p1-cdn
HIT; Sun, 20 Nov 2022 00:03:13 GMT
expires
Thu, 31 Dec 2037 23:55:55 GMT
240de918a00b0e609c0e7b5c81bbf561_755x500.jpg
images.1plus1.ua/uploads/gallery/001/079/440/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.1plus1.ua/uploads/gallery/001/079/440/240de918a00b0e609c0e7b5c81bbf561_755x500.jpg?v=1661864391
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
images.1plus1.ua
Software
nginx /
Resource Hash
cde44a1b2c04c5994bfc3e877d8ddc4ab44760347955af9c8fd370b10bea35a0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:15 GMT
last-modified
Wed, 24 Aug 2022 13:50:30 GMT
server
nginx
etag
"9744b481d651c3f3984cba0f7a3e6af8"
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
48053
x-1p1-cdn
HIT; Sun, 20 Nov 2022 00:03:13 GMT
expires
Thu, 31 Dec 2037 23:55:55 GMT
3b2dafe0170389d730ee64edf0bc44c0_755x500.png
images.1plus1.ua/uploads/gallery/001/079/449/ 		487 KB
487 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.1plus1.ua/uploads/gallery/001/079/449/3b2dafe0170389d730ee64edf0bc44c0_755x500.png?v=1661864454
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
images.1plus1.ua
Software
nginx /
Resource Hash
d3031ee72a364aeaffd991044ce55281db1a614ef5fb84ec49fa991e9b547ca8

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:15 GMT
last-modified
Wed, 24 Aug 2022 13:51:32 GMT
server
nginx
etag
"2b6d874276e6f9a3ad3348d97c110928"
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
content-length
498264
x-1p1-cdn
MISS; Sun, 20 Nov 2022 00:22:15 GMT
expires
Thu, 31 Dec 2037 23:55:55 GMT
8fbf1d1fdc445434595ab6c4eb997491_755x500.jpg
images.1plus1.ua/uploads/gallery/001/079/413/ 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.1plus1.ua/uploads/gallery/001/079/413/8fbf1d1fdc445434595ab6c4eb997491_755x500.jpg?v=1661864350
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
images.1plus1.ua
Software
nginx /
Resource Hash
bda7622ec772fb96ea5b3200a730601a3f51749850cf93d0030acaac24f7e729

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:15 GMT
last-modified
Wed, 24 Aug 2022 13:47:57 GMT
server
nginx
etag
"7ca762a988131f5bcbcf50a820b85dc4"
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
58142
x-1p1-cdn
MISS; Sun, 20 Nov 2022 00:22:15 GMT
expires
Thu, 31 Dec 2037 23:55:55 GMT
2cb1a102d69eac6570896b3c56145979_755x500.jpg
images.1plus1.ua/uploads/gallery/001/079/431/ 		40 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.1plus1.ua/uploads/gallery/001/079/431/2cb1a102d69eac6570896b3c56145979_755x500.jpg?v=1661864431
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
images.1plus1.ua
Software
nginx /
Resource Hash
70b59bb9497e5e0c1e576f5efc2048b1135d82312ac4a023b82f5d93d06a0451

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:15 GMT
last-modified
Wed, 24 Aug 2022 13:49:58 GMT
server
nginx
etag
"8a5cbe7c5cff07959609f169fdd6dfe6"
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
41463
x-1p1-cdn
MISS; Sun, 20 Nov 2022 00:22:15 GMT
expires
Thu, 31 Dec 2037 23:55:55 GMT
337329a5e3fec02712e8d60b21e1412b_755x500.jpg
images.1plus1.ua/uploads/gallery/000/860/641/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.1plus1.ua/uploads/gallery/000/860/641/337329a5e3fec02712e8d60b21e1412b_755x500.jpg?v=1645530002
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
images.1plus1.ua
Software
nginx /
Resource Hash
abee2ab95491ef1e29b65b7c025f035fc075327c87817750d1149ed782780477

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:15 GMT
last-modified
Tue, 22 Feb 2022 11:40:02 GMT
server
nginx
etag
"cde866112b4b81b54aa1bd45cc67011d"
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
30780
x-1p1-cdn
MISS; Sun, 20 Nov 2022 00:22:15 GMT
expires
Thu, 31 Dec 2037 23:55:55 GMT
28171d2034538ff08ebe1197f24baf19_755x500.jpg
images.1plus1.ua/uploads/gallery/001/084/672/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.1plus1.ua/uploads/gallery/001/084/672/28171d2034538ff08ebe1197f24baf19_755x500.jpg?v=1661866110
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
images.1plus1.ua
Software
nginx /
Resource Hash
cf78db9ae428d32c1d7f8704bd9f3a48d20f97cb961c4558fc124ca7c91730f9

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:15 GMT
last-modified
Tue, 30 Aug 2022 13:28:32 GMT
server
nginx
etag
"d9d3829ea7bc2f7aab70e5ad16f7984f"
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
27756
x-1p1-cdn
MISS; Sun, 20 Nov 2022 00:22:15 GMT
expires
Thu, 31 Dec 2037 23:55:55 GMT
6476cab202c46a67552db7f8e6293399_755x500.jpg
images.1plus1.ua/uploads/gallery/000/860/668/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.1plus1.ua/uploads/gallery/000/860/668/6476cab202c46a67552db7f8e6293399_755x500.jpg?v=1645530093
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
images.1plus1.ua
Software
nginx /
Resource Hash
bbb05b94711d32b94bf45db19a44a6f68bc361a1374016744bfd911dc43c4e3c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:15 GMT
last-modified
Tue, 22 Feb 2022 11:41:33 GMT
server
nginx
etag
"1aa71e70bddf3967c0297a3b71f6dbc7"
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
26725
x-1p1-cdn
MISS; Sun, 20 Nov 2022 00:22:15 GMT
expires
Thu, 31 Dec 2037 23:55:55 GMT
xgemius.js
gaua.hit.gemius.pl/ 		64 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gaua.hit.gemius.pl/xgemius.js
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.37.238.28 , Poland, ASN16276 (OVH, FR),
Reverse DNS
ip28.ip-54-37-238.eu
Software
GHC /
Resource Hash
d4d4b08095d094be00aaa090c9f065a48336005f6a028c2cb170c878d2932e6e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:15 GMT
content-encoding
gzip
last-modified
Thu, 10 Nov 2022 11:36:49 GMT
server
GHC
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
vary
Accept-Encoding,Origin
p3p
CP="NOI DSP COR NID PSAo OUR IND"
content-type
application/x-javascript
cache-control
max-age=43200
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
17204
expires
Sun, 20 Nov 2022 12:22:15 GMT
cm.js
source.mmi.bemobile.ua/cm/ 		52 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://source.mmi.bemobile.ua/cm/cm.js
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.247.175.23 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software
nginx/1.13.0 /
Resource Hash
5d1b56a762d63b6e9bfb8a70552ce75c1c3938c782f8d9de971ecc960836c451

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:15 GMT
content-encoding
gzip
last-modified
Wed, 06 Nov 2019 07:53:34 GMT
server
nginx/1.13.0
etag
W/"5dc27bfe-d0f6"
content-type
application/javascript; charset=utf-8
cache-control
no-cache
expires
Thu, 07 Nov 2019 07:53:34 GMT
pic.gif
pa.tns-ua.com/bug/ 		56 B
138 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pa.tns-ua.com/bug/pic.gif?siteid=1plus1.ua&j=1&nocache=0.9346855273775485
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.247.175.19 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software
nginx/1.13.0 /
Resource Hash
2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:15 GMT
cache-control
no-cache
server
nginx/1.13.0
expires
-1
sdk.js
connect.facebook.net/uk_UA/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/uk_UA/sdk.js
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1ab4a908fe3410ef7a0730208fc6bed17c25a62588fe9954525f3bf1f9e0fbed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 20 Nov 2022 00:22:15 GMT
content-md5
P9xN0gPH3Y2XwmMcGlW+IQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1686
x-fb-rlafr
0
x-fb-debug
EuoZ917KiVS8xgtR3la/jo56aY6zuE/bqtCOxvSoFkYA7Js75TnZDX6P/PgsOiuuHZAOuYWssx6f9cpNPKP8VQ==
x-fb-trip-id
686109401
x-fb-content-md5
15f68255fd940b667075b57cb62d66d5
cross-origin-opener-policy
same-origin-allow-popups
etag
"399e758bbc5c3139164f5f7392f64ee8"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
priority
u=3,i
expires
Sun, 20 Nov 2022 00:32:09 GMT
ovva.0.3.0.css
1plus1.video/static/player/css/ Frame FB8F 		171 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://1plus1.video/static/player/css/ovva.0.3.0.css?v=704f1bf8100dcad41f29c14adca06bf8df2c5c76
Requested by
Host: 1plus1.video
URL: https://1plus1.video/video/embed/E2fzXbha?l=ua
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
front03.1plus1.ua
Software
nginx /
Resource Hash
3dac64a94fcc4eae3c54f1f12824e9b82bebbec1acb3cb8b908f4ecc1f90e578

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.video/video/embed/E2fzXbha?l=ua
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 20 Nov 2022 00:22:15 GMT
Content-Encoding
gzip
Last-Modified
Mon, 29 Nov 2021 13:05:56 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
keep-alive
Keep-Alive
timeout=15
Expires
Tue, 20 Dec 2022 00:19:56 GMT
ovva.0.3.0.js
1plus1.video/static/player/js/ Frame FB8F 		198 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1plus1.video/static/player/js/ovva.0.3.0.js?v=704f1bf8100dcad41f29c14adca06bf8df2c5c76
Requested by
Host: 1plus1.video
URL: https://1plus1.video/video/embed/E2fzXbha?l=ua
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
front03.1plus1.ua
Software
nginx /
Resource Hash
517d4417f1918881abb8b87e7be918ca95b9eb50de3a5ef4a46e2e39626aba7b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.video/video/embed/E2fzXbha?l=ua
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 20 Nov 2022 00:22:15 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Jan 2022 10:03:07 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
keep-alive
Keep-Alive
timeout=15
Expires
Tue, 20 Dec 2022 00:20:17 GMT
js
www.googletagmanager.com/gtag/ Frame FB8F 		109 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-104502981-1
Requested by
Host: 1plus1.video
URL: https://1plus1.video/video/embed/E2fzXbha?l=ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5036dfdb2d6b9858b2ee97cca80b509bd1df0cab47f2755aed4ac1f8c4e59fa1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:15 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43607
x-xss-protection
0
last-modified
Sun, 20 Nov 2022 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 20 Nov 2022 00:22:15 GMT
hbw_master_298309_4139.js
player.adtelligent.com/prebidlink/19316/ 		129 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/prebidlink/19316/hbw_master_298309_4139.js
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebid/wrapper_hb_298309_4139.js?cb=19316
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx /
Resource Hash
6b822ac73356b73c74308043eeaf4678fd5e23fe896c6fea92e67c5a98030ebe

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires
Tue, 22 Nov 2022 00:22:15 GMT
date
Sun, 20 Nov 2022 00:22:15 GMT
content-encoding
gzip
last-modified
Thu, 17 Nov 2022 15:56:06 GMT
server
nginx
etag
W/"63765996-20442"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=172800
x-proxy-cache
HIT
hb_298309_4139.js
player.adtelligent.com/prebidlink/19316/ 		352 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/prebidlink/19316/hb_298309_4139.js
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebid/wrapper_hb_298309_4139.js?cb=19316
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx /
Resource Hash
866c1245aa992a1f895635f3205d94b8ac5489d00d5cff179a028818ea9a9422

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires
Tue, 22 Nov 2022 00:22:15 GMT
date
Sun, 20 Nov 2022 00:22:15 GMT
content-encoding
gzip
last-modified
Mon, 31 Oct 2022 12:05:27 GMT
server
nginx
etag
W/"635fba07-580bf"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=172800
x-proxy-cache
HIT
gpt.js
www.googletagservices.com/tag/js/ 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f43973ee0ee121287cca23c16a48de9fce9a5701eaa6724be93d702654a9677f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27247
x-xss-protection
0
server
sffe
etag
"1397 / 192 of 1000 / last-modified: 1668812924"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 20 Nov 2022 00:22:15 GMT
modules.55241fd65a1af5a1837b.js
script.hotjar.com/ 		262 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.55241fd65a1af5a1837b.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1437498.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-122.fra56.r.cloudfront.net
Software
/
Resource Hash
abcc01ec7f27663d20ef3186dd63224980fb38ba81a9451d9eccfa597f1dd9d7
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 11:06:06 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 c813ed55721b9ee3209e2abab7207a00.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P4
age
220569
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
68617
last-modified
Thu, 17 Nov 2022 11:05:52 GMT
etag
"5f82b1a8e62b6a241154cb066c4d1ad8"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
6tdEjCi9Hy1RAUrB6H0lUOy9eAz0zFy_1njqybnI6FbKGiXoq5Q0Zw==
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/ 		354 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7632246187727089&plah=1plus1.ua&bust=31070969
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7632246187727089
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e4a4326209997a077d9078967eb02c86ac6dd7780d0871ae7739c5e49f21526f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:15 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119174
x-xss-protection
0
server
cafe
etag
7046955651309407837
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 20 Nov 2022 00:22:15 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/ Frame 1929 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7632246187727089
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1plus1.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
44977
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 19 Nov 2022 11:52:38 GMT
etag
10353107486223812946
expires
Sat, 03 Dec 2022 11:52:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
c.html
cdn.admixer.net/scripts3/51428/ Frame 0161 		738 B
519 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/51428/c.html?b=51428
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer
https://1plus1.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache
HIT
cache-control
max-age=31622400
content-encoding
gzip
content-type
text/html
date
Sun, 20 Nov 2022 00:22:15 GMT
etag
W/"6375fd72-2e2"
expires
Sun, 19 Nov 2023 03:55:11 GMT
last-modified
Thu, 17 Nov 2022 09:22:58 GMT
server
nginx
vary
Accept-Encoding
x-cached-since
2022-11-18T03:55:11+00:00
x-id
fr5-up-gc34
a21031c0f6a0994b3314.b.js
cdn.admixer.net/scripts3/51428/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/51428/a21031c0f6a0994b3314.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
680f6e9a0e9f9d8c145e11d6937f688ff4299215d44bf0a54368ffc6acdbfc51

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc34
date
Sun, 20 Nov 2022 00:22:15 GMT
content-encoding
gzip
last-modified
Thu, 17 Nov 2022 09:22:56 GMT
server
nginx
etag
W/"6375fd70-5d41"
vary
Accept-Encoding
x-cached-since
2022-11-18T03:55:11+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Sun, 19 Nov 2023 03:55:11 GMT
0a75d04ce9f53a1a35b6.b.js
cdn.admixer.net/scripts3/51428/ 		75 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/51428/0a75d04ce9f53a1a35b6.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
ecd2e45fcd6ed0f17eaefccd72cdb8253be8673636adcbf3f8902aeeed654fe2

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc34
date
Sun, 20 Nov 2022 00:22:15 GMT
content-encoding
gzip
last-modified
Thu, 17 Nov 2022 09:22:47 GMT
server
nginx
etag
W/"6375fd67-12c39"
vary
Accept-Encoding
x-cached-since
2022-11-18T03:55:11+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Sun, 19 Nov 2023 03:55:11 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PWKM5Z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 19 Nov 2022 23:24:49 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
3446
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Sun, 20 Nov 2022 01:24:49 GMT
api.auth.0.0.5.js
api.1plus1.video/static/js/ 		108 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.1plus1.video/static/js/api.auth.0.0.5.js?v=704f1bf8100dcad41f29c14adca06bf8df2c5c76
Requested by
Host: api.1plus1.video
URL: https://api.1plus1.video/u/l.js?p=&l=ua&f=0&auth=1&login_profile=1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
195.137.240.88 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
front02.1plus1.ua
Software
nginx /
Resource Hash
792972a6b7f330144c0cf22b9c63f8efaff4665dfb2b43868d0cbbaff721d100

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 20 Nov 2022 00:22:15 GMT
Content-Encoding
gzip
Last-Modified
Wed, 13 Apr 2022 11:59:04 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
keep-alive
Keep-Alive
timeout=15
Expires
Tue, 20 Dec 2022 00:17:24 GMT
/
ghb.adtelligent.com/geo/ 		135 B
400 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/geo/
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19316/hbw_master_298309_4139.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
cc64d1756f7ea9bbd51bb9a79776949b84d251159bea5c0a4fc9f5f037925eb4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 20 Nov 2022 00:22:15 GMT
Server
Adtelligent
Content-Type
application/json
Access-Control-Allow-Origin
https://1plus1.ua
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
135
tracking
ghb.adtelligent.com/adunit/ 		43 B
426 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/adunit/tracking?event=11&type=0&client_id=298309&site_id=4139&full_page_url=https%3A%2F%2F1plus1.ua%2F&adid=om6zo5.90&features=147488&vpbv=F097&tte=162&lifecycle_tte=1810
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19316/hbw_master_298309_4139.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 20 Nov 2022 00:22:15 GMT
Server
Adtelligent
Content-Type
image/gif
Access-Control-Allow-Origin
https://1plus1.ua
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
43
piwik.php
assay.1plus1.ua/ 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assay.1plus1.ua/piwik.php?action_name=%D0%9E%D1%84%D1%96%D1%86%D1%96%D0%B9%D0%BD%D0%B8%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%D1%83%201%2B1&idsite=2&rec=1&r=052063&h=0&m=22&s=15&url=https%3A%2F%2F1plus1.ua%2F&_id=abe5a0e2269c9d02&_idts=1668903735&_idvc=1&_idn=0&_refts=0&_viewts=1668903735&send_image=1&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&gt_ms=707
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
195.137.240.12 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
assay.1plus1.ua
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:15 GMT
content-encoding
none
server
nginx
content-length
43
x-frame-options
SAMEORIGIN
content-type
image/gif
box-c6ca1c87e308a39aabb76b56ba54398b.html
vars.hotjar.com/ Frame 8BCD 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-c6ca1c87e308a39aabb76b56ba54398b.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1437498.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-62.fra60.r.cloudfront.net
Software
/
Resource Hash
a0084043f26a51ea743463b4a653e4850cbaae0868832e4471a199f753fc6b27
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://1plus1.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
1339209
cache-control
max-age=31536000
content-encoding
br
content-length
1035
content-type
text/html
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 04 Nov 2022 12:22:06 GMT
etag
"b6d25d1350d6a014d80689f389e76f97"
last-modified
Fri, 04 Nov 2022 12:21:18 GMT
strict-transport-security
max-age=2592000; includeSubDomains
vary
Accept-Encoding
via
1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
x-amz-cf-id
LH86HHCPSJYhOUl2psZVe60rRwdVg2J5fLtyrNNWVFVbe3OCqMYHcA==
x-amz-cf-pop
FRA60-P4
x-cache
Hit from cloudfront
x-robots-tag
none
cookie.js
partner.googleadservices.com/gampad/ 		385 B
694 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=1plus1.ua&callback=_gfp_s_&client=ca-pub-7632246187727089&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7632246187727089&plah=1plus1.ua&bust=31070969
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c27927ccbd4782d0639db8558771e2ebe32cf0c895d2b2c55272f9c350f8fe9d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
250
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=1plus1.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7632246187727089&plah=1plus1.ua&bust=31070969
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=1plus1.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7632246187727089&plah=1plus1.ua&bust=31070969
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2F1plus1.ua%2F&tn=DIV&cls=cookies%20open&ign=false&pw=1600&ph=1200&x=1575&y=1175
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 20 Nov 2022 00:22:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2F1plus1.ua%2F&tn=HEADER&cls=header&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 20 Nov 2022 00:22:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame C98A 		603 B
68 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7632246187727089&output=html&adk=1812271804&adf=3025194257&lmt=1668903735&plat=1%3A16777216%2C2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2F1plus1.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668903735223&bpp=3&bdt=643&idt=216&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7734101080132&frm=20&pv=2&ga_vid=1276797235.1668903735&ga_sid=1668903735&ga_hid=288471120&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C31070969%2C44774292&oid=2&pvsid=1366485123648970&tmod=1100233364&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=236
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7632246187727089&plah=1plus1.ua&bust=31070969
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1plus1.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 20 Nov 2022 00:22:15 GMT
expires
Sun, 20 Nov 2022 00:22:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
csyncs
ghb.adtelligent.com/ 		728 B
675 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/csyncs?aid1=437381&aid2=638043
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19316/hbw_master_298309_4139.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
f55b032b8ee2ad5218d33664d54f4a90f610a860add5e3c2d66ab33327d742ed

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 20 Nov 2022 00:22:15 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://1plus1.ua
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
371
981e2a0ec1c40493e59b139b8db4f728.gif
cs.admanmedia.com/ Frame 4151 		0
0
getuid
eb2.3lift.com/ Frame FF0E 		37 B
140 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D738167%26extuid%3D%24UID
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19316/hbw_master_298309_4139.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://1plus1.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Sun, 20 Nov 2022 00:22:15 GMT
csync
sync.adtelligent.com/
Redirect Chain
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D
  • https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=29e3d03a-c0f6-4fe2-a898-4f4d49ad0ad5
0
404 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=29e3d03a-c0f6-4fe2-a898-4f4d49ad0ad5
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
HTTP/1.1
Server
62.149.1.122 Vyshhorod, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 20 Nov 2022 00:22:16 GMT
Server
Adtelligent
Etag
b3e2a9abbd902b94
Content-Length
0

Redirect headers

location
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=29e3d03a-c0f6-4fe2-a898-4f4d49ad0ad5
date
Sun, 20 Nov 2022 00:22:15 GMT
cache-control
no-store no-transform
server
nginx
content-length
166
content-type
text/html; charset=utf-8
pixel
ap.lijit.com/ 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 20 Nov 2022 00:22:15 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
l.js
api.1plus1.video/u/ Frame FB8F 		898 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.1plus1.video/u/l.js?p=128902&l=ua&f=0&auth=1&login_profile=1&_t=1668903735561
Requested by
Host: 1plus1.video
URL: https://1plus1.video/video/embed/E2fzXbha?l=ua
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
195.137.240.88 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
front02.1plus1.ua
Software
nginx /
Resource Hash
e2a379ae26a35fcf0f8296c2275d1f2acc2b1c7fb332aa76c63d3dd2610c377f

Request headers

Referer
https://1plus1.video/
Origin
https://1plus1.video
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 20 Nov 2022 00:22:15 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
https://1plus1.video
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=15
Expires
Thu, 19 Nov 1981 08:52:00 GMT
gtm.js
www.googletagmanager.com/ Frame FB8F 		134 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WPC3Q76
Requested by
Host: 1plus1.video
URL: https://1plus1.video/video/embed/E2fzXbha?l=ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c0d7a97d94e770cec887b011b68d5f95d6363699ab8bea8e68276187b90dfd68
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:15 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51061
x-xss-protection
0
last-modified
Sun, 20 Nov 2022 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 20 Nov 2022 00:22:15 GMT
analytics.js
www.google-analytics.com/ Frame FB8F 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-104502981-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 19 Nov 2022 23:24:49 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
3446
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Sun, 20 Nov 2022 01:24:49 GMT
fpdata.js
gaua.hit.gemius.pl/ 		278 B
393 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gaua.hit.gemius.pl/fpdata.js?href=1plus1.ua
Requested by
Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.37.238.28 , Poland, ASN16276 (OVH, FR),
Reverse DNS
ip28.ip-54-37-238.eu
Software
GHC /
Resource Hash
ecef8738146c1d83c54e73d8c5fc78755c456b5831d75c61de62243901e784aa

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:15 GMT
last-modified
Mon, 16 Jul 2012 10:03:40 GMT
server
GHC
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag
PRIVATE7520710249
p3p
CP="NOI DSP COR NID PSAo OUR IND"
content-type
application/x-javascript
cache-control
private, max-age=2592000
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
278
expires
Tue, 20 Dec 2022 00:22:15 GMT
lsget.html
ls.hit.gemius.pl/ Frame 686D 		5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ls.hit.gemius.pl/lsget.html
Requested by
Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
145.239.237.56 , France, ASN16276 (OVH, FR),
Reverse DNS
ip56.ip-145-239-237.eu
Software
GHC /
Resource Hash
7c1f787485bbee4a1a85920ce5f22fbe6f91937861a95d1caa0f4a6bc014098d

Request headers

Referer
https://1plus1.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
accept-ranges
none
cache-control
private, max-age=2592000
content-encoding
gzip
content-length
2718
content-type
text/html;charset=utf-8
cross-origin-resource-policy
cross-origin
date
Sun, 20 Nov 2022 00:22:15 GMT
etag
PRIVATE7520710249
expires
Tue, 20 Dec 2022 00:22:15 GMT
last-modified
Mon, 16 Jul 2012 10:03:40 GMT
p3p
CP="NOI DSP COR NID PSAo OUR IND"
server
GHC
vary
Accept-Encoding,Origin,User-Agent
api.auth.0.0.5.js
api.1plus1.video/static/js/ Frame FB8F 		108 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.1plus1.video/static/js/api.auth.0.0.5.js?v=704f1bf8100dcad41f29c14adca06bf8df2c5c76
Requested by
Host: api.1plus1.video
URL: https://api.1plus1.video/u/l.js?p=128902&l=ua&f=0&auth=1&login_profile=1&_t=1668903735561
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
195.137.240.88 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
front02.1plus1.ua
Software
nginx /
Resource Hash
792972a6b7f330144c0cf22b9c63f8efaff4665dfb2b43868d0cbbaff721d100

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 20 Nov 2022 00:22:15 GMT
Content-Encoding
gzip
Last-Modified
Wed, 13 Apr 2022 11:59:04 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
keep-alive
Keep-Alive
timeout=15
Expires
Tue, 20 Dec 2022 00:17:24 GMT
cds.js
pa.tns-ua.com/viewability/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pa.tns-ua.com/viewability/cds.js
Requested by
Host: source.mmi.bemobile.ua
URL: https://source.mmi.bemobile.ua/cm/cm.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.247.175.19 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software
nginx/1.13.0 /
Resource Hash
9cfc3a96cab0eb315783265b6db554e532e060952d409399cc7dd1d7e775b9a3

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:15 GMT
last-modified
Fri, 25 May 2018 10:26:40 GMT
server
nginx/1.13.0
accept-ranges
bytes
etag
"5b07e4e0-9c3"
content-length
2499
content-type
application/javascript; charset=utf-8
sdk.js
connect.facebook.net/uk_UA/ 		306 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/uk_UA/sdk.js?hash=3501a0c8a0b612c8f61e5a8bb20b7a7e
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/uk_UA/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
228fe296fd9a33c4839c94324a40df977a3c05e350168fe78273842992fd2ec8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://1plus1.ua/
Origin
https://1plus1.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 20 Nov 2022 00:22:15 GMT
content-md5
B5iNvy2OZ7sme1Er4ZXxeA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88529
x-fb-rlafr
0
x-fb-debug
jwjTORVF2ag7CJOCChyWYx4k388njHN2DAgtaZg0kXa6c/fj6sxcfjuEa08ObU9MSYioG42yTi/eW61rUaLlGg==
x-fb-content-md5
be641b78914de51d98e92fbf8cc6d908
cross-origin-opener-policy
same-origin-allow-popups
etag
"6b44b5d869e8f295028445c463698843"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sun, 19 Nov 2023 23:43:42 GMT
pubads_impl_2022111501.js
securepubads.g.doubleclick.net/gpt/ 		381 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 09:58:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
51830
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132177
x-xss-protection
0
last-modified
Tue, 15 Nov 2022 09:35:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 19 Nov 2023 09:58:25 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		157 B
443 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=1plus1.ua
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3ab326af9dc6c82a2117248f99b169c68e64ef429ca3cfb75ddf9aa81e07c3a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:15 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
90
x-xss-protection
0
expires
Sun, 20 Nov 2022 00:22:15 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=288471120&t=pageview&_s=1&dl=https%3A%2F%2F1plus1.ua%2F&ul=en-us&de=UTF-8&dt=%D0%9E%D1%84%D1%96%D1%86%D1%96%D0%B9%D0%BD%D0%B8%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%D1%83%201%2B1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAEABAAAAACAAI~&jid=846066242&gjid=1493475265&cid=1276797235.1668903735&tid=UA-22507043-9&_gid=73663421.1668903736&_r=1&gtm=2wgb90PWKM5Z&z=1296495270
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://1plus1.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 20 Nov 2022 00:22:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://1plus1.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=288471120&t=pageview&_s=1&dl=https%3A%2F%2F1plus1.ua%2F&ul=en-us&de=UTF-8&dt=%D0%9E%D1%84%D1%96%D1%86%D1%96%D0%B9%D0%BD%D0%B8%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%D1%83%201%2B1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAjAAEABAAAAACAAI~&jid=1278900477&gjid=835560858&cid=1276797235.1668903735&tid=UA-113262294-1&_gid=73663421.1668903736&_r=1&gtm=2wgb90PWKM5Z&z=1408679259
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://1plus1.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 20 Nov 2022 00:22:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://1plus1.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
rexdot.js
gaua.hit.gemius.pl/__/_1668903735950/
Redirect Chain
  • https://gaua.hit.gemius.pl/_1668903735950/rexdot.js?l=100&sendf=8&id=AjrqKCOxP8PKBji0fzFPYcU1XmENAbtLwaFZEcN9oWn.27&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2F1pl...
  • https://gaua.hit.gemius.pl/__/_1668903735950/rexdot.js?l=100&sendf=8&id=AjrqKCOxP8PKBji0fzFPYcU1XmENAbtLwaFZEcN9oWn.27&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2F...
169 B
474 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gaua.hit.gemius.pl/__/_1668903735950/rexdot.js?l=100&sendf=8&id=AjrqKCOxP8PKBji0fzFPYcU1XmENAbtLwaFZEcN9oWn.27&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2F1plus1.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=5ycarj4KVytOpcd42Rvndpa7jbyPR5Or1ZUMYyO83nL.u7GB9U2jn6CA3.f.2TEn6VRFSExvVEwa6lDTl.WjJK1rSNAS/OBpTfY5LG7_Zx/&fpdata=-TURNEDOFF&ltime=373&inner=_ver%3D331%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=63797337225f64eb
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
H2
Server
54.37.238.28 , Poland, ASN16276 (OVH, FR),
Reverse DNS
ip28.ip-54-37-238.eu
Software
GHC /
Resource Hash
8c4db221b86d2f5e75561da9b3b465c3a524af40b9c7c8d98049576724c2400d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 20 Nov 2022 00:22:16 GMT
server
GHC
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
CP="NOI DSP COR NID PSAo OUR IND"
content-type
application/x-javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
169
expires
Sat, 19 Nov 2022 00:22:16 GMT

Redirect headers

pragma
no-cache
date
Sun, 20 Nov 2022 00:22:15 GMT
server
GHC
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
CP="NOI DSP COR NID PSAo OUR IND"
location
/__/_1668903735950/rexdot.js?l=100&sendf=8&id=AjrqKCOxP8PKBji0fzFPYcU1XmENAbtLwaFZEcN9oWn.27&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2F1plus1.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=5ycarj4KVytOpcd42Rvndpa7jbyPR5Or1ZUMYyO83nL.u7GB9U2jn6CA3.f.2TEn6VRFSExvVEwa6lDTl.WjJK1rSNAS/OBpTfY5LG7_Zx/&fpdata=-TURNEDOFF&ltime=373&inner=_ver%3D331%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=63797337225f64eb
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
0
expires
Sat, 19 Nov 2022 00:22:15 GMT
cm.html
pa.tns-ua.com/viewability/ Frame 5EDF 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pa.tns-ua.com/viewability/cm.html
Requested by
Host: pa.tns-ua.com
URL: https://pa.tns-ua.com/viewability/cds.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.247.175.19 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software
nginx/1.13.0 /
Resource Hash
9b99450717649bd5715ae5cba0e064d8cc879abe705815792d66097163cfb576

Request headers

Referer
https://1plus1.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sun, 20 Nov 2022 00:22:16 GMT
etag
W/"5b2ccc0c-b5f"
last-modified
Fri, 22 Jun 2018 10:14:36 GMT
server
nginx/1.13.0
api.auth.css
api.1plus1.video/static/css/ 		56 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://api.1plus1.video/static/css/api.auth.css?_t942746087771
Requested by
Host: client
URL: about:client
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
195.137.240.88 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
front02.1plus1.ua
Software
nginx /
Resource Hash
a691ce0fb054d5f2128394b9ad9c5961d7c0cdc1804bc83d6760df78ee304d7f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 20 Nov 2022 00:22:16 GMT
Content-Encoding
gzip
Last-Modified
Mon, 03 Aug 2020 07:12:56 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
keep-alive
Keep-Alive
timeout=15
Expires
Tue, 20 Dec 2022 00:22:16 GMT
api.js
www.google.com/recaptcha/ 		925 B
996 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=__api_auth_recaptcha_on_load__&render=explicit&hl=uk
Requested by
Host: api.1plus1.video
URL: https://api.1plus1.video/static/js/api.auth.0.0.5.js?v=704f1bf8100dcad41f29c14adca06bf8df2c5c76
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
48e0160532c6bbef842ff3f1fc3b75a0de690923cb23a66cc6726ac7af1b40c4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
583
x-xss-protection
1; mode=block
expires
Sun, 20 Nov 2022 00:22:16 GMT
api.auth.css
api.1plus1.video/static/css/ Frame FB8F 		56 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://api.1plus1.video/static/css/api.auth.css?_t316465151663
Requested by
Host: client
URL: about:client
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
195.137.240.88 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
front02.1plus1.ua
Software
nginx /
Resource Hash
a691ce0fb054d5f2128394b9ad9c5961d7c0cdc1804bc83d6760df78ee304d7f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 20 Nov 2022 00:22:16 GMT
Content-Encoding
gzip
Last-Modified
Tue, 13 Apr 2021 11:47:41 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
keep-alive
Keep-Alive
timeout=15
Expires
Tue, 20 Dec 2022 00:22:16 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1834787353214372&ev=fb_page_view&dl=https%3A%2F%2F1plus1.ua%2F&rl=&if=false&ts=1668903736016&sw=1600&sh=1200&at=
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sun, 20 Nov 2022 00:22:16 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
api.js
www.google.com/recaptcha/ Frame FB8F 		925 B
648 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=__api_auth_recaptcha_on_load__&render=explicit&hl=uk
Requested by
Host: api.1plus1.video
URL: https://api.1plus1.video/static/js/api.auth.0.0.5.js?v=704f1bf8100dcad41f29c14adca06bf8df2c5c76
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
48e0160532c6bbef842ff3f1fc3b75a0de690923cb23a66cc6726ac7af1b40c4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
583
x-xss-protection
1; mode=block
expires
Sun, 20 Nov 2022 00:22:16 GMT
config.json
player.adtelligent.com/exchange_rates/298308/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/exchange_rates/298308/config.json?cb=https%3A%2F%2F1plus1.ua%2F
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19316/hb_298309_4139.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx /
Resource Hash
c29f72643558d1223401973ae3681cd38d81735da9e1df1e86fd15d63bd6a19f

Request headers

Referer
https://1plus1.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

expires
Tue, 22 Nov 2022 00:22:16 GMT
date
Sun, 20 Nov 2022 00:22:16 GMT
content-encoding
gzip
last-modified
Sat, 19 Nov 2022 12:01:18 GMT
server
nginx
etag
W/"6378c58e-117a"
content-type
application/json
access-control-allow-origin
https://1plus1.ua
cache-control
max-age=172800
x-proxy-cache
HIT
css
fonts.googleapis.com/ 		5 KB
740 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,700&amp;subset=cyrillic-ext,latin-ext
Requested by
Host: api.1plus1.video
URL: https://api.1plus1.video/static/css/api.auth.css?_t942746087771
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
910612fc65208677f4e2fff60558e0f1949138a3696402a17ed5582efe0d2649
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://api.1plus1.video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 20 Nov 2022 00:22:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 19 Nov 2022 22:53:41 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 20 Nov 2022 00:22:16 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=1plus1.ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=1plus1.ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		54 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1366485123648970&correlator=4285104277513530&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fifs&iu_parts=82479101%2C1plus1.ua%2CWeb_Interstitual&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=2&adks=2910912907&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie=ID%3D37db1c1184d39d11-2244974542cf0079%3AT%3D1668903735%3ART%3D1668903735%3AS%3DALNI_MY94AG7GvclHobl018cZp24yRcuHQ&gpic=UID%3D00000b84287eb40c%3AT%3D1668903735%3ART%3D1668903735%3AS%3DALNI_MZq1fWyS4TKs6ImhCyrp55KIB3lEg&abxe=1&dt=1668903736080&lmt=1668903736&dlt=1668903734580&idt=1451&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2F1plus1.ua%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1276797235.1668903735&ga_sid=1668903735&ga_hid=288471120&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7590dcf50bf95abb417e1944f8fe6b7e7a7539dfa6bbbb51ec8b55fc66ab51b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:16 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17913
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://1plus1.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
d522c7cada94c1c946e5cd3957ab2fe0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D0D5 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d522c7cada94c1c946e5cd3957ab2fe0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1plus1.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 20 Nov 2022 00:22:16 GMT
expires
Mon, 20 Nov 2023 00:22:16 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads_2022111501.js
securepubads.g.doubleclick.net/gpt/ 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022111501.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
03d35c1ff8a01dabf5d312f47b641d0dc6ad96b102f0b095e6af937881901757
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 12:10:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
389500
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13838
x-xss-protection
0
last-modified
Tue, 15 Nov 2022 09:35:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 15 Nov 2023 12:10:36 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
437 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-22507043-9&cid=1276797235.1668903735&jid=846066242&gjid=1493475265&_gid=73663421.1668903736&_u=YAhAAEAAAAAAACAAI~&z=34545363
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://1plus1.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sun, 20 Nov 2022 00:22:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://1plus1.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ Frame FB8F 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,700&amp;subset=cyrillic-ext,latin-ext
Requested by
Host: api.1plus1.video
URL: https://api.1plus1.video/static/css/api.auth.css?_t316465151663
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
910612fc65208677f4e2fff60558e0f1949138a3696402a17ed5582efe0d2649
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://api.1plus1.video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 20 Nov 2022 00:22:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 19 Nov 2022 22:23:28 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 20 Nov 2022 00:22:16 GMT
/
ghb.adtelligent.com/v2/auction/ 		358 B
461 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/v2/auction/
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19316/hb_298309_4139.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
eea1741c7f78ca29a007407ff07c325e719cd9e3631b54ff86d228ec6235af20

Request headers

Referer
https://1plus1.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 20 Nov 2022 00:22:16 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://1plus1.ua
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
157
prebid.1.2.aspx
inv-nets.admixer.net/ 		1002 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://inv-nets.admixer.net/prebid.1.2.aspx
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19316/hb_298309_4139.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
e2ec4a3538f057518aadf46b1d1c6fdaf7f1015f51c7440123628756cddffe54
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://1plus1.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 20 Nov 2022 00:22:16 GMT
Server
nginx
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
https://1plus1.ua
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
1002
X-Xss-Protection
0
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
172 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19316/hb_298309_4139.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://1plus1.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://1plus1.ua
date
Sun, 20 Nov 2022 00:22:16 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
fastlane.json
fastlane.rubiconproject.com/a/api/ 		324 B
646 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48254&zone_id=1767304&size_id=15&gdpr=0&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=72ccc80c-3ac5-4c4c-9648-2dec046a6e25%5E1&rf=https%3A%2F%2F1plus1.ua%2F&tg_i.pbadslot=%2F82479101%2F1plus1.ua%2F1plus1_300x250_2%23div-gpt-ad-1519059092931-2&tk_flint=pbjs_lite_v6.25.1-d&x_source.tid=ea1bc8b3-654e-47ce-a094-355e5912db20&l_pb_bid_id=1834d011548071e&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F82479101%2F1plus1.ua%2F1plus1_300x250_2%23div-gpt-ad-1519059092931-2&slots=1&rand=0.6103882579728312
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19316/hb_298309_4139.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
2409c2e2581815c0a8211bad53e63d91246c0a5229f5ae4873badd21d2c3bf4e

Request headers

Referer
https://1plus1.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 20 Nov 2022 00:22:16 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://1plus1.ua
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
324
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		351 B
673 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48254&zone_id=1767304&size_id=15&alt_size_ids=10&gdpr=0&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=72ccc80c-3ac5-4c4c-9648-2dec046a6e25%5E1&rf=https%3A%2F%2F1plus1.ua%2F&tg_i.pbadslot=%2F82479101%2F1plus1.ua%2F1plus1_300x600%23div-gpt-ad-1519059092931-0235521325&tk_flint=pbjs_lite_v6.25.1-d&x_source.tid=b20d8dee-6e01-4b4a-a1bb-807d92d62046&l_pb_bid_id=19d71fe0e26b9e8&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F82479101%2F1plus1.ua%2F1plus1_300x600%23div-gpt-ad-1519059092931-0235521325&slots=1&rand=0.059850549656006224
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19316/hb_298309_4139.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
831836318797e289854753abaff9462785e77691443e6171e8c48f02a7b87afa

Request headers

Referer
https://1plus1.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 20 Nov 2022 00:22:16 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://1plus1.ua
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
351
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		323 B
645 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48254&zone_id=1767304&size_id=57&gdpr=0&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=72ccc80c-3ac5-4c4c-9648-2dec046a6e25%5E1&rf=https%3A%2F%2F1plus1.ua%2F&tg_i.pbadslot=%2F82479101%2F1plus1.ua%2F1plus1_1250x250%23div-gpt-ad-1519059092931-1&tk_flint=pbjs_lite_v6.25.1-d&x_source.tid=492fd8c3-d068-48bd-ae9c-f1ae5a1cdde8&l_pb_bid_id=209a9f12f2a1252&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F82479101%2F1plus1.ua%2F1plus1_1250x250%23div-gpt-ad-1519059092931-1&slots=1&rand=0.2964261588402195
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19316/hb_298309_4139.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
49ad8659985b2987d5c71eb77594e481fa81d67c5f1f89fa095f43460190f829

Request headers

Referer
https://1plus1.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 20 Nov 2022 00:22:16 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://1plus1.ua
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
323
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		351 B
674 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48254&zone_id=1767304&size_id=15&alt_size_ids=10&gdpr=0&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=72ccc80c-3ac5-4c4c-9648-2dec046a6e25%5E1&rf=https%3A%2F%2F1plus1.ua%2F&tg_i.pbadslot=%2F82479101%2F1plus1.ua%2F1plus1_300x600%23div-gpt-ad-1519059092931-0235521325&tk_flint=pbjs_lite_v6.25.1-d&x_source.tid=f53bc0bf-6383-4c04-85f2-759b6702cb91&l_pb_bid_id=21307f96fbfe841&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F82479101%2F1plus1.ua%2F1plus1_300x600%23div-gpt-ad-1519059092931-0235521325&slots=1&rand=0.4742135097456248
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19316/hb_298309_4139.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
6f7e8381fb6a83ef8d216a9e777a5e95c66438f1f585e43dc4303bfd0c7f8c5f

Request headers

Referer
https://1plus1.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 20 Nov 2022 00:22:16 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://1plus1.ua
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
351
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		325 B
648 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2126352&size_id=15&gdpr=0&eid_pubcid.org=72ccc80c-3ac5-4c4c-9648-2dec046a6e25%5E1&rf=https%3A%2F%2F1plus1.ua%2F&tg_i.pbadslot=%2F82479101%2F1plus1.ua%2F1plus1_300x250_2%23div-gpt-ad-1519059092931-2&tk_flint=pbjs_lite_v6.25.1-d&x_source.tid=ea1bc8b3-654e-47ce-a094-355e5912db20&l_pb_bid_id=248806c7fcc3bc&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F82479101%2F1plus1.ua%2F1plus1_300x250_2%23div-gpt-ad-1519059092931-2&slots=1&rand=0.3574927342127001
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19316/hb_298309_4139.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
c30d47ea5375659aba1aaf38b42b88e8f3150482e2dd0a38e86ae6e494f4d9f7

Request headers

Referer
https://1plus1.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 20 Nov 2022 00:22:16 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://1plus1.ua
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
325
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		352 B
896 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2126352&size_id=15&alt_size_ids=10&gdpr=0&eid_pubcid.org=72ccc80c-3ac5-4c4c-9648-2dec046a6e25%5E1&rf=https%3A%2F%2F1plus1.ua%2F&tg_i.pbadslot=%2F82479101%2F1plus1.ua%2F1plus1_300x600%23div-gpt-ad-1519059092931-0235521325&tk_flint=pbjs_lite_v6.25.1-d&x_source.tid=b20d8dee-6e01-4b4a-a1bb-807d92d62046&l_pb_bid_id=25814de7d045b06&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F82479101%2F1plus1.ua%2F1plus1_300x600%23div-gpt-ad-1519059092931-0235521325&slots=1&rand=0.39105406729258085
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19316/hb_298309_4139.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
25855560050d2c40d5609914c4260769661a7acf4c62cb3786cbc0731b871c58

Request headers

Referer
https://1plus1.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 20 Nov 2022 00:22:16 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://1plus1.ua
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
352
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		9 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2126352&size_id=57&gdpr=0&eid_pubcid.org=72ccc80c-3ac5-4c4c-9648-2dec046a6e25%5E1&rf=https%3A%2F%2F1plus1.ua%2F&tg_i.pbadslot=%2F82479101%2F1plus1.ua%2F1plus1_1250x250%23div-gpt-ad-1519059092931-1&tk_flint=pbjs_lite_v6.25.1-d&x_source.tid=492fd8c3-d068-48bd-ae9c-f1ae5a1cdde8&l_pb_bid_id=2612e0743756a13&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F82479101%2F1plus1.ua%2F1plus1_1250x250%23div-gpt-ad-1519059092931-1&slots=1&rand=0.768887040811723
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19316/hb_298309_4139.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
1c3af60ffcbfb3b87dbe7a12929ccc325b0c281259d5bc9fcf383de32a030a22

Request headers

Referer
https://1plus1.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 20 Nov 2022 00:22:16 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://1plus1.ua
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		14 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2126352&size_id=15&alt_size_ids=10&gdpr=0&eid_pubcid.org=72ccc80c-3ac5-4c4c-9648-2dec046a6e25%5E1&rf=https%3A%2F%2F1plus1.ua%2F&tg_i.pbadslot=%2F82479101%2F1plus1.ua%2F1plus1_300x600%23div-gpt-ad-1519059092931-0235521325&tk_flint=pbjs_lite_v6.25.1-d&x_source.tid=f53bc0bf-6383-4c04-85f2-759b6702cb91&l_pb_bid_id=27372551491116f&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F82479101%2F1plus1.ua%2F1plus1_300x600%23div-gpt-ad-1519059092931-0235521325&slots=1&rand=0.02260191971564307
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19316/hb_298309_4139.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
fef77895525ab7345803b4592a91b346c0d1789f8da2b762bb3f2608dc3e77f8

Request headers

Referer
https://1plus1.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 20 Nov 2022 00:22:16 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://1plus1.ua
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
c
prebid.a-mo.net/a/ 		0
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19316/hb_298309_4139.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://1plus1.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://1plus1.ua
date
Sun, 20 Nov 2022 00:22:15 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
8
server
envoy
vary
origin, Accept-Encoding
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		180 B
524 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2F1plus1.ua%2F&CanonicalUrl=https%3A%2F%2Fm.1plus1.ua%2F&PublisherDomain=https%3A%2F%2F1plus1.ua
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19316/hb_298309_4139.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.151 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
76e3601174c7e301fc202cf47a968dadd4373af056802834ae34a9efd9e2c347
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://1plus1.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 20 Nov 2022 00:22:16 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://1plus1.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
120
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
content-length
180
expires
0
translator
hbopenbid.pubmatic.com/ 		9 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19316/hb_298309_4139.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
1f72c87b79e8fe85769acc7e1483ee48d5c8d95a3ab921882a93d8067f6c774a

Request headers

Referer
https://1plus1.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://1plus1.ua
date
Sun, 20 Nov 2022 00:22:16 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-openrtb-version
2.3
content-type
application/json
ROS
pbjs.e-planning.net/hb/1/2e43c/1/1plus1.ua/
Redirect Chain
  • https://pbjs.e-planning.net/pbjs/1/2e43c/1/1plus1.ua/ROS?rnd=0.773842147478927&e=300x250_0%3A300x250%2B300x250_1%3A300x250%2C300x600%2B300x250_2%3A300x250%2C300x600%2B970x250_0%3A970x250%2C750x250%...
  • https://pbjs.e-planning.net/hb/1/2e43c/1/1plus1.ua/ROS?ct=1&r=pbjs&rnd=0.773842147478927&e=300x250_0%3A300x250%2B300x250_1%3A300x250%2C300x600%2B300x250_2%3A300x250%2C300x600%2B970x250_0%3A970x250%...
585 B
995 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pbjs.e-planning.net/hb/1/2e43c/1/1plus1.ua/ROS?ct=1&r=pbjs&rnd=0.773842147478927&e=300x250_0%3A300x250%2B300x250_1%3A300x250%2C300x600%2B300x250_2%3A300x250%2C300x600%2B970x250_0%3A970x250%2C750x250%2B1440x180_0%3A1440x180&ur=https%3A%2F%2F1plus1.ua%2F&pbv=6.25.1-d&ncb=1&vs=FFFFF&crs=UTF-8&fr=https%3A%2F%2F1plus1.ua%2F&gdpr=0&e_pubcid=72ccc80c-3ac5-4c4c-9648-2dec046a6e25
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
H2
Server
185.172.90.252 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
2c06019216613db509def3fdf03611d0872be7b436a496a3e3b38cccda1074ac

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires
Sun, 20 Nov 2022 00:22:16 GMT
date
Sun, 20 Nov 2022 00:22:16 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://1plus1.ua
content-type
application/json
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-length
585
x-sid
AMS-937

Redirect headers

date
Sun, 20 Nov 2022 00:22:16 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://1plus1.ua
location
/hb/1/2e43c/1/1plus1.ua/ROS?ct=1&r=pbjs&rnd=0.773842147478927&e=300x250_0%3A300x250%2B300x250_1%3A300x250%2C300x600%2B300x250_2%3A300x250%2C300x600%2B970x250_0%3A970x250%2C750x250%2B1440x180_0%3A1440x180&ur=https%3A%2F%2F1plus1.ua%2F&pbv=6.25.1-d&ncb=1&vs=FFFFF&crs=UTF-8&fr=https%3A%2F%2F1plus1.ua%2F&gdpr=0&e_pubcid=72ccc80c-3ac5-4c4c-9648-2dec046a6e25
content-type
text/html; charset=iso-8859-1
access-control-allow-credentials
true
x-sid
AMS-937
arj
adtelligent-d.openx.net/w/1.0/ 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://adtelligent-d.openx.net/w/1.0/arj?ju=https%3A%2F%2F1plus1.ua%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=ea1bc8b3-654e-47ce-a094-355e5912db20%2Cb20d8dee-6e01-4b4a-a1bb-807d92d62046%2C492fd8c3-d068-48bd-ae9c-f1ae5a1cdde8%2Cf53bc0bf-6383-4c04-85f2-759b6702cb91%2C367615fc-ebcc-4102-a53c-5a6595921153&nocache=1668903736151&gdpr=0&pubcid=72ccc80c-3ac5-4c4c-9648-2dec046a6e25&schain=1.0%2C1!adtelligent.com%2C298309%2C1%2C%2C%2C&aus=300x250%7C300x600%2C300x250%7C970x250%2C750x250%7C300x600%2C300x250%7C1440x180&divids=div-gpt-ad-1519059092931-2%2Cdiv-gpt-ad-1519059092931-01064545755%2Cdiv-gpt-ad-1519059092931-1%2Cdiv-gpt-ad-1519059092931-0235521325%2Capi-gpt-catfish-wrapper&aucs=%252F82479101%252F1plus1.ua%252F1plus1_300x250_2%2523div-gpt-ad-1519059092931-2%2C%252F82479101%252F1plus1.ua%252F1plus1_300x600%2523div-gpt-ad-1519059092931-0235521325%2C%252F82479101%252F1plus1.ua%252F1plus1_1250x250%2523div-gpt-ad-1519059092931-1%2C%252F82479101%252F1plus1.ua%252F1plus1_300x600%2523div-gpt-ad-1519059092931-0235521325%2C%252F82479101%252F1plus1.ua%252Fcatfish%2523api-gpt-catfish-wrapper&auid=541177132%2C541177132%2C541177132%2C541177132%2C541177132
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19316/hb_298309_4139.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
41b01c7dcef74c8721de88ab44df58ff544bf6ac269d78f85d0c13b6ba98e83a

Request headers

Referer
https://1plus1.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 20 Nov 2022 00:22:16 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://1plus1.ua
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1989
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
ghb1.adtelligent.com/v2/auction/ 		3 KB
686 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb1.adtelligent.com/v2/auction/
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19316/hb_298309_4139.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
b05dc6b4ee58193d02734b742e6c3034fde10a31fc0217b4d2fd7154309c0b76

Request headers

Referer
https://1plus1.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 20 Nov 2022 00:22:16 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://1plus1.ua
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
382
/
ghb2.adtelligent.com/v2/auction/ 		2 KB
650 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb2.adtelligent.com/v2/auction/
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19316/hb_298309_4139.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
808521ff8f4b3f31cc0fd43a91d71ece6a8c03c3c705e870cac13dc3bb1a7101

Request headers

Referer
https://1plus1.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 20 Nov 2022 00:22:16 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://1plus1.ua
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
346
translator
hbopenbid.pubmatic.com/ 		9 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19316/hb_298309_4139.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
69d228d042fb28d94bc91b42bbbc0d07d072025f835459022c91f48c91fd8707

Request headers

Referer
https://1plus1.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://1plus1.ua
date
Sun, 20 Nov 2022 00:22:15 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-openrtb-version
2.3
content-encoding
gzip
content-type
application/json
cdb
bidder.criteo.com/ 		18 B
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.25.1-d&cb=45561453222
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19316/hb_298309_4139.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://1plus1.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 20 Nov 2022 00:22:15 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://1plus1.ua
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
prebid-request
onetag-sys.com/ 		15 B
356 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19316/hb_298309_4139.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://1plus1.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://1plus1.ua
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
i
ads.adnuntius.delivery/ 		7 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adnuntius.delivery/i?tzo=0&format=json&consentString=undefined
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19316/hb_298309_4139.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.26.154 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e35175edc3c874af71a21e6321898ee5109cf40d47cb4016add8813f54721f5a

Request headers

Referer
https://1plus1.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 20 Nov 2022 00:22:16 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-adn-diagnostic-request-id
f37cffa3f9300acbdf92a5984fdf99ef
x-adn-backend-server-id
h6dbba92
content-length
1236
pragma
no-cache
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kVEdVgcLBzQUUUCWl9KiQTK1D%2F1i8ISTwpdrNupGe5%2F6pt1%2FR5IECbC17CBcaVzQZfr1YpQ46jDH%2BBf8%2BqLxM5S%2B4Mhr6QeLsCsvl0nEtD0W5PPVGd2j%2F7yO9OT20oJcziZhDXvVe849"}],"group":"cf-nel","max_age":604800}
content-type
application/json;charset=utf-8
access-control-allow-origin
https://1plus1.ua
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
76cd07bfbf16dc29-LHR
expires
Mon, 26 Jul 1997 05:00:00 GMT
cdb
bidder.criteo.com/ 		18 B
307 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.25.1-d&cb=95965081673
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19316/hb_298309_4139.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://1plus1.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 20 Nov 2022 00:22:15 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://1plus1.ua
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
bid
a4p.adpartner.pro/hb/ 		3 B
250 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/hb/bid?tag=8048&sizes=1440x180&referer=https%3A%2F%2F1plus1.ua%2F
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19316/hb_298309_4139.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer
https://1plus1.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://1plus1.ua
date
Sun, 20 Nov 2022 00:22:16 GMT
cache-control
no-store no-transform
access-control-allow-credentials
true
server
nginx
content-length
3
content-type
application/json
PageStatEntry
sslpagestat.mmi.bemobile.ua/pagestat/ 		36 B
130 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sslpagestat.mmi.bemobile.ua/pagestat/PageStatEntry?cookie=76B4D40ECD29420B89C480039D86B084&time=1668903735703&location=https%3A%2F%2F1plus1.ua%2F&referrer=&is_flash=0&session_id=91988459&version=3.5.337_ua/1.83&sw=1600&sh=1200&scd=24&spd=24&tnscm_adn=inline_cm&param1=~cm_timer~&param2=0&param3=1200&param5=2&vt=d
Requested by
Host: source.mmi.bemobile.ua
URL: https://source.mmi.bemobile.ua/cm/cm.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.247.175.26 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software
nginx/1.13.0 /
Resource Hash
147b1111edda7e2c2f9d672b5649de2f2dc5d5cb9dda7905198aa883a4273013

Request headers

Accept
application/json
Referer
https://1plus1.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 20 Nov 2022 00:22:16 GMT
server
nginx/1.13.0
content-length
36
content-type
application/json
pic.gif
pa.tns-ua.com/bug/ 		56 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pa.tns-ua.com/bug/pic.gif?uid=76B4D40ECD29420B89C480039D86B084&time=1668903736166
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.247.175.19 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software
nginx/1.13.0 /
Resource Hash
2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:16 GMT
cache-control
no-cache
server
nginx/1.13.0
expires
Thu, 01 Jan 1970 00:00:00 GMT
recaptcha__uk.js
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/ 		433 KB
164 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__uk.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=__api_auth_recaptcha_on_load__&render=explicit&hl=uk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0e7cb45f857dee266e3e30474fe53581495d160fe7900d34423acb84ff6ea898
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1plus1.ua/
Origin
https://1plus1.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 00:38:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
431039
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
167220
x-xss-protection
0
last-modified
Mon, 14 Nov 2022 03:01:59 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 15 Nov 2023 00:38:17 GMT
recaptcha__uk.js
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/ Frame FB8F 		433 KB
163 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__uk.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=__api_auth_recaptcha_on_load__&render=explicit&hl=uk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0e7cb45f857dee266e3e30474fe53581495d160fe7900d34423acb84ff6ea898
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1plus1.video/
Origin
https://1plus1.video
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 00:38:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
431039
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
167220
x-xss-protection
0
last-modified
Mon, 14 Nov 2022 03:01:59 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 15 Nov 2023 00:38:17 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-22507043-9&cid=1276797235.1668903735&jid=846066242&_u=YAhAAEAAAAAAACAAI~&z=814752983
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 20 Nov 2022 00:22:16 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-22507043-9&cid=1276797235.1668903735&jid=846066242&_u=YAhAAEAAAAAAACAAI~&z=814752983
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 20 Nov 2022 00:22:16 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
d522c7cada94c1c946e5cd3957ab2fe0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A4C9 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d522c7cada94c1c946e5cd3957ab2fe0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1plus1.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 20 Nov 2022 00:22:16 GMT
expires
Mon, 20 Nov 2023 00:22:16 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=1plus1.ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=1plus1.ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		103 KB
21 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1366485123648970&correlator=3873680625105811&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fifs&iu_parts=82479101%2C1plus1.ua%2C1plus1_300x250_2%2C1plus1_300x600%2C1plus1_1250x250%2Ccatfish&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F3%2C%2F0%2F1%2F5&prev_iu_szs=300x250%2C300x600%7C300x250%2C970x250%7C750x250%2C300x600%7C300x250%2C1440x180&ifi=3&adks=695559250%2C1844046231%2C3836652839%2C2013629467%2C2198103003&sfv=1-0-40&prev_scp=Project_1plus1%3DMain%26hb_rfBid%3D0%26excl_cat%3DPREPOST%7CProject_1plus1%3DMain%26hb_rfBid%3D0%26excl_cat%3DPREPOST%7CProject_1plus1%3DMain%26hb_rfBid%3D0%26excl_cat%3DPREPOST%7CProject_1plus1%3DOther%26hb_rfBid%3D0%26excl_cat%3DPREPOST%7CProject_1plus1%3Dother%26hb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&sc=1&cookie=ID%3D37db1c1184d39d11-2244974542cf0079%3AT%3D1668903735%3AS%3DALNI_MY94AG7GvclHobl018cZp24yRcuHQ&gpic=UID%3D00000b84287eb40c%3AT%3D1668903735%3ART%3D1668903735%3AS%3DALNI_MZq1fWyS4TKs6ImhCyrp55KIB3lEg&abxe=1&dt=1668903736532&lmt=1668903736&dlt=1668903734580&idt=1451&adxs=299%2C983%2C315%2C983%2C80&adys=680%2C2368%2C4388%2C4937%2C1020&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C1%7C2%7C3%7C0&ucis=2%7C3%7C4%7C5%7C6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2F1plus1.ua%2F&frm=20&vis=1&psz=314x0%7C300x0%7C1176x120%7C300x0%7C1600x-1&msz=314x0%7C300x0%7C1176x0%7C300x0%7C1600x-1&fws=0%2C0%2C0%2C0%2C512&ohw=0%2C0%2C0%2C0%2C0&ga_vid=1276797235.1668903735&ga_sid=1668903735&ga_hid=288471120&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f85928656cf42cc7a257190b584d234df6be08ba79d02bfa534e117e4f3ea6a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:16 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21080
x-xss-protection
0
google-lineitem-id
-1,-1,-1,-1,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,-1,-1,-1,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://1plus1.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
css2
fonts.googleapis.com/ Frame A4C9 		4 KB
636 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: d522c7cada94c1c946e5cd3957ab2fe0.safeframe.googlesyndication.com
URL: https://d522c7cada94c1c946e5cd3957ab2fe0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://d522c7cada94c1c946e5cd3957ab2fe0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 20 Nov 2022 00:22:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 19 Nov 2022 23:12:04 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 20 Nov 2022 00:22:16 GMT
dr
as.ad4m.at/ad/ Frame 2D73 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1ht5gqaebjdqwqfmxb82qkhbpmzmwpk6wj6tm6sx2e01cb8afqfye7yc8s73kmyp66abw73mfgjbgcgt7jwsk88c4h1tzd9yjd6z1k2vt0nwpgphfdpd8xn88nmm26axh7238y5q2f7y8zm7v32bzyr2k503az4mt47pzf4ntvkf9pv7fhwtv9venz0y0y8a0x9m8waxwdbf9bxgzc8ey2t6fn0ckdj4rtfeeb3pq9dkt23h6keyvw3sjmq62nkznfffd15v032jte9ddk6wb1tmwx6nvvj71y2pdjsnbn8tm8rsk5sf1ycss92q967py68qdvcbhaharq6kadk7vwyembm42fekcwddj46vqj3dabfs9n94adf3d1kggt87635rjfhw8y8h9rw45pwrd3h1xd222m776bp8hs31ebtycxma39jv0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7noCOHN5Y73MCICH9u8PsO6xuA-Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTkxMzgyNDc2NTM3NTQ1MzPIAQmpAnNp6beoUrE-4AIAqAMBqgTmAU_QozgceZiGFrsV4Mp4ooabpTWh1ub3DnmhgojzmAlJphSLBdc0KEaICZSXH-_yK2xzurGZTwwysZ1S5jFRKrqwTbTk7z0YNwWgCnpcBKLNPkakbE5F-reezz-NiDB6BmrlgvcHRS-RhvMXIB8wKlcUTscS9sNiBSRN_FOJn1-qATQWHOPWrNBSyEowHnRxIPV4dwYeQNgFhED0mEvZhD6OtHnXnHXvgJbTpYu3SdCD0gWAQSwZ5pQ-fRCr370HnyXg4_lEswFbN9nUfWPtymUDIZIjBwKCJGSRhULqVXE249aoOk5h4AQBgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0WLp3quZieU725fxsU_d-C_hqRxA%26client%3Dca-pub-9138247653754533%26adurl%3D
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b94e319b82e682552058d4f4382a0095ac469845db90cdb1b82684fa02bc83f7
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://d522c7cada94c1c946e5cd3957ab2fe0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
76cd07c23b1774c9-LHR
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Sun, 20 Nov 2022 00:22:16 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 8063 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://d522c7cada94c1c946e5cd3957ab2fe0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 19:47:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
16471
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 03 Dec 2022 19:47:45 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame B63C 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d522c7cada94c1c946e5cd3957ab2fe0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
56407
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 19 Nov 2022 08:42:09 GMT
etag
48472445140208031
expires
Sun, 20 Nov 2022 08:42:09 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 8063 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://d522c7cada94c1c946e5cd3957ab2fe0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 15:35:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
31591
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7458
x-xss-protection
0
server
cafe
etag
16870613375306414947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 03 Dec 2022 15:35:45 GMT
l
www.google.com/ads/measurement/ Frame 8063 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRSYS8szXMJhycxKCBaClxyw7qxMOI5Ug6twInqRgMc2O52NBHHcW5a4jKEtveVP7dRfZKrzHM_TdMgNlazmCCM-SKoXQ
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://d522c7cada94c1c946e5cd3957ab2fe0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 8063 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://d522c7cada94c1c946e5cd3957ab2fe0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 15:43:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
376727
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 15 Nov 2023 15:43:29 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8063 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://d522c7cada94c1c946e5cd3957ab2fe0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 20 Nov 2022 00:22:16 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/ Frame A4C9 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: d522c7cada94c1c946e5cd3957ab2fe0.safeframe.googlesyndication.com
URL: https://d522c7cada94c1c946e5cd3957ab2fe0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
578d39c8cc926851f5be1195f339d26cbbf239f2f7cac8b55b349276514b85fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://d522c7cada94c1c946e5cd3957ab2fe0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 16:39:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
27752
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8086
x-xss-protection
0
server
cafe
etag
7427986489964165156
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 03 Dec 2022 16:39:44 GMT
hls.light.min.js
1plus1.video/static/player/js/ Frame FB8F 		153 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1plus1.video/static/player/js/hls.light.min.js
Requested by
Host: 1plus1.video
URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=704f1bf8100dcad41f29c14adca06bf8df2c5c76
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
front03.1plus1.ua
Software
nginx /
Resource Hash
bd9072da49e87b2c3688527532eb51a54a6886366915be497e4e2de0c83e5859

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.video/video/embed/E2fzXbha?l=ua
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 20 Nov 2022 00:22:16 GMT
Content-Encoding
gzip
Last-Modified
Tue, 05 Mar 2019 13:06:09 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
keep-alive
Keep-Alive
timeout=15
Expires
Tue, 20 Dec 2022 00:22:16 GMT
pixel
cm.g.doubleclick.net/ Frame B63C
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEHVlt99di2YRwOLjhKzUe_U&google_cver=1&google_push=ASkJ3FZNfIOAfwP57t7t-VZRRRgu8DW5bPeC5ucLQ21MS8yuwrs-JuXML7PgYBiPrU-oIFYLnweOj_N...
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=8&google_gid=CAESEHVlt99di2YRwOLjhKzUe_U&google_cver=1&google_push=ASkJ3FZNfIOAfwP57t7t-VZRRRgu8DW5bPeC5ucLQ21MS8yuwrs-JuXML7PgYBiPrU-oI...
  • https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=rdWV_sXITFWKMO3EoT2KkmN5czg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=rdWV_sXITFWKMO3EoT2KkmN5czg
Requested by
Host: d522c7cada94c1c946e5cd3957ab2fe0.safeframe.googlesyndication.com
URL: https://d522c7cada94c1c946e5cd3957ab2fe0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 20 Nov 2022 00:22:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 20 Nov 2022 00:22:16 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=rdWV_sXITFWKMO3EoT2KkmN5czg
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
pixel
cm.g.doubleclick.net/ Frame B63C
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEFXgWu9AelanOtlGFWccjsM&google_cver=1&google_push=ASkJ3Fa2RDfOqWfGDinUQRaPWPD9iw-2smlYgikh1c5CWPbFj9KciOSaurnVn_w0-DIalB8lQgyNdNMroAzpzToUFsy5h6h...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3Fa2RDfOqWfGDinUQRaPWPD9iw-2smlYgikh1c5CWPbFj9KciOSaurnVn_w0-DIalB8lQgyNdNMroAzpzToUFsy5h6hoXZG9&google_hm=NTUyMTkyMzA2MDkwODEzND...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3Fa2RDfOqWfGDinUQRaPWPD9iw-2smlYgikh1c5CWPbFj9KciOSaurnVn_w0-DIalB8lQgyNdNMroAzpzToUFsy5h6hoXZG9&google_hm=NTUyMTkyMzA2MDkwODEzNDk2MQ%3D%3D
Requested by
Host: d522c7cada94c1c946e5cd3957ab2fe0.safeframe.googlesyndication.com
URL: https://d522c7cada94c1c946e5cd3957ab2fe0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 20 Nov 2022 00:22:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 20 Nov 2022 00:22:16 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3Fa2RDfOqWfGDinUQRaPWPD9iw-2smlYgikh1c5CWPbFj9KciOSaurnVn_w0-DIalB8lQgyNdNMroAzpzToUFsy5h6hoXZG9&google_hm=NTUyMTkyMzA2MDkwODEzNDk2MQ%3D%3D
content-length
0
pixel
cm.g.doubleclick.net/ Frame B63C
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPSQxdNfGcTYCskTre7bu4E&google_cver=1&google_push=ASkJ3FZbd9qPZnZZJYR7OU-LHHn7Ff-IRxWNlEfsWZnoOcMwZIUa3JxYIVT40Bd4VbAxVh94LLAE_z3V...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEPSQxdNfGcTYCskTre7bu4E&google_cver=1&google_push=ASkJ3FZbd9qPZnZZJYR7OU-LHHn7Ff-IRxWNlEfsWZnoOcMwZIUa3JxYIVT40Bd4VbAxVh94LLA...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzE0NzY2NDg5NTA1MDkwOTg5Mw&google_push=ASkJ3FZbd9qPZnZZJYR7OU-LHHn7Ff-IRxWNlEfsWZnoOcMwZIUa3JxYIVT40Bd4VbAxVh94LLAE_z...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzE0NzY2NDg5NTA1MDkwOTg5Mw&google_push=ASkJ3FZbd9qPZnZZJYR7OU-LHHn7Ff-IRxWNlEfsWZnoOcMwZIUa3JxYIVT40Bd4VbAxVh94LLAE_z3Vo8xCqkJ8yIKjwOjCjNhI
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 20 Nov 2022 00:22:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 20 Nov 2022 00:22:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzE0NzY2NDg5NTA1MDkwOTg5Mw&google_push=ASkJ3FZbd9qPZnZZJYR7OU-LHHn7Ff-IRxWNlEfsWZnoOcMwZIUa3JxYIVT40Bd4VbAxVh94LLAE_z3Vo8xCqkJ8yIKjwOjCjNhI
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
dds
rtb.openx.net/sync/ Frame B63C 		43 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEBiTEtBzOBbOPo6HWvkgR0M&google_cver=1&google_push=ASkJ3FZHm0UTImPwUQGGVGc4X7MGDSOC33blsBdbuo7yFZF1qmtWHBYJKGz4tsel9GrbyCQXozMZJVN96FBeBLTHsHpzCuA8BzQI
Requested by
Host: d522c7cada94c1c946e5cd3957ab2fe0.safeframe.googlesyndication.com
URL: https://d522c7cada94c1c946e5cd3957ab2fe0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 20 Nov 2022 00:22:16 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
3sn9d0emk583df3aphtb265u343a766a
pixel
cm.g.doubleclick.net/ Frame B63C
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEP...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=ASkJ3FaOw12_3N87s8MNdhWqWFUHJ8VKlHEzYgulS4829aZgTjrBnGSbEagLNJNs5IbTf6QzZbIEgYIiAsO8YAKuBQtUYQi2qfHP&redir=https%3A%2F%2Fcm.g.doubl...
  • https://sync.targeting.unrulymedia.com/csync/RX-b7b4fc17-c3ce-48d5-b2e2-d325f0f02427-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DASkJ3FaOw12_3N87s8MNdhWqW...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ASkJ3FaOw12_3N87s8MNdhWqWFUHJ8VKlHEzYgulS4829aZgTjrBnGSbEagLNJNs5IbTf6QzZbIEgYIiAsO8YAKuBQtUYQi2qfHP&google_hm=A7e0_BfDzkjVsuLTJfDwJCc
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ASkJ3FaOw12_3N87s8MNdhWqWFUHJ8VKlHEzYgulS4829aZgTjrBnGSbEagLNJNs5IbTf6QzZbIEgYIiAsO8YAKuBQtUYQi2qfHP&google_hm=A7e0_BfDzkjVsuLTJfDwJCc
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 20 Nov 2022 00:22:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ASkJ3FaOw12_3N87s8MNdhWqWFUHJ8VKlHEzYgulS4829aZgTjrBnGSbEagLNJNs5IbTf6QzZbIEgYIiAsO8YAKuBQtUYQi2qfHP&google_hm=A7e0_BfDzkjVsuLTJfDwJCc
date
Sun, 20 Nov 2022 00:22:17 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXb7b4fc17c3ce48d5b2e2d325f0f02427003
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame B63C
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEI7xDlbflHQ0ukZ_YPMK05Q&google_cver=1&google_push=ASkJ3Fb0tMY53zzKKtIsKvSpyGsg5Xv0tvAdSBg88-Q4XqrdVjpmwnx9_HUHSkw5LNM0GnnDcVOWpHuJ0mr3in2UCIAwuJ11Tzjn
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=ASkJ3Fb0tMY53zzKKtIsKvSpyGsg5Xv0tvAdSBg88-Q4XqrdVjpmwnx9_HUHSkw5LNM0GnnDcVOWpHuJ0mr3in2UCIAwuJ11Tzj...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTM5MTg4MTg1MDIzNTIyNzkwNDQ5Ng%3D%3D&google_push=ASkJ3Fb0tMY53zzKKtIsKvSpyGsg5Xv0tvAdSBg88-Q4XqrdVjpmwnx9...
170 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTM5MTg4MTg1MDIzNTIyNzkwNDQ5Ng%3D%3D&google_push=ASkJ3Fb0tMY53zzKKtIsKvSpyGsg5Xv0tvAdSBg88-Q4XqrdVjpmwnx9_HUHSkw5LNM0GnnDcVOWpHuJ0mr3in2UCIAwuJ11Tzjn
Requested by
Host: d522c7cada94c1c946e5cd3957ab2fe0.safeframe.googlesyndication.com
URL: https://d522c7cada94c1c946e5cd3957ab2fe0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 20 Nov 2022 00:22:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTM5MTg4MTg1MDIzNTIyNzkwNDQ5Ng%3D%3D&google_push=ASkJ3Fb0tMY53zzKKtIsKvSpyGsg5Xv0tvAdSBg88-Q4XqrdVjpmwnx9_HUHSkw5LNM0GnnDcVOWpHuJ0mr3in2UCIAwuJ11Tzjn
date
Sun, 20 Nov 2022 00:22:16 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
cm.g.doubleclick.net/ Frame B63C
Redirect Chain
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEI2FmzYLXbbJHALBQ1Xe-ZQ&google_cver=1&google_push=ASkJ3FZosiflYDotH...
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEI2FmzYLXbbJHALBQ1Xe-ZQ%26goo...
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NDQ3ODcwOTQ3Mjg2OTc1MDcxMA%3D%3D&google_gid=CAESEI2FmzYLXbbJHALBQ1Xe-ZQ&google_cver=1&google_push=ASkJ3FZosiflYDotHo7fG47tIvEzqJDzn0...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NDQ3ODcwOTQ3Mjg2OTc1MDcxMA%3D%3D&google_gid=CAESEI2FmzYLXbbJHALBQ1Xe-ZQ&google_cver=1&google_push=ASkJ3FZosiflYDotHo7fG47tIvEzqJDzn0s080F3kx31z0HhDCjhTKAKb30WMRU1RcykJax1DkbCY53Snpxt7OemMsg7m77TRRh3
Requested by
Host: d522c7cada94c1c946e5cd3957ab2fe0.safeframe.googlesyndication.com
URL: https://d522c7cada94c1c946e5cd3957ab2fe0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 20 Nov 2022 00:22:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 20 Nov 2022 00:22:16 GMT
AN-X-Request-Uuid
5541a29a-9c62-45bd-88c7-f3d5d017037b
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NDQ3ODcwOTQ3Mjg2OTc1MDcxMA%3D%3D&google_gid=CAESEI2FmzYLXbbJHALBQ1Xe-ZQ&google_cver=1&google_push=ASkJ3FZosiflYDotHo7fG47tIvEzqJDzn0s080F3kx31z0HhDCjhTKAKb30WMRU1RcykJax1DkbCY53Snpxt7OemMsg7m77TRRh3
Connection
keep-alive
X-Proxy-Origin
82.199.130.38; 82.199.130.38; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame B63C 		0
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JKX9Fgpt8jpYb78etBs-EksJb19HKpizeAbHSzXJIy9PHVKFTPqSjl9ZdhgR0Y6kIXd1CQhg
Requested by
Host: d522c7cada94c1c946e5cd3957ab2fe0.safeframe.googlesyndication.com
URL: https://d522c7cada94c1c946e5cd3957ab2fe0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:16 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
92d3195f325a4d45ee303ab9d892d5b3.custom.jpg
images.1plus1.video/card-5/E2fzXbha/ Frame FB8F 		475 KB
476 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.1plus1.video/card-5/E2fzXbha/92d3195f325a4d45ee303ab9d892d5b3.custom.jpg
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
images.1plus1.ua
Software
nginx /
Resource Hash
bc612c0463c547f2d209aebf6d513fe30242194a0c14739ac81495248c0c4d66

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:16 GMT
last-modified
Tue, 15 Jun 2021 14:24:37 GMT
server
nginx
etag
"c7be8b09dd21bd3fc4aad93543f193e6"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
486113
x-1p1-cdn
BYPASS; Sun, 20 Nov 2022 00:22:16 GMT
expires
Sun, 27 Nov 2022 00:22:16 GMT
truncated
/ Frame FB8F 		369 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5f9ecc527406b9b72bc3a9f4527892dcf842584b7e6aeb7ce816a4c7c8803954

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
fonts.gstatic.com/s/opensans/v34/ Frame FB8F 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700&amp;subset=cyrillic-ext,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
59bd288e64c57e034672999e33ebda6eb5ad1575945eb563dbfb5b44f226e1e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://1plus1.video
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 19:00:18 GMT
x-content-type-options
nosniff
age
451318
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26240
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:14:37 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 14 Nov 2023 19:00:18 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ Frame FB8F 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700&amp;subset=cyrillic-ext,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://1plus1.video
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 18:50:24 GMT
x-content-type-options
nosniff
age
451912
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 14 Nov 2023 18:50:24 GMT
gplayer.js
gaua.hit.gemius.pl/ Frame FB8F 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gaua.hit.gemius.pl/gplayer.js
Requested by
Host: 1plus1.video
URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=704f1bf8100dcad41f29c14adca06bf8df2c5c76
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.37.238.28 , Poland, ASN16276 (OVH, FR),
Reverse DNS
ip28.ip-54-37-238.eu
Software
GHC /
Resource Hash
e839c6cc63b861d1bdad75ce13f3122bbea54d1896715655926f97a958db4dbe

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:16 GMT
content-encoding
gzip
last-modified
Thu, 10 Nov 2022 11:36:49 GMT
server
GHC
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
vary
Accept-Encoding,Origin
p3p
CP="NOI DSP COR NID PSAo OUR IND"
content-type
application/x-javascript
cache-control
max-age=43200
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
6283
expires
Sun, 20 Nov 2022 12:22:16 GMT
128902
api.1plus1.video/v2/ua/recommendation_projects/ Frame FB8F 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.1plus1.video/v2/ua/recommendation_projects/128902?cid=E2fzXbha&vct=3&_t621063484385
Requested by
Host: 1plus1.video
URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=704f1bf8100dcad41f29c14adca06bf8df2c5c76
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
195.137.240.88 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
front02.1plus1.ua
Software
nginx /
Resource Hash
d91e9e9e26dd0965bed5f01a875395196fd78a1ea338fb2d01a0f788a799ae7b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 20 Nov 2022 00:22:16 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
https://1plus1.video
Cache-Control
no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=15
Expires
Thu, 19 Nov 1981 08:52:00 GMT
default.css
as.ad4m.at/ad/style/0.1.25/one-ad/ Frame 2D73 		89 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.25/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1ht5gqaebjdqwqfmxb82qkhbpmzmwpk6wj6tm6sx2e01cb8afqfye7yc8s73kmyp66abw73mfgjbgcgt7jwsk88c4h1tzd9yjd6z1k2vt0nwpgphfdpd8xn88nmm26axh7238y5q2f7y8zm7v32bzyr2k503az4mt47pzf4ntvkf9pv7fhwtv9venz0y0y8a0x9m8waxwdbf9bxgzc8ey2t6fn0ckdj4rtfeeb3pq9dkt23h6keyvw3sjmq62nkznfffd15v032jte9ddk6wb1tmwx6nvvj71y2pdjsnbn8tm8rsk5sf1ycss92q967py68qdvcbhaharq6kadk7vwyembm42fekcwddj46vqj3dabfs9n94adf3d1kggt87635rjfhw8y8h9rw45pwrd3h1xd222m776bp8hs31ebtycxma39jv0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7noCOHN5Y73MCICH9u8PsO6xuA-Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTkxMzgyNDc2NTM3NTQ1MzPIAQmpAnNp6beoUrE-4AIAqAMBqgTmAU_QozgceZiGFrsV4Mp4ooabpTWh1ub3DnmhgojzmAlJphSLBdc0KEaICZSXH-_yK2xzurGZTwwysZ1S5jFRKrqwTbTk7z0YNwWgCnpcBKLNPkakbE5F-reezz-NiDB6BmrlgvcHRS-RhvMXIB8wKlcUTscS9sNiBSRN_FOJn1-qATQWHOPWrNBSyEowHnRxIPV4dwYeQNgFhED0mEvZhD6OtHnXnHXvgJbTpYu3SdCD0gWAQSwZ5pQ-fRCr370HnyXg4_lEswFbN9nUfWPtymUDIZIjBwKCJGSRhULqVXE249aoOk5h4AQBgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0WLp3quZieU725fxsU_d-C_hqRxA%26client%3Dca-pub-9138247653754533%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3c01ff3cf1eede0634fd027a59dc3a5f2f82eb5cbe271f4aec1dffddb774881
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1ht5gqaebjdqwqfmxb82qkhbpmzmwpk6wj6tm6sx2e01cb8afqfye7yc8s73kmyp66abw73mfgjbgcgt7jwsk88c4h1tzd9yjd6z1k2vt0nwpgphfdpd8xn88nmm26axh7238y5q2f7y8zm7v32bzyr2k503az4mt47pzf4ntvkf9pv7fhwtv9venz0y0y8a0x9m8waxwdbf9bxgzc8ey2t6fn0ckdj4rtfeeb3pq9dkt23h6keyvw3sjmq62nkznfffd15v032jte9ddk6wb1tmwx6nvvj71y2pdjsnbn8tm8rsk5sf1ycss92q967py68qdvcbhaharq6kadk7vwyembm42fekcwddj46vqj3dabfs9n94adf3d1kggt87635rjfhw8y8h9rw45pwrd3h1xd222m776bp8hs31ebtycxma39jv0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7noCOHN5Y73MCICH9u8PsO6xuA-Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTkxMzgyNDc2NTM3NTQ1MzPIAQmpAnNp6beoUrE-4AIAqAMBqgTmAU_QozgceZiGFrsV4Mp4ooabpTWh1ub3DnmhgojzmAlJphSLBdc0KEaICZSXH-_yK2xzurGZTwwysZ1S5jFRKrqwTbTk7z0YNwWgCnpcBKLNPkakbE5F-reezz-NiDB6BmrlgvcHRS-RhvMXIB8wKlcUTscS9sNiBSRN_FOJn1-qATQWHOPWrNBSyEowHnRxIPV4dwYeQNgFhED0mEvZhD6OtHnXnHXvgJbTpYu3SdCD0gWAQSwZ5pQ-fRCr370HnyXg4_lEswFbN9nUfWPtymUDIZIjBwKCJGSRhULqVXE249aoOk5h4AQBgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0WLp3quZieU725fxsU_d-C_hqRxA%26client%3Dca-pub-9138247653754533%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:16 GMT
strict-transport-security
max-age=86400; includeSubDomains; preload
via
1.1 google
x-content-type-options
nosniff
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
cf-cache-status
HIT
age
284194
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=91232
surrogate-control
no-store
content-encoding
br
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
cf-bgj
minify
last-modified
Wed, 16 Nov 2022 17:25:42 GMT
cross-origin-opener-policy
unsafe-none
server
cloudflare
x-download-options
noopen
vary
accept-encoding
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
76cd07c31ccd7789-LHR
expires
0
r62eglto.js
ad4m.at/ Frame 2D73 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1ht5gqaebjdqwqfmxb82qkhbpmzmwpk6wj6tm6sx2e01cb8afqfye7yc8s73kmyp66abw73mfgjbgcgt7jwsk88c4h1tzd9yjd6z1k2vt0nwpgphfdpd8xn88nmm26axh7238y5q2f7y8zm7v32bzyr2k503az4mt47pzf4ntvkf9pv7fhwtv9venz0y0y8a0x9m8waxwdbf9bxgzc8ey2t6fn0ckdj4rtfeeb3pq9dkt23h6keyvw3sjmq62nkznfffd15v032jte9ddk6wb1tmwx6nvvj71y2pdjsnbn8tm8rsk5sf1ycss92q967py68qdvcbhaharq6kadk7vwyembm42fekcwddj46vqj3dabfs9n94adf3d1kggt87635rjfhw8y8h9rw45pwrd3h1xd222m776bp8hs31ebtycxma39jv0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7noCOHN5Y73MCICH9u8PsO6xuA-Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTkxMzgyNDc2NTM3NTQ1MzPIAQmpAnNp6beoUrE-4AIAqAMBqgTmAU_QozgceZiGFrsV4Mp4ooabpTWh1ub3DnmhgojzmAlJphSLBdc0KEaICZSXH-_yK2xzurGZTwwysZ1S5jFRKrqwTbTk7z0YNwWgCnpcBKLNPkakbE5F-reezz-NiDB6BmrlgvcHRS-RhvMXIB8wKlcUTscS9sNiBSRN_FOJn1-qATQWHOPWrNBSyEowHnRxIPV4dwYeQNgFhED0mEvZhD6OtHnXnHXvgJbTpYu3SdCD0gWAQSwZ5pQ-fRCr370HnyXg4_lEswFbN9nUfWPtymUDIZIjBwKCJGSRhULqVXE249aoOk5h4AQBgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0WLp3quZieU725fxsU_d-C_hqRxA%26client%3Dca-pub-9138247653754533%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9b060fea5d40ed1a199f9ffec8eedb296149c1c5289e65818742d16f24f4dc4

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:16 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
394931
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 27 Jul 2022 10:39:11 GMT
server
cloudflare
etag
W/"a69f5acd9289c65e67397be142bc2c3f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fuB8d%2FXLzO%2Be%2F2x7SQLEs%2FBYtUbZNRsyuS%2BYhR%2FvjWZpGL40nOfZsjYSAD4QvWju0riey3hx8FQbJ3peowTM2yWy0mZQdbMs5OZC0UXKa4IpczeqoaBamri7ISMlrTlXovypznY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
76cd07c2db9c74c9-LHR
expires
Tue, 08 Nov 2022 10:40:11 GMT
gemiuslib.js
gaua.hit.gemius.pl/ Frame FB8F 		61 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gaua.hit.gemius.pl/gemiuslib.js
Requested by
Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/gplayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.37.238.28 , Poland, ASN16276 (OVH, FR),
Reverse DNS
ip28.ip-54-37-238.eu
Software
GHC /
Resource Hash
2cdee42b7d068f78d131568b5f3eed1975a5d656ca3ab20a747e31439598f5f7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:16 GMT
content-encoding
gzip
last-modified
Thu, 10 Nov 2022 11:36:49 GMT
server
GHC
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
vary
Accept-Encoding,Origin
p3p
CP="NOI DSP COR NID PSAo OUR IND"
content-type
application/x-javascript
cache-control
max-age=43200
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
16639
expires
Sun, 20 Nov 2022 12:22:16 GMT
api.chat.0.0.1.js
api.1plus1.video/static/js/ Frame FB8F 		33 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.1plus1.video/static/js/api.chat.0.0.1.js
Requested by
Host: 1plus1.video
URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=704f1bf8100dcad41f29c14adca06bf8df2c5c76
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
195.137.240.88 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
front02.1plus1.ua
Software
nginx /
Resource Hash
e2b2134adf52398755a5e6428ee95f6a6f99db6b82530f2b3e964c5be470cfe0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 20 Nov 2022 00:22:16 GMT
Content-Encoding
gzip
Last-Modified
Wed, 23 Feb 2022 14:15:45 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
keep-alive
Keep-Alive
timeout=15
Expires
Tue, 20 Dec 2022 00:20:04 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame FB8F 		370 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: 1plus1.video
URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=704f1bf8100dcad41f29c14adca06bf8df2c5c76
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2fb94cc5f4e050854cd18abcf65c8e58f62f512e141acf6b256aadbc27f1a48e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126568
x-xss-protection
0
expires
Sun, 20 Nov 2022 00:22:17 GMT
e2811c3b984e91c24e364696bb27bc38.220x330.jpg
images.1plus1.video/playlist-1/93/ Frame FB8F 		73 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.1plus1.video/playlist-1/93/e2811c3b984e91c24e364696bb27bc38.220x330.jpg
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
images.1plus1.ua
Software
nginx /
Resource Hash
623b8ed926c2eb6436ec5a876949f4986eea52ccb69a6a0064164dd9d6361179

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:16 GMT
last-modified
Sat, 30 Oct 2021 07:14:20 GMT
server
nginx
etag
"a24e7612ca888c6a3f26a9c9ad42fb7a"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
74890
x-1p1-cdn
BYPASS; Sun, 20 Nov 2022 00:22:16 GMT
expires
Sun, 27 Nov 2022 00:22:16 GMT
fa026e772cfd5e39f5c43fb03bea1247.220x330.jpg
images.1plus1.video/playlist-1/101800/ Frame FB8F 		77 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.1plus1.video/playlist-1/101800/fa026e772cfd5e39f5c43fb03bea1247.220x330.jpg
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
images.1plus1.ua
Software
nginx /
Resource Hash
7f4b62d09dc30ffd1f6943c722fc053199beca02c3a5962264608d05ec583484

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:16 GMT
last-modified
Thu, 23 Sep 2021 09:32:32 GMT
server
nginx
etag
"1ac7c7bca48ad0b6bf49709fb825bd52"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
79302
x-1p1-cdn
BYPASS; Sun, 20 Nov 2022 00:22:16 GMT
expires
Sun, 27 Nov 2022 00:22:16 GMT
580fc007f314b6c7a87ec2f320914a1a.220x330.jpg
images.1plus1.video/playlist-1/5589/ Frame FB8F 		82 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.1plus1.video/playlist-1/5589/580fc007f314b6c7a87ec2f320914a1a.220x330.jpg
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
images.1plus1.ua
Software
nginx /
Resource Hash
ae0b2fa6956c5bbeab3ebb80e69bc0d313506fbf6d9a75fdd41d3511d8aeb120

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:16 GMT
last-modified
Wed, 26 Jan 2022 08:14:28 GMT
server
nginx
etag
"3917fa01fa34fdfd43db5b1c15071af1"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
84258
x-1p1-cdn
BYPASS; Sun, 20 Nov 2022 00:22:16 GMT
expires
Sun, 27 Nov 2022 00:22:16 GMT
08889206d0bc6f22496fd04b86041fed.220x330.jpg
images.1plus1.video/playlist-1/326/ Frame FB8F 		91 KB
91 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.1plus1.video/playlist-1/326/08889206d0bc6f22496fd04b86041fed.220x330.jpg
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
images.1plus1.ua
Software
nginx /
Resource Hash
176cec0c0610df2346dd22066f273900fa263f1071814b001d07ffbd654b9eda

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:16 GMT
last-modified
Sat, 13 Feb 2021 11:59:34 GMT
server
nginx
etag
"70c7ed91bbef141e65887484066b2093"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
93213
x-1p1-cdn
BYPASS; Sun, 20 Nov 2022 00:22:16 GMT
expires
Sun, 27 Nov 2022 00:22:16 GMT
f0ee1990bc109bdc1d80ced614848fbe.220x330.jpg
images.1plus1.video/playlist-1/118669/ Frame FB8F 		84 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.1plus1.video/playlist-1/118669/f0ee1990bc109bdc1d80ced614848fbe.220x330.jpg
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
images.1plus1.ua
Software
nginx /
Resource Hash
e52ce9aedd00c17de0baddbfc8112577c1a48f3d1c8aee25953a53feb7281d7c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:16 GMT
last-modified
Thu, 23 Sep 2021 09:37:45 GMT
server
nginx
etag
"cd80b64d6e8b1fb3fb0449e270085489"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
85922
x-1p1-cdn
BYPASS; Sun, 20 Nov 2022 00:22:16 GMT
expires
Sun, 27 Nov 2022 00:22:16 GMT
frame.html
ad4m.at/ Frame 0B79 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
2089023
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
76cd07c3bd867789-LHR
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Sun, 20 Nov 2022 00:22:16 GMT
expires
Wed, 26 Oct 2022 21:05:13 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aExNvTO96rvYKKU91Jn0BGA0hz1t%2BTqpxXTHr6ZvePKLoe7OVUAt4wPeyp%2BvsyF0ge9OUIPsfCUlQex8LH2HfPEN6MtYrfkbmVWpUWWLDj9VSUPjVCjzBX0BlKzKjAfYJYTgQjg%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
container.html
d522c7cada94c1c946e5cd3957ab2fe0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 95EB 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d522c7cada94c1c946e5cd3957ab2fe0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1plus1.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 20 Nov 2022 00:22:16 GMT
expires
Mon, 20 Nov 2023 00:22:16 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
d522c7cada94c1c946e5cd3957ab2fe0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6392 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d522c7cada94c1c946e5cd3957ab2fe0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1plus1.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 20 Nov 2022 00:22:16 GMT
expires
Mon, 20 Nov 2023 00:22:16 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rs
ad4m.at/ Frame 2D73 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c982f45c00f656f4e3494fe881f99c0dca0e909e94efe87af8e35afa2f4a5d8

Request headers

Referer
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 20 Nov 2022 00:22:17 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uzs6vioOKOSZQznMS0uSRee%2BGcFubh3mZ%2FAUg509ux13NZjqhSPjBfen6ph2T38iUXD63krnCepeS1H%2BnZJ4TQXP4rc9KxNUtBgJzP2Yj%2BjCcxAMadn9qTweUx04cgxo%2Fa2DVdE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
76cd07c4e917dd73-LHR
x-backend-server
aa-reachservice-group-europe-west1-v578
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
76cd07c478b6dd73-LHR
content-length
24
content-type
text/plain
date
Sun, 20 Nov 2022 00:22:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TSpCyFkhqtwaqfqukKgET51zbf9vg5dKESxUsorOfjZHfwBa4pD345nZfX6T5QdnKVpS803vnKmoOCp6vbELIeIvoZVBNg6LsQQCMUmJU2gv793KAdDL1JbRBF3Lyg3rJrJzWp0%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-v578
adview
securepubads.g.doubleclick.net/pagead/ Frame 95EB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CTu44OHN5Y968JpnH7_UPpPqP2AGQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTkxMzgyNDc2NTM3NTQ1MzPIAQmpAnNp6beoUrE-4AIAqAMBqgTkAU_QKcrMD_b-7peUfxkthYOMunm24e0DI-INrMaqFQ5DNp06vQedkKxH3dt4f2CR3m_rYF00uk-eool6vwYuazz7UMeStn0aHmmr2fbp9JorRwJ1cNVwPf5hvVl9J8YAz3Tsp78Lk4NjCwrEqFKGkwh0O-Bqtwd8ZLrHIUyffCBpP44lwaN2edDPwjumshGlFWlw7yMu7cqqIQ7g1CJ1GuXPNTruW7JcgbO4YmyuGoYmo869dVb_PKfakXsC4EgX9R7ql3-3cXIKqHdgF0cQTgnRmiNoZmOg5ZOMI3w1QqlJq6jNCuAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi05MTM4MjQ3NjUzNzU0NTMzGNXbFg&sigh=R3rwZLrryPU&uach_m=[UACH]&cid=CAQSOwDq26N9-M57ENMY4uKwqWkr0KFT3s0zFEl0WkVjEVRn_Yj-YQ4ycieNW2l3OqRJhswDcCs_2_XvFLfbGAEgEw
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://d522c7cada94c1c946e5cd3957ab2fe0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
winResponse
prod-rtb.ad4mat.net/ Frame 95EB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1gnz9bh1kyryr5ywy6ctk1kkzdd96xggw9vj362ya55eyfh22vnxn1a8rsga8qq14yxtrshbgfwsj2ne4676w06j3vw9704kzh10nzpkhwbqsn6718zj4zyey5y6zrxz9z7zwey1fnamycmj4qd3c6z5t7ea7j2e9g1ywth72d1fqm15fmsbax5whzgr3p57nmwbn4eswh7ac80kpjyd2s97p600f3fjtjr3vbpr8nynbx8csws3h1n6tvq0gtq949jpzf2wemm8tgv7g7w4epcfbdsprrvgkvrwsejkf6qmk07t96vvmzmcg6b4h5e50yvx9wgypvhpnzm2hzvzm4nnyyef8hzkjfpkt0y43n00mpbj042k9tw7n3r8wt5f6vbxdr8yzc&b=Y3lzOAAJnl4Iu-OZAAP9JH3zQgyJUgrq_iy3-g
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://d522c7cada94c1c946e5cd3957ab2fe0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 20 Nov 2022 00:22:17 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
dr
as.ad4m.at/ad/ Frame ABE9 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1gk7tpv3t2kd8fdq93qg55q3d182pj4tmm8kp2nm797s7nnknzw19qxq2210p48qpt981x1v8yq02mrzn05expbjmr6f8nn1t6jn3ybd3dyghwvf7kcmvjqh6mr1dw1qnmdv2r6ekeavazp876hpj2apgp8tpnhrsa17fcswaz6h6cnbha4e1ttk6h8eszqke42qsb1ntjvy18kdp1t734avbfnka7yp4gbqbcygrm9gbanj8m5d8msfg9h45sg1fbchjmw07x3wvrm0tqe3qsy4369nnkrwz7shajer51rx3ymhf7kbm3tfd9mrvz578rtt0e5t7xs9jjtqqyn086rrcet0z0dqr6v4b0vc62d1702wm255y10aeb9xmvxrb6jnrpvqsgpx59j5n4xd4xrvcscsz7rhjmeca9k71t3wnymqm1rj0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdkEwOHN5Y968JpnH7_UPpPqP2AGQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTkxMzgyNDc2NTM3NTQ1MzPIAQmpAnNp6beoUrE-4AIAqAMBqgTnAU_QKcrMD_b-7peUfxkthYOMunm24e0DI-INrMaqFQ5DNp06vQedkKxH3dt4f2CR3m_rYF00uk-eool6vwYuazz7UMeStn0aHmmr2fbp9JorRwJ1cNVwPf5hvVl9J8YAz3Tsp78Lk4NjCwrEqFKGkwh0O-Bqtwd8ZLrHIUyffCBpP44lwaN2edDPwjumshGlFWlw7yMu7cqqIQ7g1CJ1GuXPNTruW7JcgbO4YmyuGoYmo869dVb_PKfakXsC4EhV9z94QIYwMbqN4OG6XtXidx3bNylGfr4gJ9oe2-grbrGcdzeNwlMlPuAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1RJfO3b-eHNUHrwov7MT7gjHbKyQ%26client%3Dca-pub-9138247653754533%26adurl%3D
Requested by
Host: d522c7cada94c1c946e5cd3957ab2fe0.safeframe.googlesyndication.com
URL: https://d522c7cada94c1c946e5cd3957ab2fe0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8982dd484ccec0f50211e9553366b0d2b77a3df90da24b92b83fddbb0fdc7e8d
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://d522c7cada94c1c946e5cd3957ab2fe0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
76cd07c48e837789-LHR
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Sun, 20 Nov 2022 00:22:17 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 95EB 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
Requested by
Host: d522c7cada94c1c946e5cd3957ab2fe0.safeframe.googlesyndication.com
URL: https://d522c7cada94c1c946e5cd3957ab2fe0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://d522c7cada94c1c946e5cd3957ab2fe0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 19:47:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
16472
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 03 Dec 2022 19:47:45 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 4682 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: d522c7cada94c1c946e5cd3957ab2fe0.safeframe.googlesyndication.com
URL: https://d522c7cada94c1c946e5cd3957ab2fe0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d522c7cada94c1c946e5cd3957ab2fe0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
56408
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 19 Nov 2022 08:42:09 GMT
etag
48472445140208031
expires
Sun, 20 Nov 2022 08:42:09 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 95EB 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: d522c7cada94c1c946e5cd3957ab2fe0.safeframe.googlesyndication.com
URL: https://d522c7cada94c1c946e5cd3957ab2fe0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://d522c7cada94c1c946e5cd3957ab2fe0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 15:35:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
31592
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7458
x-xss-protection
0
server
cafe
etag
16870613375306414947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 03 Dec 2022 15:35:45 GMT
l
www.google.com/ads/measurement/ Frame 95EB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSQo94HqAi2DhuLz4-i6CGsrKu6hN1qBPRPAzDsAD1tGlEdsEQK2trgNNedUlQy96shlaIOhfP0z7hgbjO13-ikyAzfcQ
Requested by
Host: d522c7cada94c1c946e5cd3957ab2fe0.safeframe.googlesyndication.com
URL: https://d522c7cada94c1c946e5cd3957ab2fe0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://d522c7cada94c1c946e5cd3957ab2fe0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 95EB 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: d522c7cada94c1c946e5cd3957ab2fe0.safeframe.googlesyndication.com
URL: https://d522c7cada94c1c946e5cd3957ab2fe0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://d522c7cada94c1c946e5cd3957ab2fe0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 15:43:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
376728
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 15 Nov 2023 15:43:29 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 95EB 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: d522c7cada94c1c946e5cd3957ab2fe0.safeframe.googlesyndication.com
URL: https://d522c7cada94c1c946e5cd3957ab2fe0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://d522c7cada94c1c946e5cd3957ab2fe0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 20 Nov 2022 00:22:17 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 6392 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CoFS4OHN5Y9-8JpnH7_UPpPqP2AGQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTkxMzgyNDc2NTM3NTQ1MzPIAQmpAnNp6beoUrE-4AIAqAMBqgToAU_QzsQih9DZgRZM0-KBjm7-DvIEEtWweExJmhGPYX0Zg-_9FxCsONT8VFNXvtqpEzEgfHh1h3cwfKI2hKHM3U5bVekJ4mmsejc3w3cWyb3icNet9mevGhTTG8kL-qi5L7iMfVmNpi3BZjabLCarp62qK4d9vp6S_-zSUehjFXh7VfQjgp-Oy_zJQyoF5-4HB4DlBW90c3nOc9xGBD1AGHbvKqpwEenAA04geL-dpowEOl2CKqGykkfglbHH6XoCDbQFIkUiVOgE0Anx_yCiWekbaWto6dzyW33PoF274rehaW_SQaxKHlPgBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItOTEzODI0NzY1Mzc1NDUzMxjV2xY&sigh=vq-Kps0pRNc&uach_m=[UACH]&cid=CAQSOwDq26N9-M57ENMY4uKwqWkr0KFT3s0zFEl0WkVjEVRn_Yj-YQ4ycieNW2l3OqRJhswDcCs_2_XvFLfbGAEgEw
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://d522c7cada94c1c946e5cd3957ab2fe0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
winResponse
prod-rtb.ad4mat.net/ Frame 6392 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1kr90ffvj26rmaykvt9bnrrjjj17r0temwpyz2zpynr15m0dwqvh5021pwmjy98zg7yrk05mmzznh9md9ksyxwww7t6gr39k5pmsjcb2rn4sk3d1fnnndymvsc4z1e4ydxatx5hdx2h88g1zht4jjt4jakj0jhn9zbgc9xy61h4tyehj7x3j2hpdfch8cqzpa5ba4cfjf7vvhvbe5hfbjrahyr67c4pvvngempb6hyrjvk18c0arx48tbapvw2bdfkfwjb8efzk9nzxjddcesykxas5c6n4m3y58bvbhtzy6529hwe6wy3ksf9bez04qy8pgyp7ngfhmg8rb72rkat8qettr88jhqm9bvm9jkkpr8by53658389nv8zct4ma257qd03nh4&b=Y3lzOAAJnl8Iu-OZAAP9JHizY5OL6zsmTgzpTg
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://d522c7cada94c1c946e5cd3957ab2fe0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 20 Nov 2022 00:22:17 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
dr
as.ad4m.at/ad/ Frame 75C9 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1jhjsjbt1djta5zsdv9g29hj007a9tgkmgcshve19dqcydv92xh7h9mmq17cf457h8pyzmxdtb0vradmkpx7eqjwkyh113d2tsrkqx3d02wsqb4ym75y65vrk6ffm1tzvtxnjphdpk8v05saxy7k77268vk413k6r7rcspt1m9e6fna3etv5h4dkxf6b1pw5jbmc9mw13bp570hjjca6k11cfzrj2p4kbfhv17zcwekxxzhy8c7z07kkq8rr75vsna482a6d1swwnd05pqvjgqrk4yqcgvc40bz1x02yjnwk3nnf5q2ytg546j5k6cw1aay921dy45vqaafefs7w4th7yqz3kh3vry7bhf6qxf9tk651yqfmx2fp0g9bs2ebraxjgxer9nd8tfcd1vqghzebz54bk82we0qwysf4mj0619zyj6kb4&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiCvMOHN5Y9-8JpnH7_UPpPqP2AGQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTkxMzgyNDc2NTM3NTQ1MzPIAQmpAnNp6beoUrE-4AIAqAMBqgTrAU_QzsQih9DZgRZM0-KBjm7-DvIEEtWweExJmhGPYX0Zg-_9FxCsONT8VFNXvtqpEzEgfHh1h3cwfKI2hKHM3U5bVekJ4mmsejc3w3cWyb3icNet9mevGhTTG8kL-qi5L7iMfVmNpi3BZjabLCarp62qK4d9vp6S_-zSUehjFXh7VfQjgp-Oy_zJQyoF5-4HB4DlBW90c3nOc9xGBD1AGHbvKqpwEenAA04geL-dpowEOl2CKqGykkfglbHH6XoCDbQFYEcDxj_9V0k5eGg0g6CJm1J843H4dWUSIJ_ycE81d0PKlHDVXpuDzlngBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0lkC4PmeXnyEaGSDV9531Rh83x6A%26client%3Dca-pub-9138247653754533%26adurl%3D
Requested by
Host: d522c7cada94c1c946e5cd3957ab2fe0.safeframe.googlesyndication.com
URL: https://d522c7cada94c1c946e5cd3957ab2fe0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ec3154a3c30da2a460cc0da9dd4c2337933fd257db4117693a7bbfc0b627971
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://d522c7cada94c1c946e5cd3957ab2fe0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
76cd07c49eaa7789-LHR
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Sun, 20 Nov 2022 00:22:17 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 6392 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
Requested by
Host: d522c7cada94c1c946e5cd3957ab2fe0.safeframe.googlesyndication.com
URL: https://d522c7cada94c1c946e5cd3957ab2fe0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://d522c7cada94c1c946e5cd3957ab2fe0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 19:47:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
16472
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 03 Dec 2022 19:47:45 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame F42B 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: d522c7cada94c1c946e5cd3957ab2fe0.safeframe.googlesyndication.com
URL: https://d522c7cada94c1c946e5cd3957ab2fe0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d522c7cada94c1c946e5cd3957ab2fe0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
56408
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 19 Nov 2022 08:42:09 GMT
etag
48472445140208031
expires
Sun, 20 Nov 2022 08:42:09 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 6392 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: d522c7cada94c1c946e5cd3957ab2fe0.safeframe.googlesyndication.com
URL: https://d522c7cada94c1c946e5cd3957ab2fe0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://d522c7cada94c1c946e5cd3957ab2fe0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 15:35:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
31592
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7458
x-xss-protection
0
server
cafe
etag
16870613375306414947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 03 Dec 2022 15:35:45 GMT
l
www.google.com/ads/measurement/ Frame 6392 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR7zkpVGamttwR6WqeLkXkr-zTUid9yWL3JrluI89LhaJbDhSj2q3z5AkVodEoseB-UANN0cmvXosv-aCT2XGkWS1tTAA
Requested by
Host: d522c7cada94c1c946e5cd3957ab2fe0.safeframe.googlesyndication.com
URL: https://d522c7cada94c1c946e5cd3957ab2fe0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://d522c7cada94c1c946e5cd3957ab2fe0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 6392 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: d522c7cada94c1c946e5cd3957ab2fe0.safeframe.googlesyndication.com
URL: https://d522c7cada94c1c946e5cd3957ab2fe0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://d522c7cada94c1c946e5cd3957ab2fe0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 15:43:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
376728
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 15 Nov 2023 15:43:29 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6392 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: d522c7cada94c1c946e5cd3957ab2fe0.safeframe.googlesyndication.com
URL: https://d522c7cada94c1c946e5cd3957ab2fe0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://d522c7cada94c1c946e5cd3957ab2fe0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 20 Nov 2022 00:22:17 GMT
fpdata.js
gaua.hit.gemius.pl/ Frame FB8F 		281 B
377 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gaua.hit.gemius.pl/fpdata.js?href=1plus1.video
Requested by
Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/gemiuslib.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.37.238.28 , Poland, ASN16276 (OVH, FR),
Reverse DNS
ip28.ip-54-37-238.eu
Software
GHC /
Resource Hash
6cc01fe871dad3c4a861c6f5b55892316524ffeffab08c633119356b3c4bb703

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:17 GMT
last-modified
Mon, 16 Jul 2012 10:03:40 GMT
server
GHC
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag
PRIVATE7520710249
p3p
CP="NOI DSP COR NID PSAo OUR IND"
content-type
application/x-javascript
cache-control
private, max-age=2592000
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
281
expires
Tue, 20 Dec 2022 00:22:17 GMT
lsget.html
ls.hit.gemius.pl/ Frame E434 		5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ls.hit.gemius.pl/lsget.html
Requested by
Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/gemiuslib.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
145.239.237.56 , France, ASN16276 (OVH, FR),
Reverse DNS
ip56.ip-145-239-237.eu
Software
GHC /
Resource Hash
41aaf869bc03cdcb1fcd151f0accc843e0ed6fca8e303b97957cbdc50dc28710

Request headers

Referer
https://1plus1.video/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
accept-ranges
none
cache-control
private, max-age=2592000
content-encoding
gzip
content-length
2714
content-type
text/html;charset=utf-8
cross-origin-resource-policy
cross-origin
date
Sun, 20 Nov 2022 00:22:17 GMT
etag
PRIVATE7520710249
expires
Tue, 20 Dec 2022 00:22:17 GMT
last-modified
Mon, 16 Jul 2012 10:03:40 GMT
p3p
CP="NOI DSP COR NID PSAo OUR IND"
server
GHC
vary
Accept-Encoding,Origin,User-Agent
current
dclk-match.dotomi.com/match/bounce/ Frame 4682 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEM4tihoYTZCMX9TYQvXpBYM&google_cver=1&google_push=ASkJ3FZd0NOIXbYRmsq3oWUvTTaH8XAqSCLcc011gdsBmI5gCDBgxhPVuj4ITzpzdzhjsqkAGAcUDVWNfNSvLqfUhIe6kLPte1Iv
Requested by
Host: d522c7cada94c1c946e5cd3957ab2fe0.safeframe.googlesyndication.com
URL: https://d522c7cada94c1c946e5cd3957ab2fe0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 20 Nov 2022 00:22:17 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
i.match
s.tribalfusion.com/z/ Frame 4682
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEE2fJMLV3V_eRh6Z6iCWc3c&google_cver=1&google_push=ASkJ3FY-YofuGr5qNe410NStH4DtBaGG0KT1WM9kmX6iEs-YMknAaHuETlkZ_4_AhKHxZmpWKX7zyAFGsT7xHWJnl4dMr23Z76Yl_...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEE2fJMLV3V_eRh6Z6iCWc3c&google_cver=1&google_push=ASkJ3FY-YofuGr5qNe410NStH4DtBaGG0KT1WM9kmX6iEs-YMknAaHuETlkZ_4_AhKHxZmpWKX7zyAFGsT7xHWJnl4dMr23Z76Y...
43 B
385 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEE2fJMLV3V_eRh6Z6iCWc3c&google_cver=1&google_push=ASkJ3FY-YofuGr5qNe410NStH4DtBaGG0KT1WM9kmX6iEs-YMknAaHuETlkZ_4_AhKHxZmpWKX7zyAFGsT7xHWJnl4dMr23Z76Yl_A&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DASkJ3FY-YofuGr5qNe410NStH4DtBaGG0KT1WM9kmX6iEs-YMknAaHuETlkZ_4_AhKHxZmpWKX7zyAFGsT7xHWJnl4dMr23Z76Yl_A%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: d522c7cada94c1c946e5cd3957ab2fe0.safeframe.googlesyndication.com
URL: https://d522c7cada94c1c946e5cd3957ab2fe0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 20 Nov 2022 00:22:17 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
76cd07c6efa67324-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 20 Nov 2022 00:22:17 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
129
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEE2fJMLV3V_eRh6Z6iCWc3c&google_cver=1&google_push=ASkJ3FY-YofuGr5qNe410NStH4DtBaGG0KT1WM9kmX6iEs-YMknAaHuETlkZ_4_AhKHxZmpWKX7zyAFGsT7xHWJnl4dMr23Z76Yl_A&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DASkJ3FY-YofuGr5qNe410NStH4DtBaGG0KT1WM9kmX6iEs-YMknAaHuETlkZ_4_AhKHxZmpWKX7zyAFGsT7xHWJnl4dMr23Z76Yl_A%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
76cd07c5ae417324-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 4682 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L_s1-zOKl-9R2mFqjTb8DauP13drPQGGDiZJU
Requested by
Host: d522c7cada94c1c946e5cd3957ab2fe0.safeframe.googlesyndication.com
URL: https://d522c7cada94c1c946e5cd3957ab2fe0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:17 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
current
dclk-match.dotomi.com/match/bounce/ Frame F42B 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEM4tihoYTZCMX9TYQvXpBYM&google_cver=1&google_push=ASkJ3FbXISLv82MUDoZW2KeuNMu0X2VeEmmMxIzAqw7mGeH5MdillNR858UWytl7_55OFGPGBlBRbgdvQCI26yf251usaEabI_o
Requested by
Host: d522c7cada94c1c946e5cd3957ab2fe0.safeframe.googlesyndication.com
URL: https://d522c7cada94c1c946e5cd3957ab2fe0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 20 Nov 2022 00:22:17 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
i.match
s.tribalfusion.com/z/ Frame F42B
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEE2fJMLV3V_eRh6Z6iCWc3c&google_cver=1&google_push=ASkJ3FZRuJh38auw_nfHo088RbupjeDHDP8x0TnZC4vVHeoKjQRksoteoG69cNkd_kakeJC9ryo-vPmPE8Or6FbwLVcENXbB7WAT&...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEE2fJMLV3V_eRh6Z6iCWc3c&google_cver=1&google_push=ASkJ3FZRuJh38auw_nfHo088RbupjeDHDP8x0TnZC4vVHeoKjQRksoteoG69cNkd_kakeJC9ryo-vPmPE8Or6FbwLVcENXbB7WA...
43 B
416 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEE2fJMLV3V_eRh6Z6iCWc3c&google_cver=1&google_push=ASkJ3FZRuJh38auw_nfHo088RbupjeDHDP8x0TnZC4vVHeoKjQRksoteoG69cNkd_kakeJC9ryo-vPmPE8Or6FbwLVcENXbB7WAT&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DASkJ3FZRuJh38auw_nfHo088RbupjeDHDP8x0TnZC4vVHeoKjQRksoteoG69cNkd_kakeJC9ryo-vPmPE8Or6FbwLVcENXbB7WAT%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: d522c7cada94c1c946e5cd3957ab2fe0.safeframe.googlesyndication.com
URL: https://d522c7cada94c1c946e5cd3957ab2fe0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 20 Nov 2022 00:22:17 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
76cd07c6efa57324-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 20 Nov 2022 00:22:17 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
358
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEE2fJMLV3V_eRh6Z6iCWc3c&google_cver=1&google_push=ASkJ3FZRuJh38auw_nfHo088RbupjeDHDP8x0TnZC4vVHeoKjQRksoteoG69cNkd_kakeJC9ryo-vPmPE8Or6FbwLVcENXbB7WAT&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DASkJ3FZRuJh38auw_nfHo088RbupjeDHDP8x0TnZC4vVHeoKjQRksoteoG69cNkd_kakeJC9ryo-vPmPE8Or6FbwLVcENXbB7WAT%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
76cd07c5ae447324-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame F42B 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JVX8P9n_HyjP0SXKDxWBk17kIAg7DNKVoxiqE
Requested by
Host: d522c7cada94c1c946e5cd3957ab2fe0.safeframe.googlesyndication.com
URL: https://d522c7cada94c1c946e5cd3957ab2fe0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:17 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
default.css
as.ad4m.at/ad/style/0.1.25/one-ad/ Frame ABE9 		89 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.25/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gk7tpv3t2kd8fdq93qg55q3d182pj4tmm8kp2nm797s7nnknzw19qxq2210p48qpt981x1v8yq02mrzn05expbjmr6f8nn1t6jn3ybd3dyghwvf7kcmvjqh6mr1dw1qnmdv2r6ekeavazp876hpj2apgp8tpnhrsa17fcswaz6h6cnbha4e1ttk6h8eszqke42qsb1ntjvy18kdp1t734avbfnka7yp4gbqbcygrm9gbanj8m5d8msfg9h45sg1fbchjmw07x3wvrm0tqe3qsy4369nnkrwz7shajer51rx3ymhf7kbm3tfd9mrvz578rtt0e5t7xs9jjtqqyn086rrcet0z0dqr6v4b0vc62d1702wm255y10aeb9xmvxrb6jnrpvqsgpx59j5n4xd4xrvcscsz7rhjmeca9k71t3wnymqm1rj0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdkEwOHN5Y968JpnH7_UPpPqP2AGQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTkxMzgyNDc2NTM3NTQ1MzPIAQmpAnNp6beoUrE-4AIAqAMBqgTnAU_QKcrMD_b-7peUfxkthYOMunm24e0DI-INrMaqFQ5DNp06vQedkKxH3dt4f2CR3m_rYF00uk-eool6vwYuazz7UMeStn0aHmmr2fbp9JorRwJ1cNVwPf5hvVl9J8YAz3Tsp78Lk4NjCwrEqFKGkwh0O-Bqtwd8ZLrHIUyffCBpP44lwaN2edDPwjumshGlFWlw7yMu7cqqIQ7g1CJ1GuXPNTruW7JcgbO4YmyuGoYmo869dVb_PKfakXsC4EhV9z94QIYwMbqN4OG6XtXidx3bNylGfr4gJ9oe2-grbrGcdzeNwlMlPuAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1RJfO3b-eHNUHrwov7MT7gjHbKyQ%26client%3Dca-pub-9138247653754533%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3c01ff3cf1eede0634fd027a59dc3a5f2f82eb5cbe271f4aec1dffddb774881
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1gk7tpv3t2kd8fdq93qg55q3d182pj4tmm8kp2nm797s7nnknzw19qxq2210p48qpt981x1v8yq02mrzn05expbjmr6f8nn1t6jn3ybd3dyghwvf7kcmvjqh6mr1dw1qnmdv2r6ekeavazp876hpj2apgp8tpnhrsa17fcswaz6h6cnbha4e1ttk6h8eszqke42qsb1ntjvy18kdp1t734avbfnka7yp4gbqbcygrm9gbanj8m5d8msfg9h45sg1fbchjmw07x3wvrm0tqe3qsy4369nnkrwz7shajer51rx3ymhf7kbm3tfd9mrvz578rtt0e5t7xs9jjtqqyn086rrcet0z0dqr6v4b0vc62d1702wm255y10aeb9xmvxrb6jnrpvqsgpx59j5n4xd4xrvcscsz7rhjmeca9k71t3wnymqm1rj0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdkEwOHN5Y968JpnH7_UPpPqP2AGQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTkxMzgyNDc2NTM3NTQ1MzPIAQmpAnNp6beoUrE-4AIAqAMBqgTnAU_QKcrMD_b-7peUfxkthYOMunm24e0DI-INrMaqFQ5DNp06vQedkKxH3dt4f2CR3m_rYF00uk-eool6vwYuazz7UMeStn0aHmmr2fbp9JorRwJ1cNVwPf5hvVl9J8YAz3Tsp78Lk4NjCwrEqFKGkwh0O-Bqtwd8ZLrHIUyffCBpP44lwaN2edDPwjumshGlFWlw7yMu7cqqIQ7g1CJ1GuXPNTruW7JcgbO4YmyuGoYmo869dVb_PKfakXsC4EhV9z94QIYwMbqN4OG6XtXidx3bNylGfr4gJ9oe2-grbrGcdzeNwlMlPuAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1RJfO3b-eHNUHrwov7MT7gjHbKyQ%26client%3Dca-pub-9138247653754533%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:17 GMT
strict-transport-security
max-age=86400; includeSubDomains; preload
via
1.1 google
x-content-type-options
nosniff
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
cf-cache-status
HIT
age
284195
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=91232
surrogate-control
no-store
content-encoding
br
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
cf-bgj
minify
last-modified
Wed, 16 Nov 2022 17:25:42 GMT
cross-origin-opener-policy
unsafe-none
server
cloudflare
x-download-options
noopen
vary
accept-encoding
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
76cd07c53f807789-LHR
expires
0
r62eglto.js
ad4m.at/ Frame ABE9 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gk7tpv3t2kd8fdq93qg55q3d182pj4tmm8kp2nm797s7nnknzw19qxq2210p48qpt981x1v8yq02mrzn05expbjmr6f8nn1t6jn3ybd3dyghwvf7kcmvjqh6mr1dw1qnmdv2r6ekeavazp876hpj2apgp8tpnhrsa17fcswaz6h6cnbha4e1ttk6h8eszqke42qsb1ntjvy18kdp1t734avbfnka7yp4gbqbcygrm9gbanj8m5d8msfg9h45sg1fbchjmw07x3wvrm0tqe3qsy4369nnkrwz7shajer51rx3ymhf7kbm3tfd9mrvz578rtt0e5t7xs9jjtqqyn086rrcet0z0dqr6v4b0vc62d1702wm255y10aeb9xmvxrb6jnrpvqsgpx59j5n4xd4xrvcscsz7rhjmeca9k71t3wnymqm1rj0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdkEwOHN5Y968JpnH7_UPpPqP2AGQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTkxMzgyNDc2NTM3NTQ1MzPIAQmpAnNp6beoUrE-4AIAqAMBqgTnAU_QKcrMD_b-7peUfxkthYOMunm24e0DI-INrMaqFQ5DNp06vQedkKxH3dt4f2CR3m_rYF00uk-eool6vwYuazz7UMeStn0aHmmr2fbp9JorRwJ1cNVwPf5hvVl9J8YAz3Tsp78Lk4NjCwrEqFKGkwh0O-Bqtwd8ZLrHIUyffCBpP44lwaN2edDPwjumshGlFWlw7yMu7cqqIQ7g1CJ1GuXPNTruW7JcgbO4YmyuGoYmo869dVb_PKfakXsC4EhV9z94QIYwMbqN4OG6XtXidx3bNylGfr4gJ9oe2-grbrGcdzeNwlMlPuAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1RJfO3b-eHNUHrwov7MT7gjHbKyQ%26client%3Dca-pub-9138247653754533%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9b060fea5d40ed1a199f9ffec8eedb296149c1c5289e65818742d16f24f4dc4

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:17 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
394932
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 27 Jul 2022 10:39:11 GMT
server
cloudflare
etag
W/"a69f5acd9289c65e67397be142bc2c3f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JCgSidLGfmwYW45NV6Au1mJkDQ7Zwn4UXtPIefnxctaEtaAJCbAWGE5Q4Xoz79NmbcR1FUK1U%2BP%2FdE4ccx1iamKHfjIQzZk3Y08NWUUzT2B39IFik8AmvOjwM8jVOu8Jqs%2BS9PA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
76cd07c53f827789-LHR
expires
Tue, 08 Nov 2022 10:40:11 GMT
default.css
as.ad4m.at/ad/style/0.1.25/one-ad/ Frame 75C9 		89 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.25/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jhjsjbt1djta5zsdv9g29hj007a9tgkmgcshve19dqcydv92xh7h9mmq17cf457h8pyzmxdtb0vradmkpx7eqjwkyh113d2tsrkqx3d02wsqb4ym75y65vrk6ffm1tzvtxnjphdpk8v05saxy7k77268vk413k6r7rcspt1m9e6fna3etv5h4dkxf6b1pw5jbmc9mw13bp570hjjca6k11cfzrj2p4kbfhv17zcwekxxzhy8c7z07kkq8rr75vsna482a6d1swwnd05pqvjgqrk4yqcgvc40bz1x02yjnwk3nnf5q2ytg546j5k6cw1aay921dy45vqaafefs7w4th7yqz3kh3vry7bhf6qxf9tk651yqfmx2fp0g9bs2ebraxjgxer9nd8tfcd1vqghzebz54bk82we0qwysf4mj0619zyj6kb4&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiCvMOHN5Y9-8JpnH7_UPpPqP2AGQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTkxMzgyNDc2NTM3NTQ1MzPIAQmpAnNp6beoUrE-4AIAqAMBqgTrAU_QzsQih9DZgRZM0-KBjm7-DvIEEtWweExJmhGPYX0Zg-_9FxCsONT8VFNXvtqpEzEgfHh1h3cwfKI2hKHM3U5bVekJ4mmsejc3w3cWyb3icNet9mevGhTTG8kL-qi5L7iMfVmNpi3BZjabLCarp62qK4d9vp6S_-zSUehjFXh7VfQjgp-Oy_zJQyoF5-4HB4DlBW90c3nOc9xGBD1AGHbvKqpwEenAA04geL-dpowEOl2CKqGykkfglbHH6XoCDbQFYEcDxj_9V0k5eGg0g6CJm1J843H4dWUSIJ_ycE81d0PKlHDVXpuDzlngBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0lkC4PmeXnyEaGSDV9531Rh83x6A%26client%3Dca-pub-9138247653754533%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3c01ff3cf1eede0634fd027a59dc3a5f2f82eb5cbe271f4aec1dffddb774881
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1jhjsjbt1djta5zsdv9g29hj007a9tgkmgcshve19dqcydv92xh7h9mmq17cf457h8pyzmxdtb0vradmkpx7eqjwkyh113d2tsrkqx3d02wsqb4ym75y65vrk6ffm1tzvtxnjphdpk8v05saxy7k77268vk413k6r7rcspt1m9e6fna3etv5h4dkxf6b1pw5jbmc9mw13bp570hjjca6k11cfzrj2p4kbfhv17zcwekxxzhy8c7z07kkq8rr75vsna482a6d1swwnd05pqvjgqrk4yqcgvc40bz1x02yjnwk3nnf5q2ytg546j5k6cw1aay921dy45vqaafefs7w4th7yqz3kh3vry7bhf6qxf9tk651yqfmx2fp0g9bs2ebraxjgxer9nd8tfcd1vqghzebz54bk82we0qwysf4mj0619zyj6kb4&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiCvMOHN5Y9-8JpnH7_UPpPqP2AGQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTkxMzgyNDc2NTM3NTQ1MzPIAQmpAnNp6beoUrE-4AIAqAMBqgTrAU_QzsQih9DZgRZM0-KBjm7-DvIEEtWweExJmhGPYX0Zg-_9FxCsONT8VFNXvtqpEzEgfHh1h3cwfKI2hKHM3U5bVekJ4mmsejc3w3cWyb3icNet9mevGhTTG8kL-qi5L7iMfVmNpi3BZjabLCarp62qK4d9vp6S_-zSUehjFXh7VfQjgp-Oy_zJQyoF5-4HB4DlBW90c3nOc9xGBD1AGHbvKqpwEenAA04geL-dpowEOl2CKqGykkfglbHH6XoCDbQFYEcDxj_9V0k5eGg0g6CJm1J843H4dWUSIJ_ycE81d0PKlHDVXpuDzlngBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0lkC4PmeXnyEaGSDV9531Rh83x6A%26client%3Dca-pub-9138247653754533%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:17 GMT
strict-transport-security
max-age=86400; includeSubDomains; preload
via
1.1 google
x-content-type-options
nosniff
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
cf-cache-status
HIT
age
284195
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=91232
surrogate-control
no-store
content-encoding
br
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
cf-bgj
minify
last-modified
Wed, 16 Nov 2022 17:25:42 GMT
cross-origin-opener-policy
unsafe-none
server
cloudflare
x-download-options
noopen
vary
accept-encoding
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
76cd07c53f977789-LHR
expires
0
r62eglto.js
ad4m.at/ Frame 75C9 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jhjsjbt1djta5zsdv9g29hj007a9tgkmgcshve19dqcydv92xh7h9mmq17cf457h8pyzmxdtb0vradmkpx7eqjwkyh113d2tsrkqx3d02wsqb4ym75y65vrk6ffm1tzvtxnjphdpk8v05saxy7k77268vk413k6r7rcspt1m9e6fna3etv5h4dkxf6b1pw5jbmc9mw13bp570hjjca6k11cfzrj2p4kbfhv17zcwekxxzhy8c7z07kkq8rr75vsna482a6d1swwnd05pqvjgqrk4yqcgvc40bz1x02yjnwk3nnf5q2ytg546j5k6cw1aay921dy45vqaafefs7w4th7yqz3kh3vry7bhf6qxf9tk651yqfmx2fp0g9bs2ebraxjgxer9nd8tfcd1vqghzebz54bk82we0qwysf4mj0619zyj6kb4&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiCvMOHN5Y9-8JpnH7_UPpPqP2AGQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTkxMzgyNDc2NTM3NTQ1MzPIAQmpAnNp6beoUrE-4AIAqAMBqgTrAU_QzsQih9DZgRZM0-KBjm7-DvIEEtWweExJmhGPYX0Zg-_9FxCsONT8VFNXvtqpEzEgfHh1h3cwfKI2hKHM3U5bVekJ4mmsejc3w3cWyb3icNet9mevGhTTG8kL-qi5L7iMfVmNpi3BZjabLCarp62qK4d9vp6S_-zSUehjFXh7VfQjgp-Oy_zJQyoF5-4HB4DlBW90c3nOc9xGBD1AGHbvKqpwEenAA04geL-dpowEOl2CKqGykkfglbHH6XoCDbQFYEcDxj_9V0k5eGg0g6CJm1J843H4dWUSIJ_ycE81d0PKlHDVXpuDzlngBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0lkC4PmeXnyEaGSDV9531Rh83x6A%26client%3Dca-pub-9138247653754533%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9b060fea5d40ed1a199f9ffec8eedb296149c1c5289e65818742d16f24f4dc4

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:17 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
394932
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 27 Jul 2022 10:39:11 GMT
server
cloudflare
etag
W/"a69f5acd9289c65e67397be142bc2c3f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=29zuzSLlkTga6Isl%2FiFhFMTR%2FOAAr%2FcWC4KQikK9aOWWd3En538gJNLsi41w41y4wgiXWqJRrqJvKL2hXJSiWN2Z%2Fz3PbMSMzhDKQfOY91lLZWb5k%2B8duW4ZVK5BcQZ%2Fzalrys8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
76cd07c53f9a7789-LHR
expires
Tue, 08 Nov 2022 10:40:11 GMT
rar
as.ad4m.at/ad/ Frame FB0F 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=192347%2C19491%2C14019&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=f0b2334245fcc0dffe85dd19a417d825%2F72909429410786143&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1668903737128&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k5xc6sdsccj88x1h0aqcpw9je84xh5k36fgz0j8dd4vzqbdz5vwkrk448e0b7s5qtfy4xaf55pzmqnr08q9k8k11dm5mm90v8b0x5z869w0sd1mqkncjttdjedgx1tstmpbdw3wr7hgs2car1fjdec847dk7btp46bh47r53d247cay7jv0s3mc3wv5qemr4h19stmb079ptreszybbkf4ywc76hj30aprjw0wgdpf47r8100w2t2hx30amjct5s010xfvh6b4jevgvx7zg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC7noCOHN5Y73MCICH9u8PsO6xuA-Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTkxMzgyNDc2NTM3NTQ1MzPIAQmpAnNp6beoUrE-4AIAqAMBqgTmAU_QozgceZiGFrsV4Mp4ooabpTWh1ub3DnmhgojzmAlJphSLBdc0KEaICZSXH-_yK2xzurGZTwwysZ1S5jFRKrqwTbTk7z0YNwWgCnpcBKLNPkakbE5F-reezz-NiDB6BmrlgvcHRS-RhvMXIB8wKlcUTscS9sNiBSRN_FOJn1-qATQWHOPWrNBSyEowHnRxIPV4dwYeQNgFhED0mEvZhD6OtHnXnHXvgJbTpYu3SdCD0gWAQSwZ5pQ-fRCr370HnyXg4_lEswFbN9nUfWPtymUDIZIjBwKCJGSRhULqVXE249aoOk5h4AQBgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0WLp3quZieU725fxsU_d-C_hqRxA%2526client%253Dca-pub-9138247653754533%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be61fafa9f8dd9950c474a181d65b4b490660720a09a5966beeedd36a26b5148
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1ht5gqaebjdqwqfmxb82qkhbpmzmwpk6wj6tm6sx2e01cb8afqfye7yc8s73kmyp66abw73mfgjbgcgt7jwsk88c4h1tzd9yjd6z1k2vt0nwpgphfdpd8xn88nmm26axh7238y5q2f7y8zm7v32bzyr2k503az4mt47pzf4ntvkf9pv7fhwtv9venz0y0y8a0x9m8waxwdbf9bxgzc8ey2t6fn0ckdj4rtfeeb3pq9dkt23h6keyvw3sjmq62nkznfffd15v032jte9ddk6wb1tmwx6nvvj71y2pdjsnbn8tm8rsk5sf1ycss92q967py68qdvcbhaharq6kadk7vwyembm42fekcwddj46vqj3dabfs9n94adf3d1kggt87635rjfhw8y8h9rw45pwrd3h1xd222m776bp8hs31ebtycxma39jv0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7noCOHN5Y73MCICH9u8PsO6xuA-Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTkxMzgyNDc2NTM3NTQ1MzPIAQmpAnNp6beoUrE-4AIAqAMBqgTmAU_QozgceZiGFrsV4Mp4ooabpTWh1ub3DnmhgojzmAlJphSLBdc0KEaICZSXH-_yK2xzurGZTwwysZ1S5jFRKrqwTbTk7z0YNwWgCnpcBKLNPkakbE5F-reezz-NiDB6BmrlgvcHRS-RhvMXIB8wKlcUTscS9sNiBSRN_FOJn1-qATQWHOPWrNBSyEowHnRxIPV4dwYeQNgFhED0mEvZhD6OtHnXnHXvgJbTpYu3SdCD0gWAQSwZ5pQ-fRCr370HnyXg4_lEswFbN9nUfWPtymUDIZIjBwKCJGSRhULqVXE249aoOk5h4AQBgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0WLp3quZieU725fxsU_d-C_hqRxA%26client%3Dca-pub-9138247653754533%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
76cd07c56fe27789-LHR
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Sun, 20 Nov 2022 00:22:17 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
bridge3.546.0_uk.html
imasdk.googleapis.com/js/core/ Frame 966F 		691 KB
222 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.546.0_uk.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dc22451564cd5de1532a0383213151f7e3d82c1830ff84f3908db02befa9d2eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1plus1.video/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
319792
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
226805
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Wed, 16 Nov 2022 07:32:25 GMT
expires
Thu, 16 Nov 2023 07:32:25 GMT
last-modified
Wed, 16 Nov 2022 07:23:53 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame FB8F 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 20 Nov 2022 00:22:17 GMT
integrator.js
adservice.google.com/adsid/ Frame FB8F 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=1plus1.video
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
redot.js
gaua.hit.gemius.pl/_1668903737262/ Frame FB8F 		2 B
204 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gaua.hit.gemius.pl/_1668903737262/redot.js?l=107&sendf=0&id=ByA1NmOpnbt8LmYqyjQkWrd8.l0YgocyqLXiHjiJayv.h7&et=data&hsrc=3&extra=_EC%3Dstreamcontent%7C_SPI%3D1668903737125%7C_SP%3DE2fzXbha%7C_SPD%3D1plus1.ua%7C_SPV%3D100%7C_SPR%3D665x400%7C_SC%3DE2fzXbha%7CcurrentDomain%3D1plus1.ua%7CcurrentNetwork%3Dhome%7CprojectID%3D128902%7C_SCV%3D100%7Cmute%3Dfalse%7C_SCR%3D665x400%7C_SCT%3DStarodavni%20tradiciyi%20guculivsirovariv%20ta%20sekreti%20virobnictva%20karpatskih%20tverdih%20siriv%7CvideoType%3D3%7CUserType%3DNotAuthorized%7CCategory%3DENT_AVT_1P1%7C_SCD%3D3189%7C_SCTE%3DVideo%7C_SCPD%3D20210612%7C_SCTY%3D1%2F00%7CcontentType%3Dfun%7C_SCTT%3D1&eventid=0&fr=3&tz=0&fv=-&href=https%3A%2F%2F1plus1.video%2Fvideo%2Fembed%2FE2fzXbha%3Fl%3Dua&ref=https%3A%2F%2F1plus1.ua%2F&screen=1600x1200r1000&col=24&window=665x400&vis=1&lsdata=V_G2rvyvPTBNrUE.bytbQgCm45A.AwcuGXf4TRBah5H.x7T4YXg7W2W9eNEOEu12e67QqxL5ss82t77JnD6VEmEQg_St/MLyDD7724PoeM/&fpdata=it8XU99TOFzUl8Iqi3P7_NsTyJYdq1.CT6zKEKTqM0z.J7&ltime=115&inner=_ver%3D331%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=6379733902a40696&fpcap=&fpsec=1
Requested by
Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/gemiuslib.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.37.238.28 , Poland, ASN16276 (OVH, FR),
Reverse DNS
ip28.ip-54-37-238.eu
Software
GHC /
Resource Hash
75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 20 Nov 2022 00:22:17 GMT
server
GHC
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
CP="NOI DSP COR NID PSAo OUR IND"
content-type
application/x-javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
2
expires
Sat, 19 Nov 2022 00:22:17 GMT
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame ABE9 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.25/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:17 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
29433697
x-guploader-uploadid
ADPycdvQu8rzdRrs97enjvGnGemL_nNn_z_RSZB83DHfe2cfB-xpEUBD4BQhQyZG4qi6ZI9TUspp2S0YgzaqlNWuYIyIg2GVkA
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3262
x-goog-meta-
last-modified
Wed, 09 Jun 2021 12:35:14 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
vary
Accept-Encoding
x-goog-generation
1623242114099744
content-type
image/png
x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control
public, max-age=31536000, immutable
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GllYx%2FUBUdo6%2BgOFlEtTx89iHoJFtIQZ6WhHn3P6UCo%2Fr9vahl15%2FZk0NKGOH%2BaHU0n7UZp1o7ZMprvo%2FutXsjV7TmvDnp0zAPtdYHw%2FnnQbqh%2BRNwCxAAbjqR7NWitW2Ud2sL7joujNEdtM0fJCMdJ5"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
76cd07c6ac728883-LHR
expires
Wed, 14 Dec 2022 08:20:40 GMT
truncated
/ Frame 95EB 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
52766e8a794518c7468a348595a6057555b8b122b4ef240157319ee3db41feac

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 6392 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
157e60bd9d7ce36569bb2e2ade15d6abf40cd9a6c5c4818e05defc7d34595c6d

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
default.css
as.ad4m.at/ad/style/0.1.25/one-ad/ Frame FB0F 		89 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.25/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=192347%2C19491%2C14019&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=f0b2334245fcc0dffe85dd19a417d825%2F72909429410786143&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1668903737128&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k5xc6sdsccj88x1h0aqcpw9je84xh5k36fgz0j8dd4vzqbdz5vwkrk448e0b7s5qtfy4xaf55pzmqnr08q9k8k11dm5mm90v8b0x5z869w0sd1mqkncjttdjedgx1tstmpbdw3wr7hgs2car1fjdec847dk7btp46bh47r53d247cay7jv0s3mc3wv5qemr4h19stmb079ptreszybbkf4ywc76hj30aprjw0wgdpf47r8100w2t2hx30amjct5s010xfvh6b4jevgvx7zg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC7noCOHN5Y73MCICH9u8PsO6xuA-Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTkxMzgyNDc2NTM3NTQ1MzPIAQmpAnNp6beoUrE-4AIAqAMBqgTmAU_QozgceZiGFrsV4Mp4ooabpTWh1ub3DnmhgojzmAlJphSLBdc0KEaICZSXH-_yK2xzurGZTwwysZ1S5jFRKrqwTbTk7z0YNwWgCnpcBKLNPkakbE5F-reezz-NiDB6BmrlgvcHRS-RhvMXIB8wKlcUTscS9sNiBSRN_FOJn1-qATQWHOPWrNBSyEowHnRxIPV4dwYeQNgFhED0mEvZhD6OtHnXnHXvgJbTpYu3SdCD0gWAQSwZ5pQ-fRCr370HnyXg4_lEswFbN9nUfWPtymUDIZIjBwKCJGSRhULqVXE249aoOk5h4AQBgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0WLp3quZieU725fxsU_d-C_hqRxA%2526client%253Dca-pub-9138247653754533%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3c01ff3cf1eede0634fd027a59dc3a5f2f82eb5cbe271f4aec1dffddb774881
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=192347%2C19491%2C14019&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=f0b2334245fcc0dffe85dd19a417d825%2F72909429410786143&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1668903737128&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k5xc6sdsccj88x1h0aqcpw9je84xh5k36fgz0j8dd4vzqbdz5vwkrk448e0b7s5qtfy4xaf55pzmqnr08q9k8k11dm5mm90v8b0x5z869w0sd1mqkncjttdjedgx1tstmpbdw3wr7hgs2car1fjdec847dk7btp46bh47r53d247cay7jv0s3mc3wv5qemr4h19stmb079ptreszybbkf4ywc76hj30aprjw0wgdpf47r8100w2t2hx30amjct5s010xfvh6b4jevgvx7zg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC7noCOHN5Y73MCICH9u8PsO6xuA-Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTkxMzgyNDc2NTM3NTQ1MzPIAQmpAnNp6beoUrE-4AIAqAMBqgTmAU_QozgceZiGFrsV4Mp4ooabpTWh1ub3DnmhgojzmAlJphSLBdc0KEaICZSXH-_yK2xzurGZTwwysZ1S5jFRKrqwTbTk7z0YNwWgCnpcBKLNPkakbE5F-reezz-NiDB6BmrlgvcHRS-RhvMXIB8wKlcUTscS9sNiBSRN_FOJn1-qATQWHOPWrNBSyEowHnRxIPV4dwYeQNgFhED0mEvZhD6OtHnXnHXvgJbTpYu3SdCD0gWAQSwZ5pQ-fRCr370HnyXg4_lEswFbN9nUfWPtymUDIZIjBwKCJGSRhULqVXE249aoOk5h4AQBgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0WLp3quZieU725fxsU_d-C_hqRxA%2526client%253Dca-pub-9138247653754533%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:17 GMT
strict-transport-security
max-age=86400; includeSubDomains; preload
via
1.1 google
x-content-type-options
nosniff
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
cf-cache-status
HIT
age
284195
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=91232
surrogate-control
no-store
content-encoding
br
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
cf-bgj
minify
last-modified
Wed, 16 Nov 2022 17:25:42 GMT
cross-origin-opener-policy
unsafe-none
server
cloudflare
x-download-options
noopen
vary
accept-encoding
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
76cd07c679657789-LHR
expires
0
D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame FB0F 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=192347%2C19491%2C14019&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=f0b2334245fcc0dffe85dd19a417d825%2F72909429410786143&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1668903737128&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k5xc6sdsccj88x1h0aqcpw9je84xh5k36fgz0j8dd4vzqbdz5vwkrk448e0b7s5qtfy4xaf55pzmqnr08q9k8k11dm5mm90v8b0x5z869w0sd1mqkncjttdjedgx1tstmpbdw3wr7hgs2car1fjdec847dk7btp46bh47r53d247cay7jv0s3mc3wv5qemr4h19stmb079ptreszybbkf4ywc76hj30aprjw0wgdpf47r8100w2t2hx30amjct5s010xfvh6b4jevgvx7zg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC7noCOHN5Y73MCICH9u8PsO6xuA-Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTkxMzgyNDc2NTM3NTQ1MzPIAQmpAnNp6beoUrE-4AIAqAMBqgTmAU_QozgceZiGFrsV4Mp4ooabpTWh1ub3DnmhgojzmAlJphSLBdc0KEaICZSXH-_yK2xzurGZTwwysZ1S5jFRKrqwTbTk7z0YNwWgCnpcBKLNPkakbE5F-reezz-NiDB6BmrlgvcHRS-RhvMXIB8wKlcUTscS9sNiBSRN_FOJn1-qATQWHOPWrNBSyEowHnRxIPV4dwYeQNgFhED0mEvZhD6OtHnXnHXvgJbTpYu3SdCD0gWAQSwZ5pQ-fRCr370HnyXg4_lEswFbN9nUfWPtymUDIZIjBwKCJGSRhULqVXE249aoOk5h4AQBgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0WLp3quZieU725fxsU_d-C_hqRxA%2526client%253Dca-pub-9138247653754533%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:17 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
365134
cf-polished
origFmt=png, origSize=115129
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
54564
cf-bgj
imgq:85,h2pri
last-modified
Tue, 09 Feb 2021 15:11:24 GMT
server
cloudflare
etag
"0a277d59efca0369a6983645e273659e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A%2B6l469sUsP6a6m%2BsJyxj2N1ifWwms1KTRIOVYK8EFPxcuVRtexLoEZtku3RI4B0LcU%2FSi3NB6gbrABTJ%2Bp6kche9l3fHEmzCYE00996pz5Q9lE8cluJs%2BVyeNLgkmfxIH9G1rBy1cB%2FvcwJ"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
76cd07c68e4174c9-LHR
expires
Mon, 21 Nov 2022 00:22:17 GMT
3778CF797E3A529087D97C23A5BCA9FADE012AB01E21FB1929557E8BD70A789A1F44E5D867099979B17313F69D44515CF12B8C937634907539AB1C54C4F5334B
assets.ad4m.at/product_image/ Frame FB0F 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/3778CF797E3A529087D97C23A5BCA9FADE012AB01E21FB1929557E8BD70A789A1F44E5D867099979B17313F69D44515CF12B8C937634907539AB1C54C4F5334B
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=192347%2C19491%2C14019&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=f0b2334245fcc0dffe85dd19a417d825%2F72909429410786143&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1668903737128&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k5xc6sdsccj88x1h0aqcpw9je84xh5k36fgz0j8dd4vzqbdz5vwkrk448e0b7s5qtfy4xaf55pzmqnr08q9k8k11dm5mm90v8b0x5z869w0sd1mqkncjttdjedgx1tstmpbdw3wr7hgs2car1fjdec847dk7btp46bh47r53d247cay7jv0s3mc3wv5qemr4h19stmb079ptreszybbkf4ywc76hj30aprjw0wgdpf47r8100w2t2hx30amjct5s010xfvh6b4jevgvx7zg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC7noCOHN5Y73MCICH9u8PsO6xuA-Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTkxMzgyNDc2NTM3NTQ1MzPIAQmpAnNp6beoUrE-4AIAqAMBqgTmAU_QozgceZiGFrsV4Mp4ooabpTWh1ub3DnmhgojzmAlJphSLBdc0KEaICZSXH-_yK2xzurGZTwwysZ1S5jFRKrqwTbTk7z0YNwWgCnpcBKLNPkakbE5F-reezz-NiDB6BmrlgvcHRS-RhvMXIB8wKlcUTscS9sNiBSRN_FOJn1-qATQWHOPWrNBSyEowHnRxIPV4dwYeQNgFhED0mEvZhD6OtHnXnHXvgJbTpYu3SdCD0gWAQSwZ5pQ-fRCr370HnyXg4_lEswFbN9nUfWPtymUDIZIjBwKCJGSRhULqVXE249aoOk5h4AQBgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0WLp3quZieU725fxsU_d-C_hqRxA%2526client%253Dca-pub-9138247653754533%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fc6327e965679b41a818cf88fdaf0b16e586c0ac03bc72d49c4f47e2ed02336

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:17 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
285881
cf-polished
qual=85, origFmt=jpeg, origSize=46259
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10888
cf-bgj
imgq:85,h2pri
last-modified
Wed, 16 Nov 2022 15:21:37 GMT
server
cloudflare
etag
"b2cf554576629d98986c459034c76d1a"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GmGV1nJ4dF1kaHkwxeWCG1docMEU%2FtRC9w7udkBBRrYYgiTfOulYrGsNuU4EgRSHjkWMlMcqqvhL49Vm2fMgyuhs5UpzyGbS0xYRkBb6Rq3emzMC41Ev%2FhjAxYQAacFiWNVApH3xNxG4GrEY"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
76cd07c69e4874c9-LHR
expires
Mon, 21 Nov 2022 00:22:17 GMT
/
partner.o2online.de/a/ Frame FB0F
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CPf7wfO-u_sCFWuF_Qcdh10OkA;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
  • https://www.telefonica-partner.de/tpv.php?t=117703V1226132702M&subid=viewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.lead-alliance.net/tpv.php?t=117703V1226132702M&subid=viewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2022112001221878702816337X117703V1226132702MSviewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_N...
49 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2022112001221878702816337X117703V1226132702MSviewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&cons=0&spid=2022112001221878702816337X117703V1226132702MSviewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth&wfid=117703&partnerid=12218
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=192347%2C19491%2C14019&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=f0b2334245fcc0dffe85dd19a417d825%2F72909429410786143&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1668903737128&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k5xc6sdsccj88x1h0aqcpw9je84xh5k36fgz0j8dd4vzqbdz5vwkrk448e0b7s5qtfy4xaf55pzmqnr08q9k8k11dm5mm90v8b0x5z869w0sd1mqkncjttdjedgx1tstmpbdw3wr7hgs2car1fjdec847dk7btp46bh47r53d247cay7jv0s3mc3wv5qemr4h19stmb079ptreszybbkf4ywc76hj30aprjw0wgdpf47r8100w2t2hx30amjct5s010xfvh6b4jevgvx7zg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC7noCOHN5Y73MCICH9u8PsO6xuA-Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTkxMzgyNDc2NTM3NTQ1MzPIAQmpAnNp6beoUrE-4AIAqAMBqgTmAU_QozgceZiGFrsV4Mp4ooabpTWh1ub3DnmhgojzmAlJphSLBdc0KEaICZSXH-_yK2xzurGZTwwysZ1S5jFRKrqwTbTk7z0YNwWgCnpcBKLNPkakbE5F-reezz-NiDB6BmrlgvcHRS-RhvMXIB8wKlcUTscS9sNiBSRN_FOJn1-qATQWHOPWrNBSyEowHnRxIPV4dwYeQNgFhED0mEvZhD6OtHnXnHXvgJbTpYu3SdCD0gWAQSwZ5pQ-fRCr370HnyXg4_lEswFbN9nUfWPtymUDIZIjBwKCJGSRhULqVXE249aoOk5h4AQBgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0WLp3quZieU725fxsU_d-C_hqRxA%2526client%253Dca-pub-9138247653754533%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Server
78.46.85.162 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nonstopads1.sunbonet.de
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 20 Nov 2022 00:22:18 GMT
X-NODEIP
78.46.85.162
Server
nginx/1.10.3 (Ubuntu)
RM-PrivacyPolicy
https://www.nonstoppartner.net/
Content-Type
image/gif
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection
keep-alive
Keep-Alive
timeout=10
Content-Length
49

Redirect headers

location
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2022112001221878702816337X117703V1226132702MSviewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&cons=0&spid=2022112001221878702816337X117703V1226132702MSviewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth&wfid=117703&partnerid=12218
date
Sun, 20 Nov 2022 00:22:18 GMT
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
assets.ad4m.at/logo/ Frame FB0F 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=192347%2C19491%2C14019&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=f0b2334245fcc0dffe85dd19a417d825%2F72909429410786143&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1668903737128&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k5xc6sdsccj88x1h0aqcpw9je84xh5k36fgz0j8dd4vzqbdz5vwkrk448e0b7s5qtfy4xaf55pzmqnr08q9k8k11dm5mm90v8b0x5z869w0sd1mqkncjttdjedgx1tstmpbdw3wr7hgs2car1fjdec847dk7btp46bh47r53d247cay7jv0s3mc3wv5qemr4h19stmb079ptreszybbkf4ywc76hj30aprjw0wgdpf47r8100w2t2hx30amjct5s010xfvh6b4jevgvx7zg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC7noCOHN5Y73MCICH9u8PsO6xuA-Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTkxMzgyNDc2NTM3NTQ1MzPIAQmpAnNp6beoUrE-4AIAqAMBqgTmAU_QozgceZiGFrsV4Mp4ooabpTWh1ub3DnmhgojzmAlJphSLBdc0KEaICZSXH-_yK2xzurGZTwwysZ1S5jFRKrqwTbTk7z0YNwWgCnpcBKLNPkakbE5F-reezz-NiDB6BmrlgvcHRS-RhvMXIB8wKlcUTscS9sNiBSRN_FOJn1-qATQWHOPWrNBSyEowHnRxIPV4dwYeQNgFhED0mEvZhD6OtHnXnHXvgJbTpYu3SdCD0gWAQSwZ5pQ-fRCr370HnyXg4_lEswFbN9nUfWPtymUDIZIjBwKCJGSRhULqVXE249aoOk5h4AQBgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0WLp3quZieU725fxsU_d-C_hqRxA%2526client%253Dca-pub-9138247653754533%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:17 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2264076
cf-polished
origFmt=png, origSize=24833
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9258
cf-bgj
imgq:85,h2pri
last-modified
Tue, 09 Feb 2021 15:11:57 GMT
server
cloudflare
etag
"174bb0dc35647e204b09aa120965604a"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OowpRQR6JeGaOfelRxHcwEctYAipTClREeusCFMJPIH3%2Fi40I7ogfwRtU4gQ2JkA1tNtf7vFenURoMZtsWidisP%2B0ku8iKac3NkHrSCKQ7%2FMSG8lbVf2TsjZifmZ2bmFqta9AFfg1jYlAMVl"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
76cd07c69e4a74c9-LHR
expires
Mon, 21 Nov 2022 00:22:17 GMT
FDA524315CF1A84E9D46619FD10F0264DD2260394DD71198EE8FEC75572B31C1B960B5E4A647F88B6C04B0DBC247510EFFF5F03328E33405460FFEDC3D0CE020
assets.ad4m.at/product_image/ Frame FB0F 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/FDA524315CF1A84E9D46619FD10F0264DD2260394DD71198EE8FEC75572B31C1B960B5E4A647F88B6C04B0DBC247510EFFF5F03328E33405460FFEDC3D0CE020
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=192347%2C19491%2C14019&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=f0b2334245fcc0dffe85dd19a417d825%2F72909429410786143&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1668903737128&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k5xc6sdsccj88x1h0aqcpw9je84xh5k36fgz0j8dd4vzqbdz5vwkrk448e0b7s5qtfy4xaf55pzmqnr08q9k8k11dm5mm90v8b0x5z869w0sd1mqkncjttdjedgx1tstmpbdw3wr7hgs2car1fjdec847dk7btp46bh47r53d247cay7jv0s3mc3wv5qemr4h19stmb079ptreszybbkf4ywc76hj30aprjw0wgdpf47r8100w2t2hx30amjct5s010xfvh6b4jevgvx7zg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC7noCOHN5Y73MCICH9u8PsO6xuA-Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTkxMzgyNDc2NTM3NTQ1MzPIAQmpAnNp6beoUrE-4AIAqAMBqgTmAU_QozgceZiGFrsV4Mp4ooabpTWh1ub3DnmhgojzmAlJphSLBdc0KEaICZSXH-_yK2xzurGZTwwysZ1S5jFRKrqwTbTk7z0YNwWgCnpcBKLNPkakbE5F-reezz-NiDB6BmrlgvcHRS-RhvMXIB8wKlcUTscS9sNiBSRN_FOJn1-qATQWHOPWrNBSyEowHnRxIPV4dwYeQNgFhED0mEvZhD6OtHnXnHXvgJbTpYu3SdCD0gWAQSwZ5pQ-fRCr370HnyXg4_lEswFbN9nUfWPtymUDIZIjBwKCJGSRhULqVXE249aoOk5h4AQBgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0WLp3quZieU725fxsU_d-C_hqRxA%2526client%253Dca-pub-9138247653754533%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b094a140ea1c9e6edece62a54ab0d4fb5a600ba71495dc8835a12621e49204e

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:17 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
287336
cf-polished
qual=85, origFmt=jpeg, origSize=85977
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
20094
cf-bgj
imgq:85,h2pri
last-modified
Wed, 16 Nov 2022 16:32:10 GMT
server
cloudflare
etag
"115bea0885590f780802fd14548a1cde"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ntL4EcCpYj1ZVFIYvNrSVJsodNzEftDvZXBx5TVi2yometih7WAtQ6o1wvbbiGR4290462jrCF1mIv6bnn12dOciLsnyRI122jZ2vSoAdZRgvQJJkqV37oS6Ucqcpa2bjR05KQDEQXwI8KEI"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
76cd07c69e4b74c9-LHR
expires
Mon, 21 Nov 2022 00:22:17 GMT
/
partner.blau.de/a/ Frame FB0F
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed...
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_pre=CP20wvO-u_sCFVGK_QcdlnMJjw;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_la...
  • https://www.telefonica-partner.de/tpv.php?t=113752V1225131106M&subid=viewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.lead-alliance.net/tpv.php?t=113752V1225131106M&subid=viewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2022112001221878702816339X113752V1225131106MSviewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netm...
49 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2022112001221878702816339X113752V1225131106MSviewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&cons=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=192347%2C19491%2C14019&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=f0b2334245fcc0dffe85dd19a417d825%2F72909429410786143&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1668903737128&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k5xc6sdsccj88x1h0aqcpw9je84xh5k36fgz0j8dd4vzqbdz5vwkrk448e0b7s5qtfy4xaf55pzmqnr08q9k8k11dm5mm90v8b0x5z869w0sd1mqkncjttdjedgx1tstmpbdw3wr7hgs2car1fjdec847dk7btp46bh47r53d247cay7jv0s3mc3wv5qemr4h19stmb079ptreszybbkf4ywc76hj30aprjw0wgdpf47r8100w2t2hx30amjct5s010xfvh6b4jevgvx7zg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC7noCOHN5Y73MCICH9u8PsO6xuA-Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTkxMzgyNDc2NTM3NTQ1MzPIAQmpAnNp6beoUrE-4AIAqAMBqgTmAU_QozgceZiGFrsV4Mp4ooabpTWh1ub3DnmhgojzmAlJphSLBdc0KEaICZSXH-_yK2xzurGZTwwysZ1S5jFRKrqwTbTk7z0YNwWgCnpcBKLNPkakbE5F-reezz-NiDB6BmrlgvcHRS-RhvMXIB8wKlcUTscS9sNiBSRN_FOJn1-qATQWHOPWrNBSyEowHnRxIPV4dwYeQNgFhED0mEvZhD6OtHnXnHXvgJbTpYu3SdCD0gWAQSwZ5pQ-fRCr370HnyXg4_lEswFbN9nUfWPtymUDIZIjBwKCJGSRhULqVXE249aoOk5h4AQBgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0WLp3quZieU725fxsU_d-C_hqRxA%2526client%253Dca-pub-9138247653754533%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Server
78.46.85.162 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nonstopads1.sunbonet.de
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 20 Nov 2022 00:22:18 GMT
X-NODEIP
78.46.85.162
Server
nginx/1.10.3 (Ubuntu)
RM-PrivacyPolicy
https://www.nonstoppartner.net/
Content-Type
image/gif
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection
keep-alive
Keep-Alive
timeout=10
Content-Length
49

Redirect headers

location
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2022112001221878702816339X113752V1225131106MSviewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&cons=0
date
Sun, 20 Nov 2022 00:22:18 GMT
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
CE11F4A269236C0AF074ADB7F1ADA1F8C472CD7AC3290EFBF4A7DADA0100B8792254D4F2CF871D3311E6317269487774B650CDD0B207BED389DBEA35CD2DBC8F
assets.ad4m.at/logo/ Frame FB0F 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/CE11F4A269236C0AF074ADB7F1ADA1F8C472CD7AC3290EFBF4A7DADA0100B8792254D4F2CF871D3311E6317269487774B650CDD0B207BED389DBEA35CD2DBC8F
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=192347%2C19491%2C14019&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=f0b2334245fcc0dffe85dd19a417d825%2F72909429410786143&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1668903737128&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k5xc6sdsccj88x1h0aqcpw9je84xh5k36fgz0j8dd4vzqbdz5vwkrk448e0b7s5qtfy4xaf55pzmqnr08q9k8k11dm5mm90v8b0x5z869w0sd1mqkncjttdjedgx1tstmpbdw3wr7hgs2car1fjdec847dk7btp46bh47r53d247cay7jv0s3mc3wv5qemr4h19stmb079ptreszybbkf4ywc76hj30aprjw0wgdpf47r8100w2t2hx30amjct5s010xfvh6b4jevgvx7zg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC7noCOHN5Y73MCICH9u8PsO6xuA-Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTkxMzgyNDc2NTM3NTQ1MzPIAQmpAnNp6beoUrE-4AIAqAMBqgTmAU_QozgceZiGFrsV4Mp4ooabpTWh1ub3DnmhgojzmAlJphSLBdc0KEaICZSXH-_yK2xzurGZTwwysZ1S5jFRKrqwTbTk7z0YNwWgCnpcBKLNPkakbE5F-reezz-NiDB6BmrlgvcHRS-RhvMXIB8wKlcUTscS9sNiBSRN_FOJn1-qATQWHOPWrNBSyEowHnRxIPV4dwYeQNgFhED0mEvZhD6OtHnXnHXvgJbTpYu3SdCD0gWAQSwZ5pQ-fRCr370HnyXg4_lEswFbN9nUfWPtymUDIZIjBwKCJGSRhULqVXE249aoOk5h4AQBgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0WLp3quZieU725fxsU_d-C_hqRxA%2526client%253Dca-pub-9138247653754533%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7024493525030ecd098ce0dcb2f0aea839373775120b40580028137b1d125ac9

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:17 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2260355
cf-polished
origFmt=png, origSize=39979
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15996
cf-bgj
imgq:85,h2pri
last-modified
Wed, 22 Jan 2020 13:07:55 GMT
server
cloudflare
etag
"ad9334664514d900a0c3b76d17ca960f"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sUJAij%2BDLfS%2FvRkE%2BdiruiIOzdMPxdW8iVnRKdj1E8fv1mxoydEh1%2Fm3P7BlmVBzlqqtfa3FVu%2FxPy9%2FOfy37ifnLgUqn%2Bin6N5gM9sbhVwFaBuH8PLGvre%2Bvz9JfFmRKyb7G2qN2l2M55TH"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
76cd07c69e4c74c9-LHR
expires
Mon, 21 Nov 2022 00:22:17 GMT
EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
assets.ad4m.at/product_image/ Frame FB0F 		222 KB
222 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=192347%2C19491%2C14019&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=f0b2334245fcc0dffe85dd19a417d825%2F72909429410786143&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1668903737128&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k5xc6sdsccj88x1h0aqcpw9je84xh5k36fgz0j8dd4vzqbdz5vwkrk448e0b7s5qtfy4xaf55pzmqnr08q9k8k11dm5mm90v8b0x5z869w0sd1mqkncjttdjedgx1tstmpbdw3wr7hgs2car1fjdec847dk7btp46bh47r53d247cay7jv0s3mc3wv5qemr4h19stmb079ptreszybbkf4ywc76hj30aprjw0wgdpf47r8100w2t2hx30amjct5s010xfvh6b4jevgvx7zg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC7noCOHN5Y73MCICH9u8PsO6xuA-Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTkxMzgyNDc2NTM3NTQ1MzPIAQmpAnNp6beoUrE-4AIAqAMBqgTmAU_QozgceZiGFrsV4Mp4ooabpTWh1ub3DnmhgojzmAlJphSLBdc0KEaICZSXH-_yK2xzurGZTwwysZ1S5jFRKrqwTbTk7z0YNwWgCnpcBKLNPkakbE5F-reezz-NiDB6BmrlgvcHRS-RhvMXIB8wKlcUTscS9sNiBSRN_FOJn1-qATQWHOPWrNBSyEowHnRxIPV4dwYeQNgFhED0mEvZhD6OtHnXnHXvgJbTpYu3SdCD0gWAQSwZ5pQ-fRCr370HnyXg4_lEswFbN9nUfWPtymUDIZIjBwKCJGSRhULqVXE249aoOk5h4AQBgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0WLp3quZieU725fxsU_d-C_hqRxA%2526client%253Dca-pub-9138247653754533%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41b9b9d488e3a57902a671111dd089363c2f7d3a41ec3177f196abbb7cbac078

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:17 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
360554
cf-polished
origFmt=png, origSize=342797
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
226916
cf-bgj
imgq:85,h2pri
last-modified
Wed, 15 Jun 2022 14:01:11 GMT
server
cloudflare
etag
"82c7de0f42ff55fdd0acc07731664031"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L8ot%2BfNYSjdu41NtbapgfUp2crVGJ9xHjboKQ5FfRH7CiJBNPk56XXHrGcSuen0Tzefqr3sV%2FB6fJQwFWs1qlh3LL%2FrER1oHhJXgakun6QOwezh3RCFixPrqrxUtNCtTWsC2GMXVrkn1CrWs"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
76cd07c69e4d74c9-LHR
expires
Mon, 21 Nov 2022 00:22:17 GMT
ztpv.php
www.conrad.de/ Frame FB0F
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtVoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.zenaps.com/cshow.php?pvr=63e83310-6869-11ed-adce-2234a4c513ba&v=11354&r=412871&q=377129&s=2470185&viewref3=oneidD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtVoneid__suite_Netmix_Reach43_TopRotaMonth...
  • https://www.conrad.de/ztpv.php?awc=11354_412871_1668903737_63e83310-6869-11ed-adce-2234a4c513ba&insert=AW&&gdpr=0&gdpr_consent=
0
639 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.conrad.de/ztpv.php?awc=11354_412871_1668903737_63e83310-6869-11ed-adce-2234a4c513ba&insert=AW&&gdpr=0&gdpr_consent=
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=192347%2C19491%2C14019&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=f0b2334245fcc0dffe85dd19a417d825%2F72909429410786143&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1668903737128&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k5xc6sdsccj88x1h0aqcpw9je84xh5k36fgz0j8dd4vzqbdz5vwkrk448e0b7s5qtfy4xaf55pzmqnr08q9k8k11dm5mm90v8b0x5z869w0sd1mqkncjttdjedgx1tstmpbdw3wr7hgs2car1fjdec847dk7btp46bh47r53d247cay7jv0s3mc3wv5qemr4h19stmb079ptreszybbkf4ywc76hj30aprjw0wgdpf47r8100w2t2hx30amjct5s010xfvh6b4jevgvx7zg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC7noCOHN5Y73MCICH9u8PsO6xuA-Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTkxMzgyNDc2NTM3NTQ1MzPIAQmpAnNp6beoUrE-4AIAqAMBqgTmAU_QozgceZiGFrsV4Mp4ooabpTWh1ub3DnmhgojzmAlJphSLBdc0KEaICZSXH-_yK2xzurGZTwwysZ1S5jFRKrqwTbTk7z0YNwWgCnpcBKLNPkakbE5F-reezz-NiDB6BmrlgvcHRS-RhvMXIB8wKlcUTscS9sNiBSRN_FOJn1-qATQWHOPWrNBSyEowHnRxIPV4dwYeQNgFhED0mEvZhD6OtHnXnHXvgJbTpYu3SdCD0gWAQSwZ5pQ-fRCr370HnyXg4_lEswFbN9nUfWPtymUDIZIjBwKCJGSRhULqVXE249aoOk5h4AQBgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0WLp3quZieU725fxsU_d-C_hqRxA%2526client%253Dca-pub-9138247653754533%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Server
2606:4700::6812:7f05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:17 GMT
via
1.1 additional-webserver-blue-j7sk (Varnish/7.2)
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=15552000
age
0
content-type
text/html; charset=UTF-8
p3p
policyref="http://www.conrad.de/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
x-varnish
360210906
cache-control
no-cache
cf-ray
76cd07c9fb0d73f7-LHR
expires
-1

Redirect headers

Date
Sun, 20 Nov 2022 00:22:17 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://www.conrad.de/ztpv.php?awc=11354_412871_1668903737_63e83310-6869-11ed-adce-2234a4c513ba&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
0
frame.html
ad4m.at/ Frame F845 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
2089024
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
76cd07c6898e7789-LHR
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Sun, 20 Nov 2022 00:22:17 GMT
expires
Wed, 26 Oct 2022 21:05:13 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tbQVuEulUPHAEiM05rnF8LwlNUgGcKf59qOTkRbKWrknf7wXpzQXLPd55pdzK7c4F3338UpKTpVwuU1l1GoBeg5PARFEkySmm%2B36Z2nNxdWKvv%2F%2BNfDjTtxmKBXHr5IOXZvAIC4%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 75C9 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.25/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:17 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
29433697
x-guploader-uploadid
ADPycdvQu8rzdRrs97enjvGnGemL_nNn_z_RSZB83DHfe2cfB-xpEUBD4BQhQyZG4qi6ZI9TUspp2S0YgzaqlNWuYIyIg2GVkA
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3262
x-goog-meta-
last-modified
Wed, 09 Jun 2021 12:35:14 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
vary
Accept-Encoding
x-goog-generation
1623242114099744
content-type
image/png
x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control
public, max-age=31536000, immutable
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Til6lNk55PPQ5z32QcLjQTpoq%2Fsmxw2XbU5VcrLLCYQyU9crUMGdsMmrWIXjLIhODSe7005eALDB1OiqTOgLYwaPX%2BiGwPMzAHjVF8a7at2KRg%2BfMftpbzlKFd1PFRcphvwp3iH4vh028iqDIHVCqUv%2F"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
76cd07c6bc758883-LHR
expires
Wed, 14 Dec 2022 08:20:40 GMT
frame.html
ad4m.at/ Frame 9B37 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
2089024
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
76cd07c6b9ba7789-LHR
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Sun, 20 Nov 2022 00:22:17 GMT
expires
Wed, 26 Oct 2022 21:05:13 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RW6qTE5YI0YnbIU6OfAsrTnMV9Bcn%2F8rViqj41f6V%2FippUt91rJgjctyaJGeUtu8pj6%2Fspc5VWr0h4JwvUpIitvvGUinQC4cgdxvJz2buXNeAmiqxEPbSLnbrwX9oBPKFj%2BSh9Y%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
rs
ad4m.at/ Frame ABE9 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
328afed8faf690e83bbb9fda1521e0fcbca2b3f27e36759bbae82d5da90a0ea8

Request headers

Referer
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 20 Nov 2022 00:22:17 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6rN%2FmTH4KO8EkSbVVO0G76iJapx1ybM6kxZO44DgljQywAwaYpwVSDnbbYPegUs8F68XCjYddWWH39cKGT1VTXN%2BtSj8cwbIEewKGcVT3x%2BtLXJ0i%2Fri97P5isW39rY%2Fdvsw%2FHE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
76cd07c78bfadd73-LHR
x-backend-server
aa-reachservice-group-europe-west1-v578
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
76cd07c72b88dd73-LHR
content-length
24
content-type
text/plain
date
Sun, 20 Nov 2022 00:22:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MjioRbLb2%2BjEyFeKfLTK7nu59cdS%2BKulMGq0c3u659JCYstD9gBgN0Ni3bnDmvAsKjCoNL2cvyBSbrkcfnCH8rH6yPCa%2Bh1B0hmc%2FDrJbieNxD9RsCal18si7BYwfe%2Fcj%2F1%2FSjk%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-v578
rs
ad4m.at/ Frame 75C9 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efd63b5811ae0f95a69706c77b1b29327430aa729c1136321531992ce70f6213

Request headers

Referer
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 20 Nov 2022 00:22:17 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VkCyrwgqpxZ9pUhE0gQktS%2BTUKuxcg7TqC%2BscEwOkR3zkqOsMae1cYkFhbLs4vwbHAFyU6E2ewbMsPzNGYKS2O5CBQy8%2FHJbPMYDW1D1fqqH6FpJNns720outKviKedOvqF5QvA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
76cd07c79c0ddd73-LHR
x-backend-server
aa-reachservice-group-europe-west1-v578
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
76cd07c72b91dd73-LHR
content-length
24
content-type
text/plain
date
Sun, 20 Nov 2022 00:22:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t1CkWdExM%2BWe4HNscjv8QBt%2Bn6rAAClq7Emgf84fJIsC5UANVjIgheuTdoPiKkqwjuvzbjkhp%2Finbrf6WGJe%2F%2F%2Bn63hi%2F6dJo%2FOBCbq%2FZqmvRnlFNuGJV7onEprAqU67IHbaw9s%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-v578
multitracking
ghb.adtelligent.com/adunit/ 		0
220 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/adunit/multitracking
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19316/hbw_master_298309_4139.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://1plus1.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://1plus1.ua
Date
Sun, 20 Nov 2022 00:22:17 GMT
Access-Control-Allow-Credentials
true
Server
Adtelligent
Connection
Keep-Alive
X-Robots-Tag
noindex
rar
as.ad4m.at/ad/ Frame C0E7 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=321034%2C15255%2C117569&b=wbKFdf1jUxkV1TEHRH2tXtp2gZfKTAT69a5%2C23Yh6fAqfMAJtVHWHkt8tREbaWT7TKBTg%2Cz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSW&f=gzdf8fdrUWBQeTPHbH8txCj718HdTQTM6Ce%2C4PGSEfX5CwQRSGH9HdtzCjWrtZTpT1EUK%2C8QjCDfM8FeE9zhgHJHEtqC4gZCPTwT1MUk&c=300&d=250&e=&g=17d042f3ab08dd98b6d634ae4de7d75f%2F9936139167091613381&i=111584%2C25174%2C29981&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1668903737545&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gtfc5f5p94ksnpbb2t4mw2545edfxz73sbycvw0fq632bjrh776tzqcz5pmbk2v62z7q4ptm0h81z13c86gq1999c5bjbj9nx7exj6awa2jhbhs6rzjmkpr0pjg2vrxctn0fgkt488stdqrwcp9aptwpzv22hgvshv4stxbe994hmq2sgx9c649tpetqqqc86bv3gzy33fgbhyrkxezwh817qmeqmn1h7nw58m3n75a7kfjrfkp8yw19agcfc4v1w9ewrapr5amtk6fz9j0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCdkEwOHN5Y968JpnH7_UPpPqP2AGQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTkxMzgyNDc2NTM3NTQ1MzPIAQmpAnNp6beoUrE-4AIAqAMBqgTnAU_QKcrMD_b-7peUfxkthYOMunm24e0DI-INrMaqFQ5DNp06vQedkKxH3dt4f2CR3m_rYF00uk-eool6vwYuazz7UMeStn0aHmmr2fbp9JorRwJ1cNVwPf5hvVl9J8YAz3Tsp78Lk4NjCwrEqFKGkwh0O-Bqtwd8ZLrHIUyffCBpP44lwaN2edDPwjumshGlFWlw7yMu7cqqIQ7g1CJ1GuXPNTruW7JcgbO4YmyuGoYmo869dVb_PKfakXsC4EhV9z94QIYwMbqN4OG6XtXidx3bNylGfr4gJ9oe2-grbrGcdzeNwlMlPuAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1RJfO3b-eHNUHrwov7MT7gjHbKyQ%2526client%253Dca-pub-9138247653754533%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
589925eaae9b09e8fd5d21ef9cc845f27c2cdd90ded26bd5486cca9fa139daf7
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1gk7tpv3t2kd8fdq93qg55q3d182pj4tmm8kp2nm797s7nnknzw19qxq2210p48qpt981x1v8yq02mrzn05expbjmr6f8nn1t6jn3ybd3dyghwvf7kcmvjqh6mr1dw1qnmdv2r6ekeavazp876hpj2apgp8tpnhrsa17fcswaz6h6cnbha4e1ttk6h8eszqke42qsb1ntjvy18kdp1t734avbfnka7yp4gbqbcygrm9gbanj8m5d8msfg9h45sg1fbchjmw07x3wvrm0tqe3qsy4369nnkrwz7shajer51rx3ymhf7kbm3tfd9mrvz578rtt0e5t7xs9jjtqqyn086rrcet0z0dqr6v4b0vc62d1702wm255y10aeb9xmvxrb6jnrpvqsgpx59j5n4xd4xrvcscsz7rhjmeca9k71t3wnymqm1rj0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdkEwOHN5Y968JpnH7_UPpPqP2AGQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTkxMzgyNDc2NTM3NTQ1MzPIAQmpAnNp6beoUrE-4AIAqAMBqgTnAU_QKcrMD_b-7peUfxkthYOMunm24e0DI-INrMaqFQ5DNp06vQedkKxH3dt4f2CR3m_rYF00uk-eool6vwYuazz7UMeStn0aHmmr2fbp9JorRwJ1cNVwPf5hvVl9J8YAz3Tsp78Lk4NjCwrEqFKGkwh0O-Bqtwd8ZLrHIUyffCBpP44lwaN2edDPwjumshGlFWlw7yMu7cqqIQ7g1CJ1GuXPNTruW7JcgbO4YmyuGoYmo869dVb_PKfakXsC4EhV9z94QIYwMbqN4OG6XtXidx3bNylGfr4gJ9oe2-grbrGcdzeNwlMlPuAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1RJfO3b-eHNUHrwov7MT7gjHbKyQ%26client%3Dca-pub-9138247653754533%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
76cd07c80b2f7789-LHR
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Sun, 20 Nov 2022 00:22:17 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
rar
as.ad4m.at/ad/ Frame 06F3 		13 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=321735%2C319925%2C169080&b=D8qh3fWwh2Rdqa3HmH9t1tegVphWTmTgbtV%2CeZqa3fgVHZPYrSjHZHet1tXZr2FjTQTYdU1%2CD8qh3fWwhGGGBa3HmH9t1tkbKKTWTmTgbtV&f=d9DSEfPkH5r7BCEHjHwtqC8MDzc3T4T1rUj%2CD8qh3fWwh24eGT3HmH9twCkQjqHWTmTgbtV%2Cd9DSEfPkHpppJTEHjHwtqC54wwC3T4T1rUj&c=300&d=250&e=&g=b2c0f8cee676de65fd64169b5c484543%2F12942053561564023625&i=110819%2C83339%2C65760&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1668903737554&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g29gf1qb6xz3mkn5x4y00jyaatkprv016hy859kdcdvgffktas4k00rgen378x83jysy7yj030far6rxf1vkjp0c0cgskf14j929k62aehrvtgmtjp53rwb8rykewzyz0rxc6de9048q7kmzmke5b0d0zevyf8zavc1s2t3g834yx9xmkr7x34jsa15ef6vm3tbdq5cmgrb2qzym45vr9wd26mkgj3m7f5c0xwrxxnke3qhbn14b0wqzfk52pp2kf59jvyp9c0wga4zyb00%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiCvMOHN5Y9-8JpnH7_UPpPqP2AGQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTkxMzgyNDc2NTM3NTQ1MzPIAQmpAnNp6beoUrE-4AIAqAMBqgTrAU_QzsQih9DZgRZM0-KBjm7-DvIEEtWweExJmhGPYX0Zg-_9FxCsONT8VFNXvtqpEzEgfHh1h3cwfKI2hKHM3U5bVekJ4mmsejc3w3cWyb3icNet9mevGhTTG8kL-qi5L7iMfVmNpi3BZjabLCarp62qK4d9vp6S_-zSUehjFXh7VfQjgp-Oy_zJQyoF5-4HB4DlBW90c3nOc9xGBD1AGHbvKqpwEenAA04geL-dpowEOl2CKqGykkfglbHH6XoCDbQFYEcDxj_9V0k5eGg0g6CJm1J843H4dWUSIJ_ycE81d0PKlHDVXpuDzlngBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0lkC4PmeXnyEaGSDV9531Rh83x6A%2526client%253Dca-pub-9138247653754533%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f46141ca4503ca206bd7394c5c3afccf7f62b6c3eab59c97644b9a59616e331
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1jhjsjbt1djta5zsdv9g29hj007a9tgkmgcshve19dqcydv92xh7h9mmq17cf457h8pyzmxdtb0vradmkpx7eqjwkyh113d2tsrkqx3d02wsqb4ym75y65vrk6ffm1tzvtxnjphdpk8v05saxy7k77268vk413k6r7rcspt1m9e6fna3etv5h4dkxf6b1pw5jbmc9mw13bp570hjjca6k11cfzrj2p4kbfhv17zcwekxxzhy8c7z07kkq8rr75vsna482a6d1swwnd05pqvjgqrk4yqcgvc40bz1x02yjnwk3nnf5q2ytg546j5k6cw1aay921dy45vqaafefs7w4th7yqz3kh3vry7bhf6qxf9tk651yqfmx2fp0g9bs2ebraxjgxer9nd8tfcd1vqghzebz54bk82we0qwysf4mj0619zyj6kb4&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiCvMOHN5Y9-8JpnH7_UPpPqP2AGQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTkxMzgyNDc2NTM3NTQ1MzPIAQmpAnNp6beoUrE-4AIAqAMBqgTrAU_QzsQih9DZgRZM0-KBjm7-DvIEEtWweExJmhGPYX0Zg-_9FxCsONT8VFNXvtqpEzEgfHh1h3cwfKI2hKHM3U5bVekJ4mmsejc3w3cWyb3icNet9mevGhTTG8kL-qi5L7iMfVmNpi3BZjabLCarp62qK4d9vp6S_-zSUehjFXh7VfQjgp-Oy_zJQyoF5-4HB4DlBW90c3nOc9xGBD1AGHbvKqpwEenAA04geL-dpowEOl2CKqGykkfglbHH6XoCDbQFYEcDxj_9V0k5eGg0g6CJm1J843H4dWUSIJ_ycE81d0PKlHDVXpuDzlngBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0lkC4PmeXnyEaGSDV9531Rh83x6A%26client%3Dca-pub-9138247653754533%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
76cd07c80b3d7789-LHR
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Sun, 20 Nov 2022 00:22:17 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
default.css
as.ad4m.at/ad/style/0.1.25/one-ad/ Frame C0E7 		89 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.25/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=321034%2C15255%2C117569&b=wbKFdf1jUxkV1TEHRH2tXtp2gZfKTAT69a5%2C23Yh6fAqfMAJtVHWHkt8tREbaWT7TKBTg%2Cz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSW&f=gzdf8fdrUWBQeTPHbH8txCj718HdTQTM6Ce%2C4PGSEfX5CwQRSGH9HdtzCjWrtZTpT1EUK%2C8QjCDfM8FeE9zhgHJHEtqC4gZCPTwT1MUk&c=300&d=250&e=&g=17d042f3ab08dd98b6d634ae4de7d75f%2F9936139167091613381&i=111584%2C25174%2C29981&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1668903737545&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gtfc5f5p94ksnpbb2t4mw2545edfxz73sbycvw0fq632bjrh776tzqcz5pmbk2v62z7q4ptm0h81z13c86gq1999c5bjbj9nx7exj6awa2jhbhs6rzjmkpr0pjg2vrxctn0fgkt488stdqrwcp9aptwpzv22hgvshv4stxbe994hmq2sgx9c649tpetqqqc86bv3gzy33fgbhyrkxezwh817qmeqmn1h7nw58m3n75a7kfjrfkp8yw19agcfc4v1w9ewrapr5amtk6fz9j0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCdkEwOHN5Y968JpnH7_UPpPqP2AGQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTkxMzgyNDc2NTM3NTQ1MzPIAQmpAnNp6beoUrE-4AIAqAMBqgTnAU_QKcrMD_b-7peUfxkthYOMunm24e0DI-INrMaqFQ5DNp06vQedkKxH3dt4f2CR3m_rYF00uk-eool6vwYuazz7UMeStn0aHmmr2fbp9JorRwJ1cNVwPf5hvVl9J8YAz3Tsp78Lk4NjCwrEqFKGkwh0O-Bqtwd8ZLrHIUyffCBpP44lwaN2edDPwjumshGlFWlw7yMu7cqqIQ7g1CJ1GuXPNTruW7JcgbO4YmyuGoYmo869dVb_PKfakXsC4EhV9z94QIYwMbqN4OG6XtXidx3bNylGfr4gJ9oe2-grbrGcdzeNwlMlPuAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1RJfO3b-eHNUHrwov7MT7gjHbKyQ%2526client%253Dca-pub-9138247653754533%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3c01ff3cf1eede0634fd027a59dc3a5f2f82eb5cbe271f4aec1dffddb774881
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=321034%2C15255%2C117569&b=wbKFdf1jUxkV1TEHRH2tXtp2gZfKTAT69a5%2C23Yh6fAqfMAJtVHWHkt8tREbaWT7TKBTg%2Cz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSW&f=gzdf8fdrUWBQeTPHbH8txCj718HdTQTM6Ce%2C4PGSEfX5CwQRSGH9HdtzCjWrtZTpT1EUK%2C8QjCDfM8FeE9zhgHJHEtqC4gZCPTwT1MUk&c=300&d=250&e=&g=17d042f3ab08dd98b6d634ae4de7d75f%2F9936139167091613381&i=111584%2C25174%2C29981&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1668903737545&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gtfc5f5p94ksnpbb2t4mw2545edfxz73sbycvw0fq632bjrh776tzqcz5pmbk2v62z7q4ptm0h81z13c86gq1999c5bjbj9nx7exj6awa2jhbhs6rzjmkpr0pjg2vrxctn0fgkt488stdqrwcp9aptwpzv22hgvshv4stxbe994hmq2sgx9c649tpetqqqc86bv3gzy33fgbhyrkxezwh817qmeqmn1h7nw58m3n75a7kfjrfkp8yw19agcfc4v1w9ewrapr5amtk6fz9j0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCdkEwOHN5Y968JpnH7_UPpPqP2AGQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTkxMzgyNDc2NTM3NTQ1MzPIAQmpAnNp6beoUrE-4AIAqAMBqgTnAU_QKcrMD_b-7peUfxkthYOMunm24e0DI-INrMaqFQ5DNp06vQedkKxH3dt4f2CR3m_rYF00uk-eool6vwYuazz7UMeStn0aHmmr2fbp9JorRwJ1cNVwPf5hvVl9J8YAz3Tsp78Lk4NjCwrEqFKGkwh0O-Bqtwd8ZLrHIUyffCBpP44lwaN2edDPwjumshGlFWlw7yMu7cqqIQ7g1CJ1GuXPNTruW7JcgbO4YmyuGoYmo869dVb_PKfakXsC4EhV9z94QIYwMbqN4OG6XtXidx3bNylGfr4gJ9oe2-grbrGcdzeNwlMlPuAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1RJfO3b-eHNUHrwov7MT7gjHbKyQ%2526client%253Dca-pub-9138247653754533%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:17 GMT
strict-transport-security
max-age=86400; includeSubDomains; preload
via
1.1 google
x-content-type-options
nosniff
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
cf-cache-status
HIT
age
284195
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=91232
surrogate-control
no-store
content-encoding
br
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
cf-bgj
minify
last-modified
Wed, 16 Nov 2022 17:25:42 GMT
cross-origin-opener-policy
unsafe-none
server
cloudflare
x-download-options
noopen
vary
accept-encoding
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
76cd07c88bbf7789-LHR
expires
0
F2696AE884D1EB814BAC836D7ECEB3E3842C890A7F3525161F7565B21132CACC0AD310A864434D76C9D56FE1B71A52BBF7870DA7440A2E17DF2B23750AE47772
assets.ad4m.at/logo/ Frame C0E7 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/F2696AE884D1EB814BAC836D7ECEB3E3842C890A7F3525161F7565B21132CACC0AD310A864434D76C9D56FE1B71A52BBF7870DA7440A2E17DF2B23750AE47772
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=321034%2C15255%2C117569&b=wbKFdf1jUxkV1TEHRH2tXtp2gZfKTAT69a5%2C23Yh6fAqfMAJtVHWHkt8tREbaWT7TKBTg%2Cz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSW&f=gzdf8fdrUWBQeTPHbH8txCj718HdTQTM6Ce%2C4PGSEfX5CwQRSGH9HdtzCjWrtZTpT1EUK%2C8QjCDfM8FeE9zhgHJHEtqC4gZCPTwT1MUk&c=300&d=250&e=&g=17d042f3ab08dd98b6d634ae4de7d75f%2F9936139167091613381&i=111584%2C25174%2C29981&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1668903737545&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gtfc5f5p94ksnpbb2t4mw2545edfxz73sbycvw0fq632bjrh776tzqcz5pmbk2v62z7q4ptm0h81z13c86gq1999c5bjbj9nx7exj6awa2jhbhs6rzjmkpr0pjg2vrxctn0fgkt488stdqrwcp9aptwpzv22hgvshv4stxbe994hmq2sgx9c649tpetqqqc86bv3gzy33fgbhyrkxezwh817qmeqmn1h7nw58m3n75a7kfjrfkp8yw19agcfc4v1w9ewrapr5amtk6fz9j0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCdkEwOHN5Y968JpnH7_UPpPqP2AGQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTkxMzgyNDc2NTM3NTQ1MzPIAQmpAnNp6beoUrE-4AIAqAMBqgTnAU_QKcrMD_b-7peUfxkthYOMunm24e0DI-INrMaqFQ5DNp06vQedkKxH3dt4f2CR3m_rYF00uk-eool6vwYuazz7UMeStn0aHmmr2fbp9JorRwJ1cNVwPf5hvVl9J8YAz3Tsp78Lk4NjCwrEqFKGkwh0O-Bqtwd8ZLrHIUyffCBpP44lwaN2edDPwjumshGlFWlw7yMu7cqqIQ7g1CJ1GuXPNTruW7JcgbO4YmyuGoYmo869dVb_PKfakXsC4EhV9z94QIYwMbqN4OG6XtXidx3bNylGfr4gJ9oe2-grbrGcdzeNwlMlPuAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1RJfO3b-eHNUHrwov7MT7gjHbKyQ%2526client%253Dca-pub-9138247653754533%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6151c6cb78b2f0ced663b5e32e13658236477225b4416c52e57142f3d610f058

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:17 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
806118
cf-polished
origFmt=png, origSize=11554
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3224
cf-bgj
imgq:85,h2pri
last-modified
Wed, 09 Nov 2022 07:30:35 GMT
server
cloudflare
etag
"1ca6a79380ae53c080c2e12b38bdb5eb"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hWDx%2FN6LFpQa7d4I3gjaxsvUzJzHSf7FXU6je70VZW2KfwD8oyb37lavZG75m0ItvLDOM21sTkCHG5v5oEAona70ZLPTql1eB6%2F73S4eEs%2F3OQGVEn%2FVuTcyy4%2BNGb50i4HRd37%2FKen3dQH2"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
76cd07c88bc07789-LHR
expires
Mon, 21 Nov 2022 00:22:17 GMT
43EB8D27EDF06982A1CDF7B120851C41F9AE11B7D734EE12251DEFFB51C17BC6EAEB7A2F2E7C750E0DD6FDA73367D0F20B75F513B858755E76942F713443F3B9
assets.ad4m.at/product_image/ Frame C0E7 		296 KB
296 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/43EB8D27EDF06982A1CDF7B120851C41F9AE11B7D734EE12251DEFFB51C17BC6EAEB7A2F2E7C750E0DD6FDA73367D0F20B75F513B858755E76942F713443F3B9
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=321034%2C15255%2C117569&b=wbKFdf1jUxkV1TEHRH2tXtp2gZfKTAT69a5%2C23Yh6fAqfMAJtVHWHkt8tREbaWT7TKBTg%2Cz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSW&f=gzdf8fdrUWBQeTPHbH8txCj718HdTQTM6Ce%2C4PGSEfX5CwQRSGH9HdtzCjWrtZTpT1EUK%2C8QjCDfM8FeE9zhgHJHEtqC4gZCPTwT1MUk&c=300&d=250&e=&g=17d042f3ab08dd98b6d634ae4de7d75f%2F9936139167091613381&i=111584%2C25174%2C29981&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1668903737545&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gtfc5f5p94ksnpbb2t4mw2545edfxz73sbycvw0fq632bjrh776tzqcz5pmbk2v62z7q4ptm0h81z13c86gq1999c5bjbj9nx7exj6awa2jhbhs6rzjmkpr0pjg2vrxctn0fgkt488stdqrwcp9aptwpzv22hgvshv4stxbe994hmq2sgx9c649tpetqqqc86bv3gzy33fgbhyrkxezwh817qmeqmn1h7nw58m3n75a7kfjrfkp8yw19agcfc4v1w9ewrapr5amtk6fz9j0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCdkEwOHN5Y968JpnH7_UPpPqP2AGQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTkxMzgyNDc2NTM3NTQ1MzPIAQmpAnNp6beoUrE-4AIAqAMBqgTnAU_QKcrMD_b-7peUfxkthYOMunm24e0DI-INrMaqFQ5DNp06vQedkKxH3dt4f2CR3m_rYF00uk-eool6vwYuazz7UMeStn0aHmmr2fbp9JorRwJ1cNVwPf5hvVl9J8YAz3Tsp78Lk4NjCwrEqFKGkwh0O-Bqtwd8ZLrHIUyffCBpP44lwaN2edDPwjumshGlFWlw7yMu7cqqIQ7g1CJ1GuXPNTruW7JcgbO4YmyuGoYmo869dVb_PKfakXsC4EhV9z94QIYwMbqN4OG6XtXidx3bNylGfr4gJ9oe2-grbrGcdzeNwlMlPuAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1RJfO3b-eHNUHrwov7MT7gjHbKyQ%2526client%253Dca-pub-9138247653754533%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
262be405d24e2c19dc4e3ecce75466f864fd5959649e39b8b97fd1c83c54087f

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:17 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
792740
cf-polished
origFmt=png, origSize=466926
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
302728
cf-bgj
imgq:85,h2pri
last-modified
Wed, 09 Nov 2022 12:39:43 GMT
server
cloudflare
etag
"45f5fed59fc1f13fbebb41146459eb81"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BTEGAwzCJdVBmSLO6xBhkrTwz3H5yK2wicn7EGdHrKqyrLk4n5wrHVkSpLET8T3XPRUDE97N7elaJ8IdmA5X9mjVX9HmvygA7PvXGchiZbHNbxm6Bm3gcH%2FppZ1kK2sym%2FQXnRnKZdQGPY1i"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
76cd07c89be67789-LHR
expires
Mon, 21 Nov 2022 00:22:17 GMT
188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
assets.ad4m.at/logo/ Frame C0E7 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=321034%2C15255%2C117569&b=wbKFdf1jUxkV1TEHRH2tXtp2gZfKTAT69a5%2C23Yh6fAqfMAJtVHWHkt8tREbaWT7TKBTg%2Cz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSW&f=gzdf8fdrUWBQeTPHbH8txCj718HdTQTM6Ce%2C4PGSEfX5CwQRSGH9HdtzCjWrtZTpT1EUK%2C8QjCDfM8FeE9zhgHJHEtqC4gZCPTwT1MUk&c=300&d=250&e=&g=17d042f3ab08dd98b6d634ae4de7d75f%2F9936139167091613381&i=111584%2C25174%2C29981&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1668903737545&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gtfc5f5p94ksnpbb2t4mw2545edfxz73sbycvw0fq632bjrh776tzqcz5pmbk2v62z7q4ptm0h81z13c86gq1999c5bjbj9nx7exj6awa2jhbhs6rzjmkpr0pjg2vrxctn0fgkt488stdqrwcp9aptwpzv22hgvshv4stxbe994hmq2sgx9c649tpetqqqc86bv3gzy33fgbhyrkxezwh817qmeqmn1h7nw58m3n75a7kfjrfkp8yw19agcfc4v1w9ewrapr5amtk6fz9j0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCdkEwOHN5Y968JpnH7_UPpPqP2AGQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTkxMzgyNDc2NTM3NTQ1MzPIAQmpAnNp6beoUrE-4AIAqAMBqgTnAU_QKcrMD_b-7peUfxkthYOMunm24e0DI-INrMaqFQ5DNp06vQedkKxH3dt4f2CR3m_rYF00uk-eool6vwYuazz7UMeStn0aHmmr2fbp9JorRwJ1cNVwPf5hvVl9J8YAz3Tsp78Lk4NjCwrEqFKGkwh0O-Bqtwd8ZLrHIUyffCBpP44lwaN2edDPwjumshGlFWlw7yMu7cqqIQ7g1CJ1GuXPNTruW7JcgbO4YmyuGoYmo869dVb_PKfakXsC4EhV9z94QIYwMbqN4OG6XtXidx3bNylGfr4gJ9oe2-grbrGcdzeNwlMlPuAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1RJfO3b-eHNUHrwov7MT7gjHbKyQ%2526client%253Dca-pub-9138247653754533%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:17 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2263367
cf-polished
qual=85, origFmt=jpeg, origSize=16723
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8354
cf-bgj
imgq:85,h2pri
last-modified
Wed, 22 Jan 2020 13:13:07 GMT
server
cloudflare
etag
"04cb7ec205cea351157aeffb998f3a85"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uPdEoD8Gk%2FVdCyEcULBBwCevf3FnVRKkNn24pbvZymSOrmMPgqcv4Ew4oHUSznUixBpNe1qd03%2BC1XAO1glN5ii4SjFU9B2uV1HWjfCkEsh%2BlU9bqZLPOy%2BbOvrpFd5fZpIV%2BjbiQ6OuPbE5"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
76cd07c89bea7789-LHR
expires
Mon, 21 Nov 2022 00:22:17 GMT
AB835EC0E966F04068CFBCC15FF8D3990CA3F197C61D255EFFB5638D89BE559012324778419F7E946D67344E6F7D42939F789567B51C0345F091B72DDF1D712C
assets.ad4m.at/product_image/ Frame C0E7 		93 KB
94 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/AB835EC0E966F04068CFBCC15FF8D3990CA3F197C61D255EFFB5638D89BE559012324778419F7E946D67344E6F7D42939F789567B51C0345F091B72DDF1D712C
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=321034%2C15255%2C117569&b=wbKFdf1jUxkV1TEHRH2tXtp2gZfKTAT69a5%2C23Yh6fAqfMAJtVHWHkt8tREbaWT7TKBTg%2Cz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSW&f=gzdf8fdrUWBQeTPHbH8txCj718HdTQTM6Ce%2C4PGSEfX5CwQRSGH9HdtzCjWrtZTpT1EUK%2C8QjCDfM8FeE9zhgHJHEtqC4gZCPTwT1MUk&c=300&d=250&e=&g=17d042f3ab08dd98b6d634ae4de7d75f%2F9936139167091613381&i=111584%2C25174%2C29981&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1668903737545&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gtfc5f5p94ksnpbb2t4mw2545edfxz73sbycvw0fq632bjrh776tzqcz5pmbk2v62z7q4ptm0h81z13c86gq1999c5bjbj9nx7exj6awa2jhbhs6rzjmkpr0pjg2vrxctn0fgkt488stdqrwcp9aptwpzv22hgvshv4stxbe994hmq2sgx9c649tpetqqqc86bv3gzy33fgbhyrkxezwh817qmeqmn1h7nw58m3n75a7kfjrfkp8yw19agcfc4v1w9ewrapr5amtk6fz9j0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCdkEwOHN5Y968JpnH7_UPpPqP2AGQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTkxMzgyNDc2NTM3NTQ1MzPIAQmpAnNp6beoUrE-4AIAqAMBqgTnAU_QKcrMD_b-7peUfxkthYOMunm24e0DI-INrMaqFQ5DNp06vQedkKxH3dt4f2CR3m_rYF00uk-eool6vwYuazz7UMeStn0aHmmr2fbp9JorRwJ1cNVwPf5hvVl9J8YAz3Tsp78Lk4NjCwrEqFKGkwh0O-Bqtwd8ZLrHIUyffCBpP44lwaN2edDPwjumshGlFWlw7yMu7cqqIQ7g1CJ1GuXPNTruW7JcgbO4YmyuGoYmo869dVb_PKfakXsC4EhV9z94QIYwMbqN4OG6XtXidx3bNylGfr4gJ9oe2-grbrGcdzeNwlMlPuAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1RJfO3b-eHNUHrwov7MT7gjHbKyQ%2526client%253Dca-pub-9138247653754533%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fec456c222cb1709f0bf269d9442402ff8e9a5b45ee186a6a06f0566f35f2b2

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:17 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
720793
cf-polished
origFmt=png, origSize=155400
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
95512
cf-bgj
imgq:85,h2pri
last-modified
Thu, 24 Mar 2022 15:45:36 GMT
server
cloudflare
etag
"6fddd7204b0a0a403f584248bda12d72"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PKVIjsNcKieZJqi3kX%2F48Mk2hlvK5yhnpBetZymFgBnWJmpsuE%2BEB4q9MU73BBH6V%2F7YCpT5VM8j44y8YweRNojWZqndDlEOm%2FCTMPij2Ck80Lbf5c5MGgsdQxqB3uowF%2BOeEfew58G79%2F32"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
76cd07c89beb7789-LHR
expires
Mon, 21 Nov 2022 00:22:17 GMT
/
banner.congstar.de/cookie/ Frame C0E7
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%...
  • https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CPClzfO-u_sCFXDzEQgdDU8Oqw;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_d...
  • https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid23Yh6fAqfMAJtVHWHkt8tREbaWT7TKBTgoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1668903737_641d4cd1-6869-11ed-9f2f-2266c0ccb091
0
517 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1668903737_641d4cd1-6869-11ed-9f2f-2266c0ccb091
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=321034%2C15255%2C117569&b=wbKFdf1jUxkV1TEHRH2tXtp2gZfKTAT69a5%2C23Yh6fAqfMAJtVHWHkt8tREbaWT7TKBTg%2Cz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSW&f=gzdf8fdrUWBQeTPHbH8txCj718HdTQTM6Ce%2C4PGSEfX5CwQRSGH9HdtzCjWrtZTpT1EUK%2C8QjCDfM8FeE9zhgHJHEtqC4gZCPTwT1MUk&c=300&d=250&e=&g=17d042f3ab08dd98b6d634ae4de7d75f%2F9936139167091613381&i=111584%2C25174%2C29981&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1668903737545&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gtfc5f5p94ksnpbb2t4mw2545edfxz73sbycvw0fq632bjrh776tzqcz5pmbk2v62z7q4ptm0h81z13c86gq1999c5bjbj9nx7exj6awa2jhbhs6rzjmkpr0pjg2vrxctn0fgkt488stdqrwcp9aptwpzv22hgvshv4stxbe994hmq2sgx9c649tpetqqqc86bv3gzy33fgbhyrkxezwh817qmeqmn1h7nw58m3n75a7kfjrfkp8yw19agcfc4v1w9ewrapr5amtk6fz9j0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCdkEwOHN5Y968JpnH7_UPpPqP2AGQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTkxMzgyNDc2NTM3NTQ1MzPIAQmpAnNp6beoUrE-4AIAqAMBqgTnAU_QKcrMD_b-7peUfxkthYOMunm24e0DI-INrMaqFQ5DNp06vQedkKxH3dt4f2CR3m_rYF00uk-eool6vwYuazz7UMeStn0aHmmr2fbp9JorRwJ1cNVwPf5hvVl9J8YAz3Tsp78Lk4NjCwrEqFKGkwh0O-Bqtwd8ZLrHIUyffCBpP44lwaN2edDPwjumshGlFWlw7yMu7cqqIQ7g1CJ1GuXPNTruW7JcgbO4YmyuGoYmo869dVb_PKfakXsC4EhV9z94QIYwMbqN4OG6XtXidx3bNylGfr4gJ9oe2-grbrGcdzeNwlMlPuAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1RJfO3b-eHNUHrwov7MT7gjHbKyQ%2526client%253Dca-pub-9138247653754533%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Server
148.251.139.77 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.77.139.251.148.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 20 Nov 2022 00:22:17 GMT
Server
Apache
P3P
CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
0

Redirect headers

Date
Sun, 20 Nov 2022 00:22:17 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1668903737_641d4cd1-6869-11ed-9f2f-2266c0ccb091
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
0
A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
assets.ad4m.at/logo/ Frame C0E7 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=321034%2C15255%2C117569&b=wbKFdf1jUxkV1TEHRH2tXtp2gZfKTAT69a5%2C23Yh6fAqfMAJtVHWHkt8tREbaWT7TKBTg%2Cz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSW&f=gzdf8fdrUWBQeTPHbH8txCj718HdTQTM6Ce%2C4PGSEfX5CwQRSGH9HdtzCjWrtZTpT1EUK%2C8QjCDfM8FeE9zhgHJHEtqC4gZCPTwT1MUk&c=300&d=250&e=&g=17d042f3ab08dd98b6d634ae4de7d75f%2F9936139167091613381&i=111584%2C25174%2C29981&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1668903737545&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gtfc5f5p94ksnpbb2t4mw2545edfxz73sbycvw0fq632bjrh776tzqcz5pmbk2v62z7q4ptm0h81z13c86gq1999c5bjbj9nx7exj6awa2jhbhs6rzjmkpr0pjg2vrxctn0fgkt488stdqrwcp9aptwpzv22hgvshv4stxbe994hmq2sgx9c649tpetqqqc86bv3gzy33fgbhyrkxezwh817qmeqmn1h7nw58m3n75a7kfjrfkp8yw19agcfc4v1w9ewrapr5amtk6fz9j0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCdkEwOHN5Y968JpnH7_UPpPqP2AGQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTkxMzgyNDc2NTM3NTQ1MzPIAQmpAnNp6beoUrE-4AIAqAMBqgTnAU_QKcrMD_b-7peUfxkthYOMunm24e0DI-INrMaqFQ5DNp06vQedkKxH3dt4f2CR3m_rYF00uk-eool6vwYuazz7UMeStn0aHmmr2fbp9JorRwJ1cNVwPf5hvVl9J8YAz3Tsp78Lk4NjCwrEqFKGkwh0O-Bqtwd8ZLrHIUyffCBpP44lwaN2edDPwjumshGlFWlw7yMu7cqqIQ7g1CJ1GuXPNTruW7JcgbO4YmyuGoYmo869dVb_PKfakXsC4EhV9z94QIYwMbqN4OG6XtXidx3bNylGfr4gJ9oe2-grbrGcdzeNwlMlPuAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1RJfO3b-eHNUHrwov7MT7gjHbKyQ%2526client%253Dca-pub-9138247653754533%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:17 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
929196
cf-polished
origFmt=png, origSize=9357
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2330
cf-bgj
imgq:85,h2pri
last-modified
Thu, 08 Apr 2021 14:26:03 GMT
server
cloudflare
etag
"8cc161b392f5744da5319a4da549b763"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HfZt3Cmizr3Ja5uLVX3DcFPpWGC4lsd%2BD%2BvhOV6Vd6%2FYrBnp%2BgWI%2FeYt2Mkkp0AEtsmjPZdqxsuRRR1HUt1yFY%2Bg%2BjX01l28aPwMMq1QSnCCqwJamU0XU7Cb5cc8xZE2Cd3cQ3aO0e9SnZWE"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
76cd07c89bec7789-LHR
expires
Mon, 21 Nov 2022 00:22:17 GMT
B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
assets.ad4m.at/product_image/ Frame C0E7 		339 KB
340 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=321034%2C15255%2C117569&b=wbKFdf1jUxkV1TEHRH2tXtp2gZfKTAT69a5%2C23Yh6fAqfMAJtVHWHkt8tREbaWT7TKBTg%2Cz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSW&f=gzdf8fdrUWBQeTPHbH8txCj718HdTQTM6Ce%2C4PGSEfX5CwQRSGH9HdtzCjWrtZTpT1EUK%2C8QjCDfM8FeE9zhgHJHEtqC4gZCPTwT1MUk&c=300&d=250&e=&g=17d042f3ab08dd98b6d634ae4de7d75f%2F9936139167091613381&i=111584%2C25174%2C29981&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1668903737545&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gtfc5f5p94ksnpbb2t4mw2545edfxz73sbycvw0fq632bjrh776tzqcz5pmbk2v62z7q4ptm0h81z13c86gq1999c5bjbj9nx7exj6awa2jhbhs6rzjmkpr0pjg2vrxctn0fgkt488stdqrwcp9aptwpzv22hgvshv4stxbe994hmq2sgx9c649tpetqqqc86bv3gzy33fgbhyrkxezwh817qmeqmn1h7nw58m3n75a7kfjrfkp8yw19agcfc4v1w9ewrapr5amtk6fz9j0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCdkEwOHN5Y968JpnH7_UPpPqP2AGQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTkxMzgyNDc2NTM3NTQ1MzPIAQmpAnNp6beoUrE-4AIAqAMBqgTnAU_QKcrMD_b-7peUfxkthYOMunm24e0DI-INrMaqFQ5DNp06vQedkKxH3dt4f2CR3m_rYF00uk-eool6vwYuazz7UMeStn0aHmmr2fbp9JorRwJ1cNVwPf5hvVl9J8YAz3Tsp78Lk4NjCwrEqFKGkwh0O-Bqtwd8ZLrHIUyffCBpP44lwaN2edDPwjumshGlFWlw7yMu7cqqIQ7g1CJ1GuXPNTruW7JcgbO4YmyuGoYmo869dVb_PKfakXsC4EhV9z94QIYwMbqN4OG6XtXidx3bNylGfr4gJ9oe2-grbrGcdzeNwlMlPuAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1RJfO3b-eHNUHrwov7MT7gjHbKyQ%2526client%253Dca-pub-9138247653754533%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42e8de9192dee3b3ee8a7529c5883dac20b868000168362d9f287125c95e18a8

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:17 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2259957
cf-polished
origFmt=png, origSize=563367
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
347098
cf-bgj
imgq:85,h2pri
last-modified
Fri, 09 Apr 2021 07:22:09 GMT
server
cloudflare
etag
"ff5ac113643d20bec15acfffe32cb75e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fpXOtQfHti2tbA0xJMim1ce4Yx7YvYq5aU4FPW9bvue7Eg61sRg%2F06qWR5MdBofmQFPWfktPErDhpJXZUH1XpSC%2F7Ha3g3PwM%2BAL8nyduIewOZbHS3Y0PHN2ynGENadDFlssEPIac2Rv6pJD"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
76cd07c89bed7789-LHR
expires
Mon, 21 Nov 2022 00:22:17 GMT
cshow.php
www.awin1.com/ Frame C0E7 		43 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2767075&v=20044&q=402224&r=412871&pv=1&pref3=oneidz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSWoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=321034%2C15255%2C117569&b=wbKFdf1jUxkV1TEHRH2tXtp2gZfKTAT69a5%2C23Yh6fAqfMAJtVHWHkt8tREbaWT7TKBTg%2Cz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSW&f=gzdf8fdrUWBQeTPHbH8txCj718HdTQTM6Ce%2C4PGSEfX5CwQRSGH9HdtzCjWrtZTpT1EUK%2C8QjCDfM8FeE9zhgHJHEtqC4gZCPTwT1MUk&c=300&d=250&e=&g=17d042f3ab08dd98b6d634ae4de7d75f%2F9936139167091613381&i=111584%2C25174%2C29981&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1668903737545&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gtfc5f5p94ksnpbb2t4mw2545edfxz73sbycvw0fq632bjrh776tzqcz5pmbk2v62z7q4ptm0h81z13c86gq1999c5bjbj9nx7exj6awa2jhbhs6rzjmkpr0pjg2vrxctn0fgkt488stdqrwcp9aptwpzv22hgvshv4stxbe994hmq2sgx9c649tpetqqqc86bv3gzy33fgbhyrkxezwh817qmeqmn1h7nw58m3n75a7kfjrfkp8yw19agcfc4v1w9ewrapr5amtk6fz9j0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCdkEwOHN5Y968JpnH7_UPpPqP2AGQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTkxMzgyNDc2NTM3NTQ1MzPIAQmpAnNp6beoUrE-4AIAqAMBqgTnAU_QKcrMD_b-7peUfxkthYOMunm24e0DI-INrMaqFQ5DNp06vQedkKxH3dt4f2CR3m_rYF00uk-eool6vwYuazz7UMeStn0aHmmr2fbp9JorRwJ1cNVwPf5hvVl9J8YAz3Tsp78Lk4NjCwrEqFKGkwh0O-Bqtwd8ZLrHIUyffCBpP44lwaN2edDPwjumshGlFWlw7yMu7cqqIQ7g1CJ1GuXPNTruW7JcgbO4YmyuGoYmo869dVb_PKfakXsC4EhV9z94QIYwMbqN4OG6XtXidx3bNylGfr4gJ9oe2-grbrGcdzeNwlMlPuAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1RJfO3b-eHNUHrwov7MT7gjHbKyQ%2526client%253Dca-pub-9138247653754533%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-239-217.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 20 Nov 2022 00:22:17 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
default.css
as.ad4m.at/ad/style/0.1.25/one-ad/ Frame 06F3 		89 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.25/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=321735%2C319925%2C169080&b=D8qh3fWwh2Rdqa3HmH9t1tegVphWTmTgbtV%2CeZqa3fgVHZPYrSjHZHet1tXZr2FjTQTYdU1%2CD8qh3fWwhGGGBa3HmH9t1tkbKKTWTmTgbtV&f=d9DSEfPkH5r7BCEHjHwtqC8MDzc3T4T1rUj%2CD8qh3fWwh24eGT3HmH9twCkQjqHWTmTgbtV%2Cd9DSEfPkHpppJTEHjHwtqC54wwC3T4T1rUj&c=300&d=250&e=&g=b2c0f8cee676de65fd64169b5c484543%2F12942053561564023625&i=110819%2C83339%2C65760&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1668903737554&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g29gf1qb6xz3mkn5x4y00jyaatkprv016hy859kdcdvgffktas4k00rgen378x83jysy7yj030far6rxf1vkjp0c0cgskf14j929k62aehrvtgmtjp53rwb8rykewzyz0rxc6de9048q7kmzmke5b0d0zevyf8zavc1s2t3g834yx9xmkr7x34jsa15ef6vm3tbdq5cmgrb2qzym45vr9wd26mkgj3m7f5c0xwrxxnke3qhbn14b0wqzfk52pp2kf59jvyp9c0wga4zyb00%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiCvMOHN5Y9-8JpnH7_UPpPqP2AGQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTkxMzgyNDc2NTM3NTQ1MzPIAQmpAnNp6beoUrE-4AIAqAMBqgTrAU_QzsQih9DZgRZM0-KBjm7-DvIEEtWweExJmhGPYX0Zg-_9FxCsONT8VFNXvtqpEzEgfHh1h3cwfKI2hKHM3U5bVekJ4mmsejc3w3cWyb3icNet9mevGhTTG8kL-qi5L7iMfVmNpi3BZjabLCarp62qK4d9vp6S_-zSUehjFXh7VfQjgp-Oy_zJQyoF5-4HB4DlBW90c3nOc9xGBD1AGHbvKqpwEenAA04geL-dpowEOl2CKqGykkfglbHH6XoCDbQFYEcDxj_9V0k5eGg0g6CJm1J843H4dWUSIJ_ycE81d0PKlHDVXpuDzlngBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0lkC4PmeXnyEaGSDV9531Rh83x6A%2526client%253Dca-pub-9138247653754533%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3c01ff3cf1eede0634fd027a59dc3a5f2f82eb5cbe271f4aec1dffddb774881
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=321735%2C319925%2C169080&b=D8qh3fWwh2Rdqa3HmH9t1tegVphWTmTgbtV%2CeZqa3fgVHZPYrSjHZHet1tXZr2FjTQTYdU1%2CD8qh3fWwhGGGBa3HmH9t1tkbKKTWTmTgbtV&f=d9DSEfPkH5r7BCEHjHwtqC8MDzc3T4T1rUj%2CD8qh3fWwh24eGT3HmH9twCkQjqHWTmTgbtV%2Cd9DSEfPkHpppJTEHjHwtqC54wwC3T4T1rUj&c=300&d=250&e=&g=b2c0f8cee676de65fd64169b5c484543%2F12942053561564023625&i=110819%2C83339%2C65760&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1668903737554&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g29gf1qb6xz3mkn5x4y00jyaatkprv016hy859kdcdvgffktas4k00rgen378x83jysy7yj030far6rxf1vkjp0c0cgskf14j929k62aehrvtgmtjp53rwb8rykewzyz0rxc6de9048q7kmzmke5b0d0zevyf8zavc1s2t3g834yx9xmkr7x34jsa15ef6vm3tbdq5cmgrb2qzym45vr9wd26mkgj3m7f5c0xwrxxnke3qhbn14b0wqzfk52pp2kf59jvyp9c0wga4zyb00%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiCvMOHN5Y9-8JpnH7_UPpPqP2AGQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTkxMzgyNDc2NTM3NTQ1MzPIAQmpAnNp6beoUrE-4AIAqAMBqgTrAU_QzsQih9DZgRZM0-KBjm7-DvIEEtWweExJmhGPYX0Zg-_9FxCsONT8VFNXvtqpEzEgfHh1h3cwfKI2hKHM3U5bVekJ4mmsejc3w3cWyb3icNet9mevGhTTG8kL-qi5L7iMfVmNpi3BZjabLCarp62qK4d9vp6S_-zSUehjFXh7VfQjgp-Oy_zJQyoF5-4HB4DlBW90c3nOc9xGBD1AGHbvKqpwEenAA04geL-dpowEOl2CKqGykkfglbHH6XoCDbQFYEcDxj_9V0k5eGg0g6CJm1J843H4dWUSIJ_ycE81d0PKlHDVXpuDzlngBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0lkC4PmeXnyEaGSDV9531Rh83x6A%2526client%253Dca-pub-9138247653754533%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:17 GMT
strict-transport-security
max-age=86400; includeSubDomains; preload
via
1.1 google
x-content-type-options
nosniff
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
cf-cache-status
HIT
age
284195
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=91232
surrogate-control
no-store
content-encoding
br
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
cf-bgj
minify
last-modified
Wed, 16 Nov 2022 17:25:42 GMT
cross-origin-opener-policy
unsafe-none
server
cloudflare
x-download-options
noopen
vary
accept-encoding
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
76cd07c89be37789-LHR
expires
0
32F23C7559EE7EB10B0612EC54855DCC534784F93890DD11CBD844681DEF4739C06EF675715F3D3A7EA93E8627400F67EC439A270FF5E659B22B480C0A0343DC
assets.ad4m.at/logo/ Frame 06F3 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/32F23C7559EE7EB10B0612EC54855DCC534784F93890DD11CBD844681DEF4739C06EF675715F3D3A7EA93E8627400F67EC439A270FF5E659B22B480C0A0343DC
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=321735%2C319925%2C169080&b=D8qh3fWwh2Rdqa3HmH9t1tegVphWTmTgbtV%2CeZqa3fgVHZPYrSjHZHet1tXZr2FjTQTYdU1%2CD8qh3fWwhGGGBa3HmH9t1tkbKKTWTmTgbtV&f=d9DSEfPkH5r7BCEHjHwtqC8MDzc3T4T1rUj%2CD8qh3fWwh24eGT3HmH9twCkQjqHWTmTgbtV%2Cd9DSEfPkHpppJTEHjHwtqC54wwC3T4T1rUj&c=300&d=250&e=&g=b2c0f8cee676de65fd64169b5c484543%2F12942053561564023625&i=110819%2C83339%2C65760&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1668903737554&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g29gf1qb6xz3mkn5x4y00jyaatkprv016hy859kdcdvgffktas4k00rgen378x83jysy7yj030far6rxf1vkjp0c0cgskf14j929k62aehrvtgmtjp53rwb8rykewzyz0rxc6de9048q7kmzmke5b0d0zevyf8zavc1s2t3g834yx9xmkr7x34jsa15ef6vm3tbdq5cmgrb2qzym45vr9wd26mkgj3m7f5c0xwrxxnke3qhbn14b0wqzfk52pp2kf59jvyp9c0wga4zyb00%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiCvMOHN5Y9-8JpnH7_UPpPqP2AGQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTkxMzgyNDc2NTM3NTQ1MzPIAQmpAnNp6beoUrE-4AIAqAMBqgTrAU_QzsQih9DZgRZM0-KBjm7-DvIEEtWweExJmhGPYX0Zg-_9FxCsONT8VFNXvtqpEzEgfHh1h3cwfKI2hKHM3U5bVekJ4mmsejc3w3cWyb3icNet9mevGhTTG8kL-qi5L7iMfVmNpi3BZjabLCarp62qK4d9vp6S_-zSUehjFXh7VfQjgp-Oy_zJQyoF5-4HB4DlBW90c3nOc9xGBD1AGHbvKqpwEenAA04geL-dpowEOl2CKqGykkfglbHH6XoCDbQFYEcDxj_9V0k5eGg0g6CJm1J843H4dWUSIJ_ycE81d0PKlHDVXpuDzlngBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0lkC4PmeXnyEaGSDV9531Rh83x6A%2526client%253Dca-pub-9138247653754533%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b003afa15165c632feeec754e2df29e83ed92ccae2fc38187f170ed1bc388ec0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:17 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
281157
cf-polished
origFmt=png, origSize=85233
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
54280
cf-bgj
imgq:85,h2pri
last-modified
Wed, 16 Nov 2022 17:18:26 GMT
server
cloudflare
etag
"0bc184d99872986e7c36d6945f607e59"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LVRlzRfej8hvYMfrDH%2FSOkkNqZ03gQKSVvEdrsmVN14TcGTSkGKdT2PRZ7YFmBCEN1rXIFxEgHP9sAHJKBk7mF2SU%2FDiTxwduJW2wniaErzy8cXWkhTJbN7jVJM23L9PKk9P%2FwR4tzrimMsE"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
76cd07c89be57789-LHR
expires
Mon, 21 Nov 2022 00:22:17 GMT
831D0FE32B145B761077CFC592BD206C2CE087B565208A08CBD98E3B38F09AC68B46D6E1256C993416DA9EF02099D633246555FC17762F3E215B6156D6F4C095
assets.ad4m.at/product_image/ Frame 06F3 		193 KB
193 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/831D0FE32B145B761077CFC592BD206C2CE087B565208A08CBD98E3B38F09AC68B46D6E1256C993416DA9EF02099D633246555FC17762F3E215B6156D6F4C095
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=321735%2C319925%2C169080&b=D8qh3fWwh2Rdqa3HmH9t1tegVphWTmTgbtV%2CeZqa3fgVHZPYrSjHZHet1tXZr2FjTQTYdU1%2CD8qh3fWwhGGGBa3HmH9t1tkbKKTWTmTgbtV&f=d9DSEfPkH5r7BCEHjHwtqC8MDzc3T4T1rUj%2CD8qh3fWwh24eGT3HmH9twCkQjqHWTmTgbtV%2Cd9DSEfPkHpppJTEHjHwtqC54wwC3T4T1rUj&c=300&d=250&e=&g=b2c0f8cee676de65fd64169b5c484543%2F12942053561564023625&i=110819%2C83339%2C65760&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1668903737554&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g29gf1qb6xz3mkn5x4y00jyaatkprv016hy859kdcdvgffktas4k00rgen378x83jysy7yj030far6rxf1vkjp0c0cgskf14j929k62aehrvtgmtjp53rwb8rykewzyz0rxc6de9048q7kmzmke5b0d0zevyf8zavc1s2t3g834yx9xmkr7x34jsa15ef6vm3tbdq5cmgrb2qzym45vr9wd26mkgj3m7f5c0xwrxxnke3qhbn14b0wqzfk52pp2kf59jvyp9c0wga4zyb00%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiCvMOHN5Y9-8JpnH7_UPpPqP2AGQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTkxMzgyNDc2NTM3NTQ1MzPIAQmpAnNp6beoUrE-4AIAqAMBqgTrAU_QzsQih9DZgRZM0-KBjm7-DvIEEtWweExJmhGPYX0Zg-_9FxCsONT8VFNXvtqpEzEgfHh1h3cwfKI2hKHM3U5bVekJ4mmsejc3w3cWyb3icNet9mevGhTTG8kL-qi5L7iMfVmNpi3BZjabLCarp62qK4d9vp6S_-zSUehjFXh7VfQjgp-Oy_zJQyoF5-4HB4DlBW90c3nOc9xGBD1AGHbvKqpwEenAA04geL-dpowEOl2CKqGykkfglbHH6XoCDbQFYEcDxj_9V0k5eGg0g6CJm1J843H4dWUSIJ_ycE81d0PKlHDVXpuDzlngBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0lkC4PmeXnyEaGSDV9531Rh83x6A%2526client%253Dca-pub-9138247653754533%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9793fc03a50f4e6cdd1d91743c7c18f33bf8ac521cb84f7e3d0fe24672ad72e3

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:17 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
277586
cf-polished
origFmt=png, origSize=311499
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
197460
cf-bgj
imgq:85,h2pri
last-modified
Wed, 16 Nov 2022 17:45:43 GMT
server
cloudflare
etag
"3e47fe2e828ecba46fd7e6ae452966ae"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5EUEI9iOJxpwQkIsCmorB7%2BbNugqZilgdCD4r1VP%2FLO20SeansuXDnyEdp8uF%2FzQ4Z%2BQ33mPEqZJnxzx4tFz7Sz7dnbvVOXsbyA%2B3p8PgNcrbAxExM%2F2NbJYmk7UzWSlZlhtm1jzISPCBLJ7"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
76cd07c8abf67789-LHR
expires
Mon, 21 Nov 2022 00:22:17 GMT
FE0B78D97BA1F2E5CD2154F6820A1AB9B86F5F439818DF46163CA56E8EE17513C3A0CE54E604EC24901F78DD798D13BAE97E0680454D3977BD86051E08913E70
assets.ad4m.at/logo/ Frame 06F3 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/FE0B78D97BA1F2E5CD2154F6820A1AB9B86F5F439818DF46163CA56E8EE17513C3A0CE54E604EC24901F78DD798D13BAE97E0680454D3977BD86051E08913E70
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=321735%2C319925%2C169080&b=D8qh3fWwh2Rdqa3HmH9t1tegVphWTmTgbtV%2CeZqa3fgVHZPYrSjHZHet1tXZr2FjTQTYdU1%2CD8qh3fWwhGGGBa3HmH9t1tkbKKTWTmTgbtV&f=d9DSEfPkH5r7BCEHjHwtqC8MDzc3T4T1rUj%2CD8qh3fWwh24eGT3HmH9twCkQjqHWTmTgbtV%2Cd9DSEfPkHpppJTEHjHwtqC54wwC3T4T1rUj&c=300&d=250&e=&g=b2c0f8cee676de65fd64169b5c484543%2F12942053561564023625&i=110819%2C83339%2C65760&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1668903737554&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g29gf1qb6xz3mkn5x4y00jyaatkprv016hy859kdcdvgffktas4k00rgen378x83jysy7yj030far6rxf1vkjp0c0cgskf14j929k62aehrvtgmtjp53rwb8rykewzyz0rxc6de9048q7kmzmke5b0d0zevyf8zavc1s2t3g834yx9xmkr7x34jsa15ef6vm3tbdq5cmgrb2qzym45vr9wd26mkgj3m7f5c0xwrxxnke3qhbn14b0wqzfk52pp2kf59jvyp9c0wga4zyb00%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiCvMOHN5Y9-8JpnH7_UPpPqP2AGQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTkxMzgyNDc2NTM3NTQ1MzPIAQmpAnNp6beoUrE-4AIAqAMBqgTrAU_QzsQih9DZgRZM0-KBjm7-DvIEEtWweExJmhGPYX0Zg-_9FxCsONT8VFNXvtqpEzEgfHh1h3cwfKI2hKHM3U5bVekJ4mmsejc3w3cWyb3icNet9mevGhTTG8kL-qi5L7iMfVmNpi3BZjabLCarp62qK4d9vp6S_-zSUehjFXh7VfQjgp-Oy_zJQyoF5-4HB4DlBW90c3nOc9xGBD1AGHbvKqpwEenAA04geL-dpowEOl2CKqGykkfglbHH6XoCDbQFYEcDxj_9V0k5eGg0g6CJm1J843H4dWUSIJ_ycE81d0PKlHDVXpuDzlngBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0lkC4PmeXnyEaGSDV9531Rh83x6A%2526client%253Dca-pub-9138247653754533%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76967d830f6aef06f336d8b7323d7d8a07e08b56080a1b3c8b9ada0b5e7ead26

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:17 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
283840
cf-polished
origFmt=png, origSize=16545
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4432
cf-bgj
imgq:85,h2pri
last-modified
Tue, 27 Sep 2022 13:33:57 GMT
server
cloudflare
etag
"a12a2ed1d853ee0e3231c93bd5bd45d2"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DGcrRp15cV33utYv8czRhZ6Z6sadKH0AjftIPCX9T%2BedVXPXOs4iZ67%2BgK372RgDE4vYTQlJWD%2FeVAHC6V5CLx2HU2OohJqNG1qlenhsixSgcpkpSMcExZMPXxrSNGIg71v6e48tCBVQU2jt"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
76cd07c8abf87789-LHR
expires
Mon, 21 Nov 2022 00:22:17 GMT
81903CDEE52274B47AAD68A98346E49AD7DBB39D08CAFBC6EA976852CA379D44FA063F4EC463639E0D9F309486BCFA2AEF125D1805770F4F17701A4DAA33AAFC
assets.ad4m.at/product_image/ Frame 06F3 		57 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/81903CDEE52274B47AAD68A98346E49AD7DBB39D08CAFBC6EA976852CA379D44FA063F4EC463639E0D9F309486BCFA2AEF125D1805770F4F17701A4DAA33AAFC
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=321735%2C319925%2C169080&b=D8qh3fWwh2Rdqa3HmH9t1tegVphWTmTgbtV%2CeZqa3fgVHZPYrSjHZHet1tXZr2FjTQTYdU1%2CD8qh3fWwhGGGBa3HmH9t1tkbKKTWTmTgbtV&f=d9DSEfPkH5r7BCEHjHwtqC8MDzc3T4T1rUj%2CD8qh3fWwh24eGT3HmH9twCkQjqHWTmTgbtV%2Cd9DSEfPkHpppJTEHjHwtqC54wwC3T4T1rUj&c=300&d=250&e=&g=b2c0f8cee676de65fd64169b5c484543%2F12942053561564023625&i=110819%2C83339%2C65760&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1668903737554&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g29gf1qb6xz3mkn5x4y00jyaatkprv016hy859kdcdvgffktas4k00rgen378x83jysy7yj030far6rxf1vkjp0c0cgskf14j929k62aehrvtgmtjp53rwb8rykewzyz0rxc6de9048q7kmzmke5b0d0zevyf8zavc1s2t3g834yx9xmkr7x34jsa15ef6vm3tbdq5cmgrb2qzym45vr9wd26mkgj3m7f5c0xwrxxnke3qhbn14b0wqzfk52pp2kf59jvyp9c0wga4zyb00%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiCvMOHN5Y9-8JpnH7_UPpPqP2AGQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTkxMzgyNDc2NTM3NTQ1MzPIAQmpAnNp6beoUrE-4AIAqAMBqgTrAU_QzsQih9DZgRZM0-KBjm7-DvIEEtWweExJmhGPYX0Zg-_9FxCsONT8VFNXvtqpEzEgfHh1h3cwfKI2hKHM3U5bVekJ4mmsejc3w3cWyb3icNet9mevGhTTG8kL-qi5L7iMfVmNpi3BZjabLCarp62qK4d9vp6S_-zSUehjFXh7VfQjgp-Oy_zJQyoF5-4HB4DlBW90c3nOc9xGBD1AGHbvKqpwEenAA04geL-dpowEOl2CKqGykkfglbHH6XoCDbQFYEcDxj_9V0k5eGg0g6CJm1J843H4dWUSIJ_ycE81d0PKlHDVXpuDzlngBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0lkC4PmeXnyEaGSDV9531Rh83x6A%2526client%253Dca-pub-9138247653754533%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49b5ce8d75f6bdb3ca5d82d43ed447d165e366bc67febbdd6bbcebae55ff5f88

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:17 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
807136
cf-polished
qual=85, origFmt=jpeg, origSize=460847
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
58750
cf-bgj
imgq:85,h2pri
last-modified
Thu, 03 Nov 2022 14:23:29 GMT
server
cloudflare
etag
"c13e8637d3094579c88759a8f253abad"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wz1zn4K1mD3e7WFKhlJ9pAPVmT5vpAXlcxllh5N%2F7UhltmfNFOY1OKRBfxXJA9h%2FECXggZzSmxc7Daulzb%2BfhAUzssBXR8YSyd2%2BnKFc9UJmR4LSC3eHmqJlKzHlOQj8MgNFFkxIBmEo%2FwXH"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
76cd07c8abfb7789-LHR
expires
Mon, 21 Nov 2022 00:22:17 GMT
cshow.php
www.awin1.com/ Frame 06F3 		43 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=3247354&v=16798&q=361110&r=412871&pv=1&pref3=oneideZqa3fgVHZPYrSjHZHet1tXZr2FjTQTYdU1oneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=321735%2C319925%2C169080&b=D8qh3fWwh2Rdqa3HmH9t1tegVphWTmTgbtV%2CeZqa3fgVHZPYrSjHZHet1tXZr2FjTQTYdU1%2CD8qh3fWwhGGGBa3HmH9t1tkbKKTWTmTgbtV&f=d9DSEfPkH5r7BCEHjHwtqC8MDzc3T4T1rUj%2CD8qh3fWwh24eGT3HmH9twCkQjqHWTmTgbtV%2Cd9DSEfPkHpppJTEHjHwtqC54wwC3T4T1rUj&c=300&d=250&e=&g=b2c0f8cee676de65fd64169b5c484543%2F12942053561564023625&i=110819%2C83339%2C65760&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1668903737554&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g29gf1qb6xz3mkn5x4y00jyaatkprv016hy859kdcdvgffktas4k00rgen378x83jysy7yj030far6rxf1vkjp0c0cgskf14j929k62aehrvtgmtjp53rwb8rykewzyz0rxc6de9048q7kmzmke5b0d0zevyf8zavc1s2t3g834yx9xmkr7x34jsa15ef6vm3tbdq5cmgrb2qzym45vr9wd26mkgj3m7f5c0xwrxxnke3qhbn14b0wqzfk52pp2kf59jvyp9c0wga4zyb00%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiCvMOHN5Y9-8JpnH7_UPpPqP2AGQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTkxMzgyNDc2NTM3NTQ1MzPIAQmpAnNp6beoUrE-4AIAqAMBqgTrAU_QzsQih9DZgRZM0-KBjm7-DvIEEtWweExJmhGPYX0Zg-_9FxCsONT8VFNXvtqpEzEgfHh1h3cwfKI2hKHM3U5bVekJ4mmsejc3w3cWyb3icNet9mevGhTTG8kL-qi5L7iMfVmNpi3BZjabLCarp62qK4d9vp6S_-zSUehjFXh7VfQjgp-Oy_zJQyoF5-4HB4DlBW90c3nOc9xGBD1AGHbvKqpwEenAA04geL-dpowEOl2CKqGykkfglbHH6XoCDbQFYEcDxj_9V0k5eGg0g6CJm1J843H4dWUSIJ_ycE81d0PKlHDVXpuDzlngBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0lkC4PmeXnyEaGSDV9531Rh83x6A%2526client%253Dca-pub-9138247653754533%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-239-217.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 20 Nov 2022 00:22:17 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
B62FFE09B86673D2BFA4F5D5B62840ACABBB5D68277A6CC7FC488887E41CB7AE8C6CC3D5F186CAA1A6711EC0C251982312B5C565DD7A7905BCB44E3633432F8A
assets.ad4m.at/logo/ Frame 06F3 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/B62FFE09B86673D2BFA4F5D5B62840ACABBB5D68277A6CC7FC488887E41CB7AE8C6CC3D5F186CAA1A6711EC0C251982312B5C565DD7A7905BCB44E3633432F8A
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=321735%2C319925%2C169080&b=D8qh3fWwh2Rdqa3HmH9t1tegVphWTmTgbtV%2CeZqa3fgVHZPYrSjHZHet1tXZr2FjTQTYdU1%2CD8qh3fWwhGGGBa3HmH9t1tkbKKTWTmTgbtV&f=d9DSEfPkH5r7BCEHjHwtqC8MDzc3T4T1rUj%2CD8qh3fWwh24eGT3HmH9twCkQjqHWTmTgbtV%2Cd9DSEfPkHpppJTEHjHwtqC54wwC3T4T1rUj&c=300&d=250&e=&g=b2c0f8cee676de65fd64169b5c484543%2F12942053561564023625&i=110819%2C83339%2C65760&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1668903737554&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g29gf1qb6xz3mkn5x4y00jyaatkprv016hy859kdcdvgffktas4k00rgen378x83jysy7yj030far6rxf1vkjp0c0cgskf14j929k62aehrvtgmtjp53rwb8rykewzyz0rxc6de9048q7kmzmke5b0d0zevyf8zavc1s2t3g834yx9xmkr7x34jsa15ef6vm3tbdq5cmgrb2qzym45vr9wd26mkgj3m7f5c0xwrxxnke3qhbn14b0wqzfk52pp2kf59jvyp9c0wga4zyb00%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiCvMOHN5Y9-8JpnH7_UPpPqP2AGQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTkxMzgyNDc2NTM3NTQ1MzPIAQmpAnNp6beoUrE-4AIAqAMBqgTrAU_QzsQih9DZgRZM0-KBjm7-DvIEEtWweExJmhGPYX0Zg-_9FxCsONT8VFNXvtqpEzEgfHh1h3cwfKI2hKHM3U5bVekJ4mmsejc3w3cWyb3icNet9mevGhTTG8kL-qi5L7iMfVmNpi3BZjabLCarp62qK4d9vp6S_-zSUehjFXh7VfQjgp-Oy_zJQyoF5-4HB4DlBW90c3nOc9xGBD1AGHbvKqpwEenAA04geL-dpowEOl2CKqGykkfglbHH6XoCDbQFYEcDxj_9V0k5eGg0g6CJm1J843H4dWUSIJ_ycE81d0PKlHDVXpuDzlngBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0lkC4PmeXnyEaGSDV9531Rh83x6A%2526client%253Dca-pub-9138247653754533%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3c144c4f8692cad3e391f43b282ff6cb59f2bb3f03c805f8d0c0cfba2f6dd60

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:17 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1493299
cf-polished
origFmt=png, origSize=17428
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4642
cf-bgj
imgq:85,h2pri
last-modified
Fri, 22 Oct 2021 09:58:13 GMT
server
cloudflare
etag
"aa8fff6f6c7d296f039d5bcda00d5257"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Huld5YQxH7HQ1HuqPazmBYArGhozxwR5IJy4DFyNZdMY8TCzV773S%2FbufpadqyZvc7ncImq%2Bbaf3egMR%2BSk36d%2FzsBkLuB4UhaRvHwtrH%2BVIUZ73dN5x16RpUGx2XOIQgUIskKpZqFZ0Qd8J"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
76cd07c8abfd7789-LHR
expires
Mon, 21 Nov 2022 00:22:17 GMT
FCE49E1531E79349833FEBDB7533A30B9A744177F8264E7C61970A62BE1544B5AAABFF9C609FE11E6920604AA41733C8FF5A69EAC3919EA134B2C24AEEA9B457
assets.ad4m.at/product_image/ Frame 06F3 		359 KB
360 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/FCE49E1531E79349833FEBDB7533A30B9A744177F8264E7C61970A62BE1544B5AAABFF9C609FE11E6920604AA41733C8FF5A69EAC3919EA134B2C24AEEA9B457
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=321735%2C319925%2C169080&b=D8qh3fWwh2Rdqa3HmH9t1tegVphWTmTgbtV%2CeZqa3fgVHZPYrSjHZHet1tXZr2FjTQTYdU1%2CD8qh3fWwhGGGBa3HmH9t1tkbKKTWTmTgbtV&f=d9DSEfPkH5r7BCEHjHwtqC8MDzc3T4T1rUj%2CD8qh3fWwh24eGT3HmH9twCkQjqHWTmTgbtV%2Cd9DSEfPkHpppJTEHjHwtqC54wwC3T4T1rUj&c=300&d=250&e=&g=b2c0f8cee676de65fd64169b5c484543%2F12942053561564023625&i=110819%2C83339%2C65760&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1668903737554&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g29gf1qb6xz3mkn5x4y00jyaatkprv016hy859kdcdvgffktas4k00rgen378x83jysy7yj030far6rxf1vkjp0c0cgskf14j929k62aehrvtgmtjp53rwb8rykewzyz0rxc6de9048q7kmzmke5b0d0zevyf8zavc1s2t3g834yx9xmkr7x34jsa15ef6vm3tbdq5cmgrb2qzym45vr9wd26mkgj3m7f5c0xwrxxnke3qhbn14b0wqzfk52pp2kf59jvyp9c0wga4zyb00%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiCvMOHN5Y9-8JpnH7_UPpPqP2AGQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTkxMzgyNDc2NTM3NTQ1MzPIAQmpAnNp6beoUrE-4AIAqAMBqgTrAU_QzsQih9DZgRZM0-KBjm7-DvIEEtWweExJmhGPYX0Zg-_9FxCsONT8VFNXvtqpEzEgfHh1h3cwfKI2hKHM3U5bVekJ4mmsejc3w3cWyb3icNet9mevGhTTG8kL-qi5L7iMfVmNpi3BZjabLCarp62qK4d9vp6S_-zSUehjFXh7VfQjgp-Oy_zJQyoF5-4HB4DlBW90c3nOc9xGBD1AGHbvKqpwEenAA04geL-dpowEOl2CKqGykkfglbHH6XoCDbQFYEcDxj_9V0k5eGg0g6CJm1J843H4dWUSIJ_ycE81d0PKlHDVXpuDzlngBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0lkC4PmeXnyEaGSDV9531Rh83x6A%2526client%253Dca-pub-9138247653754533%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
816f9db313b3397109c09c0cefafe77ecf775a18c11f7e35de8a5126613fb45e

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:17 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
719677
cf-polished
origFmt=png, origSize=565110
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
367774
cf-bgj
imgq:85,h2pri
last-modified
Fri, 22 Oct 2021 10:16:19 GMT
server
cloudflare
etag
"d711e4bf72811e8e6e7f50c634dcf690"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Pv5eEhZj9NzI2Uh%2FnSJ71sON7YQUB9lDqLExke3WMKFKnxYKn2NwhRos94mk7E6fRlgItCbj2HnyJMIKwbUoozSVfdD658iaHkjvqUbS%2BQz1vhEDHokERCKDIaWwULi8Mr35QU4CIIl6sxr"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
76cd07c8abfe7789-LHR
expires
Mon, 21 Nov 2022 00:22:17 GMT
/
api.1plus1.video/home/vmap/ Frame 966F 		750 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.1plus1.video/home/vmap/?s=1plus1.ua&r=YUhSMGNITTZMeTh4Y0d4MWN6RXVkV0V2&w=665&h=400&c=E2fzXbha&d=web&p1v=0&pid=128902
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.546.0_uk.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
195.137.240.88 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
front02.1plus1.ua
Software
nginx /
Resource Hash
d9e721690599ba29582955cb0322a87c361441a2d7446fd4ac2d974788ae0b6a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 20 Nov 2022 00:22:17 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/xml
Access-Control-Allow-Origin
https://imasdk.googleapis.com
Cache-Control
no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=15
Expires
Thu, 19 Nov 1981 08:52:00 GMT
link.html
track.webgains.com/ Frame C0E7 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=4366768&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jkxr6hxdp1at4hb1ar8he7err6p6zzdvqp3gha7nx61w391816qggxmssx8jkhkhy857g9q75rrzzh6ezq9ezga96rf95zy8gcvn60k0sg0y7dkprbmzr1qsw2ne5k4tk803xd1d7f1j1fgmxkvkc2fw7vr1jcv67kgfcyghcx2s8v3kpba3ve435z97xczazc8zf222pv07sgmk0x8031fpdaj4aenrfm6ej9ntzwxhhqprsyqtzacg4cf60bgwstvv0g%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gtfc5f5p94ksnpbb2t4mw2545edfxz73sbycvw0fq632bjrh776tzqcz5pmbk2v62z7q4ptm0h81z13c86gq1999c5bjbj9nx7exj6awa2jhbhs6rzjmkpr0pjg2vrxctn0fgkt488stdqrwcp9aptwpzv22hgvshv4stxbe994hmq2sgx9c649tpetqqqc86bv3gzy33fgbhyrkxezwh817qmeqmn1h7nw58m3n75a7kfjrfkp8yw19agcfc4v1w9ewrapr5amtk6fz9j0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCdkEwOHN5Y968JpnH7_UPpPqP2AGQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTkxMzgyNDc2NTM3NTQ1MzPIAQmpAnNp6beoUrE-4AIAqAMBqgTnAU_QKcrMD_b-7peUfxkthYOMunm24e0DI-INrMaqFQ5DNp06vQedkKxH3dt4f2CR3m_rYF00uk-eool6vwYuazz7UMeStn0aHmmr2fbp9JorRwJ1cNVwPf5hvVl9J8YAz3Tsp78Lk4NjCwrEqFKGkwh0O-Bqtwd8ZLrHIUyffCBpP44lwaN2edDPwjumshGlFWlw7yMu7cqqIQ7g1CJ1GuXPNTruW7JcgbO4YmyuGoYmo869dVb_PKfakXsC4EhV9z94QIYwMbqN4OG6XtXidx3bNylGfr4gJ9oe2-grbrGcdzeNwlMlPuAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1RJfO3b-eHNUHrwov7MT7gjHbKyQ%252526client%25253Dca-pub-9138247653754533%252526adurl%25253D&clickref=oneidgzdf8fdrUWBQeTPHbH8txCj718HdTQTM6Ceoneid__suite_Netmix_Reach43_TopRotaMonth&viewref=oneidwbKFdf1jUxkV1TEHRH2tXtp2gZfKTAT69a5oneid__suite_Netmix_Reach43_TopRotaMonth
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=321034%2C15255%2C117569&b=wbKFdf1jUxkV1TEHRH2tXtp2gZfKTAT69a5%2C23Yh6fAqfMAJtVHWHkt8tREbaWT7TKBTg%2Cz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSW&f=gzdf8fdrUWBQeTPHbH8txCj718HdTQTM6Ce%2C4PGSEfX5CwQRSGH9HdtzCjWrtZTpT1EUK%2C8QjCDfM8FeE9zhgHJHEtqC4gZCPTwT1MUk&c=300&d=250&e=&g=17d042f3ab08dd98b6d634ae4de7d75f%2F9936139167091613381&i=111584%2C25174%2C29981&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1668903737545&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gtfc5f5p94ksnpbb2t4mw2545edfxz73sbycvw0fq632bjrh776tzqcz5pmbk2v62z7q4ptm0h81z13c86gq1999c5bjbj9nx7exj6awa2jhbhs6rzjmkpr0pjg2vrxctn0fgkt488stdqrwcp9aptwpzv22hgvshv4stxbe994hmq2sgx9c649tpetqqqc86bv3gzy33fgbhyrkxezwh817qmeqmn1h7nw58m3n75a7kfjrfkp8yw19agcfc4v1w9ewrapr5amtk6fz9j0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCdkEwOHN5Y968JpnH7_UPpPqP2AGQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTkxMzgyNDc2NTM3NTQ1MzPIAQmpAnNp6beoUrE-4AIAqAMBqgTnAU_QKcrMD_b-7peUfxkthYOMunm24e0DI-INrMaqFQ5DNp06vQedkKxH3dt4f2CR3m_rYF00uk-eool6vwYuazz7UMeStn0aHmmr2fbp9JorRwJ1cNVwPf5hvVl9J8YAz3Tsp78Lk4NjCwrEqFKGkwh0O-Bqtwd8ZLrHIUyffCBpP44lwaN2edDPwjumshGlFWlw7yMu7cqqIQ7g1CJ1GuXPNTruW7JcgbO4YmyuGoYmo869dVb_PKfakXsC4EhV9z94QIYwMbqN4OG6XtXidx3bNylGfr4gJ9oe2-grbrGcdzeNwlMlPuAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1RJfO3b-eHNUHrwov7MT7gjHbKyQ%2526client%253Dca-pub-9138247653754533%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.41.118.175 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-41-118-175.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
9003840ee1080376832d12bf05d17e7f9526d2da9537965d0f93cca78dab09cb

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:17 GMT
last-modified
Sun, 20 Nov 2022 00:22:17 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Sun, 20 Nov 2022 00:23:17 GMT
link.html
track.webgains.com/ Frame 06F3 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=4371640&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1k0tgxjwtqxa1sne2ky5srxbx4cdc4gv5z5rewsbqyavyzvwt50zwsec3zr7x32486h5t41hanjew0td7p9rrz63gnptzqm2nbjcdvbbasasp2x8365yhfccd9zd62v080hpjeabb9nv189qhkarps76m0b1qggmh8hdpvar1pxpmfbk42me1rjvckx759vxs16qcxfvzk3s780ade6frp1mm2qn353339100f5113dbmwyf77wattf756btdsgv8tnatmjv%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g29gf1qb6xz3mkn5x4y00jyaatkprv016hy859kdcdvgffktas4k00rgen378x83jysy7yj030far6rxf1vkjp0c0cgskf14j929k62aehrvtgmtjp53rwb8rykewzyz0rxc6de9048q7kmzmke5b0d0zevyf8zavc1s2t3g834yx9xmkr7x34jsa15ef6vm3tbdq5cmgrb2qzym45vr9wd26mkgj3m7f5c0xwrxxnke3qhbn14b0wqzfk52pp2kf59jvyp9c0wga4zyb00%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCiCvMOHN5Y9-8JpnH7_UPpPqP2AGQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTkxMzgyNDc2NTM3NTQ1MzPIAQmpAnNp6beoUrE-4AIAqAMBqgTrAU_QzsQih9DZgRZM0-KBjm7-DvIEEtWweExJmhGPYX0Zg-_9FxCsONT8VFNXvtqpEzEgfHh1h3cwfKI2hKHM3U5bVekJ4mmsejc3w3cWyb3icNet9mevGhTTG8kL-qi5L7iMfVmNpi3BZjabLCarp62qK4d9vp6S_-zSUehjFXh7VfQjgp-Oy_zJQyoF5-4HB4DlBW90c3nOc9xGBD1AGHbvKqpwEenAA04geL-dpowEOl2CKqGykkfglbHH6XoCDbQFYEcDxj_9V0k5eGg0g6CJm1J843H4dWUSIJ_ycE81d0PKlHDVXpuDzlngBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0lkC4PmeXnyEaGSDV9531Rh83x6A%252526client%25253Dca-pub-9138247653754533%252526adurl%25253D&clickref=oneidd9DSEfPkH5r7BCEHjHwtqC8MDzc3T4T1rUjoneid__suite_Netmix_Reach43_TopRotaMonth&viewref=oneidD8qh3fWwh2Rdqa3HmH9t1tegVphWTmTgbtVoneid__suite_Netmix_Reach43_TopRotaMonth
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=321735%2C319925%2C169080&b=D8qh3fWwh2Rdqa3HmH9t1tegVphWTmTgbtV%2CeZqa3fgVHZPYrSjHZHet1tXZr2FjTQTYdU1%2CD8qh3fWwhGGGBa3HmH9t1tkbKKTWTmTgbtV&f=d9DSEfPkH5r7BCEHjHwtqC8MDzc3T4T1rUj%2CD8qh3fWwh24eGT3HmH9twCkQjqHWTmTgbtV%2Cd9DSEfPkHpppJTEHjHwtqC54wwC3T4T1rUj&c=300&d=250&e=&g=b2c0f8cee676de65fd64169b5c484543%2F12942053561564023625&i=110819%2C83339%2C65760&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1668903737554&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g29gf1qb6xz3mkn5x4y00jyaatkprv016hy859kdcdvgffktas4k00rgen378x83jysy7yj030far6rxf1vkjp0c0cgskf14j929k62aehrvtgmtjp53rwb8rykewzyz0rxc6de9048q7kmzmke5b0d0zevyf8zavc1s2t3g834yx9xmkr7x34jsa15ef6vm3tbdq5cmgrb2qzym45vr9wd26mkgj3m7f5c0xwrxxnke3qhbn14b0wqzfk52pp2kf59jvyp9c0wga4zyb00%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiCvMOHN5Y9-8JpnH7_UPpPqP2AGQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTkxMzgyNDc2NTM3NTQ1MzPIAQmpAnNp6beoUrE-4AIAqAMBqgTrAU_QzsQih9DZgRZM0-KBjm7-DvIEEtWweExJmhGPYX0Zg-_9FxCsONT8VFNXvtqpEzEgfHh1h3cwfKI2hKHM3U5bVekJ4mmsejc3w3cWyb3icNet9mevGhTTG8kL-qi5L7iMfVmNpi3BZjabLCarp62qK4d9vp6S_-zSUehjFXh7VfQjgp-Oy_zJQyoF5-4HB4DlBW90c3nOc9xGBD1AGHbvKqpwEenAA04geL-dpowEOl2CKqGykkfglbHH6XoCDbQFYEcDxj_9V0k5eGg0g6CJm1J843H4dWUSIJ_ycE81d0PKlHDVXpuDzlngBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0lkC4PmeXnyEaGSDV9531Rh83x6A%2526client%253Dca-pub-9138247653754533%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.41.118.175 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-41-118-175.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
d942cf7b1c3373838ad0dcb9e20f6563e375a3a56b6173939a7129f3cc0f33bc

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:17 GMT
last-modified
Sun, 20 Nov 2022 00:22:17 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Sun, 20 Nov 2022 00:23:17 GMT
link.html
track.webgains.com/ Frame 06F3 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=3766811&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1j88w3zd9jr9n27yh2rhv27vvqd66gp485pdatscf3s15r3gtk1d66x74a8q7tq4v58q7q8x1w4h8c897c2qgnm9jznf55aetcs8pwd4akc28atmat1fnn4nsy9dqaf526x7vks6bh5we5ff3wk2s59pv39g8c562qgb00gtz6npw7kwq8nyeq7shha4atm002ecz2m5xmy8ckh8qwr6gc6td0sdh6s2dw63xk055hjpwt7kebt47pk8n01pe4y18zd5490%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g29gf1qb6xz3mkn5x4y00jyaatkprv016hy859kdcdvgffktas4k00rgen378x83jysy7yj030far6rxf1vkjp0c0cgskf14j929k62aehrvtgmtjp53rwb8rykewzyz0rxc6de9048q7kmzmke5b0d0zevyf8zavc1s2t3g834yx9xmkr7x34jsa15ef6vm3tbdq5cmgrb2qzym45vr9wd26mkgj3m7f5c0xwrxxnke3qhbn14b0wqzfk52pp2kf59jvyp9c0wga4zyb00%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCiCvMOHN5Y9-8JpnH7_UPpPqP2AGQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTkxMzgyNDc2NTM3NTQ1MzPIAQmpAnNp6beoUrE-4AIAqAMBqgTrAU_QzsQih9DZgRZM0-KBjm7-DvIEEtWweExJmhGPYX0Zg-_9FxCsONT8VFNXvtqpEzEgfHh1h3cwfKI2hKHM3U5bVekJ4mmsejc3w3cWyb3icNet9mevGhTTG8kL-qi5L7iMfVmNpi3BZjabLCarp62qK4d9vp6S_-zSUehjFXh7VfQjgp-Oy_zJQyoF5-4HB4DlBW90c3nOc9xGBD1AGHbvKqpwEenAA04geL-dpowEOl2CKqGykkfglbHH6XoCDbQFYEcDxj_9V0k5eGg0g6CJm1J843H4dWUSIJ_ycE81d0PKlHDVXpuDzlngBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0lkC4PmeXnyEaGSDV9531Rh83x6A%252526client%25253Dca-pub-9138247653754533%252526adurl%25253D&clickref=oneidd9DSEfPkHpppJTEHjHwtqC54wwC3T4T1rUjoneid__suite_Netmix_Reach43_TopRotaMonth&viewref=oneidD8qh3fWwhGGGBa3HmH9t1tkbKKTWTmTgbtVoneid__suite_Netmix_Reach43_TopRotaMonth
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=321735%2C319925%2C169080&b=D8qh3fWwh2Rdqa3HmH9t1tegVphWTmTgbtV%2CeZqa3fgVHZPYrSjHZHet1tXZr2FjTQTYdU1%2CD8qh3fWwhGGGBa3HmH9t1tkbKKTWTmTgbtV&f=d9DSEfPkH5r7BCEHjHwtqC8MDzc3T4T1rUj%2CD8qh3fWwh24eGT3HmH9twCkQjqHWTmTgbtV%2Cd9DSEfPkHpppJTEHjHwtqC54wwC3T4T1rUj&c=300&d=250&e=&g=b2c0f8cee676de65fd64169b5c484543%2F12942053561564023625&i=110819%2C83339%2C65760&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1668903737554&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g29gf1qb6xz3mkn5x4y00jyaatkprv016hy859kdcdvgffktas4k00rgen378x83jysy7yj030far6rxf1vkjp0c0cgskf14j929k62aehrvtgmtjp53rwb8rykewzyz0rxc6de9048q7kmzmke5b0d0zevyf8zavc1s2t3g834yx9xmkr7x34jsa15ef6vm3tbdq5cmgrb2qzym45vr9wd26mkgj3m7f5c0xwrxxnke3qhbn14b0wqzfk52pp2kf59jvyp9c0wga4zyb00%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiCvMOHN5Y9-8JpnH7_UPpPqP2AGQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTkxMzgyNDc2NTM3NTQ1MzPIAQmpAnNp6beoUrE-4AIAqAMBqgTrAU_QzsQih9DZgRZM0-KBjm7-DvIEEtWweExJmhGPYX0Zg-_9FxCsONT8VFNXvtqpEzEgfHh1h3cwfKI2hKHM3U5bVekJ4mmsejc3w3cWyb3icNet9mevGhTTG8kL-qi5L7iMfVmNpi3BZjabLCarp62qK4d9vp6S_-zSUehjFXh7VfQjgp-Oy_zJQyoF5-4HB4DlBW90c3nOc9xGBD1AGHbvKqpwEenAA04geL-dpowEOl2CKqGykkfglbHH6XoCDbQFYEcDxj_9V0k5eGg0g6CJm1J843H4dWUSIJ_ycE81d0PKlHDVXpuDzlngBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0lkC4PmeXnyEaGSDV9531Rh83x6A%2526client%253Dca-pub-9138247653754533%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.41.118.175 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-41-118-175.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
749cdca51d56f42d0a3c76a988a551aaa7f8ea8241ada902b6956b5b646a3830

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:17 GMT
last-modified
Sun, 20 Nov 2022 00:22:17 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Sun, 20 Nov 2022 00:23:17 GMT
f5bfe45bb2
tm.simptrack.com/tm/a/channel/tracker/ Frame 3783 		44 B
891 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tm.simptrack.com/tm/a/channel/tracker/f5bfe45bb2?pub=ad4mat
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=321735%2C319925%2C169080&b=D8qh3fWwh2Rdqa3HmH9t1tegVphWTmTgbtV%2CeZqa3fgVHZPYrSjHZHet1tXZr2FjTQTYdU1%2CD8qh3fWwhGGGBa3HmH9t1tkbKKTWTmTgbtV&f=d9DSEfPkH5r7BCEHjHwtqC8MDzc3T4T1rUj%2CD8qh3fWwh24eGT3HmH9twCkQjqHWTmTgbtV%2Cd9DSEfPkHpppJTEHjHwtqC54wwC3T4T1rUj&c=300&d=250&e=&g=b2c0f8cee676de65fd64169b5c484543%2F12942053561564023625&i=110819%2C83339%2C65760&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1668903737554&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g29gf1qb6xz3mkn5x4y00jyaatkprv016hy859kdcdvgffktas4k00rgen378x83jysy7yj030far6rxf1vkjp0c0cgskf14j929k62aehrvtgmtjp53rwb8rykewzyz0rxc6de9048q7kmzmke5b0d0zevyf8zavc1s2t3g834yx9xmkr7x34jsa15ef6vm3tbdq5cmgrb2qzym45vr9wd26mkgj3m7f5c0xwrxxnke3qhbn14b0wqzfk52pp2kf59jvyp9c0wga4zyb00%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiCvMOHN5Y9-8JpnH7_UPpPqP2AGQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTkxMzgyNDc2NTM3NTQ1MzPIAQmpAnNp6beoUrE-4AIAqAMBqgTrAU_QzsQih9DZgRZM0-KBjm7-DvIEEtWweExJmhGPYX0Zg-_9FxCsONT8VFNXvtqpEzEgfHh1h3cwfKI2hKHM3U5bVekJ4mmsejc3w3cWyb3icNet9mevGhTTG8kL-qi5L7iMfVmNpi3BZjabLCarp62qK4d9vp6S_-zSUehjFXh7VfQjgp-Oy_zJQyoF5-4HB4DlBW90c3nOc9xGBD1AGHbvKqpwEenAA04geL-dpowEOl2CKqGykkfglbHH6XoCDbQFYEcDxj_9V0k5eGg0g6CJm1J843H4dWUSIJ_ycE81d0PKlHDVXpuDzlngBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0lkC4PmeXnyEaGSDV9531Rh83x6A%2526client%253Dca-pub-9138247653754533%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
148.251.246.187 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.187.246.251.148.clients.your-server.de
Software
nginx /
Resource Hash
e86d3703af27920836907968ada5890309f2e37d05fafe361cb5d25e9ce02a67

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Length
44
Content-Type
image/gif
Date
Sun, 20 Nov 2022 00:22:17 GMT
Expires
0
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
nginx
pvClk.min.js
analytics.webgains.io/ Frame 06F3 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=4371640&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1k0tgxjwtqxa1sne2ky5srxbx4cdc4gv5z5rewsbqyavyzvwt50zwsec3zr7x32486h5t41hanjew0td7p9rrz63gnptzqm2nbjcdvbbasasp2x8365yhfccd9zd62v080hpjeabb9nv189qhkarps76m0b1qggmh8hdpvar1pxpmfbk42me1rjvckx759vxs16qcxfvzk3s780ade6frp1mm2qn353339100f5113dbmwyf77wattf756btdsgv8tnatmjv%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g29gf1qb6xz3mkn5x4y00jyaatkprv016hy859kdcdvgffktas4k00rgen378x83jysy7yj030far6rxf1vkjp0c0cgskf14j929k62aehrvtgmtjp53rwb8rykewzyz0rxc6de9048q7kmzmke5b0d0zevyf8zavc1s2t3g834yx9xmkr7x34jsa15ef6vm3tbdq5cmgrb2qzym45vr9wd26mkgj3m7f5c0xwrxxnke3qhbn14b0wqzfk52pp2kf59jvyp9c0wga4zyb00%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCiCvMOHN5Y9-8JpnH7_UPpPqP2AGQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTkxMzgyNDc2NTM3NTQ1MzPIAQmpAnNp6beoUrE-4AIAqAMBqgTrAU_QzsQih9DZgRZM0-KBjm7-DvIEEtWweExJmhGPYX0Zg-_9FxCsONT8VFNXvtqpEzEgfHh1h3cwfKI2hKHM3U5bVekJ4mmsejc3w3cWyb3icNet9mevGhTTG8kL-qi5L7iMfVmNpi3BZjabLCarp62qK4d9vp6S_-zSUehjFXh7VfQjgp-Oy_zJQyoF5-4HB4DlBW90c3nOc9xGBD1AGHbvKqpwEenAA04geL-dpowEOl2CKqGykkfglbHH6XoCDbQFYEcDxj_9V0k5eGg0g6CJm1J843H4dWUSIJ_ycE81d0PKlHDVXpuDzlngBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0lkC4PmeXnyEaGSDV9531Rh83x6A%252526client%25253Dca-pub-9138247653754533%252526adurl%25253D&clickref=oneidd9DSEfPkH5r7BCEHjHwtqC8MDzc3T4T1rUjoneid__suite_Netmix_Reach43_TopRotaMonth&viewref=oneidD8qh3fWwh2Rdqa3HmH9t1tegVphWTmTgbtVoneid__suite_Netmix_Reach43_TopRotaMonth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-120.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5f0e58e4c8d23cb8d1453aa9d362f102a4676085ab517acfd34aba74f982d3db

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 18:52:38 GMT
content-encoding
gzip
via
1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
last-modified
Mon, 31 Oct 2022 15:47:19 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
19781
etag
W/"faa933973c404f8cfedacd4b67a60b85"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
b5WQdO1dURyrSvVjanTIRNbM2CObNbwH9sjLjHT0U2f9rOcEuoupgQ==
Logo120x90.jpg
cdn.track.production.webgains.team/294690/ Frame 06F3 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.track.production.webgains.team/294690/Logo120x90.jpg?Expires=1668904037&Signature=OaqpJ7MScDayUOsqXhNsXVerCJotZ5xL-UQzGPNKI1yvdF8DK-Mq~wNEgw8TNdYmzkJg7H-KLEDNjvyxkxnZ7N2Jigo17~IClqTdoXSAJQ-ZMmFFeK6jnsZ52g6vsT7EHCWcEg0aPVFZ5PtDKrOijhU29zi~OKSEyn0gNCe4KNpRhLMZMcbzcYup4VOjiURM7xUjY5g-ljpobiz8W8wDAx~IQHVwOXdVhwnCgC0wtNNTj86tlSjHPekQGqUjxukDH9pXJTp7-1HpkVleEKyBprAwrkkNQDfEE-0kor4GfVkUKLJ9sP~O~irOWj9lTfrWWBevOoaKs05xTfK19J4g1A__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=321735%2C319925%2C169080&b=D8qh3fWwh2Rdqa3HmH9t1tegVphWTmTgbtV%2CeZqa3fgVHZPYrSjHZHet1tXZr2FjTQTYdU1%2CD8qh3fWwhGGGBa3HmH9t1tkbKKTWTmTgbtV&f=d9DSEfPkH5r7BCEHjHwtqC8MDzc3T4T1rUj%2CD8qh3fWwh24eGT3HmH9twCkQjqHWTmTgbtV%2Cd9DSEfPkHpppJTEHjHwtqC54wwC3T4T1rUj&c=300&d=250&e=&g=b2c0f8cee676de65fd64169b5c484543%2F12942053561564023625&i=110819%2C83339%2C65760&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1668903737554&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g29gf1qb6xz3mkn5x4y00jyaatkprv016hy859kdcdvgffktas4k00rgen378x83jysy7yj030far6rxf1vkjp0c0cgskf14j929k62aehrvtgmtjp53rwb8rykewzyz0rxc6de9048q7kmzmke5b0d0zevyf8zavc1s2t3g834yx9xmkr7x34jsa15ef6vm3tbdq5cmgrb2qzym45vr9wd26mkgj3m7f5c0xwrxxnke3qhbn14b0wqzfk52pp2kf59jvyp9c0wga4zyb00%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiCvMOHN5Y9-8JpnH7_UPpPqP2AGQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTkxMzgyNDc2NTM3NTQ1MzPIAQmpAnNp6beoUrE-4AIAqAMBqgTrAU_QzsQih9DZgRZM0-KBjm7-DvIEEtWweExJmhGPYX0Zg-_9FxCsONT8VFNXvtqpEzEgfHh1h3cwfKI2hKHM3U5bVekJ4mmsejc3w3cWyb3icNet9mevGhTTG8kL-qi5L7iMfVmNpi3BZjabLCarp62qK4d9vp6S_-zSUehjFXh7VfQjgp-Oy_zJQyoF5-4HB4DlBW90c3nOc9xGBD1AGHbvKqpwEenAA04geL-dpowEOl2CKqGykkfglbHH6XoCDbQFYEcDxj_9V0k5eGg0g6CJm1J843H4dWUSIJ_ycE81d0PKlHDVXpuDzlngBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0lkC4PmeXnyEaGSDV9531Rh83x6A%2526client%253Dca-pub-9138247653754533%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-49.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
afc207386e69748f65e917a95513ca8ef20068a3dc11c87b393733030d80f3d3

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
null
date
Sat, 19 Nov 2022 18:07:49 GMT
via
1.1 11a78ce92a548aac13fb6ee545aff014.cloudfront.net (CloudFront)
last-modified
Thu, 04 Aug 2022 13:56:07 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
22470
etag
"66da632e2658ba90a2b4863be372b9cf"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/jpeg
x-amz-storage-class
REDUCED_REDUNDANCY
accept-ranges
bytes
content-length
2298
x-amz-cf-id
5FW8-Wb_dCN2AmuCyRlvsNTffGMUUgd8ga8UazEmQ34R10HGguN2gw==
1630076509_zWMlDYPQVnctkTlVGt486BXSMOUU2jSg.png
cdn.track.production.webgains.team/287405/ Frame 06F3 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.track.production.webgains.team/287405/1630076509_zWMlDYPQVnctkTlVGt486BXSMOUU2jSg.png?Expires=1668904037&Signature=GRBOzXTqsxlaIgdsvTBFDcNW~9IdY2P~HHgjmhXtOei~PJhi7ZguIxwiB~L2efRm9NhbgIodPqsi4ZS7MaU1hJ7i8hEN4jEqUjMgE8-30YOfgHP728hSykuVz7Dlq5Hf8zrf98urAVrbCuB8j2C0Gf~OsQBN3YrvwcvR0a2WyeVMJWvcoQPjdV9PvMJQYwrdxYdI0AZvPV2YIycwH3RAwQxeblnZFViQmgCrsisfBaLso7fNiXuYikarrE5K2C~LPr0gTqqsD66Kz0y8hBmCrJq01vJfqK4hzNPfjr37by4LkKutjjRU1T6xKPoIAs1DArsoRcYtQRUgSas0pbqzMg__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=321735%2C319925%2C169080&b=D8qh3fWwh2Rdqa3HmH9t1tegVphWTmTgbtV%2CeZqa3fgVHZPYrSjHZHet1tXZr2FjTQTYdU1%2CD8qh3fWwhGGGBa3HmH9t1tkbKKTWTmTgbtV&f=d9DSEfPkH5r7BCEHjHwtqC8MDzc3T4T1rUj%2CD8qh3fWwh24eGT3HmH9twCkQjqHWTmTgbtV%2Cd9DSEfPkHpppJTEHjHwtqC54wwC3T4T1rUj&c=300&d=250&e=&g=b2c0f8cee676de65fd64169b5c484543%2F12942053561564023625&i=110819%2C83339%2C65760&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1668903737554&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g29gf1qb6xz3mkn5x4y00jyaatkprv016hy859kdcdvgffktas4k00rgen378x83jysy7yj030far6rxf1vkjp0c0cgskf14j929k62aehrvtgmtjp53rwb8rykewzyz0rxc6de9048q7kmzmke5b0d0zevyf8zavc1s2t3g834yx9xmkr7x34jsa15ef6vm3tbdq5cmgrb2qzym45vr9wd26mkgj3m7f5c0xwrxxnke3qhbn14b0wqzfk52pp2kf59jvyp9c0wga4zyb00%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiCvMOHN5Y9-8JpnH7_UPpPqP2AGQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTkxMzgyNDc2NTM3NTQ1MzPIAQmpAnNp6beoUrE-4AIAqAMBqgTrAU_QzsQih9DZgRZM0-KBjm7-DvIEEtWweExJmhGPYX0Zg-_9FxCsONT8VFNXvtqpEzEgfHh1h3cwfKI2hKHM3U5bVekJ4mmsejc3w3cWyb3icNet9mevGhTTG8kL-qi5L7iMfVmNpi3BZjabLCarp62qK4d9vp6S_-zSUehjFXh7VfQjgp-Oy_zJQyoF5-4HB4DlBW90c3nOc9xGBD1AGHbvKqpwEenAA04geL-dpowEOl2CKqGykkfglbHH6XoCDbQFYEcDxj_9V0k5eGg0g6CJm1J843H4dWUSIJ_ycE81d0PKlHDVXpuDzlngBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0lkC4PmeXnyEaGSDV9531Rh83x6A%2526client%253Dca-pub-9138247653754533%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-49.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e8decfdbca90823a9fc08c399cc7f568a993e77d31fe7e2ab87aa75276b5cfaa

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
null
date
Sat, 19 Nov 2022 18:13:52 GMT
via
1.1 11a78ce92a548aac13fb6ee545aff014.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 10:42:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
22107
etag
"252bcf3942798a64e6a899b7c6e034d8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
5216
x-amz-cf-id
Gm4H12UGnseRpSX-1OG3jCVlyV93qqIL4CczIekvtV7ymN0B90aj_Q==
pvClk.min.js
analytics.webgains.io/ Frame C0E7 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=4366768&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jkxr6hxdp1at4hb1ar8he7err6p6zzdvqp3gha7nx61w391816qggxmssx8jkhkhy857g9q75rrzzh6ezq9ezga96rf95zy8gcvn60k0sg0y7dkprbmzr1qsw2ne5k4tk803xd1d7f1j1fgmxkvkc2fw7vr1jcv67kgfcyghcx2s8v3kpba3ve435z97xczazc8zf222pv07sgmk0x8031fpdaj4aenrfm6ej9ntzwxhhqprsyqtzacg4cf60bgwstvv0g%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gtfc5f5p94ksnpbb2t4mw2545edfxz73sbycvw0fq632bjrh776tzqcz5pmbk2v62z7q4ptm0h81z13c86gq1999c5bjbj9nx7exj6awa2jhbhs6rzjmkpr0pjg2vrxctn0fgkt488stdqrwcp9aptwpzv22hgvshv4stxbe994hmq2sgx9c649tpetqqqc86bv3gzy33fgbhyrkxezwh817qmeqmn1h7nw58m3n75a7kfjrfkp8yw19agcfc4v1w9ewrapr5amtk6fz9j0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCdkEwOHN5Y968JpnH7_UPpPqP2AGQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTkxMzgyNDc2NTM3NTQ1MzPIAQmpAnNp6beoUrE-4AIAqAMBqgTnAU_QKcrMD_b-7peUfxkthYOMunm24e0DI-INrMaqFQ5DNp06vQedkKxH3dt4f2CR3m_rYF00uk-eool6vwYuazz7UMeStn0aHmmr2fbp9JorRwJ1cNVwPf5hvVl9J8YAz3Tsp78Lk4NjCwrEqFKGkwh0O-Bqtwd8ZLrHIUyffCBpP44lwaN2edDPwjumshGlFWlw7yMu7cqqIQ7g1CJ1GuXPNTruW7JcgbO4YmyuGoYmo869dVb_PKfakXsC4EhV9z94QIYwMbqN4OG6XtXidx3bNylGfr4gJ9oe2-grbrGcdzeNwlMlPuAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1RJfO3b-eHNUHrwov7MT7gjHbKyQ%252526client%25253Dca-pub-9138247653754533%252526adurl%25253D&clickref=oneidgzdf8fdrUWBQeTPHbH8txCj718HdTQTM6Ceoneid__suite_Netmix_Reach43_TopRotaMonth&viewref=oneidwbKFdf1jUxkV1TEHRH2tXtp2gZfKTAT69a5oneid__suite_Netmix_Reach43_TopRotaMonth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-120.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5f0e58e4c8d23cb8d1453aa9d362f102a4676085ab517acfd34aba74f982d3db

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 18:52:38 GMT
content-encoding
gzip
via
1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
last-modified
Mon, 31 Oct 2022 15:47:19 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
19781
etag
W/"faa933973c404f8cfedacd4b67a60b85"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
gVXdZATQxaSq1pwxcyXiWAMoXA6C7CtTIchU40iqNKXm7xrzYQQaZA==
1659354586_efWwgs1Qb28CJ2gn5syWw4lgeBNhVHiH.gif
cdn.track.production.webgains.team/295140/ Frame C0E7 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.track.production.webgains.team/295140/1659354586_efWwgs1Qb28CJ2gn5syWw4lgeBNhVHiH.gif?Expires=1668904037&Signature=ljU5-5WFPHW8Mh5ejz-m~qB9P96PPWRQFBAQgPBkmMAcW3H~glpXqqP5f~oxUlCLFIhvmsqntiMoy4EyUjgs02LG-N2h20sJ7rnMSOxZEq1qPfHvfOu~ejysgXOioNQsSkdsKm0CYDO-UUnY6Nn3EcqYv6IoLwztjatYMXH-cosJj9zXtszbgYTZXEC4nU3bERl4nw7jBfzMT1TByVyoE16MzcBLOOiKO8yA98P~gupMU1FlzdryQIMmDr5uvmjaVNRxGpuPHw3xWDgzHmcpJQVkvjzvOPQNIEjrGSJExXjw7zHvCEu8r9~WDjfrE4UTL0g3SxFKHlVWka5NDOv7CA__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=321034%2C15255%2C117569&b=wbKFdf1jUxkV1TEHRH2tXtp2gZfKTAT69a5%2C23Yh6fAqfMAJtVHWHkt8tREbaWT7TKBTg%2Cz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSW&f=gzdf8fdrUWBQeTPHbH8txCj718HdTQTM6Ce%2C4PGSEfX5CwQRSGH9HdtzCjWrtZTpT1EUK%2C8QjCDfM8FeE9zhgHJHEtqC4gZCPTwT1MUk&c=300&d=250&e=&g=17d042f3ab08dd98b6d634ae4de7d75f%2F9936139167091613381&i=111584%2C25174%2C29981&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1668903737545&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gtfc5f5p94ksnpbb2t4mw2545edfxz73sbycvw0fq632bjrh776tzqcz5pmbk2v62z7q4ptm0h81z13c86gq1999c5bjbj9nx7exj6awa2jhbhs6rzjmkpr0pjg2vrxctn0fgkt488stdqrwcp9aptwpzv22hgvshv4stxbe994hmq2sgx9c649tpetqqqc86bv3gzy33fgbhyrkxezwh817qmeqmn1h7nw58m3n75a7kfjrfkp8yw19agcfc4v1w9ewrapr5amtk6fz9j0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCdkEwOHN5Y968JpnH7_UPpPqP2AGQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTkxMzgyNDc2NTM3NTQ1MzPIAQmpAnNp6beoUrE-4AIAqAMBqgTnAU_QKcrMD_b-7peUfxkthYOMunm24e0DI-INrMaqFQ5DNp06vQedkKxH3dt4f2CR3m_rYF00uk-eool6vwYuazz7UMeStn0aHmmr2fbp9JorRwJ1cNVwPf5hvVl9J8YAz3Tsp78Lk4NjCwrEqFKGkwh0O-Bqtwd8ZLrHIUyffCBpP44lwaN2edDPwjumshGlFWlw7yMu7cqqIQ7g1CJ1GuXPNTruW7JcgbO4YmyuGoYmo869dVb_PKfakXsC4EhV9z94QIYwMbqN4OG6XtXidx3bNylGfr4gJ9oe2-grbrGcdzeNwlMlPuAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1RJfO3b-eHNUHrwov7MT7gjHbKyQ%2526client%253Dca-pub-9138247653754533%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-49.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
86e52a6ab6d9a83f40ddc2a09084df0a0d291ca4194b5ce17de122001adf46fa

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
null
date
Sat, 19 Nov 2022 19:59:30 GMT
via
1.1 11a78ce92a548aac13fb6ee545aff014.cloudfront.net (CloudFront)
last-modified
Mon, 01 Aug 2022 11:49:48 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
15769
etag
"c8717f93a87217b1c114134b189e2ca0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
19052
x-amz-cf-id
cL2zFJnujcidDHlkF83z0bLUlHfsKnkl8-U8ZL-CgSpjGYmE7YEIPw==
publishertag.prebid.117.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19316/hb_298309_4139.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:18 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 21 Nov 2022 00:22:18 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 95EB 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssAHOXnXlLRPUE6xB-X_Frz9Qpp6xWq2OcA6BSkuqmUT7OUWriF53vjh8ykJguJQkGG401XX1B0TqrEuRNltnsx1Ek8&sig=Cg0ArKJSzErcCzZjo8W3EAE&cid=CAASF-RoM6wmQ2odUfy94dj9aevgKeIu9xZa&id=lidar2&mcvt=1000&p=680,299,930,599&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=695559250&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1668903736934&rpt=353&isd=0&lsd=0&met=ie&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://d522c7cada94c1c946e5cd3957ab2fe0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 20 Nov 2022 00:22:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:18 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-16294"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 21 Nov 2022 00:22:18 GMT
tracking-event
api.webgains.io/ Frame C0E7 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.11.224.13 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-11-224-13.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 20 Nov 2022 00:22:19 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.26
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.11.224.13 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-11-224-13.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Sun, 20 Nov 2022 00:22:19 GMT
server
nginx
tracking-event
api.webgains.io/ Frame 06F3 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.11.224.13 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-11-224-13.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 20 Nov 2022 00:22:19 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.26
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.11.224.13 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-11-224-13.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Sun, 20 Nov 2022 00:22:19 GMT
server
nginx
tracking-event
api.webgains.io/ Frame 06F3 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.11.224.13 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-11-224-13.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 20 Nov 2022 00:22:19 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.26
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.11.224.13 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-11-224-13.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Sun, 20 Nov 2022 00:22:19 GMT
server
nginx
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2F1plus1.ua%2F&domain=1plus1.ua&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://1plus1.ua
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://1plus1.ua
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sun, 20 Nov 2022 00:22:18 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
423817
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2F1plus1.ua%2F&domain=1plus1.ua&cw=1&pbt=1&lsw=1
  • https://mug.criteo.com/sid?cpp=J0-1rnx5OUxNMnA3VWdXYzV0T1Fsa1BVcUhaUXRqNFdHdXhidWFVN3JVei8zMWRaTWZKbWR2MUJaSGk2aDg0elBtNC9vSUZKMkk2bkNwbVZmajZhTk5kbGdjYjBuZmFwUG9SUUY4Q04vODF2aHFyclBkUDJXaUgwVnkwVD...
351 B
643 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=J0-1rnx5OUxNMnA3VWdXYzV0T1Fsa1BVcUhaUXRqNFdHdXhidWFVN3JVei8zMWRaTWZKbWR2MUJaSGk2aDg0elBtNC9vSUZKMkk2bkNwbVZmajZhTk5kbGdjYjBuZmFwUG9SUUY4Q04vODF2aHFyclBkUDJXaUgwVnkwVDVQc0tTU0dPUTZ0ZmhWZW40d05ibk1Bdm10Qlc5aVZFQnBjRE1VT25oUTZYNVBrRHdTUkdpUVlpeVNCOFhBbzRkd3hOVTNBeGFhWTVBWXEwU3Vmd3FJK1RGOHR2L2tybzBpeDdPaURxUEE0OTBUT21SWHV3PXw&cppv=2
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
970fd244625707addabf14f198125c0eba94dd1975091ddf2e60cfd33b24a811
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 20 Nov 2022 00:22:19 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1302243
expires
0

Redirect headers

pragma
no-cache
date
Sun, 20 Nov 2022 00:22:19 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
location
https://mug.criteo.com/sid?cpp=J0-1rnx5OUxNMnA3VWdXYzV0T1Fsa1BVcUhaUXRqNFdHdXhidWFVN3JVei8zMWRaTWZKbWR2MUJaSGk2aDg0elBtNC9vSUZKMkk2bkNwbVZmajZhTk5kbGdjYjBuZmFwUG9SUUY4Q04vODF2aHFyclBkUDJXaUgwVnkwVDVQc0tTU0dPUTZ0ZmhWZW40d05ibk1Bdm10Qlc5aVZFQnBjRE1VT25oUTZYNVBrRHdTUkdpUVlpeVNCOFhBbzRkd3hOVTNBeGFhWTVBWXEwU3Vmd3FJK1RGOHR2L2tybzBpeDdPaURxUEE0OTBUT21SWHV3PXw&cppv=2
access-control-allow-origin
https://1plus1.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
539529
content-length
0
expires
0
prebid
id5-sync.com/api/config/ 		135 B
538 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19316/hb_298309_4139.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
f2a8720de45d6e2afa1037156d17e6b24e05d98b9f3ffb06ea6dbd8faafb3297
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://1plus1.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://1plus1.ua
date
Sun, 20 Nov 2022 00:22:19 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F26A 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161562&gdpr=0&gdpr_consent=
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19316/hb_298309_4139.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://1plus1.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=153894
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sun, 20 Nov 2022 00:22:19 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Mon, 21 Nov 2022 19:07:13 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame C30C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1668903736339&gdpr=0
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19316/hb_298309_4139.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://1plus1.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 488B 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161562&gdpr=0&gdpr_consent=
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19316/hb_298309_4139.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://1plus1.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=153894
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sun, 20 Nov 2022 00:22:19 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Mon, 21 Nov 2022 19:07:13 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
pd
eu-u.openx.net/w/1.0/ Frame 95C6 		666 B
729 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8&gdpr=0
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19316/hb_298309_4139.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
a67fd636fc14c93a27489b5b4d56301dec03a8e17072a499e10c08cda535f4d5

Request headers

Referer
https://1plus1.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
418
content-type
text/html
date
Sun, 20 Nov 2022 00:22:19 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
usync.html
eus.rubiconproject.com/ Frame 1664 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?gdpr=0
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19316/hb_298309_4139.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://1plus1.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 20 Nov 2022 00:22:19 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
/
spl.zeotap.com/ Frame F34D 		9 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19316/hb_298309_4139.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1fc65fb73bec36db44904e7591e16788f7416e5cfbae33994023bbcfb0db598d

Request headers

Referer
https://1plus1.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://1plus1.ua
cf-cache-status
DYNAMIC
cf-ray
76cd07d4cb23771d-LHR
content-encoding
br
content-type
text/html
date
Sun, 20 Nov 2022 00:22:19 GMT
server
cloudflare
vary
Origin
via
1.1 google
csync
sync.adtelligent.com/
Redirect Chain
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D
  • https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=29e3d03a-c0f6-4fe2-a898-4f4d49ad0ad5
0
404 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=29e3d03a-c0f6-4fe2-a898-4f4d49ad0ad5
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
HTTP/1.1
Server
62.149.1.122 Vyshhorod, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 20 Nov 2022 00:22:19 GMT
Server
Adtelligent
Etag
b3e2a9abbd902b94
Content-Length
0

Redirect headers

location
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=29e3d03a-c0f6-4fe2-a898-4f4d49ad0ad5
date
Sun, 20 Nov 2022 00:22:19 GMT
cache-control
no-store no-transform
server
nginx
content-length
166
content-type
text/html; charset=utf-8
sd
eu-u.openx.net/w/1.0/ Frame 95C6
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=5da66379-733b-4600-a404-3d30ac5e6104
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=5da66379-733b-4600-a404-3d30ac5e6104
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8&gdpr=0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 20 Nov 2022 00:22:19 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Sun, 20 Nov 2022 00:22:19 GMT
Server
MT3 169 32252b7 master cdg-pixel-x11 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=5da66379-733b-4600-a404-3d30ac5e6104
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 20 Nov 2022 00:22:18 GMT
sd
us-u.openx.net/w/1.0/ Frame 95C6
Redirect Chain
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&&val=fpkmpX-ZIv5lyHKscMg8_Syed6hlkyGseM6ABCL4
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&&val=fpkmpX-ZIv5lyHKscMg8_Syed6hlkyGseM6ABCL4
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8&gdpr=0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 20 Nov 2022 00:22:19 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 20 Nov 2022 00:22:19 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&&val=fpkmpX-ZIv5lyHKscMg8_Syed6hlkyGseM6ABCL4
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 95C6
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3147664895050909893
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3147664895050909893
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8&gdpr=0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 20 Nov 2022 00:22:19 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 20 Nov 2022 00:22:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3147664895050909893
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame 95C6 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=a160f755-9342-73bb-cc9e-e504604d5dd8&gdpr=0
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 20 Nov 2022 00:22:19 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 95C6 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OGQwZjI0OWYtNWEzNS0yZDFmLWQ5N2UtYmZiZGFhYWY5M2I4
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8&gdpr=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 20 Nov 2022 00:22:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 95C6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGYerEsq6G0lerB9neJgkHA&google_cver=1
43 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGYerEsq6G0lerB9neJgkHA&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8&gdpr=0
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 20 Nov 2022 00:22:19 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 20 Nov 2022 00:22:19 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGYerEsq6G0lerB9neJgkHA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
getuid
ib.adnxs.com/ Frame F34D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=aa886939-d386-4429-5d25-8448ff4b21c8&reqId=53e0299b-95fe-4d3d-70dc-5a42a5c9ac9e&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
pixel
cm.g.doubleclick.net/ Frame F34D 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=aa886939-d386-4429-5d25-8448ff4b21c8&reqId=53e0299b-95fe-4d3d-70dc-5a42a5c9ac9e&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 20 Nov 2022 00:22:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame F34D
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
  • https://mwzeom.zeotap.com/mw?cid=d350f000-c9e4-4019-ae76-c33cdf0bbe9b&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=aa886939-d386-4429-5d25-8448ff4b21c8&reqId=53e0299b-95fe-4d3d...
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=d350f000-c9e4-4019-ae76-c33cdf0bbe9b&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=aa886939-d386-4429-5d25-8448ff4b21c8&reqId=53e0299b-95fe-4d3d-70dc-5a42a5c9ac9e&zdid=1361
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:20 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
76cd07d7bf0a771d-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

date
Sun, 20 Nov 2022 00:22:20 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://mwzeom.zeotap.com/mw?cid=d350f000-c9e4-4019-ae76-c33cdf0bbe9b&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=aa886939-d386-4429-5d25-8448ff4b21c8&reqId=53e0299b-95fe-4d3d-70dc-5a42a5c9ac9e&zdid=1361
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
dmp.adform.net/serving/cookie/match/ Frame F34D 		0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=aa886939-d386-4429-5d25-8448ff4b21c8&reqId=53e0299b-95fe-4d3d-70dc-5a42a5c9ac9e&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.239 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 20 Nov 2022 00:22:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame F34D 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Daa886939-d386-4429-5d25-8448ff4b21c8%26reqId%3D53e0299b-95fe-4d3d-70dc-5a42a5c9ac9e%26zdid%3D1361&gdpr=1&gdpr_consent=
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 20 Nov 2022 00:22:19 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
cm
trc.taboola.com/sg/zeotap/1/ Frame F34D 		0
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=aa886939-d386-4429-5d25-8448ff4b21c8&reqId=53e0299b-95fe-4d3d-70dc-5a42a5c9ac9e&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-vcl-time-ms
8
date
Sun, 20 Nov 2022 00:22:19 GMT
via
1.1 varnish
x-cache-hits
0
server
nginx
x-timer
S1668903740.891321,VS0,VE8
x-cache
MISS
accept-ranges
bytes
content-length
0
x-served-by
cache-lcy-eglc8600031-LCY
u
dmp.v.fwmrm.net/ad/ Frame F34D 		0
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:6593:f607:11a7:cf56:2b1f:dc6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 20 Nov 2022 00:22:20 GMT
Content-Type
text/html
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control
no-store
Connection
keep-alive
Keep-Alive
timeout=300
Content-Length
0
Expires
0
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame F34D 		0
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Daa886939-d386-4429-5d25-8448ff4b21c8%26reqId%3D53e0299b-95fe-4d3d-70dc-5a42a5c9ac9e%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Sun, 20 Nov 2022 00:22:17 GMT
content-length
0
content-type
text/html; charset=UTF-8
mw
mwzeom.zeotap.com/ Frame F34D
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=aa886939-d386-4429-5d25-8448ff4b21c8&reqId=53e0299b-95fe-4d3d-70dc-5a42a5c9ac9e&zdid=1361
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=aa886939-d386-4429-5d25-8448ff4b21c8&reqId=53e0299b-95fe-4d3d-70dc-5a42a5c9ac9e&zdid=136...
  • https://mwzeom.zeotap.com/mw?cid=4d7d611a-dadf-48a0-91a6-0a97b5adba6c&zpartnerid=317&gdpr=1&gdpr_consent=
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=4d7d611a-dadf-48a0-91a6-0a97b5adba6c&zpartnerid=317&gdpr=1&gdpr_consent=
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:20 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
76cd07d79ef1771d-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=4d7d611a-dadf-48a0-91a6-0a97b5adba6c&zpartnerid=317&gdpr=1&gdpr_consent=
pragma
no-cache
date
Sun, 20 Nov 2022 00:22:20 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
mw
mwzeom.zeotap.com/ Frame F34D
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=aa886939-d386-4429-5d25-8448ff4b21c8&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=aa886939-d386-4429-5d25-8448ff4b21c8&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
  • https://mwzeom.zeotap.com/mw?cid=65116546366224656253879846267361715270&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=aa886939-d386-4429-5d25-8448ff4b21c8&reqId=53e0299b-95fe-...
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=65116546366224656253879846267361715270&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=aa886939-d386-4429-5d25-8448ff4b21c8&reqId=53e0299b-95fe-4d3d-70dc-5a42a5c9ac9e&zdid=1361
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:20 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
76cd07d79eef771d-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

DCS
dcs-prod-irl1-1-v045-0449b668e.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
mQH2CpIFReM=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://mwzeom.zeotap.com/mw?cid=65116546366224656253879846267361715270&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=aa886939-d386-4429-5d25-8448ff4b21c8&reqId=53e0299b-95fe-4d3d-70dc-5a42a5c9ac9e&zdid=1361
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
/
loadeu.exelator.com/load/ Frame F34D 		0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=aa886939-d386-4429-5d25-8448ff4b21c8&reqId=53e0299b-95fe-4d3d-70dc-5a42a5c9ac9e&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:19 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
mw
mwzeom.zeotap.com/ Frame F34D
Redirect Chain
  • https://bn01.er.bemail.it/zeotap.php?_bid=aa886939-d386-4429-5d25-8448ff4b21c8&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=aa886939-d386-4429-5d25-8448ff4b21c8&reqId=53e0299b-...
  • https://mwzeom.zeotap.com/mw?cid=BE1-2022112001-13659-0.020611001668903740-0e54444c17ce0d4f14f81a8a5696f01d&zdid=533&env=mWeb
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=BE1-2022112001-13659-0.020611001668903740-0e54444c17ce0d4f14f81a8a5696f01d&zdid=533&env=mWeb
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:20 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
76cd07d77ec0771d-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=BE1-2022112001-13659-0.020611001668903740-0e54444c17ce0d4f14f81a8a5696f01d&zdid=533&env=mWeb
Date
Sun, 20 Nov 2022 00:22:20 GMT
Server
nginx/1.10.2
Connection
keep-alive
X-Powered-By
PHP/5.4.16
Transfer-Encoding
chunked
Content-Type
text/html
mw
mwzeom.zeotap.com/ Frame F34D
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
  • https://mwzeom.zeotap.com/mw?cid=7167886983472281754&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=aa886939-d386-4429-5d25-8448ff4b21c8&reqId=53e0299b-95fe-4d3d-70dc-...
95 B
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=7167886983472281754&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=aa886939-d386-4429-5d25-8448ff4b21c8&reqId=53e0299b-95fe-4d3d-70dc-5a42a5c9ac9e&zdid=1361
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:20 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
76cd07d76eac771d-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=7167886983472281754&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=aa886939-d386-4429-5d25-8448ff4b21c8&reqId=53e0299b-95fe-4d3d-70dc-5a42a5c9ac9e&zdid=1361
Date
Sun, 20 Nov 2022 00:22:20 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
check
pixel.tapad.com/idsync/ex/receive/ Frame F34D
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=aa886939-d386-4429-5d25-8448ff4b21c8
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=aa886939-d386-4429-5d25-8448ff4b21c8
95 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=aa886939-d386-4429-5d25-8448ff4b21c8
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
H3
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:20 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type
image/png
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

date
Sun, 20 Nov 2022 00:22:19 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=aa886939-d386-4429-5d25-8448ff4b21c8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
mw
mwzeom.zeotap.com/ Frame F34D
Redirect Chain
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=aa886939-d386-4429-5d25-8448ff4b21c8&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=aa886939-d386-4429-5d25-8448ff4b21c8&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://mwzeom.zeotap.com/mw?webouuid=7AM3mf1VuTzKi2NnK7tyc.&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=aa886939-d386-4429-5d25-8448ff4b21c8&reqId=53e0299b-95fe-4d...
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?webouuid=7AM3mf1VuTzKi2NnK7tyc.&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=aa886939-d386-4429-5d25-8448ff4b21c8&reqId=53e0299b-95fe-4d3d-70dc-5a42a5c9ac9e&zdid=1361
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:20 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
76cd07d8d899771d-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Sun, 20 Nov 2022 00:22:20 GMT
via
1.1 google
last-modified
Sun, 20 Nov 2022 00:22:20 GMT
server
Weborama Collect Frontend
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location
https://mwzeom.zeotap.com/mw?webouuid=7AM3mf1VuTzKi2NnK7tyc.&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=aa886939-d386-4429-5d25-8448ff4b21c8&reqId=53e0299b-95fe-4d3d-70dc-5a42a5c9ac9e&zdid=1361
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
2.gif
dmp.theadex.com/d/949/i/ Frame F34D 		0
84 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=aa886939-d386-4429-5d25-8448ff4b21c8&axd_pid=175
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.15.245.81 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 20 Nov 2022 00:22:20 GMT
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
0
mw
mwzeom.zeotap.com/ Frame F34D
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=aa886939-d386-4429-5d25-8448ff4b21c8?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_con...
  • https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=aa886939-d386-4429-5d25-8448ff4b21c8?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdp...
  • https://mwzeom.zeotap.com/mw?pid=6330babf1dab9342281cf35680271384&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=aa886939-d386-4429-5d25-8448ff4b21c8&reqId=53e0299b-95...
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?pid=6330babf1dab9342281cf35680271384&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=aa886939-d386-4429-5d25-8448ff4b21c8&reqId=53e0299b-95fe-4d3d-70dc-5a42a5c9ac9e&zdid=1361
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:20 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
76cd07d88831771d-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Sun, 20 Nov 2022 00:22:20 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://mwzeom.zeotap.com/mw?pid=6330babf1dab9342281cf35680271384&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=aa886939-d386-4429-5d25-8448ff4b21c8&reqId=53e0299b-95fe-4d3d-70dc-5a42a5c9ac9e&zdid=1361
cache-control
no-cache
x-server
10.45.9.2
content-length
0
expires
0
mw
mwzeom.zeotap.com/ Frame F34D
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
  • https://ups.analytics.yahoo.com/ups/58697/cms?partner_id=ZTAP
  • https://mwzeom.zeotap.com/mw?cid=y-nULayBxE2orXgoIL421qRIZNWpbzud5L6Q--~A&zpartnerid=570&env=mWeb
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=y-nULayBxE2orXgoIL421qRIZNWpbzud5L6Q--~A&zpartnerid=570&env=mWeb
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:20 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
76cd07d94929771d-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=y-nULayBxE2orXgoIL421qRIZNWpbzud5L6Q--~A&zpartnerid=570&env=mWeb
date
Sun, 20 Nov 2022 00:22:20 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
mw
mwzeom.zeotap.com/ Frame F34D
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=aa886939-d386-4429-5d25-8448ff4b21c8&reqId=53e0299b-95fe-4d3d-70dc-5a42a5c9ac9e&zd...
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=9MhQKoDjAsvKbmhD1UeFbdd0rthDLDEP%2BS41iYitP1U%3D
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=9MhQKoDjAsvKbmhD1UeFbdd0rthDLDEP%2BS41iYitP1U%3D
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:20 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
76cd07d8f8c9771d-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Sun, 20 Nov 2022 00:22:20 GMT
server
AAWebServer
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=9MhQKoDjAsvKbmhD1UeFbdd0rthDLDEP%2BS41iYitP1U%3D
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires
0
v2
odr.mookie1.com/t/ Frame F34D 		43 B
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=aa886939-d386-4429-5d25-8448ff4b21c8&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=aa886939-d386-4429-5d25-8448ff4b21c8&reqId=53e0299b-95fe-4d3d-70dc-5a42a5c9ac9e&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 20 Nov 2022 00:22:20 GMT
via
1.1 google
server
Apache
content-type
image/gif;charset=UTF-8
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatch.gif
beacon.krxd.net/ Frame F34D 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=aa886939-d386-4429-5d25-8448ff4b21c8&reqId=53e0299b-95fe-4d3d-70dc-5a42a5c9ac9e&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.35.210 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-35-210.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-served-by
beacon-n003-dub-prod.krxd.net
date
Sun, 20 Nov 2022 00:22:20 GMT
cache-control
private, no-cache, no-store
x-request-time
D=45 t=1668903740
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame F34D 		95 B
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=aa886939-d386-4429-5d25-8448ff4b21c8&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=aa886939-d386-4429-5d25-8448ff4b21c8&reqId=53e0299b-95fe-4d3d-70dc-5a42a5c9ac9e&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.55.236.225 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.225.236.55.162.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/png
date
Sun, 20 Nov 2022 00:22:20 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
mw
mwzeom.zeotap.com/ Frame F34D
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr...
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=Y3lzPAAAASg8WQAr&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=aa886939-d386-4429-5d25-8448ff4b21c8&reqId=53e0299b-95fe-4d3d-70dc-5a4...
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=Y3lzPAAAASg8WQAr&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=aa886939-d386-4429-5d25-8448ff4b21c8&reqId=53e0299b-95fe-4d3d-70dc-5a42a5c9ac9e&zdid=1361&_test=Y3lzPAAAASg8WQAr
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:20 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
76cd07da0a0b771d-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

x-served-by
cache-hhn4051-HHN
pragma
no-cache
date
Sun, 20 Nov 2022 00:22:20 GMT
via
1.1 varnish
server
Varnish
x-timer
S1668903740.436643,VS0,VE0
x-cache
HIT
location
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=Y3lzPAAAASg8WQAr&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=aa886939-d386-4429-5d25-8448ff4b21c8&reqId=53e0299b-95fe-4d3d-70dc-5a42a5c9ac9e&zdid=1361&_test=Y3lzPAAAASg8WQAr
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
mw
mwzeom.zeotap.com/ Frame F34D
Redirect Chain
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://mwzeom.zeotap.com/mw?cid=5da66379-733b-4600-a404-3d30ac5e6104&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=aa886939-d386-4429-5d25-8448ff4b21c8&reqId=53e0299...
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=5da66379-733b-4600-a404-3d30ac5e6104&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=aa886939-d386-4429-5d25-8448ff4b21c8&reqId=53e0299b-95fe-4d3d-70dc-5a42a5c9ac9e&zdid=1361
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:20 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
76cd07da5a5d771d-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

Date
Sun, 20 Nov 2022 00:22:20 GMT
Server
MT3 169 32252b7 master hkg-pixel-x21 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Location
https://mwzeom.zeotap.com/mw?cid=5da66379-733b-4600-a404-3d30ac5e6104&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=aa886939-d386-4429-5d25-8448ff4b21c8&reqId=53e0299b-95fe-4d3d-70dc-5a42a5c9ac9e&zdid=1361
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Expires
Sun, 20 Nov 2022 00:22:19 GMT
usermatch.gif
beacon.krxd.net/ Frame F34D
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=aa886939-d386-4429-5d25-8448ff4b21c8&reqId=53e0299b-95fe-4d3d-70dc-5a42a5c9ac9e&zdid=1361
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=aa886939-d386-4429-5d25-8448ff4b21c8&reqId=53e0299b-95fe-4d3d-70dc-5a42a5c9...
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=aa886939-d386-4429-5d25-8448ff4b21c8&reqId=53e0299b-95fe-4d3d-70dc-5a42a5c9ac9e&zdid=1361
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
H2
Server
52.49.35.210 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-35-210.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-served-by
beacon-n008-dub-prod.krxd.net
date
Sun, 20 Nov 2022 00:22:20 GMT
cache-control
private, no-cache, no-store
x-request-time
D=30 t=1668903740
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=aa886939-d386-4429-5d25-8448ff4b21c8&reqId=53e0299b-95fe-4d3d-70dc-5a42a5c9ac9e&zdid=1361
date
Sun, 20 Nov 2022 00:22:20 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a003-ash-prod.krxd.net
dcm
aax-eu.amazon-adsystem.com/s/ Frame F34D
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=aa886939-d386-4429-5d25-8448ff4b21c8&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=aa886939-d386-4429-5d2...
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=aa886939-d386-4429-5d25-8448ff4b21c8&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=aa886939-d386-4429-5d2...
43 B
568 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=aa886939-d386-4429-5d25-8448ff4b21c8&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=aa886939-d386-4429-5d25-8448ff4b21c8&reqId=53e0299b-95fe-4d3d-70dc-5a42a5c9ac9e&zdid=1361&dcc=t
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
HTTP/1.1
Server
52.95.126.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 20 Nov 2022 00:22:20 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
VYM7ST1RAS2VSP9YT54K
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 20 Nov 2022 00:22:20 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
T3TKZENQ0381185D499D
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=aa886939-d386-4429-5d25-8448ff4b21c8&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=aa886939-d386-4429-5d25-8448ff4b21c8&reqId=53e0299b-95fe-4d3d-70dc-5a42a5c9ac9e&zdid=1361&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
87734
tags.bluekai.com/site/ Frame F34D 		0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/87734?id=aa886939-d386-4429-5d25-8448ff4b21c8&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=aa886939-d386-4429-5d25-8448ff4b21c8&reqId=53e0299b-95fe-4d3d-70dc-5a42a5c9ac9e&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-191.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:20 GMT
content-length
0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
mw
mwzeom.zeotap.com/ Frame F34D
Redirect Chain
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Daa8...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=aa886939-d386-4429-5d25-8448ff4b21c8&reqId=53e0299b-95fe-4d3d-70dc-5a42a5c9ac9e&zdid=1361
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=aa886939-d386-4429-5d25-8448ff4b21c8&reqId=53e0299b-95fe-4d3d-70dc-5a42a5c9ac9e&zdid=1361
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:20 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
76cd07da6a69771d-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=aa886939-d386-4429-5d25-8448ff4b21c8&reqId=53e0299b-95fe-4d3d-70dc-5a42a5c9ac9e&zdid=1361
date
Sun, 20 Nov 2022 00:22:20 GMT
cross-origin-resource-policy
cross-origin
content-length
0
mw
mwzeom.zeotap.com/ Frame F34D
Redirect Chain
  • https://pixel.rubiconproject.com/token?pid=41544&puid=aa886939-d386-4429-5d25-8448ff4b21c8&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=aa886939-d386-4429-5d25-8448ff4b...
  • https://mwzeom.zeotap.com/mw?cid=LAOM70GX-1S-2Z32&env=mWeb&zpartnerid=1770&gdpr=1
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=LAOM70GX-1S-2Z32&env=mWeb&zpartnerid=1770&gdpr=1
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:20 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
76cd07d98970771d-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=LAOM70GX-1S-2Z32&env=mWeb&zpartnerid=1770&gdpr=1
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
mw
mwzeom.zeotap.com/ Frame F34D
Redirect Chain
  • https://x.bidswitch.net/syncd?dsp_id=461&user_group=1&expires=5&user_id=aa886939-d386-4429-5d25-8448ff4b21c8&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BBSW_UID%7D%26env%3DmWeb%26zpart...
  • https://x.bidswitch.net/ul_cb/syncd?dsp_id=461&user_group=1&expires=5&user_id=aa886939-d386-4429-5d25-8448ff4b21c8&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BBSW_UID%7D%26env%3DmWeb%2...
  • https://mwzeom.zeotap.com/mw?cid=302a874d-30fe-4835-b8fc-09aabc309c7e&env=mWeb&zpartnerid=1771&gdpr=1&gdpr_consent={consent_string}&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=aa886939-d38...
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=302a874d-30fe-4835-b8fc-09aabc309c7e&env=mWeb&zpartnerid=1771&gdpr=1&gdpr_consent={consent_string}&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=aa886939-d386-4429-5d25-8448ff4b21c8&reqId=53e0299b-95fe-4d3d-70dc-5a42a5c9ac9e&zdid=1361
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:20 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
76cd07daeb06771d-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=302a874d-30fe-4835-b8fc-09aabc309c7e&env=mWeb&zpartnerid=1771&gdpr=1&gdpr_consent={consent_string}&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=aa886939-d386-4429-5d25-8448ff4b21c8&reqId=53e0299b-95fe-4d3d-70dc-5a42a5c9ac9e&zdid=1361
date
Sun, 20 Nov 2022 00:22:20 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
mw
mwzeom.zeotap.com/ Frame F34D 		95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1353&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=aa886939-d386-4429-5d25-8448ff4b21c8&reqId=53e0299b-95fe-4d3d-70dc-5a42a5c9ac9e&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:20 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
76cd07d95930771d-LHR
access-control-allow-headers
*
content-length
95
cmp.min.js
spl.zeotap.com/ Frame F34D 		557 B
467 B 		Script
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=aa886939-d386-4429-5d25-8448ff4b21c8&reqId=53e0299b-95fe-4d3d-70dc-5a42a5c9ac9e&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa3e1bd585c22a952036e1599ab87fa310359a7154dcbb0760c9046c5669e01c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:19 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
76cd07d5bc41771d-LHR
access-control-allow-headers
*
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
396 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19316/hb_298309_4139.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
8ac93084a32b8e527e903c8904311a5125cbd46dd7fa4447c278769b28462764
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://1plus1.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://1plus1.ua
date
Sun, 20 Nov 2022 00:22:19 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
usync.js
eus.rubiconproject.com/ Frame 1664 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
d4ee88572845c637e29e806b544dd609880fe151bae28baba0a058e735597942

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?gdpr=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 20 Nov 2022 00:22:19 GMT
Content-Encoding
gzip
Last-Modified
Sat, 19 Nov 2022 05:41:58 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=19170
Connection
keep-alive
Content-Length
10066
Expires
Sun, 20 Nov 2022 05:41:49 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame F26A 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=24511462&p=161562&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161562&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
65aaec8ab2a76f5651e45c55e28f525faf1384bb89ea11a42c65e423abc2a529

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Sun, 20 Nov 2022 00:22:18 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cmp
spl.zeotap.com/ Frame F34D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=aa886939-d386-4429-5d25-8448ff4b21c8&reqId=53e0299b-95fe-4d3d-70dc-5a42a5c9ac9e&zdid=1361&cmp=0
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=aa886939-d386-4429-5d25-8448ff4b21c8&reqId=53e0299b-95fe-4d3d-70dc-5a42a5c9ac9e&zdid=1361
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://spl.zeotap.com
cf-cache-status
DYNAMIC
cf-ray
76cd07d62cfc771d-LHR
date
Sun, 20 Nov 2022 00:22:19 GMT
server
cloudflare
vary
Origin
via
1.1 google
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=J0-1rnx5OUxNMnA3VWdXYzV0T1Fsa1BVcUhaUXRqNFdHdXhidWFVN3JVei8zMWRaTWZKbWR2MUJaSGk2aDg0elBtNC9vSUZKMkk2bkNwbVZmajZhTk5kbGdjYjBuZmFwUG9SUUY4Q04vODF2aHFyclBkUDJXaUgwVnkwVDVQc0tTU0dPUTZ0ZmhWZW40d05ibk1Bdm10Qlc5aVZFQnBjRE1VT25oUTZYNVBrRHdTUkdpUVlpeVNCOFhBbzRkd3hOVTNBeGFhWTVBWXEwU3Vmd3FJK1RGOHR2L2tybzBpeDdPaURxUEE0OTBUT21SWHV3PXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sun, 20 Nov 2022 00:22:19 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
590124
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
tap.php
pixel.rubiconproject.com/ Frame 1664
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEC273ia5WMS9pcJAcbB9m94&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEC273ia5WMS9pcJAcbB9m94&google_cver=1
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sun, 20 Nov 2022 00:22:19 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEC273ia5WMS9pcJAcbB9m94&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
337
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1664
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFPTTcwR1gtMVMtMlozMg==&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFPTTcwR1gtMVMtMlozMg==&gdpr=0
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 20 Nov 2022 00:22:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFPTTcwR1gtMVMtMlozMg==&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 1664
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=HsmcSkrOQMOSf-5WW1TUKw&rk=usync-other&gdpr=0
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=HsmcSkrOQMOSf-5WW1TUKw&gdpr=0
43 B
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=HsmcSkrOQMOSf-5WW1TUKw&gdpr=0
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
HTTP/1.1
Server
52.95.126.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 20 Nov 2022 00:22:20 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
ATKFW71AXXGS0JBV1FGS
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=HsmcSkrOQMOSf-5WW1TUKw&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 1664
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTRjZmI2ZDkzZjZjYjdkZjA1MzQzZmQwZWFlZDA5ODY1ZmViMzZlZg&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTRjZmI2ZDkzZjZjYjdkZjA1MzQzZmQwZWFlZDA5ODY1ZmViMzZlZg&gdpr=0
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 20 Nov 2022 00:22:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTRjZmI2ZDkzZjZjYjdkZjA1MzQzZmQwZWFlZDA5ODY1ZmViMzZlZg&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame 1664 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 20 Nov 2022 00:22:19 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
ecm3
s.amazon-adsystem.com/ Frame 1664
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=LoobtV7dTaK1qjDGHZTlKA&rk=usync-na&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=LoobtV7dTaK1qjDGHZTlKA&gdpr=0
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=LoobtV7dTaK1qjDGHZTlKA&gdpr=0
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 20 Nov 2022 00:22:20 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
66BTBE1VHADTK7G03Q7E
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=LoobtV7dTaK1qjDGHZTlKA&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame 1664
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LAOM70GX-1S-2Z32&gdpr=0
0
706 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LAOM70GX-1S-2Z32&gdpr=0
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:19 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: C77CED7665194327953B05A37BDF2DB1 Ref B: DUS30EDGE0710 Ref C: 2022-11-20T00:22:20Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXt2+6cwql/YXkuKw9Qyw==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LAOM70GX-1S-2Z32&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 1664
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/3QMOFHC3ISVTm1WlZdtNqsn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5521923060908134961
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5521923060908134961
Requested by
Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Sun, 20 Nov 2022 00:22:20 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5521923060908134961
content-length
0
692.json
id5-sync.com/g/v2/ 		216 B
619 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/692.json
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19316/hb_298309_4139.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
3eff9bdb7ebc22efe66850cd4fdd14b1b97838a2c1b2fcda7bdcebf6ee6a5b70
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://1plus1.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://1plus1.ua
date
Sun, 20 Nov 2022 00:22:19 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
match
c1.adform.net/serving/cookie/ Frame EA19 		35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=5A2D5A56-8744-4E8D-8693-9300D2F1536D&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161562&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.239 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Sun, 20 Nov 2022 00:22:19 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame 807B
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2985599642028976788
42 B
194 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2985599642028976788
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161562&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 20 Nov 2022 00:22:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2985599642028976788
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 8361
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:5da66379-733b-4600-a404-3d30ac5e6104&gdpr=0&gdpr_consent=
42 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:5da66379-733b-4600-a404-3d30ac5e6104&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161562&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 20 Nov 2022 00:22:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Sun, 20 Nov 2022 00:22:20 GMT
Expires
Sun, 20 Nov 2022 00:22:19 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 169 32252b7 master cdg-pixel-x29 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:5da66379-733b-4600-a404-3d30ac5e6104&gdpr=0&gdpr_consent=
usersync.aspx
dis.criteo.com/dis/ Frame 8CC8 		43 B
363 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161562&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Sun, 20 Nov 2022 00:22:19 GMT
expires
Sun, 20 Nov 2022 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
404821
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame D199
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=5A2D5A56-8744-4E8D-8693-9300D2F1536D&redir=true&gdpr=0&gdpr_consent=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=5A2D5A56-8744-4E8D-8693-9300D2F1536D&redir=true&gdpr=0&gdpr_consent=&dcc=t
43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=5A2D5A56-8744-4E8D-8693-9300D2F1536D&redir=true&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161562&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.126.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sun, 20 Nov 2022 00:22:20 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
YGZ0HYK05A0JG15ACQVJ

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Sun, 20 Nov 2022 00:22:20 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=5A2D5A56-8744-4E8D-8693-9300D2F1536D&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
GMWC840JCR7TCQACBNQA
Pug
simage2.pubmatic.com/AdServer/ Frame D65D
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4478709472869750710&gdpr=0&gdpr_consent=
42 B
218 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4478709472869750710&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161562&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 20 Nov 2022 00:22:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

AN-X-Request-Uuid
625c0b3a-ef5c-489f-96c9-1c2d4b85a232
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Sun, 20 Nov 2022 00:22:20 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4478709472869750710&gdpr=0&gdpr_consent=
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
82.199.130.38; 82.199.130.38; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F26A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Wi1aVodETo2Gk5MA0vFTbQ%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161562&gdpr=0&gdpr_consent=
Protocol
H2
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:20 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=153893
accept-ranges
bytes
content-length
5549
expires
Mon, 21 Nov 2022 19:07:13 GMT

Redirect headers

pragma
no-cache
date
Sun, 20 Nov 2022 00:22:20 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame F26A
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=5da66379-733b-4600-a404-3d30ac5e6104
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=5da66379-733b-4600-a404-3d30ac5e6104
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161562&gdpr=0&gdpr_consent=
Protocol
H2
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:18 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Sun, 20 Nov 2022 00:22:20 GMT
Server
MT3 169 32252b7 master cdg-pixel-x11 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=5da66379-733b-4600-a404-3d30ac5e6104
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 20 Nov 2022 00:22:19 GMT
generic
match.adsrvr.org/track/cmf/ Frame F26A
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=5A2D5A56-8744-4E8D-8693-9300D2F1536D&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161562&gdpr=0&gdpr_consent=
Protocol
H2
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 20 Nov 2022 00:22:20 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
content-length
0
Pug
image2.pubmatic.com/AdServer/ Frame F26A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NUEyRDVBNTYtODc0NC00RThELTg2OTMtOTMwMEQyRjE1MzZE&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161562&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 20 Nov 2022 00:22:20 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 20 Nov 2022 00:22:20 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame F26A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKAwTWCYA7xztOf00h3f8fI&google_cver=1
42 B
376 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKAwTWCYA7xztOf00h3f8fI&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161562&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 20 Nov 2022 00:22:20 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 20 Nov 2022 00:22:20 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKAwTWCYA7xztOf00h3f8fI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame F26A 		43 B
612 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161562&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.62.91.34.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:20 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sat, 19 Nov 2022 00:22:20 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame F26A
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3147664895050909893
42 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3147664895050909893
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161562&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 20 Nov 2022 00:22:20 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 20 Nov 2022 00:22:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3147664895050909893
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame F26A 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161562&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 20 Nov 2022 00:22:20 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
PageStatEntry
sslpagestat.mmi.bemobile.ua/pagestat/ 		36 B
130 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sslpagestat.mmi.bemobile.ua/pagestat/PageStatEntry
Requested by
Host: source.mmi.bemobile.ua
URL: https://source.mmi.bemobile.ua/cm/cm.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.247.175.26 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software
nginx/1.13.0 /
Resource Hash
147b1111edda7e2c2f9d672b5649de2f2dc5d5cb9dda7905198aa883a4273013

Request headers

Referer
https://1plus1.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 20 Nov 2022 00:22:20 GMT
server
nginx/1.13.0
content-length
36
content-type
application/json
PageStatEntry
sslpagestat.mmi.bemobile.ua/pagestat/ 		36 B
130 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sslpagestat.mmi.bemobile.ua/pagestat/PageStatEntry?cookie=76B4D40ECD29420B89C480039D86B084&time=1668903740728&location=https%3A%2F%2F1plus1.ua%2F&referrer=&is_flash=0&session_id=91988459&version=3.5.337_ua/1.83&sw=1600&sh=1200&scd=24&spd=24&tnscm_adn=inline_cm&param1=~cm_timer~&param2=5&param3=1200&param5=7&vt=d
Requested by
Host: source.mmi.bemobile.ua
URL: https://source.mmi.bemobile.ua/cm/cm.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.247.175.26 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software
nginx/1.13.0 /
Resource Hash
147b1111edda7e2c2f9d672b5649de2f2dc5d5cb9dda7905198aa883a4273013

Request headers

Accept
application/json
Referer
https://1plus1.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 20 Nov 2022 00:22:20 GMT
server
nginx/1.13.0
content-length
36
content-type
application/json
SPug
simage4.pubmatic.com/AdServer/ Frame F26A 		0
127 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=161562&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161562&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 00:22:21 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cs.admanmedia.com
URL
https://cs.admanmedia.com/981e2a0ec1c40493e59b139b8db4f728.gif?puid=[UID]&redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D737612%26extuid%3D%5BUID%5D

Verdicts & Comments Add Verdict or Comment

149 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| dataLayer number| dayMs number| cb string| vpbSrc string| gptSrc object| c function| loadScript object| _paq object| googletag object| admixerML function| r function| w function| x function| y function| z function| A function| B function| C function| D function| E function| F function| G function| _opov_app_ function| ovvaPostMessage function| hj object| _hjSettings function| addCatfishWrapper function| addCloseButton object| webpackChunk string| pp_gemius_identifier function| gemius_pending function| gemius_hit function| gemius_event function| pp_gemius_hit function| pp_gemius_event number| tns_already object| tnscm_adn string| currentProtocol function| fbAsyncInit object| vpb object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| google_tag_manager object| admixerJSONP function| HELPER object| __core-js_shared__ object| core object| globalAml object| admixerAds object| globalAmlAds object| admixerLoad object| globalAmlLoad string| GoogleAnalyticsObject function| ga object| _opov object| JSON2 object| Piwik object| AnalyticsTracker function| piwik_log object| hb_dmx_res object| vmpbjsChunk object| vmpbjs object| _pbjsGlobals function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ object| google_image_requests function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages number| ts number| rnd string| exts string| exuniqueid number| bfsample object| timeout object| gemius_cmpclient object| gemius_cookie object| gemius_hcconn function| gemius_init function| pp_gemius_init function| gemius_close number| pp_gemius_cnt function| idCoreOnReady function| tnsOnStatResult object| IDCore object| __cm object| cm_events object| FB object| gaplugins object| gaData function| CrossDomainStorage object| _opov_app_datalayer object| __buffer object| Criteo object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| criteo_pubtag object| criteo_pubtag_prebid_117 object| Criteo_prebid_117

121 Cookies

Domain/Path Name / Value
.1plus1.video/ Name: _opov_sid_
Value: h4cg3u833sji4ksee8r57copdl
1plus1.ua/ Name:
Value: store.test
1plus1.ua/ Name: _opov_hid_l
Value: 60f3abf1-4417-59e6-b106-b1b999d2b143
.1plus1.ua/ Name: _opov_sid_
Value: h4cg3u833sji4ksee8r57copdl
1plus1.ua/ Name: _pk_id.2.1c86
Value: abe5a0e2269c9d02.1668903735.1.1668903735.1668903735.
1plus1.ua/ Name: _pk_ses.2.1c86
Value: *
1plus1.video/ Name: _opov_hid_l
Value: e5c2b8d2-8572-53da-80ee-52107e0ffeea
.1plus1.ua/ Name: __gfp_64b
Value: texgAgN3YhlqiimdmdTRxr6uJw8BdMqbdHjceZ_B8CP.W7|1668903735
.1plus1.ua/ Name: _ga
Value: GA1.2.1276797235.1668903735
.1plus1.ua/ Name: _gid
Value: GA1.2.73663421.1668903736
.1plus1.ua/ Name: _gat_UA-22507043-9
Value: 1
.1plus1.ua/ Name: _gat_UA-113262294-1
Value: 1
.1plus1.ua/ Name: __gpi
Value: UID=00000b84287eb40c:T=1668903735:RT=1668903735:S=ALNI_MZq1fWyS4TKs6ImhCyrp55KIB3lEg
.1plus1.ua/ Name: _hjSessionUser_1437498
Value: eyJpZCI6ImNjZWFiMjAzLTYyYWEtNTcwMi04NmI2LWY2ZDMwMGRhZTUwOSIsImNyZWF0ZWQiOjE2Njg5MDM3MzU5MzIsImV4aXN0aW5nIjpmYWxzZX0=
.1plus1.ua/ Name: _hjFirstSeen
Value: 1
1plus1.ua/ Name: _hjIncludedInSessionSample
Value: 0
.1plus1.ua/ Name: _hjSession_1437498
Value: eyJpZCI6IjhlYmUwOTYzLTc3OTEtNGVhYi1iNDdjLWNmZTFlZmJmZGE3ZCIsImNyZWF0ZWQiOjE2Njg5MDM3MzU5ODYsImluU2FtcGxlIjpmYWxzZX0=
.1plus1.ua/ Name: _hjAbsoluteSessionInProgress
Value: 0
1plus1.ua/ Name: _pbjs_userid_consent_data
Value: 2024371239917068
.1plus1.ua/ Name: _pubcid
Value: 72ccc80c-3ac5-4c4c-9648-2dec046a6e25
a4p.adpartner.pro/ Name: apuid
Value: 29e3d03a-c0f6-4fe2-a898-4f4d49ad0ad5
.admixer.net/ Name: am-uid
Value: 99cc122b17f04b0c98fb62a9a76c76a5
pbjs.e-planning.net/ Name: CT
Value: 1
.prebid.a-mo.net/ Name: __amc
Value: 1_1668903736_1668903736
.doubleclick.net/ Name: IDE
Value: AHWqTUnc6MSX4WB5OjhpPMpza6DEkGjjjaHpncvPD0UV04jwsJRJglTMACkXeyJY-iE
.1plus1.ua/ Name: __gads
Value: ID=37db1c1184d39d11-2244974542cf0079:T=1668903735:S=ALNI_MY94AG7GvclHobl018cZp24yRcuHQ
.e-planning.net/ Name: E
Value: AI98r3QT4oBnFuPd
.ads.adnuntius.delivery/ Name: usi
Value: lws1!adnfpa70f04ec04b5bb45
.ads.adnuntius.delivery/ Name: sessionId
Value: cef0a69119af491f1731dc443f9c9add
.ads.adnuntius.delivery/ Name: i
Value: 0AAAAAQAA
.ads.adnuntius.delivery/ Name: r
Value: 0AAAAAQAA
.ads.adnuntius.delivery/ Name: s
Value: 0AAAAAQAA
.ads.adnuntius.delivery/ Name: v
Value: 0AAAAAQAA
.ads.adnuntius.delivery/ Name: c
Value: 0AAAAAQAA
.openx.net/ Name: i
Value: 72ccc80c-3ac5-4c4c-9648-2dec046a6e25|1668903736
.rubiconproject.com/ Name: khaos
Value: LAOM70GX-1S-2Z32
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qpMl+u0t+2BNq2qEsFCZ0ctSdOhPT1GMTm4dorU8DsKfTEmuIgKRVQWfr2w3YCIInLgcRgjl6EitUxkBIWMWoVW3OlDu/ORdD8=
.adtelligent.com/ Name: vmuid
Value: b3e2a9abbd902b94
.adtelligent.com/ Name: a307558
Value: 29e3d03a-c0f6-4fe2-a898-4f4d49ad0ad5
.3lift.com/ Name: tluid
Value: 1391881850235227904496
.sitescout.com/ Name: ssi
Value: add595fe-c5c8-4c55-8a30-edc4a13d8a92#1668903736764
.adnxs.com/ Name: uuid2
Value: 4478709472869750710
.yahoo.com/ Name: A3
Value: d=AQABBDhzeWMCEPPX4PkOTCitsADqioV1qVQFEgEBAQHEemODYwAAAAAA_eMAAA&S=AQAAAmb0nhKYdnhaTwzY3ptfTzM
.sitescout.com/ Name: _ssuma
Value: e30
.adform.net/ Name: C
Value: 1
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-b7b4fc17-c3ce-48d5-b2e2-d325f0f02427-003%22%7D
.adform.net/ Name: uid
Value: 3147664895050909893
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-b7b4fc17-c3ce-48d5-b2e2-d325f0f02427-003%22%7D
.1plus1.video/ Name: __gfp_s_64b
Value: it8XU99TOFzUl8Iqi3P7_NsTyJYdq1.CT6zKEKTqM0z.J7|1668903737
.hit.gemius.pl/ Name: Gdyn
Value: KlSDLRaGQMQGMEiaorsbH22issGMT1scL6nxmG7OEeXtlOaiGsRPceSiGKGGqPB5gGlGEoG2GxGxDSy8k67xG8MS
.awin1.com/ Name: awpv11354
Value: 412871|1668903737|63e83310-6869-11ed-adce-2234a4c513ba
.tribalfusion.com/ Name: ANON_ID
Value: aVnseFpyXagbqiVREFmuRCcAUS2fG6hLmSxsd4Jd16bwF5sKZceTd6BkBVctwpmfPb3NSUZcUGBm1bb9a9B2Pq
.awin1.com/ Name: awpv20044
Value: 412871|1668903737|64069080-6869-11ed-9f2f-2266c0ccb091
.zenaps.com/ Name: awpv11354
Value: 412871|1668903737|63e83310-6869-11ed-adce-2234a4c513ba
.zenaps.com/ Name: AWSESS
Value: 377129:2470185
.awin1.com/ Name: awpv16798
Value: 412871|1668903737|64149a40-6869-11ed-9d10-2262c713b6c4
.awin1.com/ Name: awpv11938
Value: 412871|1668903737|641d4cd1-6869-11ed-9f2f-2266c0ccb091
.awin1.com/ Name: AWSESS
Value: 367022:2542680
www.conrad.de/ Name: HTLP_timestamp
Value: 1668903737
www.conrad.de/ Name: CEAffHA
Value: YD
.www.conrad.de/ Name: __cf_bm
Value: LFa5WY4rdDbw76HtCkBWByLq5xDHLjMgirW_BfCzIaA-1668903737-0-Ae2ND6KVscKBQqRcuYx8uNkdH6+FEKm4FXiqepgtR/uMbeBYmfpZiFjmRMyBI4eo0ao4XUv2BpGmpOferEmUHe0=
.simptrack.com/ Name: ntm_tps__4011
Value: ..NNNRjVvzeZKIst5Zdg72ZrYj_8Mh9mBMlIi-tHGkeDLh1nV4xi40uIvZ5eRxpyj7xGvDFcDcUjjl3zYxXJi8wUw8ucM8So-kfBmD94qia9i9verEbc3XoZWAnQ1Kd4DrPH5-SlX7ZTJXo30Aqg4C9fm-W84jb9CTCE2SHyoVkwBz8aVtb6W7YA4zTq51MyIgJgF32SqM0iNmQbe0hdsRTzqU0E6ZMbpi95_-FDhOsufapUsMu2faXEop3JUk6trCETSKDx3n32fFpkJNK23TPOZReHjB2TNNNNNNNNNVf4U
.simptrack.com/ Name: v0rur7gqspb3_uid
Value: 6fb534045d5785fa
.congstar.de/ Name: staticentry
Value: %7B%22spfr%22%3A%22412871%22%2C%22awc%22%3A%2211938_412871_1668903737_641d4cd1-6869-11ed-9f2f-2266c0ccb091%22%2C%22sp%22%3A%22awin%22%7D
.o2online.de/ Name: nscT485
Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTI4MDAwMDAwMDA2MTY2ODkwMzczOHZsZWExZGUyMDIyMTEyMDAxMjIxODc4NzAyODE2MzM3WDExNzcwM1YxMjI2MTMyNzAyTVN2aWV3b25laWQ3MnhjcWZnekhqWG1ydXJIWEhndEF0VlZlZkdUMVRNSkNNb25laWRfX3N1aXRlX05ldG1peF9SZWFjaDQzX1RvcFJvdGFNb250aDExNzcwMw
.o2online.de/ Name: nscQ485
Value: V
.o2online.de/ Name: webShopPV
Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117703_-HTLP&utm_term=AFF_la_117703_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2022112001221878702816337X117703V1226132702MSviewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth&wfid=117703&affiliateId=v01MTQyMTExMzExMTExMTExMTEwMTQyMTI4MDAwMDAwMDA2MTY2ODkwMzczOHZsZWExZGUyMDIyMTEyMDAxMjIxODc4NzAyODE2MzM3WDExNzcwM1YxMjI2MTMyNzAyT
.blau.de/ Name: nscT486
Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTI3MDAwMDAwMDA2MTY2ODkwMzczOHZsZWExZGUyMDIyMTEyMDAxMjIxODc4NzAyODE2MzM5WDExMzc1MlYxMjI1MTMxMTA2TVN2aWV3b25laWRSNVhmZ2Y2UUZYMjdUa0h3SDN0UXRkZEFGd1R6VDdnczdvbmVpZF9fc3VpdGVfTmV0bWl4X1JlYWNoNDNfVG9wUm90YU1vbnRoMTEzNzUy
.blau.de/ Name: nscQ486
Value: V
.blau.de/ Name: webShopPV
Value: ?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_113752_-HTLP&utm_term=AFF_la_113752_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2022112001221878702816339X113752V1225131106MSviewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth&wfid=113752
.openx.net/ Name: pd
Value: v2|1668903739|gekin0vNiygu
.zeotap.com/ Name: zc
Value: aa886939-d386-4429-5d25-8448ff4b21c8
.zeotap.com/ Name: zsc
Value: %1C%90%A9bO%9E%27P%BE%BE%03%27%99%89%BC%B5%C7%CA%A9%C1~%ED%05%B2%DB%FE%B0%E2W%F5w%3Al%E3%FD%16%BD%F9%96%60B%9B%2BG%5B%0A%1C%DC%E5V%22%FF%BD%03%B8%E8%E9%A3%1E%ED%8A%81%0A%C8%8D%05%B5%C3g%D2%EF%B9P%99%EB%DF%A50%DC%0B%D7%A6%F4XK%10%FCl%3B%B5y%E8%91%B6k%3BA%25%7Du%B4%AA%60%F3%19%AD%5C%89%19%BCh%09%D2%5D%B9%A1%01%81%F5qS%89%F1V%C5%B8%10Ei%E0%DA%FE%BA%F9n%F2%B3%86%C5%CD%25%C0%D8o%5CT%F6%F3%B4%0AKx8%ECI%8C%1B%1C%16%95%3AO%C0%97%3C8%CC%FC%14%E7%CA
.ads.pubmatic.com/ Name: KCCH
Value: YES
.quantserve.com/ Name: d
Value: EOIBDAHPJ4qsMA
.quantserve.com/ Name: mc
Value: 6379733b-bc08b-ad4f4-9000d
.mathtag.com/ Name: uuid
Value: 5da66379-733b-4600-a404-3d30ac5e6104
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 5A2D5A56-8744-4E8D-8693-9300D2F1536D
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 161562:2
.pubmatic.com/ Name: DPSync3
Value: 1670112000%3A201_197_219%7C1668988800%3A174
.pubmatic.com/ Name: SyncRTB3
Value: 1670112000%3A13_7_54_3_251_220_21_161_56%7C1670198400%3A35
.demdex.net/ Name: demdex
Value: 65116546366224656253879846267361715270
.tidaltv.com/ Name: tidal_ttid
Value: 4d7d611a-dadf-48a0-91a6-0a97b5adba6c
.adfarm1.adition.com/ Name: UserID1
Value: 7167886983472281754
.dpm.demdex.net/ Name: dpm
Value: 65116546366224656253879846267361715270
.tidaltv.com/ Name: sync-his
Value: "H4sIAAAAAAAAADM0NjYwtzK0MAIATDKGPwkAAAA="
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.tapad.com/ Name: TapAd_TS
Value: 1668903739931
.tapad.com/ Name: TapAd_DID
Value: a09cce16-67c8-4364-adec-174d7ee5b05f
.weborama.fr/ Name: AFFICHE_W
Value: 4err1wIDTE7h97
.simpli.fi/ Name: suid
Value: 86F31F61DEEF46CEBA2E41F45E499E51
.onaudience.com/ Name: cookie
Value: f9648036c91b9db8
.onaudience.com/ Name: done_redirects147
Value: 1
.de17a.com/ Name: guid
Value: 1.2985599642028976788
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: 6330babf1dab9342281cf35680271384
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:5da66379-733b-4600-a404-3d30ac5e6104&KRTB&16736-uid:5da66379-733b-4600-a404-3d30ac5e6104&KRTB&23019-uid:5da66379-733b-4600-a404-3d30ac5e6104&KRTB&23208-uid:5da66379-733b-4600-a404-3d30ac5e6104
.pubmatic.com/ Name: PugT
Value: 1668903740
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-4478709472869750710&KRTB&23339-4478709472869750710
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-3147664895050909893&KRTB&23263-3147664895050909893
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEKAwTWCYA7xztOf00h3f8fI&KRTB&16514-CAESEKAwTWCYA7xztOf00h3f8fI&KRTB&23025-CAESEKAwTWCYA7xztOf00h3f8fI&KRTB&23386-CAESEKAwTWCYA7xztOf00h3f8fI
.pubmatic.com/ Name: SPugT
Value: 1668903738
.1plus1.ua/ Name: cto_bundle
Value: 8SVDXV9ZZzE4VVRNRDl1Mk1vVnBYNER6b3c1MGRwVTRTSVNjT3hTTzQ3SGdrbFgzSnFqUzBvREtLbG02eERjTSUyRlNTQVRkNElGbkF4dks0Y283USUyRkd1d0tIYWNYWWdrZHFTa2h6MVdQakVxTmtwOVFDQWY4dDNDOXhoaXgxU0hnR2ZlZm8
.1plus1.ua/ Name: cto_bidid
Value: Le9i3l9GVlRab2F2U2p1T3BmbUpwT2REZlRmMjR2ZlJtUU9oWWc5MW1PSkU5ekpaalllRnNGV2RhN0J1c0dFY1JYemxwS0ZxRVVoSSUyQjI2d0g0dFh1V3NLaWtnJTNEJTNE
.fwmrm.net/ Name: _uid
Value: "e5deb_7167886983472313156"
.agkn.com/ Name: ab
Value: 0001%3Ar462s8wEevdO0tqtBLox1dTcPVM5oNWk
.krxd.net/ Name: _kuid_
Value: PNYg-55f
.richaudience.com/ Name: avcid-zeo-uid
Value: aa886939-d386-4429-5d25-8448ff4b21c8
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-2985599642028976788
.analytics.yahoo.com/ Name: IDSYNC
Value: 19ah~28e0
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y3lzPAAAASg8WQAr
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&fd05e32f-e2f7-486e-8a74-c9695be3ce58"
.linkedin.com/ Name: li_gc
Value: MTswOzE2Njg5MDM3NDA7MjswMjEoJUrnt/c+NPbn7v8V1RgSDs6NXIOBc6DLJKFQ0mMeUw==
.linkedin.com/ Name: lidc
Value: "b=TGST01:s=T:r=T:a=T:p=T:g=2952:u=1:x=1:i=1668903740:t=1668990140:v=2:sig=AQHojGv_SaliWDAtc6Mc94cDimuOjHSQ"
.bidswitch.net/ Name: tuuid
Value: 302a874d-30fe-4835-b8fc-09aabc309c7e
.bidswitch.net/ Name: c
Value: 1668903740
.bidswitch.net/ Name: tuuid_lu
Value: 1668903740
.amazon-adsystem.com/ Name: ad-id
Value: AyW2F_GW7U1Hs4lOpVwvKT4

5 Console Messages

Source Level URL
Text
other warning URL: https://1plus1.ua/(Line 2423)
Message:
Allow attribute will take precedence over 'allowfullscreen'.
network error URL: https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=aa886939-d386-4429-5d25-8448ff4b21c8&reqId=53e0299b-95fe-4d3d-70dc-5a42a5c9ac9e&zdid=1361
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=aa886939-d386-4429-5d25-8448ff4b21c8&reqId=53e0299b-95fe-4d3d-70dc-5a42a5c9ac9e&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=aa886939-d386-4429-5d25-8448ff4b21c8&axd_pid=175
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://tags.bluekai.com/site/87734?id=aa886939-d386-4429-5d25-8448ff4b21c8&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=aa886939-d386-4429-5d25-8448ff4b21c8&reqId=53e0299b-95fe-4d3d-70dc-5a42a5c9ac9e&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1plus1.ua
1plus1.video
a.tribalfusion.com
a4p.adpartner.pro
aa.agkn.com
aax-eu.amazon-adsystem.com
ad.doubleclick.net
ad4m.at
ads.adnuntius.delivery
ads.pubmatic.com
adservice.google.com
adservice.google.de
adtelligent-d.openx.net
analytics.webgains.io
ap.lijit.com
api.1plus1.video
api.webgains.io
as.ad4m.at
assay.1plus1.ua
assets.ad4m.at
banner.congstar.de
bcp.crwdcntrl.net
beacon.krxd.net
bidder.criteo.com
bn01.er.bemail.it
c1.adform.net
cdn.admixer.net
cdn.track.production.webgains.team
cm.g.doubleclick.net
cms.analytics.yahoo.com
cms.quantserve.com
connect.facebook.net
cs.admanmedia.com
d522c7cada94c1c946e5cd3957ab2fe0.safeframe.googlesyndication.com
d5p.de17a.com
dclk-match.dotomi.com
dis.criteo.com
dmp.adform.net
dmp.theadex.com
dmp.v.fwmrm.net
dpm.demdex.net
dsp.adfarm1.adition.com
eb2.3lift.com
eu-u.openx.net
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
gaua.hit.gemius.pl
ghb.adtelligent.com
ghb1.adtelligent.com
ghb2.adtelligent.com
googleads.g.doubleclick.net
gum.criteo.com
hb-api.omnitagjs.com
hbopenbid.pubmatic.com
ib.adnxs.com
id5-sync.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
images.1plus1.ua
images.1plus1.video
imasdk.googleapis.com
inv-nets.admixer.net
lb.eu-1-id5-sync.com
loadeu.exelator.com
ls.hit.gemius.pl
match.adsrvr.org
mug.criteo.com
mwzeom.zeotap.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
odr.mookie1.com
onetag-sys.com
pa.tns-ua.com
pagead2.googlesyndication.com
partner.blau.de
partner.googleadservices.com
partner.o2online.de
pbjs.e-planning.net
pixel-sync.sitescout.com
pixel.mathtag.com
pixel.onaudience.com
pixel.rubiconproject.com
pixel.tapad.com
player.adtelligent.com
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prebid.a-mo.net
prod-rtb.ad4mat.net
px.ads.linkedin.com
rtb.openx.net
s.amazon-adsystem.com
s.tribalfusion.com
s0.2mdn.net
script.hotjar.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
source.mmi.bemobile.ua
spl.zeotap.com
sslpagestat.mmi.bemobile.ua
static-de.ad4mat.net
static.criteo.net
static.hotjar.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.adtelligent.com
sync.mathtag.com
sync.richaudience.com
sync.targeting.unrulymedia.com
sync.tidaltv.com
tags.bluekai.com
tm.simptrack.com
token.rubiconproject.com
tpc.googlesyndication.com
track.webgains.com
trc.taboola.com
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usermatch.krxd.net
vars.hotjar.com
www.awin1.com
www.conrad.de
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.lead-alliance.net
www.telefonica-partner.de
www.zenaps.com
x.bidswitch.net
cs.admanmedia.com
104.109.78.125
104.111.215.191
104.111.239.217
104.21.26.154
13.248.245.213
13.32.121.49
13.41.118.175
141.94.170.77
141.95.98.65
142.250.185.226
142.250.74.198
145.239.237.56
146.0.227.109
147.75.85.234
148.251.139.77
148.251.246.187
151.1.205.165
151.101.66.49
162.19.138.118
162.55.236.225
178.250.0.157
178.250.2.151
18.159.93.136
18.66.147.120
18.66.147.62
18.66.97.53
185.15.245.81
185.172.90.252
185.184.8.90
185.255.84.151
185.29.134.248
185.64.189.112
185.64.190.80
185.89.210.101
185.89.210.90
194.247.175.19
194.247.175.23
194.247.175.26
195.137.240.108
195.137.240.12
195.137.240.20
195.137.240.80
195.137.240.88
198.47.127.19
198.47.127.20
2.18.233.180
2.18.233.201
212.82.100.182
213.155.156.183
213.19.147.44
2600:1901:0:76b9::
2600:1f18:6593:f607:11a7:cf56:2b1f:dc6
2602:803:c003:200::31
2606:4700:10::6816:1857
2606:4700:20::681a:ad1
2606:4700:20::ac43:444e
2606:4700::6812:19ad
2606:4700::6812:7f05
2620:116:800d:21:b314:a0ef:ab7c:d546
2620:1ec:21::14
2a00:1450:4001:806::200a
2a00:1450:4001:809::2002
2a00:1450:4001:80b::200a
2a00:1450:4001:80f::2001
2a00:1450:4001:810::200e
2a00:1450:4001:811::2002
2a00:1450:4001:812::2002
2a00:1450:4001:827::2002
2a00:1450:4001:828::2003
2a00:1450:4001:829::2001
2a00:1450:4001:829::2003
2a00:1450:4001:82b::2006
2a00:1450:4001:830::2002
2a00:1450:4001:831::2003
2a00:1450:4001:831::2004
2a00:1450:4001:831::2008
2a00:1450:400c:c07::9b
2a02:2638::1c
2a02:2638::24
2a02:2638::3
2a02:fa8:8806:13::1400
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a03:90c0:41:2801::254
2a04:4e42:600::300
2a05:d018:24:b002:eb7b:3a65:f7da:a48f
2a05:d018:d29:3602:574e:c78f:197:6bf7
2a0c:5c81:5142::2
3.11.224.13
3.126.56.137
34.111.131.239
34.91.62.186
34.98.67.61
35.227.248.159
35.227.252.103
35.244.159.8
37.157.2.239
44.207.237.180
45.133.44.4
51.89.9.251
52.208.205.2
52.222.236.122
52.223.40.198
52.31.236.55
52.46.151.131
52.49.35.210
52.49.92.250
52.95.126.160
54.37.238.28
54.38.197.123
54.76.86.77
54.78.254.47
62.149.1.122
66.155.71.150
69.173.144.139
69.173.144.165
72.251.249.13
78.46.85.162
84.200.5.215
85.114.159.93
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
03d35c1ff8a01dabf5d312f47b641d0dc6ad96b102f0b095e6af937881901757
05f3123a31d48faacc7c4cbbce13cc915e2bca98f0ad2d1237f06ef8f4944e98
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e7cb45f857dee266e3e30474fe53581495d160fe7900d34423acb84ff6ea898
0fc2fc5d88d357fa83957e664039e6a19588081e55a215d8d077eed82d43beba
0fc6327e965679b41a818cf88fdaf0b16e586c0ac03bc72d49c4f47e2ed02336
13d8a627dc93f7abb28f3188a686a67da61bac54d7ff4a2845e489af5455c358
147b1111edda7e2c2f9d672b5649de2f2dc5d5cb9dda7905198aa883a4273013
157e60bd9d7ce36569bb2e2ade15d6abf40cd9a6c5c4818e05defc7d34595c6d
16aec55d227d15b95ca9a2297e928565f7563468e81b0f92cfaff43c2aede381
16fce2fc06098924253d797fbf18040dd0881c9db76920604157794050827e53
176cec0c0610df2346dd22066f273900fa263f1071814b001d07ffbd654b9eda
18490029527d0166564d08d77d15347f5c7604cb916606860eb0bf458565ba9f
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1a1cbd003f02f0c1712e6de047260a8897034a6966acd5cccf3472fd1637ffb3
1ab4a908fe3410ef7a0730208fc6bed17c25a62588fe9954525f3bf1f9e0fbed
1c3af60ffcbfb3b87dbe7a12929ccc325b0c281259d5bc9fcf383de32a030a22
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1d09013d3a41d98fb51611338090332b2513522dde37404c17e1c809878e97f3
1ec3154a3c30da2a460cc0da9dd4c2337933fd257db4117693a7bbfc0b627971
1f72c87b79e8fe85769acc7e1483ee48d5c8d95a3ab921882a93d8067f6c774a
1fc65fb73bec36db44904e7591e16788f7416e5cfbae33994023bbcfb0db598d
2204be79bb578c0c4fda4fd9eaa67a109ed9728e89aacf67f34ea156f351e546
228fe296fd9a33c4839c94324a40df977a3c05e350168fe78273842992fd2ec8
2409c2e2581815c0a8211bad53e63d91246c0a5229f5ae4873badd21d2c3bf4e
24e7aea27b4dff26bf745dbf3d8e68b4c27d0846008401b71796c2c2154a73bc
25855560050d2c40d5609914c4260769661a7acf4c62cb3786cbc0731b871c58
262be405d24e2c19dc4e3ecce75466f864fd5959649e39b8b97fd1c83c54087f
2b7f68582252a22f529528a5bcd334c5d727a7e972d2808677aaee4a4ba20259
2c06019216613db509def3fdf03611d0872be7b436a496a3e3b38cccda1074ac
2c982f45c00f656f4e3494fe881f99c0dca0e909e94efe87af8e35afa2f4a5d8
2cdee42b7d068f78d131568b5f3eed1975a5d656ca3ab20a747e31439598f5f7
2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ee685fd2ec940b0dfae9c6e490f9fdc64b2a5e47d2898577dc6308d9ce8394d
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
2f46141ca4503ca206bd7394c5c3afccf7f62b6c3eab59c97644b9a59616e331
2fb94cc5f4e050854cd18abcf65c8e58f62f512e141acf6b256aadbc27f1a48e
2fe4836430a377f67538986f4cbefc51ed9b7ef7537abc4d57cdc1ed312508a0
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328afed8faf690e83bbb9fda1521e0fcbca2b3f27e36759bbae82d5da90a0ea8
37517d427912ff59ee0d7fabc6b1d0cc4184b5aff93436279ce707fcef32e311
397241284c4b2768d7456e491c3c3c82e3f6cd268c67bb2fa80f8539a8aef9fb
3ab326af9dc6c82a2117248f99b169c68e64ef429ca3cfb75ddf9aa81e07c3a4
3b0464081ea585a89a02303644ebb231f4cbf5ce95d349a3fcd277b15acbe9f6
3dac64a94fcc4eae3c54f1f12824e9b82bebbec1acb3cb8b908f4ecc1f90e578
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3eff9bdb7ebc22efe66850cd4fdd14b1b97838a2c1b2fcda7bdcebf6ee6a5b70
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
3fdf445b8cfc96cac2dc15cf848136734465e421404c4af45aa2edf8aac271e1
4155e360a106b86bcd01915be50a7d6fc025691d9d8e0f339ef439f1358213bd
41aaf869bc03cdcb1fcd151f0accc843e0ed6fca8e303b97957cbdc50dc28710
41b01c7dcef74c8721de88ab44df58ff544bf6ac269d78f85d0c13b6ba98e83a
41b9b9d488e3a57902a671111dd089363c2f7d3a41ec3177f196abbb7cbac078
42e8de9192dee3b3ee8a7529c5883dac20b868000168362d9f287125c95e18a8
4596b3d166f6e8609c22c2c710e14944bf6dfdf65b6eb8f8e3106628d390385a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47548feea43cf88831b574cabfc5b7df371388a1e78856f9fb7ed81de4676d22
48e0160532c6bbef842ff3f1fc3b75a0de690923cb23a66cc6726ac7af1b40c4
49ad8659985b2987d5c71eb77594e481fa81d67c5f1f89fa095f43460190f829
49b5ce8d75f6bdb3ca5d82d43ed447d165e366bc67febbdd6bbcebae55ff5f88
49fe0811375c5c80bf4b60765f8675533efe054945a25a222f16d2fdbef294d8
4d47c1ca3d82a56c25eb8670f9ecbe93721581fab2d02ff5cfec1ebbe5c1c376
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e4f8f2b650d27c85ec7005783d9d39ae82a54172fcf23329a81388ee2837d3b
5036dfdb2d6b9858b2ee97cca80b509bd1df0cab47f2755aed4ac1f8c4e59fa1
517d4417f1918881abb8b87e7be918ca95b9eb50de3a5ef4a46e2e39626aba7b
52766e8a794518c7468a348595a6057555b8b122b4ef240157319ee3db41feac
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
578d39c8cc926851f5be1195f339d26cbbf239f2f7cac8b55b349276514b85fe
589925eaae9b09e8fd5d21ef9cc845f27c2cdd90ded26bd5486cca9fa139daf7
58992c45ffa95bd202e9187cc9ebb80225911bfe7a4c45c37abe8e9ee830667e
59bd288e64c57e034672999e33ebda6eb5ad1575945eb563dbfb5b44f226e1e1
5a4bf6765c70fc79d4a77d75bbd839f0054209a82412b838a05b070141ef0889
5d1b56a762d63b6e9bfb8a70552ce75c1c3938c782f8d9de971ecc960836c451
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828
5f0e58e4c8d23cb8d1453aa9d362f102a4676085ab517acfd34aba74f982d3db
5f9ecc527406b9b72bc3a9f4527892dcf842584b7e6aeb7ce816a4c7c8803954
5fec456c222cb1709f0bf269d9442402ff8e9a5b45ee186a6a06f0566f35f2b2
6151c6cb78b2f0ced663b5e32e13658236477225b4416c52e57142f3d610f058
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
6224c9a892da8a5a42b865d71312b8afb2f0fd16fe33a3b8e4a54e0e910ce496
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99
623b8ed926c2eb6436ec5a876949f4986eea52ccb69a6a0064164dd9d6361179
6422f2c551d075ba22afd66575ce2cb24865bca4c67d81369e7bbfd0cdfe6f93
65aaec8ab2a76f5651e45c55e28f525faf1384bb89ea11a42c65e423abc2a529
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
67318e1c9ea0047b035276d21690ea657f781686c5fb857f4f80ba1084ea3671
680f6e9a0e9f9d8c145e11d6937f688ff4299215d44bf0a54368ffc6acdbfc51
69d228d042fb28d94bc91b42bbbc0d07d072025f835459022c91f48c91fd8707
6b094a140ea1c9e6edece62a54ab0d4fb5a600ba71495dc8835a12621e49204e
6b822ac73356b73c74308043eeaf4678fd5e23fe896c6fea92e67c5a98030ebe
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cc01fe871dad3c4a861c6f5b55892316524ffeffab08c633119356b3c4bb703
6f7e8381fb6a83ef8d216a9e777a5e95c66438f1f585e43dc4303bfd0c7f8c5f
7024493525030ecd098ce0dcb2f0aea839373775120b40580028137b1d125ac9
70b59bb9497e5e0c1e576f5efc2048b1135d82312ac4a023b82f5d93d06a0451
714576ef1d7b58980b7658ae9b8b4d74a223fba87934dc442db4098873e179a3
73249429a1a85bf4f411248739f96010d3ec42e832062424c50a743ba0114bbf
746826c1aee497891f41c97911faf8c7ec3801715445c96059368486f0b65e54
749cdca51d56f42d0a3c76a988a551aaa7f8ea8241ada902b6956b5b646a3830
7590dcf50bf95abb417e1944f8fe6b7e7a7539dfa6bbbb51ec8b55fc66ab51b8
75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070
76967d830f6aef06f336d8b7323d7d8a07e08b56080a1b3c8b9ada0b5e7ead26
76e3601174c7e301fc202cf47a968dadd4373af056802834ae34a9efd9e2c347
7728946db189aa5afd0b17d585fd24521909793a688ec2ef72c019a8bf92dc97
77639b450a3179e657341017374b6b46eaa79cf1e02cd816c53feb97db03bf6c
78644c31284bdee663418e2ca2e704cd7cc4d4a76eda0909fe178b7ecdb020f0
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
792972a6b7f330144c0cf22b9c63f8efaff4665dfb2b43868d0cbbaff721d100
7c1f787485bbee4a1a85920ce5f22fbe6f91937861a95d1caa0f4a6bc014098d
7cd827fb92bcd9fc2feb1ea3aae9b3b7887a24f66ec46930f8f6c90afd2609e3
7cddb82115dc2cad07836d02b428ddc84d73a3e54d2bb23e9aa332097225747c
7f4b62d09dc30ffd1f6943c722fc053199beca02c3a5962264608d05ec583484
808521ff8f4b3f31cc0fd43a91d71ece6a8c03c3c705e870cac13dc3bb1a7101
816f9db313b3397109c09c0cefafe77ecf775a18c11f7e35de8a5126613fb45e
831836318797e289854753abaff9462785e77691443e6171e8c48f02a7b87afa
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
851ab1d0997cc0dd8c000ccb7d04106aafa3d5586dd097a74a0805301b8ec95d
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
866c1245aa992a1f895635f3205d94b8ac5489d00d5cff179a028818ea9a9422
86e52a6ab6d9a83f40ddc2a09084df0a0d291ca4194b5ce17de122001adf46fa
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
8982dd484ccec0f50211e9553366b0d2b77a3df90da24b92b83fddbb0fdc7e8d
8a224f5666106a0d1c78951d4dfb964ab63183d044119a68404f7c01c19f951d
8ac93084a32b8e527e903c8904311a5125cbd46dd7fa4447c278769b28462764
8c4db221b86d2f5e75561da9b3b465c3a524af40b9c7c8d98049576724c2400d
8d03673bdb38cd2472faa49e77089961aacd346205a99d6007d2f0236563ed5b
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7
8f9e71ad37578a2db5a8e702ba31316a65dc3f36b2883198adab4d8261631483
8fe0fdb2b9207a73e3ef2838107287c40fbe1257c485a07e7f9af8207c23ad24
9003840ee1080376832d12bf05d17e7f9526d2da9537965d0f93cca78dab09cb
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
910612fc65208677f4e2fff60558e0f1949138a3696402a17ed5582efe0d2649
92041182fcc3c5360775d050db26696d325f66110658bcf563a4d1046ba0125f
970fd244625707addabf14f198125c0eba94dd1975091ddf2e60cfd33b24a811
9793fc03a50f4e6cdd1d91743c7c18f33bf8ac521cb84f7e3d0fe24672ad72e3
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b99450717649bd5715ae5cba0e064d8cc879abe705815792d66097163cfb576
9cfc3a96cab0eb315783265b6db554e532e060952d409399cc7dd1d7e775b9a3
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a0084043f26a51ea743463b4a653e4850cbaae0868832e4471a199f753fc6b27
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f
a5af34b74868f58da2483e0ad87af7bfb087d4fc23ee86139a4fba443bb66e5f
a67fd636fc14c93a27489b5b4d56301dec03a8e17072a499e10c08cda535f4d5
a691ce0fb054d5f2128394b9ad9c5961d7c0cdc1804bc83d6760df78ee304d7f
aa3e1bd585c22a952036e1599ab87fa310359a7154dcbb0760c9046c5669e01c
abcc01ec7f27663d20ef3186dd63224980fb38ba81a9451d9eccfa597f1dd9d7
abee2ab95491ef1e29b65b7c025f035fc075327c87817750d1149ed782780477
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
ae0b2fa6956c5bbeab3ebb80e69bc0d313506fbf6d9a75fdd41d3511d8aeb120
af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5
afc207386e69748f65e917a95513ca8ef20068a3dc11c87b393733030d80f3d3
b003afa15165c632feeec754e2df29e83ed92ccae2fc38187f170ed1bc388ec0
b05dc6b4ee58193d02734b742e6c3034fde10a31fc0217b4d2fd7154309c0b76
b3c144c4f8692cad3e391f43b282ff6cb59f2bb3f03c805f8d0c0cfba2f6dd60
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b47424e5e00e72a9c771c8b5d01eb2a30f846c3b38b2613aab2692db3596a4b8
b94e319b82e682552058d4f4382a0095ac469845db90cdb1b82684fa02bc83f7
b9b060fea5d40ed1a199f9ffec8eedb296149c1c5289e65818742d16f24f4dc4
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbb05b94711d32b94bf45db19a44a6f68bc361a1374016744bfd911dc43c4e3c
bc5e9b73d737dacb15a7dd445b746e28fba4864a3b1e184a8793a8a4b07eaba2
bc612c0463c547f2d209aebf6d513fe30242194a0c14739ac81495248c0c4d66
bd9072da49e87b2c3688527532eb51a54a6886366915be497e4e2de0c83e5859
bda7622ec772fb96ea5b3200a730601a3f51749850cf93d0030acaac24f7e729
be61fafa9f8dd9950c474a181d65b4b490660720a09a5966beeedd36a26b5148
c0d7a97d94e770cec887b011b68d5f95d6363699ab8bea8e68276187b90dfd68
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c27927ccbd4782d0639db8558771e2ebe32cf0c895d2b2c55272f9c350f8fe9d
c29f72643558d1223401973ae3681cd38d81735da9e1df1e86fd15d63bd6a19f
c30d47ea5375659aba1aaf38b42b88e8f3150482e2dd0a38e86ae6e494f4d9f7
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c9a06cac4fe63810cc312538821dcacf6363d982c2bf6a50ad4ed2936bd5d6cc
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cc64d1756f7ea9bbd51bb9a79776949b84d251159bea5c0a4fc9f5f037925eb4
cde44a1b2c04c5994bfc3e877d8ddc4ab44760347955af9c8fd370b10bea35a0
ce7c4b304c61ab6f6bc5bc4d333177a66061d1b84c6ee3b0b322ec360f65dcc4
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf78db9ae428d32c1d7f8704bd9f3a48d20f97cb961c4558fc124ca7c91730f9
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d3031ee72a364aeaffd991044ce55281db1a614ef5fb84ec49fa991e9b547ca8
d4d4b08095d094be00aaa090c9f065a48336005f6a028c2cb170c878d2932e6e
d4ee88572845c637e29e806b544dd609880fe151bae28baba0a058e735597942
d6b49756d33011a4890d6987aa02c915e192b7b241627bb179fb38154aa6f963
d807c12f029f4df6967f2f082f63eee8013a45f2125c9201b368bb4bb37f9361
d91e9e9e26dd0965bed5f01a875395196fd78a1ea338fb2d01a0f788a799ae7b
d942cf7b1c3373838ad0dcb9e20f6563e375a3a56b6173939a7129f3cc0f33bc
d9e721690599ba29582955cb0322a87c361441a2d7446fd4ac2d974788ae0b6a
dc22451564cd5de1532a0383213151f7e3d82c1830ff84f3908db02befa9d2eb
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e2a379ae26a35fcf0f8296c2275d1f2acc2b1c7fb332aa76c63d3dd2610c377f
e2b2134adf52398755a5e6428ee95f6a6f99db6b82530f2b3e964c5be470cfe0
e2ec4a3538f057518aadf46b1d1c6fdaf7f1015f51c7440123628756cddffe54
e35175edc3c874af71a21e6321898ee5109cf40d47cb4016add8813f54721f5a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4a4326209997a077d9078967eb02c86ac6dd7780d0871ae7739c5e49f21526f
e52ce9aedd00c17de0baddbfc8112577c1a48f3d1c8aee25953a53feb7281d7c
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e839c6cc63b861d1bdad75ce13f3122bbea54d1896715655926f97a958db4dbe
e86d3703af27920836907968ada5890309f2e37d05fafe361cb5d25e9ce02a67
e8decfdbca90823a9fc08c399cc7f568a993e77d31fe7e2ab87aa75276b5cfaa
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ecd2e45fcd6ed0f17eaefccd72cdb8253be8673636adcbf3f8902aeeed654fe2
ecef8738146c1d83c54e73d8c5fc78755c456b5831d75c61de62243901e784aa
eea1741c7f78ca29a007407ff07c325e719cd9e3631b54ff86d228ec6235af20
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef594ffbeb9ecf07b43cf04f4e3b534af93c9c8cf4b7c0b76bb08fc3fee304a7
efd63b5811ae0f95a69706c77b1b29327430aa729c1136321531992ce70f6213
f141c4804f5922f85bebcc912a51c399d218f36f96aa3361b845d00643fa8264
f1f3fd397b3a2fe331f7c691c53f0b577d2cbd2398b84e4c3fc8fcb653570a2a
f2a8720de45d6e2afa1037156d17e6b24e05d98b9f3ffb06ea6dbd8faafb3297
f3c01ff3cf1eede0634fd027a59dc3a5f2f82eb5cbe271f4aec1dffddb774881
f43973ee0ee121287cca23c16a48de9fce9a5701eaa6724be93d702654a9677f
f55b032b8ee2ad5218d33664d54f4a90f610a860add5e3c2d66ab33327d742ed
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399
f7d679ac3eacbeb4ab5801b3f1dd63d710fad1c3d44440be04f102adb53a6bcb
f85928656cf42cc7a257190b584d234df6be08ba79d02bfa534e117e4f3ea6a1
f98c3b183a8834fa2303d8c358f62cc42785540dec4bcca3bf682dcd893874bb
fa1e91b87103157f908a9ee3b3c0eab74ab3c71026f7538071c715a009f73b7a
fb28e529eb48422c4f3150357d137cfa2fba6055291e5e75ad8239da66074888
fef77895525ab7345803b4592a91b346c0d1789f8da2b762bb3f2608dc3e77f8
ff3ae49d160812d67552eddd8cde0a5b4bae37c20ebdcf47784a74f6f23be809