2plus2.ua Open in urlscan Pro
195.137.240.82 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://2plus2.ua/
Effective URL:
https://2plus2.ua/
Submission: On May 03 via api (May 3rd 2022, 9:20:21 am UTC) from GB — Scanned from GB

Summary HTTP 306 Redirects Links 28 Behaviour Indicators

Summary

This website contacted 59 IPs in 12 countries across 48 domains to perform 306 HTTP transactions. The main IP is 195.137.240.82, located in Ukraine and belongs to ASN-UNIAN, UA. The main domain is 2plus2.ua.
TLS certificate: Issued by R3 on March 21st 2022. Valid for: 3 months.

This is the only time 2plus2.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 13	195.137.240.82 195.137.240.82	29389 (ASN-UNIAN) (ASN-UNIAN)
55	195.137.240.20 195.137.240.20	29389 (ASN-UNIAN) (ASN-UNIAN)
6	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
2	2a06:98c1:312... 2a06:98c1:3121::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6 13	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
2	195.137.240.12 195.137.240.12	29389 (ASN-UNIAN) (ASN-UNIAN)
4	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
1 8	54.37.238.28 54.37.238.28	16276 (OVH) (OVH)
11	195.137.240.108 195.137.240.108	29389 (ASN-UNIAN) (ASN-UNIAN)
4	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
2 21	54.38.197.123 54.38.197.123	16276 (OVH) (OVH)
2	45.133.44.4 45.133.44.4	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
7	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1 2	23.111.9.38 23.111.9.38	33438 (STACKPATH) (STACKPATH)
1	2606:4700::68... 2606:4700::6813:9308	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2620:1ec:27::... 2620:1ec:27::cafe:1835	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	146.59.30.108 146.59.30.108	16276 (OVH) (OVH)
6	2a0c:5c81:514... 2a0c:5c81:5142::2	55081 (24SHELLS) (24SHELLS)
1	2a00:1450:400... 2a00:1450:400c:c06::9c	15169 (GOOGLE) (GOOGLE)
4	20.84.22.197 20.84.22.197	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1 2	46.249.52.249 46.249.52.249	50673 (SERVERIUS-AS) (SERVERIUS-AS)
2	146.0.227.110 146.0.227.110	29066 (VELIANET-...) (VELIANET-AS velia.net Internetdienste GmbH)
1	51.89.9.254 51.89.9.254	16276 (OVH) (OVH)
1 7	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	23.227.139.243 23.227.139.243	55081 (24SHELLS) (24SHELLS)
1	3.223.60.98 3.223.60.98	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
1	193.200.65.5 193.200.65.5	6681 (GIVEME-CLOUD) (GIVEME-CLOUD)
1	31.220.27.134 31.220.27.134	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	136.243.84.74 136.243.84.74	24940 (HETZNER-AS) (HETZNER-AS)
1	34.120.139.69 34.120.139.69	15169 (GOOGLE) (GOOGLE)
1 2	193.232.148.145 193.232.148.145	48061 (UMA-TECH-AS) (UMA-TECH-AS)
1	37.18.103.21 37.18.103.21	205675 (HYBRID-AS) (HYBRID-AS)
4 4	188.42.196.115 188.42.196.115	7979 (SERVERS-COM) (SERVERS-COM)
2 2	168.119.9.59 168.119.9.59	24940 (HETZNER-AS) (HETZNER-AS)
2	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
21	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
6 10	92.122.147.230 92.122.147.230	16625 (AKAMAI-AS) (AKAMAI-AS)
6 8	185.33.221.88 185.33.221.88	29990 (ASN-APPNEX) (ASN-APPNEX)
34	2a00:1450:400... 2a00:1450:4001:829::2006	15169 (GOOGLE) (GOOGLE)
4	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1 2	52.142.114.2 52.142.114.2	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 4	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
3	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	141.95.34.104 141.95.34.104	16276 (OVH) (OVH)
306	59

13 195.137.240.82 (Ukraine) 1 redirects

ASN29389 (ASN-UNIAN, UA)
PTR: front02.1plus1.ua

2plus2.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

55 195.137.240.20 (Ukraine)

ASN29389 (ASN-UNIAN, UA)
PTR: images.1plus1.ua

images.1plus1.video	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3121::7 (United States)

ASN13335 (CLOUDFLARENET, US)

player.adtcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 172.217.16.130 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f130.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.137.240.12 (Ukraine)

ASN29389 (ASN-UNIAN, UA)
PTR: assay.1plus1.ua

assay.1plus1.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 54.37.238.28 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip28.ip-54-37-238.eu

gaua.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 195.137.240.108 (Ukraine)

ASN29389 (ASN-UNIAN, UA)
PTR: front03.1plus1.ua

api.1plus1.video	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
1plus1.video	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 54.38.197.123 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: app-ngx-pl-01.adpartner.pro

a4p.adpartner.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.133.44.4 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

player.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.111.9.38 (United States) 1 redirects

ASN33438 (STACKPATH, US)

cdn.mouseflow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9308 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:27::cafe:1835 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 146.59.30.108 (France)

ASN16276 (OVH, FR)
PTR: ip108.ip-146-59-30.eu

ls.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a0c:5c81:5142::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)

ghb.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ghb1.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 20.84.22.197 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

f.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

adtelligent-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.249.52.249 (Amsterdam, Netherlands) 1 redirects

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net

pbjs.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 146.0.227.110 (Ascension Island)

ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE)

inv-nets.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.227.139.243 (Piscataway, United States)

ASN55081 (24SHELLS, US)

sync.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.223.60.98 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-223-60-98.compute-1.amazonaws.com

1x1.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

476a1c182686a12c4c773233b90813f0.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.200.65.5 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: t.trafmag.com

t.trafmag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.220.27.134 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

s.uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 136.243.84.74 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.74.84.243.136.clients.your-server.de

go.rcvlink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.139.69 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 69.139.120.34.bc.googleusercontent.com

dsp-trk.eskimi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.232.148.145 (Russian Federation) 1 redirects

ASN48061 (UMA-TECH-AS, RU)
PTR: smtp6.sender.ltmse.com

px.adhigh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.18.103.21 (Netherlands)

ASN205675 (HYBRID-AS, DE)

dm-eu.hybrid.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 188.42.196.115 (Luxembourg) 4 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 168.119.9.59 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.59.9.119.168.clients.your-server.de

exchange.buzzoola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 92.122.147.230 (Milan, Italy) 6 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a92-122-147-230.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.33.221.88 (Amsterdam, Netherlands) 6 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 2a00:1450:4001:829::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.142.114.2 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638::1c (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.34.104 (Paris, France)

ASN16276 (OVH, FR)
PTR: p33.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
66	1plus1.video images.1plus1.video — Cisco Umbrella Rank: 285177 api.1plus1.video — Cisco Umbrella Rank: 170009 1plus1.video — Cisco Umbrella Rank: 131457	4 MB
40	googlesyndication.com 476a1c182686a12c4c773233b90813f0.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 171 pagead2.googlesyndication.com — Cisco Umbrella Rank: 119	346 KB
34	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 338	790 KB
23	doubleclick.net 6 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 245 stats.g.doubleclick.net — Cisco Umbrella Rank: 175 googleads.g.doubleclick.net — Cisco Umbrella Rank: 65 cm.g.doubleclick.net — Cisco Umbrella Rank: 289 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 354	249 KB
21	adpartner.pro 2 redirects a4p.adpartner.pro — Cisco Umbrella Rank: 8740	33 KB
13	2plus2.ua 1 redirects 2plus2.ua	142 KB
10	casalemedia.com 6 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 901	9 KB
10	gemius.pl 1 redirects gaua.hit.gemius.pl — Cisco Umbrella Rank: 38850 ls.hit.gemius.pl — Cisco Umbrella Rank: 9907	36 KB
9	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 20 adservice.google.com — Cisco Umbrella Rank: 128	2 KB
9	adtelligent.com player.adtelligent.com — Cisco Umbrella Rank: 5069 ghb.adtelligent.com — Cisco Umbrella Rank: 6401 ghb1.adtelligent.com — Cisco Umbrella Rank: 8181 sync.adtelligent.com — Cisco Umbrella Rank: 5011	35 KB
8	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 326 Failed	8 KB
8	criteo.com 2 redirects bidder.criteo.com — Cisco Umbrella Rank: 856 gum.criteo.com — Cisco Umbrella Rank: 448 mug.criteo.com — Cisco Umbrella Rank: 1931	9 KB
8	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 111 imasdk.googleapis.com — Cisco Umbrella Rank: 439 ajax.googleapis.com — Cisco Umbrella Rank: 432	516 KB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1591 f.clarity.ms — Cisco Umbrella Rank: 2798 c.clarity.ms — Cisco Umbrella Rank: 926	26 KB
7	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 101	59 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 316	112 KB
5	gstatic.com fonts.gstatic.com www.gstatic.com	283 KB
4	youtube.com www.youtube.com — Cisco Umbrella Rank: 88	102 KB
4	betweendigital.com 4 redirects ads.betweendigital.com — Cisco Umbrella Rank: 2385	3 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 142	208 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 227	74 KB
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 760	59 KB
2	buzzoola.com 2 redirects exchange.buzzoola.com — Cisco Umbrella Rank: 15423	380 B
2	adhigh.net 1 redirects px.adhigh.net — Cisco Umbrella Rank: 9014	728 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 100	315 B
2	admixer.net inv-nets.admixer.net — Cisco Umbrella Rank: 3293	962 B
2	e-planning.net 1 redirects pbjs.e-planning.net — Cisco Umbrella Rank: 7978	1 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 195	114 KB
2	mouseflow.com 1 redirects cdn.mouseflow.com — Cisco Umbrella Rank: 8536	17 KB
2	1plus1.ua assay.1plus1.ua	23 KB
2	adtcdn.com player.adtcdn.com — Cisco Umbrella Rank: 20814	112 KB
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 915	616 B
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 379	552 B
1	hybrid.ai dm-eu.hybrid.ai — Cisco Umbrella Rank: 22658	238 B
1	eskimi.com dsp-trk.eskimi.com — Cisco Umbrella Rank: 30155	256 B
1	rcvlink.com go.rcvlink.com — Cisco Umbrella Rank: 35814	109 B
1	uuidksinc.net s.uuidksinc.net — Cisco Umbrella Rank: 3992	241 B
1	trafmag.com t.trafmag.com — Cisco Umbrella Rank: 73047	351 B
1	google.com.tr adservice.google.com.tr — Cisco Umbrella Rank: 11732	792 B
1	google.co.uk www.google.co.uk — Cisco Umbrella Rank: 2633	501 B
1	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 1119	356 B
1	openx.net adtelligent-d.openx.net — Cisco Umbrella Rank: 20046	372 B
1	a-mo.net prebid.a-mo.net Failed 1x1.a-mo.net — Cisco Umbrella Rank: 4127	89 B
1	creativecdn.com prebid-eu.creativecdn.com — Cisco Umbrella Rank: 5779	171 B
1	crazyegg.com script.crazyegg.com — Cisco Umbrella Rank: 2996
0	pubmatic.com Failed hbopenbid.pubmatic.com Failed
0	rubiconproject.com Failed fastlane.rubiconproject.com Failed
0	adnuntius.delivery Failed ads.adnuntius.delivery Failed
306	48

	Domain	Requested by
55	images.1plus1.video	2plus2.ua 1plus1.video
34	s0.2mdn.net	2plus2.ua imasdk.googleapis.com s0.2mdn.net
21	pagead2.googlesyndication.com	2plus2.ua 476a1c182686a12c4c773233b90813f0.safeframe.googlesyndication.com googleads.g.doubleclick.net srcdoc tpc.googlesyndication.com s0.2mdn.net securepubads.g.doubleclick.net www.googletagservices.com
21	a4p.adpartner.pro	2 redirects 2plus2.ua a4p.adpartner.pro player.adtcdn.com
16	tpc.googlesyndication.com	2plus2.ua 476a1c182686a12c4c773233b90813f0.safeframe.googlesyndication.com tpc.googlesyndication.com s0.2mdn.net securepubads.g.doubleclick.net
13	2plus2.ua	1 redirects 2plus2.ua
10	dsum-sec.casalemedia.com	6 redirects googleads.g.doubleclick.net
8	cm.g.doubleclick.net	6 redirects googleads.g.doubleclick.net
8	ib.adnxs.com	player.adtcdn.com googleads.g.doubleclick.net
8	gaua.hit.gemius.pl	1 redirects 2plus2.ua gaua.hit.gemius.pl 1plus1.video
7	www.google.com	1 redirects 2plus2.ua api.1plus1.video 476a1c182686a12c4c773233b90813f0.safeframe.googlesyndication.com tpc.googlesyndication.com
7	www.google-analytics.com	www.googletagmanager.com a4p.adpartner.pro www.google-analytics.com 2plus2.ua
7	api.1plus1.video	2plus2.ua 1plus1.video api.1plus1.video client imasdk.googleapis.com
5	googleads.g.doubleclick.net	2plus2.ua 476a1c182686a12c4c773233b90813f0.safeframe.googlesyndication.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	ghb.adtelligent.com	player.adtelligent.com player.adtcdn.com
5	securepubads.g.doubleclick.net	2plus2.ua securepubads.g.doubleclick.net
4	www.youtube.com	s0.2mdn.net www.youtube.com
4	gum.criteo.com	2 redirects static.criteo.net
4	ajax.googleapis.com	s0.2mdn.net
4	googleads4.g.doubleclick.net	2plus2.ua
4	ads.betweendigital.com	4 redirects
4	f.clarity.ms	www.clarity.ms f.clarity.ms
4	1plus1.video	2plus2.ua 1plus1.video
4	fonts.gstatic.com	fonts.googleapis.com
4	www.googletagmanager.com	2plus2.ua 1plus1.video www.googletagmanager.com
3	mug.criteo.com
3	476a1c182686a12c4c773233b90813f0.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	c.clarity.ms	1 redirects
2	imasdk.googleapis.com	1plus1.video imasdk.googleapis.com
2	www.googletagservices.com	2plus2.ua 476a1c182686a12c4c773233b90813f0.safeframe.googlesyndication.com
2	static.criteo.net	player.adtcdn.com static.criteo.net
2	exchange.buzzoola.com	2 redirects
2	px.adhigh.net	1 redirects 2plus2.ua
2	adservice.google.com	securepubads.g.doubleclick.net imasdk.googleapis.com
2	www.facebook.com	2plus2.ua
2	inv-nets.admixer.net	player.adtcdn.com 2plus2.ua
2	pbjs.e-planning.net	1 redirects 2plus2.ua
2	ls.hit.gemius.pl	gaua.hit.gemius.pl
2	connect.facebook.net	2plus2.ua connect.facebook.net
2	cdn.mouseflow.com	1 redirects 2plus2.ua
2	player.adtelligent.com	player.adtcdn.com
2	assay.1plus1.ua	2plus2.ua
2	player.adtcdn.com	2plus2.ua
2	fonts.googleapis.com	2plus2.ua api.1plus1.video
1	id5-sync.com	player.adtcdn.com
1	c.bing.com	1 redirects
1	www.gstatic.com	www.google.com
1	dm-eu.hybrid.ai	2plus2.ua
1	dsp-trk.eskimi.com	2plus2.ua
1	go.rcvlink.com	2plus2.ua
1	s.uuidksinc.net	2plus2.ua
1	t.trafmag.com	2plus2.ua
1	adservice.google.com.tr	securepubads.g.doubleclick.net
1	1x1.a-mo.net	2plus2.ua
1	sync.adtelligent.com	2plus2.ua
1	www.google.co.uk	2plus2.ua
1	onetag-sys.com	player.adtcdn.com
1	adtelligent-d.openx.net	player.adtcdn.com
1	bidder.criteo.com	player.adtcdn.com
1	ghb1.adtelligent.com	player.adtcdn.com
1	prebid-eu.creativecdn.com	player.adtcdn.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.clarity.ms	2plus2.ua
1	script.crazyegg.com	www.googletagmanager.com
0	hbopenbid.pubmatic.com Failed	player.adtcdn.com
0	prebid.a-mo.net Failed	player.adtcdn.com
0	fastlane.rubiconproject.com Failed	player.adtcdn.com
0	ads.adnuntius.delivery Failed	player.adtcdn.com
306	69

This site contains links to these domains. Also see Links.

Domain
a4p.adpartner.pro
1plus1.video
1plus1.ua
tsn.ua
plus-plus.tv
tet.tv
1plus1.international
biguditv.com
www.unian.net
paramountcomedy.com.ua
tv.kyivstar.ua
media.1plus1.ua
sales.1plus1.digital
www.facebook.com
www.youtube.com
twitter.com
plus.google.com
vb.me
t.me

Subject Issuer	Validity	Valid
2plus2.ua R3	`2022-03-21` - `2022-06-19`	3 months	crt.sh
*.1plus1.video Go Daddy Secure Certificate Authority - G2	`2021-10-22` - `2022-08-14`	10 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-17` - `2022-07-16`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
assay.1plus1.ua R3	`2022-03-10` - `2022-06-08`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.hit.gemius.pl Sectigo ECC Domain Validation Secure Server CA	`2021-09-08` - `2022-09-25`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
adpartner.pro R3	`2022-03-31` - `2022-06-29`	3 months	crt.sh
player.adtelligent.com R3	`2022-03-21` - `2022-06-19`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-02-09` - `2022-05-10`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-02-27` - `2023-02-27`	a year	crt.sh
ghb.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2022-04-07` - `2022-07-06`	3 months	crt.sh
a.clarity.ms Microsoft RSA TLS CA 01	`2021-07-27` - `2022-07-27`	a year	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-17` - `2023-04-12`	a year	crt.sh
ghb1.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2022-04-10` - `2022-07-09`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-11` - `2022-07-07`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.admixer.net Sectigo ECC Domain Validation Secure Server CA	`2021-11-16` - `2022-12-17`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-10` - `2023-01-03`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
www.google.co.uk GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.a-mo.net Amazon	`2021-08-10` - `2022-09-08`	a year	crt.sh
*.google.com.tr GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.trafmag.com Sectigo RSA Domain Validation Secure Server CA	`2021-06-10` - `2022-06-22`	a year	crt.sh
uuidksinc.net R3	`2022-03-21` - `2022-06-19`	3 months	crt.sh
*.rcvlink.com Thawte RSA CA 2018	`2021-10-01` - `2022-10-01`	a year	crt.sh
*.eskimi.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2022-04-14` - `2023-05-15`	a year	crt.sh
*.hybrid.ai Sectigo RSA Domain Validation Secure Server CA	`2020-07-07` - `2022-10-05`	2 years	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-11` - `2022-07-13`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.id5-sync.com R3	`2022-03-08` - `2022-06-06`	3 months	crt.sh

This page contains 32 frames:

Primary Page: https://2plus2.ua/
Frame ID: 2932CC31CBB3235B1BFA7D83769A6226
Requests: 134 HTTP requests in this frame

Frame: https://1plus1.video/video/embed/12XPPTDu?autoplay=0&l=ua&logo=plus2
Frame ID: 45950B485707046593CF2E42DDD485BB
Requests: 44 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tt?time=0&apuid=undefined&session_pageview=1&session_id=edf12791-999c-4c6e-9a82-476e30e6bffd&site_visited=1&location=https%3A%2F%2F2plus2.ua%2F&referer=
Frame ID: 8D97F345FB6B770272DA74B0A2DAE6F3
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/vunit/ls?vunit=1412&bannerNum=43046749553641760&apuid=d7d48cc1-6e44-4292-b809-7a99e28e983f&session_pageview=1&session_id=edf12791-999c-4c6e-9a82-476e30e6bffd&site_visited=1&location=https%3A%2F%2F2plus2.ua%2F
Frame ID: D86DF2A822FC1C46C2C7AD3136C0FF89
Requests: 3 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: 60B5B170FC3E0AE5F01D3CC25F95D41E
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522d7d48cc1-6e44-4292-b809-7a99e28e983f%2522%252C%2522event%2522%253A%2522load%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2067646%252C%2522rule_id%2522%253A184166%252C%2522show_id%2522%253A%25223adcde4e-2611-4c81-a0f3-9146a61fbb25%2522%257D%255D%252C%2522unit_id%2522%253A1412%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%25223adcde4e-2611-4c81-a0f3-9146a61fbb25%2522%252C%2522url%2522%253A%2522https%25253A%25252F%25252F2plus2.ua%25252F%2522%257D
Frame ID: DEB5F8C5D0B9337DE714F7346C30C01E
Requests: 1 HTTP requests in this frame

Frame: https://476a1c182686a12c4c773233b90813f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 656D67580DDF5D85E13F0C50E97CAEE5
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%22d7d48cc1-6e44-4292-b809-7a99e28e983f%22%2C%22event%22%3A%22load%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A965093%2C%22cost%22%3A0.000859951%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%223e2d6bba-85f5-49f6-b7ce-6322715babdc%22%7D%2C%7B%22ad_id%22%3A965090%2C%22cost%22%3A0.000810185%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%224de889b5-1fb9-49b4-8cf5-b813b7d4501b%22%7D%2C%7B%22ad_id%22%3A987710%2C%22cost%22%3A0.000543109%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22c825b40e-22d7-4537-b8fc-32c0c190ef49%22%7D%2C%7B%22ad_id%22%3A989137%2C%22cost%22%3A0.000528751%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%228e72179c-ef48-48f4-b0f4-bdcb955921cb%22%7D%5D%2C%22unit_id%22%3A7803%2C%22region_id%22%3A112%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252F2plus2.ua%252F%22%7D
Frame ID: F28A91A77C00898E89793C57AA035DCF
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 53A77512FCD6ACF2748A613DC75CCF74
Requests: 1 HTTP requests in this frame

Frame: https://476a1c182686a12c4c773233b90813f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 5ED16FDEB49D1DFEC4AD6301A56980E4
Requests: 15 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs
Frame ID: BEA0DC54CC05F8173555CF9835733BC2
Requests: 12 HTTP requests in this frame

Frame: https://476a1c182686a12c4c773233b90813f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 267707AD67A36A3C353E369FEAEBA0A3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP3nKBC3mejsAhiB15WzATAB&v=APEucNWAsUl0Ffk8UdBkogRmh5AXVns9tA0kHsdurxwtBZ9tzvinYqu2bUUsdmihZls0CJU5MTyIef7kFz6-0sUB2o4CFC3e0HstsGQux8WN9dJpmN3BTyrXtcjEoK43uTcTRumUbbVj7JkSwtjclmgkQddfxosuy_4ZvMwVLIgRJjwG3pSzr3E
Frame ID: A54AEBDF0D5A4893E2D1DEE233D55F06
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C3OtFTHk_LzdNYCPU66Z_hpKFv4hyb7h4HrxjWhCk_WFx73K8WJMffedpZHo6ca8ewlEwMAymINwb70K0hoqVjpSpBYLfc56ZG4MuGTwHfqrL3BQkBvaSM7LXrr3bSCVreKBWRAy79eOIfeikKqKJpnt0-1A&dbm_d=AKAmf-BnAGh1j-ohU50OrbmusU894T-uXT8LhqkNb6_GyLN88bRWvU6fFvdz127iKdHpk9qVMg7XOpXps3cnQsxiQHQdC6oSQ95cg_xl7c0elqmQQ-D_kX7L67lVU9WVT2nFi7avLnnR0lKMxvs1cRDmyJsSLv_NBu9FDPqgZT5xjnVHON3819pGiJlZAllnnaBjRy47l1J2NQcAAnpw9FdQd35ZT-6TQ8XeX-WuccLoaNDknpLQ9Go8Vna8NzNXzwmasFqERPHP2UQmOZ-WQSvblR4OFbePFCuciCF8fC9gvw09K3a8mYA1cgumyMIfIxfZYfy1DMJjUUxpTrAEkzldNxz-uf7EfSWeeP1IjjmhHYp5S-CX7vMe_eZhKn4YPvugAfttaps64gWfT2__u453k9bRDQ-uLFMIbCVqwBYIto0Z95uTIjABOE07oyEFPhSEhmaijZVe4QVOwqhLdXf6YiilhcKJPr0xcwog1bF5-AngZRoDH2VhbTRimM1QNqVx08BG7e_X-ukKe7ldDLArFEYrUig5n2IQcf--D8KBwSBTjYAuEtRbSzDyj-VtGe_v3pVzyyeoqqxSztbw6EtEXf2EovVWbFis8g8bnYXCX8nTZifPNciPfm3tZYBfU-sSRcQnaskxhKChQn3lCgcjt_gR14Q0h5qEHgZBk9LonS3p5uEXYWjosrH5R3sJvpgrqJQCMRlYjE7BdTH9JquwMVaZi3_3pWz-LFvI-ndvuuF-FMZLQNnhk82pb-Qinxqs0Em017pouckU7OVjtCjoWgzzHz-b9704Y-JdrZpeSi0f5JabgJBDnVDv-wwTGh7jyLEg_GGKL-Gi6ULbnNDEB9fHpbUal4pnKQqNZJXZ8a_FhWK1BHKuhg2H8kLI20UTa3XGcNfBS73gUzTTiiHa5EoiEwvTbrJUaGNtOw8YIPGcqAnHgS1i36Zgjzog6L_Z1XfIjmrLMMdUw48wCp09lb5y9HkbaX1KrMULFS9M0r_G-YtVQz1kir9KAdq4yCh3zEq9slv901sSfxpgM81-aMgGtJ35iQZ5DWL3J8k9hj0eHLFfgOI0IV-Da-SqfjNsPFMZlSK7Hyo1VNjKxkVP7ICRwpB2AirdiDpC4f9-nb33Ft8XrzS8IDfUtD-w3prSSgn2mlsSfm-7ev-tMilaCXApgGD4PNNNAOqM6snEADB-FjzaMdTjV4nSNLYXcUA8T8uPhvWkN5pCQ4C0n8B8Pj-VudVDHLjnw-CJG0h0u8XkiidLMEwxEpp4mYHAfBv-q6xJuHhSdAy8ifcJCGBZkVoNutF5m8k9n2Do5Z1-Z7UaX6cNrxnJZ8SLjf2Eg9vhfEUlYgGbXr8k4vMxcLgASkQXw-j5FEaR62awmGuijHs5iuoA-MqVaG51J79p-Gq4PSraa8xaByKzH-ryKzWRH4A_OKwuaeFWDRE2JboahQv_Lf77LUjD4EZR-TZ2kOfUdyARN7rcWS5u8Ru7MDVnRu4xEAuORYKqWFeP_j6kuMPy6MheUdT70Czcc77gF01MIulqB7hrPyPsfwMPzZEbAE1ZUEAYshb2rfEK2KlPxvFmlqxODdDpyHfxk1D5NrtSyrs9gEL--dvdYADsh_04nwaa2EGps6dOJJNjMUlHJckGB3S15_QlWXBXZlv-M53G9xvHmDTE6cHYLRvHIX9SG8cP86Ogd0X9pIo4dOmEc81mwB3OOlgi3teUn4oin_m-PFu4jMcjzRI9M6jTJeTH26apFy-oZf0D6-K323PGv_o6p8GXinYmbmsqquxoMXEJ7WT28CNG2uVmY7DQaz9ZvowKpcDDD0XJja_U2AzBU5zxRsBvyziutcUtCmxGLEE0X809etoNW0wl8vUBGoA21-bD89XovKezQSaHVWMs_N3WgFP4ysVYf70TBTuE-YPFwk-OQSJ0lUXVAuW2F4Ts5eYBceGQo413WUF8f5T_xTgt26EBJK3vSgqotcF38cVJVvt-qyhAcFuGoWIVJhhIpeiFO4eS0AwQk0DXoYBhiiFS4q_v2C0sBFjWPLBIgdZa7AvLy_wKnA-oXoqG5luQ2G_nURjaiUtAZxIh6zNJBIU24QCGyIbivBvM5tkQfU0wtjCMwJwYmbz4sQhvFGXZ8mtCRyz3orxAetvXk37F_6k3QBqgJuB_Py0aaPDUjKLhMVISIOSISeIbXuEpbY9Jfj9mW8WPrx-1acTu1bsQKrLRlBg0gjlET0DlbF9L2wluD-g9CmOLvJp27zZU3PNHeMcvG1rdPMdCZcei-to92DcECOi7KjiTh_2oJmYkwOwumIiyDVfTC2P2craxfWzHVsAWWRN7g4CBE399WlNUqS2hSq0JbTbOn537eXZ48LIabZqidp8s7ckqLX7PMdSU37Db7BvXvY1tZdJDvg4HcyWxuPQWXx-i6cs0ao24iAup99cLGi7RWEphcqv3xnIzwWkqDAdPkj1aUPA2cqeQMi7IuxP2zQT4q69VJds1lzHZakybOU8rWnS0kezqK91dwZxcpmlyb_z_SPCdxZp1uDOOD0r06GcsiDrsP2YbIB0PRXbofmGfPKj-7s2YSSnC1Uv14so3G286VG-cMR0fF0hKNNH4XmxYMLK7WBo6yHjGlh9qiCzcnIJN2DCre-O3NjZtlA-1GglAcUFhcs_SLJ0TM6RQ9mNXgg4s6gxe308C53eJL32Dz2JNNmVHfEhiSHiA2O20caDCbJ4j6rD6SyaFEgZBOppNF3xN6xODwgPZWsOqh7SolSVPcIceJEuca_zHVqb96o8TnCCwQqBg4_NCMNj2oSza_Y2F71EZRrJYBjiwiw0cTIhkKYnwVEek_AKIguk4lfjahk222eJzkM3axW7UoXN3pb-LLlih0269cBDVdlpjEgxtFOoVhB6RuN6RNTOkQFMn74RhXCSqPybGBue-CLINhi7H-PYVO4CuxfDz6ADCcObA6aL3KA7_NP5y-lxU_07FS_fuXEKwjn9j8NfP3-Xp4VREpOc1dhy_08lWxZEjzjcPMmDTTblP4rX4zczUhr3rcAf3Qw2Xyt51PsaP6oZMGlkscX_DaJ4n9mUi4kM06ovgEvgJX10p5pYVgJ7O8Gvw_fI6oWRXa9uNv0lVVMM4kjEFUuVmDaS3zwpEmlw0bxz5bToOBuhqj0VQranSqAM-yQrKyJqvaqL6CNxn0hcyQ6BhdQys8zcnkv4NDO2kdrAQJj7RPyXRG6Pj1khMD4dj9ehX8iorizgsFHQhD1apwyqodaW8-6aoaTTM-CjL9CjgMLc-A0YGYul_YIvpwcjoMpKh_mJkc8tMBbJass8VqLthgkmxF7ZhMtUAoyZIooIX09HskhR9PTxC8TqHsg&cid=CAQSLgCNIrLMe6jhWf3nwTas_SqRWkKId_U1i462VEI6okJYTx2st3maIPiJXoFFHRMYAQ&rfl=2%2Chttps%253A%252F%252F2plus2.ua%252F%240
Frame ID: 47E3A52E782D0B1BE7B8293A76D5A769
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP3nKBC3mejsAhiI15WzATAB&v=APEucNXFSLkXj5LlauaFBRMg777vTMJ_t_FQOHlF5X3vJxfwyeVKvCKZeHBQu8wqiC7TL_6mpQRYDmE3scJUY4TkDti1kG4JppFmhbRGAE7jXwFqlyOxJ4xV78Con73N0DBV_CnkVsGAAgQ2QrmDQuRNqjxyBb-or7MA77jBg1hsJ95UsvNuEW8
Frame ID: DF0A2EEA60D52423E8EEB06CA9DE7291
Requests: 5 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: 3A64CF68CFFF275E77AFA7E5A21B09FD
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.512.0_uk.html
Frame ID: 17BED7F05C5B9C07E122A0E9BDA79E92
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 87C1DEDA0ACA3A45D975E0074BED3B01
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 35C78905A2853FA4C6A9EB778745B621
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 2FAF172F0F28461364CEEA137C1934F6
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/4537377904274702336/980x90/creative.html?e=69&leftOffset=0&topOffset=0&c=ylLLqaiUMC&t=1&renderingType=2&ev=01_247
Frame ID: D093F5202AA75769139E2F3E780E74B4
Requests: 22 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/13257486755633823744/creative.html?e=69&leftOffset=0&topOffset=0&c=98EVoVlnAK&t=1&renderingType=2&ev=01_247
Frame ID: C9871396F0061A5038C88FB6E0E0D8BD
Requests: 21 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=2plus2.ua
Frame ID: 275FC3FDA2C6229A532A51D717A5B640
Requests: 2 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%22d7d48cc1-6e44-4292-b809-7a99e28e983f%22%2C%22event%22%3A%22ad_iab_show%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A965093%2C%22cost%22%3A0.000859951%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%223e2d6bba-85f5-49f6-b7ce-6322715babdc%22%7D%5D%2C%22unit_id%22%3A7803%2C%22region_id%22%3A112%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252F2plus2.ua%252F%22%7D
Frame ID: 78963C6CA0F1B4AF7869081A923E1C7D
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%22d7d48cc1-6e44-4292-b809-7a99e28e983f%22%2C%22event%22%3A%22ad_iab_show%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A965090%2C%22cost%22%3A0.000810185%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%224de889b5-1fb9-49b4-8cf5-b813b7d4501b%22%7D%5D%2C%22unit_id%22%3A7803%2C%22region_id%22%3A112%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252F2plus2.ua%252F%22%7D
Frame ID: EA3B81E1ECECAE713054A6B2E4054ADC
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%22d7d48cc1-6e44-4292-b809-7a99e28e983f%22%2C%22event%22%3A%22ad_iab_show%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A987710%2C%22cost%22%3A0.000543109%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22c825b40e-22d7-4537-b8fc-32c0c190ef49%22%7D%5D%2C%22unit_id%22%3A7803%2C%22region_id%22%3A112%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252F2plus2.ua%252F%22%7D
Frame ID: BAF049B5004B82E2EB19B250488D0D0A
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%22d7d48cc1-6e44-4292-b809-7a99e28e983f%22%2C%22event%22%3A%22ad_iab_show%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A989137%2C%22cost%22%3A0.000528751%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%228e72179c-ef48-48f4-b0f4-bdcb955921cb%22%7D%5D%2C%22unit_id%22%3A7803%2C%22region_id%22%3A112%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252F2plus2.ua%252F%22%7D
Frame ID: EBBA79318437317B139D2A79FC2F9B69
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%22d7d48cc1-6e44-4292-b809-7a99e28e983f%22%2C%22event%22%3A%22unit_iab_show%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A965093%2C%22cost%22%3A0.000859951%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%223e2d6bba-85f5-49f6-b7ce-6322715babdc%22%7D%2C%7B%22ad_id%22%3A965090%2C%22cost%22%3A0.000810185%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%224de889b5-1fb9-49b4-8cf5-b813b7d4501b%22%7D%2C%7B%22ad_id%22%3A987710%2C%22cost%22%3A0.000543109%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22c825b40e-22d7-4537-b8fc-32c0c190ef49%22%7D%2C%7B%22ad_id%22%3A989137%2C%22cost%22%3A0.000528751%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%228e72179c-ef48-48f4-b0f4-bdcb955921cb%22%7D%5D%2C%22unit_id%22%3A7803%2C%22region_id%22%3A112%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252F2plus2.ua%252F%22%7D
Frame ID: BB1A6B7C64DF1FB300D4C844DB900292
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/L40_bwVzlW8spCJYIlxRfazkqz_naZf8jNC5QLvZgqM.js
Frame ID: DDE4B03F713C688DCEDFD84699EB442E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/L40_bwVzlW8spCJYIlxRfazkqz_naZf8jNC5QLvZgqM.js
Frame ID: 6BCEE80752FD2E5411BF8C1DD60E0E3C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DB09FF961CA7DEB9F1E061F01A5FBEF8
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 49A059AD5F6C7982148EF0E3250270FD
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

2+2 - Офіційний сайт каналу онлайнKyivstar

Page URL History Show full URLs

http://2plus2.ua/ HTTP 301
https://2plus2.ua/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Crazy Egg (Analytics) Expand

Overall confidence: 100%
Detected patterns

script\.crazyegg\.com/pages/scripts/\d+/\d+\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Gemius (Analytics) Expand

Overall confidence: 100%
Detected patterns

hit\.gemius\.pl/xgemius\.js
hit\.gemius\.pl
xgemius\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Matomo Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

piwik\.js|piwik\.php

Mouse Flow (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.mouseflow\.com

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

owl\.carousel.*\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)/jquery-ui(?:\.min)?\.js
jquery-ui.*\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

306
Requests

89 %
HTTPS

46 %
IPv6

48
Domains

69
Subdomains

59
IPs

12
Countries

7261 kB
Transfer

12990 kB
Size

60
Cookies

28 Outgoing links

These are links going to different origins than the main page.

URL: https://a4p.adpartner.pro/click/7803/965093/10700345-8a60-420c-830a-4d8cec6d525e?data=eyJjcmVhdGVkX2F0IjoxNjUxNTY5NjEzLCJzaG93X2lkIjoiMTA3MDAzNDUtOGE2MC00MjBjLTgzMGEtNGQ4Y2VjNmQ1MjVlIiwiYWRfdW5pdF9pZCI6NzgwMywicnVsZV9pZCI6MCwiYWRfaWQiOjk2NTA5MywiZGF0YV9zb3VyY2UiOiJhcHAtbWVkaWEtcGwtMjA6dGl6ZXJfYWQiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZDdkNDhjYzEtNmU0NC00MjkyLWI4MDktN2E5OWUyOGU5ODNmIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ==&hash=d794e3df78df29c8d37056d2600a00fe
Title: 2 иностранных языка за месяц!Раскрыт секрет быстрого изучения языков!подробнее

Search URL Search Domain Scan URL

URL: https://a4p.adpartner.pro/click/7803/965090/318e9d91-00e6-4eb6-9e15-2571fc353a2a?data=eyJjcmVhdGVkX2F0IjoxNjUxNTY5NjEzLCJzaG93X2lkIjoiMzE4ZTlkOTEtMDBlNi00ZWI2LTllMTUtMjU3MWZjMzUzYTJhIiwiYWRfdW5pdF9pZCI6NzgwMywicnVsZV9pZCI6MCwiYWRfaWQiOjk2NTA5MCwiZGF0YV9zb3VyY2UiOiJhcHAtbWVkaWEtcGwtMjA6dGl6ZXJfYWQiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZDdkNDhjYzEtNmU0NC00MjkyLWI4MDktN2E5OWUyOGU5ODNmIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ==&hash=22310bd63b72e2afac1db921e08618e3
Title: Английский – уроки для начинающих50 уроков для изучения английского языка самостоятельно +слова/произношениеподробнее

Search URL Search Domain Scan URL

URL: https://a4p.adpartner.pro/click/7803/987710/aa309671-8e36-4b32-b9a8-f0be2dced314?data=eyJjcmVhdGVkX2F0IjoxNjUxNTY5NjEzLCJzaG93X2lkIjoiYWEzMDk2NzEtOGUzNi00YjMyLWI5YTgtZjBiZTJkY2VkMzE0IiwiYWRfdW5pdF9pZCI6NzgwMywicnVsZV9pZCI6MCwiYWRfaWQiOjk4NzcxMCwiZGF0YV9zb3VyY2UiOiJhcHAtbWVkaWEtcGwtMjA6dGl6ZXJfYWQiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZDdkNDhjYzEtNmU0NC00MjkyLWI4MDktN2E5OWUyOGU5ODNmIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ==&hash=b5f16309e91f24ef711506ccc6ce9719
Title: Английский язык бесплатноУроки английского языкаподробнее

Search URL Search Domain Scan URL

URL: https://a4p.adpartner.pro/click/7803/989137/85f337dd-8e5a-4514-8c95-48b3e61b39bf?data=eyJjcmVhdGVkX2F0IjoxNjUxNTY5NjEzLCJzaG93X2lkIjoiODVmMzM3ZGQtOGU1YS00NTE0LThjOTUtNDhiM2U2MWIzOWJmIiwiYWRfdW5pdF9pZCI6NzgwMywicnVsZV9pZCI6MCwiYWRfaWQiOjk4OTEzNywiZGF0YV9zb3VyY2UiOiJhcHAtbWVkaWEtcGwtMjA6dGl6ZXJfYWQiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZDdkNDhjYzEtNmU0NC00MjkyLWI4MDktN2E5OWUyOGU5ODNmIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ==&hash=5768960217ea9d5769e997ad94a3b1c8
Title: Онлайн уроки английского50 уроков - для изучения английского языка совершенно буеплатно!подробнее

Search URL Search Domain Scan URL

URL: https://1plus1.video/groshi
Title: Гроші

Search URL Search Domain Scan URL

URL: https://1plus1.video/sekretnye-materialy
Title: Секретні матеріали

Search URL Search Domain Scan URL

URL: https://1plus1.video/speckor
Title: Спецкор

Search URL Search Domain Scan URL

URL: https://1plus1.video/zateryannyj-mir
Title: Загублений світ

Search URL Search Domain Scan URL

URL: https://1plus1.video/dzhedai-voiny-dorog
Title: ДЖЕДАІ

Search URL Search Domain Scan URL

URL: https://1plus1.ua/

Search URL Search Domain Scan URL

URL: https://tsn.ua/

Search URL Search Domain Scan URL

URL: http://plus-plus.tv/

Search URL Search Domain Scan URL

URL: https://tet.tv/

Search URL Search Domain Scan URL

URL: https://1plus1.international/

Search URL Search Domain Scan URL

URL: https://biguditv.com/

Search URL Search Domain Scan URL

URL: https://www.unian.net/

Search URL Search Domain Scan URL

URL: https://1plus1.video/

Search URL Search Domain Scan URL

URL: https://paramountcomedy.com.ua/

Search URL Search Domain Scan URL

URL: https://tv.kyivstar.ua/ua/
Title: Kyivstar

Search URL Search Domain Scan URL

URL: https://media.1plus1.ua/ua/hr
Title: Кар'єра

Search URL Search Domain Scan URL

URL: https://media.1plus1.ua/ua/media/channels/problems
Title: Технічний розділ

Search URL Search Domain Scan URL

URL: https://sales.1plus1.digital/
Title: Реклама

Search URL Search Domain Scan URL

URL: https://www.facebook.com/2plus2.ua

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC0rUcXe-tsu_MA33brxjDNg?sub_confirmation=1#utm_source=1plus1&utm_medium=social-button-header&utm_campaign=youtube

Search URL Search Domain Scan URL

URL: https://twitter.com/2plus2tvchannel

Search URL Search Domain Scan URL

URL: https://plus.google.com/+2plus2TVchannel

Search URL Search Domain Scan URL

URL: https://vb.me/2plus2

Search URL Search Domain Scan URL

URL: https://t.me/channel2plus2

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://2plus2.ua/ HTTP 301
https://2plus2.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 70

https://cdn.mouseflow.com/projects/960ccfd6-74cb-4236-9230-f2f5d1c9d1c7.js HTTP 301
https://cdn.mouseflow.com/projects/960ccfd6-74cb-4236-9230-f2f5d1c9d1c7_eu.js

Request Chain 86

https://gaua.hit.gemius.pl/_1651569613172/rexdot.js?l=100&id=nGhLmYBVmH9lDxK8n6qDIKPertEG4oNkPFAhnpWOfo3.H7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2F2plus2.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=253&lsdata=tm7LCtvZ0enAbRpYs8W1qNXvvsmlfxf6Z9AUMP_NvyH.97w_ihXOQxGUYQ2QxqJQneDEX2Nov88kvKupi6IdTXNtxZcD/LVNbCBSAih.ni/&fpdata=i4PWg3A1Dd5Y9VdlFp6CTPO.d6VXRPK9.szL4jZVymn.g7&vis=1&fpcap= HTTP 301
https://gaua.hit.gemius.pl/__/_1651569613172/rexdot.js?l=100&id=nGhLmYBVmH9lDxK8n6qDIKPertEG4oNkPFAhnpWOfo3.H7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2F2plus2.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=253&lsdata=tm7LCtvZ0enAbRpYs8W1qNXvvsmlfxf6Z9AUMP_NvyH.97w_ihXOQxGUYQ2QxqJQneDEX2Nov88kvKupi6IdTXNtxZcD/LVNbCBSAih.ni/&fpdata=i4PWg3A1Dd5Y9VdlFp6CTPO.d6VXRPK9.szL4jZVymn.g7&vis=1&fpcap=

Request Chain 107

https://pbjs.e-planning.net/pbjs/1/2e43c/1/2plus2.ua/ROS?rnd=0.39885061471669414&e=2000x1300_0%3A2000x1300%2B300x250_0%3A300x250%2B300x600_0%3A300x600%2B1440x180_0%3A1440x180&ur=https%3A%2F%2F2plus2.ua%2F&pbv=6.7.0-pre&ncb=1&vs=FFFF&crs=UTF-8&fr=https%3A%2F%2F2plus2.ua%2F&e_pubcid=0ed01618-9e8e-4813-a642-9d56efcbd391 HTTP 302
https://pbjs.e-planning.net/hb/1/2e43c/1/2plus2.ua/ROS?ct=1&r=pbjs&rnd=0.39885061471669414&e=2000x1300_0%3A2000x1300%2B300x250_0%3A300x250%2B300x600_0%3A300x600%2B1440x180_0%3A1440x180&ur=https%3A%2F%2F2plus2.ua%2F&pbv=6.7.0-pre&ncb=1&vs=FFFF&crs=UTF-8&fr=https%3A%2F%2F2plus2.ua%2F&e_pubcid=0ed01618-9e8e-4813-a642-9d56efcbd391

Request Chain 118

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=d7d48cc1-6e44-4292-b809-7a99e28e983f

Request Chain 129

https://px.adhigh.net/p/cm/adpdigital HTTP 302
https://px.adhigh.net/p/cm/adpdigital?bounced=1

Request Chain 131

https://ads.betweendigital.com/match?bidder_id=44025&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D47%26user_id%3D%24%7BUSER_ID%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=44025&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D47%26user_id%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
https://a4p.adpartner.pro/ssp/match?dsp_id=47&user_id=c6c01f59-0eb9-527b-8bda-97afe9aa6462

Request Chain 132

https://ads.betweendigital.com/match?bidder_id=44053&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D57%26user_id%3D%24%7BUSER_ID%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=44053&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D57%26user_id%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
https://a4p.adpartner.pro/ssp/match?dsp_id=57&user_id=c6c01f59-0eb9-527b-8bda-97afe9aa6462

Request Chain 133

https://exchange.buzzoola.com/cookiesync/redirect/adpartner?redirect_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D63%26user_id%3D%24%7BUUID%7D HTTP 301
https://a4p.adpartner.pro/ssp/match?dsp_id=63&user_id=669034d5-660d-4318-5e63-7e07298bb191

Request Chain 134

https://exchange.buzzoola.com/cookiesync/redirect/adpartner?redirect_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D64%26user_id%3D%24%7BUUID%7D HTTP 301
https://a4p.adpartner.pro/ssp/match?dsp_id=64&user_id=f9a8a3c6-b43f-49b2-4c96-744e1c966f30

Request Chain 135

https://a4p.adpartner.pro/ssp/match?redirect=https://inv-nets.admixer.net/adxcm.aspx?ssp=5942A2DB-845D-4521-B8C1-8F2E4FE4D122&id={user_id} HTTP 302
https://inv-nets.admixer.net/adxcm.aspx?ssp=5942A2DB-845D-4521-B8C1-8F2E4FE4D122

Request Chain 179

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 201

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOrkWv5e5bfwn0NBPRX6sMc&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOrkWv5e5bfwn0NBPRX6sMc&google_cver=1&C=1

Request Chain 202

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YnDzzkGTbhl1xl25GTGmOwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOrkWv5e5bfwn0NBPRX6sMc&google_cver=1

Request Chain 203

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEG4j_CuWrzNBZZCWVfISKwg&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEG4j_CuWrzNBZZCWVfISKwg%26google_cver%3D1

Request Chain 204

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODYxODgzOTEzOTA2NTM1MzQ1Nw%3D%3D

Request Chain 205

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOrkWv5e5bfwn0NBPRX6sMc&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOrkWv5e5bfwn0NBPRX6sMc&google_cver=1&C=1

Request Chain 206

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YnDzzkGTbhl1xl25GTGmOwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOrkWv5e5bfwn0NBPRX6sMc&google_cver=1

Request Chain 207

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEG4j_CuWrzNBZZCWVfISKwg&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEG4j_CuWrzNBZZCWVfISKwg%26google_cver%3D1

Request Chain 208

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjczNjI1MDI5Mzg0MjI3NjU1NA%3D%3D

Request Chain 255

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=CC75FAD5CCD84471958AA0AC9F673801&RedC=c.clarity.ms&MXFR=2E142F1DC9F56BE135993E84CDF5651D HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=CC75FAD5CCD84471958AA0AC9F673801&MUID=03F5168D576463DB3710071456076267

Request Chain 289

https://gum.criteo.com/sid/json?origin=publishertag&domain=2plus2.ua&sn=ChromeSyncframe&so=0&topUrl=2plus2.ua&cw=1&lsw=1&topicsavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=Xt91V3x6cFRuN1lnbjBJZmNraHpnQVRQVWFyTXdRSGV1ZU9ucWt0MXlMSDFjQnFWZlhpUFBoZlg1eUg0em0wWHBQak9lUStlYWFyL2RVWkVScnpxblFoN1Iyb3FUUTBiZjRGYUlPTEhBV0VlUVkwWktsc3hScldBUmV5V0d1MDc1dGM1bGVqWnZlZFBHdksrZ3pJZG8rYmVRN1h4U0Q5T1FBUXlQY056RGJBSXV5N21Mb3lrSGxZZWc5c01KRURzaFpmaWJnRURNZGduWlVUa3hzTmRESHFOR1BMUFZQSVpKekFnWWFkKytvWkcrblRGYXAxeGZSb21XT3JSbW5PUnlHUXRrbGlRUk1DeW1nZE1QMklrMHNQQjFMZz09fA&cppv=2

Request Chain 303

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2F2plus2.ua%2F&domain=2plus2.ua&cw=1&pbt=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=v__rKXwwd0Y1SDJ0REJWdUNvaEkyNmZuV0tlYzdNTVZibC8yejBJbUhTN1lHc0pOU0JoNzZZdnFKRjMyQVhCbzhudE1Odzg1QlVuekNselNFQmRWWEpJaklGemg0T3B3ZEtUb3BFdjVtM2thK1gwdmFkWkRFRkVTaDJUQWl0TmlXRWpDa0xkdmF1KytrWVZKbkhHQ0FyeHFQS0kxdmk1bTVSa2JpWWhuWHk1dzVXSGdUZmdKcmVGZnVpMG55OGkrZDNETEZPVXRpSEVESmFiY3loWU93MU5IMVVoUFpiV0d0T051dEdZR1ZuekIxT3dEQjAxUEVVSzN6TVVxMFlHUFpCMmJSbkRxb2RpWnZzb0V1ZjFBNSthSmljUT09fA&cppv=2

306 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
2plus2.ua/
Redirect Chain

http://2plus2.ua/
https://2plus2.ua/

128 KB
30 KB

514ms
310ms

Document
text/html

195.137.240.82
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://2plus2.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.82 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front02.1plus1.ua
Software: nginx /
Resource Hash: ea578146e0253fda18cc798dd3eda36a7a8a96343162e14f78c2556c644b4faf

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Cache-Control: no-cache, private
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Tue, 03 May 2022 09:20:12 GMT
Keep-Alive: timeout=15
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

Redirect headers

Connection: keep-alive
Content-Length: 178
Content-Type: text/html
Date: Tue, 03 May 2022 09:20:11 GMT
Keep-Alive: timeout=15
Location: https://2plus2.ua/
Server: nginx

GET
H/1.1 200
OK app.css
2plus2.ua/css/ 163 KB
34 KB 71ms
71ms Stylesheet
text/css 195.137.240.82
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://2plus2.ua/css/app.css?id=0d35840da3ccf68354bf
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.82 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front02.1plus1.ua
Software: nginx /
Resource Hash: c8c9282bac0c52f3cb2d49215efe8727bb99da2e83220c8c7d40ddac223a39f3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 03 May 2022 09:20:12 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Apr 2022 12:23:46 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=1209600
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Tue, 17 May 2022 09:20:12 GMT

GET
H/1.1 200
OK codes-initialization.js Show response
2plus2.ua/js/ 2 KB
1 KB 140ms
67ms Script
application/javascript 195.137.240.82
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://2plus2.ua/js/codes-initialization.js?id=6995a6db18672037bb0c
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.82 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front02.1plus1.ua
Software: nginx /
Resource Hash: 0504d9f9a134a9acc6d5ffefacd131df9ed5ac7023d3c2aeecd48a4d0419a3e8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 03 May 2022 09:20:12 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Oct 2021 08:57:18 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=1209600
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Tue, 17 May 2022 09:20:12 GMT

GET
H/1.1 200
OK logo.svg
2plus2.ua/img/icons/ 574 B
883 B 201ms
67ms Image
image/svg+xml 195.137.240.82
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2plus2.ua/img/icons/logo.svg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.82 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front02.1plus1.ua
Software: nginx /
Resource Hash: d3fd91ee62256b439f81a02c678e02a4ac665a52642a475e1cec17e5959db19b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 03 May 2022 09:20:12 GMT
Last-Modified: Wed, 19 Sep 2018 09:53:34 GMT
Server: nginx
Content-Type: image/svg+xml
Cache-Control: max-age=1209600
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 574
Expires: Tue, 17 May 2022 09:20:12 GMT

GET
H2 200 c411dffa943b68289f529443936beb6f.jpg
images.1plus1.video/other-1/ 89 KB
89 KB 627ms
393ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/other-1/c411dffa943b68289f529443936beb6f.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: ffae8c08ef2ca5270a7b17fb5e855df2cf389d69b3b6d347be545def159c3ce6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:20:12 GMT
last-modified: Fri, 29 Apr 2022 09:02:42 GMT
server: nginx
etag: "c411dffa943b68289f529443936beb6f"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 90629
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 03 May 2022 09:20:12 GMT
expires: Tue, 10 May 2022 09:20:12 GMT

GET
H2 200 8be2db6ae74b495eecb11f20b9f10d21.jpg
images.1plus1.video/other-1/ 88 KB
88 KB 514ms
281ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/other-1/8be2db6ae74b495eecb11f20b9f10d21.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 2f488a23fe332868855dfba61081897ca435847b702c9a574fc5b6392513ab62

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:20:12 GMT
last-modified: Fri, 29 Apr 2022 08:10:34 GMT
server: nginx
etag: "8be2db6ae74b495eecb11f20b9f10d21"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 89630
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 03 May 2022 09:20:12 GMT
expires: Tue, 10 May 2022 09:20:12 GMT

GET
H2 200 ca1836bd902c6f0f23393c72cb6421af.jpg
images.1plus1.video/other-1/ 92 KB
92 KB 582ms
348ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/other-1/ca1836bd902c6f0f23393c72cb6421af.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: ffd4dc484943174781bcde95fc3eb8a447c4b210f31db0652aadbe21fae2fbe8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:20:12 GMT
last-modified: Fri, 29 Apr 2022 08:09:50 GMT
server: nginx
etag: "ca1836bd902c6f0f23393c72cb6421af"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 93803
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 03 May 2022 09:20:12 GMT
expires: Tue, 10 May 2022 09:20:12 GMT

GET
H2 200 9aed58140ddc43784c1811fb67b52eaa.jpg
images.1plus1.video/other-1/ 90 KB
90 KB 561ms
328ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/other-1/9aed58140ddc43784c1811fb67b52eaa.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 6ffa5fd683a8e61e0a4e754b3e49b86bb60102f2f8a49fe436246fe9f75cc056

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:20:12 GMT
last-modified: Fri, 29 Apr 2022 13:07:29 GMT
server: nginx
etag: "9aed58140ddc43784c1811fb67b52eaa"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 91669
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 03 May 2022 09:20:12 GMT
expires: Tue, 10 May 2022 09:20:12 GMT

GET
H2 200 e2861f1619973d76f56ed0df427c3c2d.jpg
images.1plus1.video/other-1/ 92 KB
93 KB 413ms
411ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/other-1/e2861f1619973d76f56ed0df427c3c2d.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 08c321615bfe65e41e8aef06d659058d5bbcf35c9d6e539962337833d7178b8a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:20:12 GMT
last-modified: Mon, 14 Mar 2022 09:09:43 GMT
server: nginx
etag: "e2861f1619973d76f56ed0df427c3c2d"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 94507
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 03 May 2022 09:20:12 GMT
expires: Tue, 10 May 2022 09:20:12 GMT

GET
H2 200 0eb822b4081c0a6cdbc9de5f0f4bc637.jpg
images.1plus1.video/other-1/ 22 KB
23 KB 419ms
216ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/other-1/0eb822b4081c0a6cdbc9de5f0f4bc637.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 69566e3a63a3cf817d7fac4b2d98606e1532f1f1a35d9eaa2e12af46c47696f8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:20:12 GMT
last-modified: Fri, 29 Apr 2022 04:50:16 GMT
server: nginx
etag: "94f59fd8f40755b2787d8f73e2c06f63"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 22898
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 03 May 2022 09:20:12 GMT
expires: Tue, 10 May 2022 09:20:12 GMT

GET
H2 200 6de8cd46fafe694d82523077b82fb064.jpg
images.1plus1.video/other-1/ 22 KB
22 KB 399ms
197ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/other-1/6de8cd46fafe694d82523077b82fb064.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 162494aa6881face214d38b96351f874a65216201f50e94761ca21808c0aa93f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:20:12 GMT
last-modified: Wed, 13 Apr 2022 17:04:07 GMT
server: nginx
etag: "d4e63aed867ec770d35150e553ced06c"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 22460
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 03 May 2022 09:20:12 GMT
expires: Tue, 10 May 2022 09:20:12 GMT

GET
H2 200 6af48d1f4be25e81380e1b6d3e68c416.315x280.jpg
images.1plus1.video/news-1/43230/ 38 KB
38 KB 464ms
261ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/news-1/43230/6af48d1f4be25e81380e1b6d3e68c416.315x280.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 7a880289fbfdd6a7934a97c21d72b7e05336862d40f60b63b7e006f1b5fa6ce4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:20:12 GMT
last-modified: Tue, 03 May 2022 07:45:11 GMT
server: nginx
etag: "6b0a36384cb511cf3b9c50da3c1a3a44"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 38498
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 03 May 2022 09:20:12 GMT
expires: Tue, 10 May 2022 09:20:12 GMT

GET
H2 200 7e6ebd11865357e6881fedf3176c56d5.315x280.jpg
images.1plus1.video/news-1/43233/ 33 KB
33 KB 333ms
131ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/news-1/43233/7e6ebd11865357e6881fedf3176c56d5.315x280.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 7f762d150b278fbad4b4bdbd0caf5635b9ecede82630ada5e7937c7af204c260

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:20:12 GMT
last-modified: Tue, 03 May 2022 08:15:19 GMT
server: nginx
etag: "a8c9195c7e7cd9f7eb84332c0e8cbecf"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 33994
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 03 May 2022 09:20:12 GMT
expires: Tue, 10 May 2022 09:20:12 GMT

GET
H2 200 d8b75150ef6c98e0696ecf43bc3b508e.315x280.jpg
images.1plus1.video/news-1/43227/ 21 KB
21 KB 473ms
471ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/news-1/43227/d8b75150ef6c98e0696ecf43bc3b508e.315x280.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 706b7830e41acd35a828939c9ce2d7702584ac798bb2977869a853e322fab7e6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:20:12 GMT
last-modified: Tue, 03 May 2022 07:20:25 GMT
server: nginx
etag: "b69c46c15848f4520e348e215c7cef9c"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 21357
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 03 May 2022 09:20:12 GMT
expires: Tue, 10 May 2022 09:20:12 GMT

GET
H2 200 a48ad0d35e6fde532408c814c88eba67.315x280.jpg
images.1plus1.video/news-1/43215/ 21 KB
21 KB 475ms
473ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/news-1/43215/a48ad0d35e6fde532408c814c88eba67.315x280.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: d58baaa76012a58d311450b536bb07e9f5140c57e0fe5283c573d097ac00e748

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:20:12 GMT
last-modified: Mon, 02 May 2022 22:11:56 GMT
server: nginx
etag: "f8d6ce7731314a233276524e08a59ba7"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 21194
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 03 May 2022 09:20:12 GMT
expires: Tue, 10 May 2022 09:20:12 GMT

GET
H2 200 4e021531d8a5911c13dcdaf87a35f7f2.315x280.jpg
images.1plus1.video/news-1/43209/ 18 KB
18 KB 475ms
473ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/news-1/43209/4e021531d8a5911c13dcdaf87a35f7f2.315x280.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: b6145297abbb7f5a058310058dac23d3cab9a55025b7bc5213fd21929e5950f2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:20:12 GMT
last-modified: Mon, 02 May 2022 15:03:53 GMT
server: nginx
etag: "d64ca963eae7af76f87f0f0fdc3a26a1"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 18544
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 03 May 2022 09:20:12 GMT
expires: Tue, 10 May 2022 09:20:12 GMT

GET
H2 200 5dbdc131ce55a0557a361151fec29243.315x280.jpg
images.1plus1.video/news-1/43191/ 31 KB
31 KB 389ms
387ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/news-1/43191/5dbdc131ce55a0557a361151fec29243.315x280.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: e42e9f3908b5c563f7d59e4853dfd44e543c1cd82d52b81a8800d943719d69ea

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:20:12 GMT
last-modified: Mon, 02 May 2022 14:54:08 GMT
server: nginx
etag: "c9effe653da1e58b084e5a6a8e68e5e1"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 31315
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 03 May 2022 09:20:12 GMT
expires: Tue, 10 May 2022 09:20:12 GMT

GET
H2 200 4588c9de10b2edb4adb8a9e397b9f254.315x280.jpg
images.1plus1.video/news-1/43179/ 29 KB
29 KB 409ms
407ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/news-1/43179/4588c9de10b2edb4adb8a9e397b9f254.315x280.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 1c78b444de0ac1641cfc7bb6b1d107d52b027d88f75c7321a1dbb137a3fc5607

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:20:12 GMT
last-modified: Mon, 02 May 2022 14:51:54 GMT
server: nginx
etag: "de8c82b051aa3da9d2b2931c34483b72"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 29534
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 03 May 2022 09:20:12 GMT
expires: Tue, 10 May 2022 09:20:12 GMT

GET
H2 200 d8e9daf1e34b8b14714edfe573966d21.315x280.jpg
images.1plus1.video/news-1/43206/ 38 KB
38 KB 461ms
459ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/news-1/43206/d8e9daf1e34b8b14714edfe573966d21.315x280.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 3dbecf3f90bdbdc47492de7dfd9648ea6d496d3b191a9329ae4a6567dafd3622

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:20:12 GMT
last-modified: Mon, 02 May 2022 14:37:16 GMT
server: nginx
etag: "47f1d9fd8c54a4cea2faab2663e24330"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 39102
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 03 May 2022 09:20:12 GMT
expires: Tue, 10 May 2022 09:20:12 GMT

GET
H2 200 a4d08bd4994e14c9955313db91f9a5d4.jpg
images.1plus1.video/other-1/ 134 KB
135 KB 532ms
530ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/other-1/a4d08bd4994e14c9955313db91f9a5d4.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 344eccc5f3ea7ebac658c1b57b9b4a21b83405d1065a480bf2bb3d01628e5e20

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:20:12 GMT
last-modified: Thu, 14 Apr 2022 11:33:41 GMT
server: nginx
etag: "847844816f7853a633ce073538d91224"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 137706
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 03 May 2022 09:20:12 GMT
expires: Tue, 10 May 2022 09:20:12 GMT

GET
H2 200 47726a18d81cffaef46c947d9c56cf5b.315x280.jpg
images.1plus1.video/news-1/43200/ 31 KB
32 KB 408ms
406ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/news-1/43200/47726a18d81cffaef46c947d9c56cf5b.315x280.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 10b4752844612d53e2d4a3ef1beaaa11ea8159b0fb727a5a90ca9ea6e664b532

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:20:12 GMT
last-modified: Mon, 02 May 2022 12:49:59 GMT
server: nginx
etag: "d5c89a496b13c60e2bbb1ac80d8420aa"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 32052
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 03 May 2022 09:20:12 GMT
expires: Tue, 10 May 2022 09:20:12 GMT

GET
H2 200 3a371297179d0d3783d983cdddf19da6.315x280.jpg
images.1plus1.video/news-1/43188/ 38 KB
38 KB 389ms
387ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/news-1/43188/3a371297179d0d3783d983cdddf19da6.315x280.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 28248c0db11f5e2524839566141999868b3647c6d2271b3501d2c68a5f02a616

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:20:12 GMT
last-modified: Sun, 01 May 2022 22:41:18 GMT
server: nginx
etag: "494304743ce8738dc3ab70f7d6f70e79"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 38584
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 03 May 2022 09:20:12 GMT
expires: Tue, 10 May 2022 09:20:12 GMT

GET
H2 200 dac1468ce8d7c34ac5eaecdd95bcd487.315x280.jpg
images.1plus1.video/news-1/43197/ 35 KB
35 KB 411ms
409ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/news-1/43197/dac1468ce8d7c34ac5eaecdd95bcd487.315x280.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 2e8f5106994ae2b4e233b9266d17fdf4bd1f6f51aea08aeb6e5a97844dd2d833

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:20:12 GMT
last-modified: Mon, 02 May 2022 11:22:09 GMT
server: nginx
etag: "191927fbd29fef235569e3a4d377c04f"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 35835
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 03 May 2022 09:20:12 GMT
expires: Tue, 10 May 2022 09:20:12 GMT

GET
H2 200 3c5c29a352791c18019bdcc02ee5fbc7.285x285.jpg
images.1plus1.video/card-5/GRsFFLJ2/ 18 KB
18 KB 481ms
479ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/card-5/GRsFFLJ2/3c5c29a352791c18019bdcc02ee5fbc7.285x285.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: a8cebc2cb04ac75776e861a533e41ea0bd3b69d06f461cb78e086602dac603aa

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:20:12 GMT
last-modified: Tue, 22 Feb 2022 17:53:08 GMT
server: nginx
etag: "1fff169ec8591ae472ce69439a5f36a9"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 18118
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 03 May 2022 09:20:12 GMT
expires: Tue, 10 May 2022 09:20:12 GMT

GET
H2 200 9a5058bd954e39305ea3ca42fdcd186a.285x285.jpg
images.1plus1.video/card-5/ktBGOYx2/ 21 KB
21 KB 532ms
530ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/card-5/ktBGOYx2/9a5058bd954e39305ea3ca42fdcd186a.285x285.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 64018c36747d449e570f24cab8b3c9d1e9ea794cf06a288e5adafff3da652ab3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:20:12 GMT
last-modified: Fri, 18 Feb 2022 17:38:19 GMT
server: nginx
etag: "e087103a4d5306b33b4a26ca74f46a95"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 21081
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 03 May 2022 09:20:12 GMT
expires: Tue, 10 May 2022 09:20:12 GMT

GET
H2 200 f90d7f24621086ba471318342646e06b.285x285.jpg
images.1plus1.video/card-5/DagrnyGt/ 27 KB
27 KB 389ms
387ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/card-5/DagrnyGt/f90d7f24621086ba471318342646e06b.285x285.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: ab913a87b721b324515eba65e3e6824a4eca503780e9deb7e4d375204c282e95

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:20:12 GMT
last-modified: Fri, 18 Feb 2022 17:27:39 GMT
server: nginx
etag: "ca4ef5c2e2792b2dfb7e7787c80e99f6"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 27722
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 03 May 2022 09:20:12 GMT
expires: Tue, 10 May 2022 09:20:12 GMT

GET
H2 200 8e8cb6e0f36b0d85cd8c6981e4eb4b31.285x285.jpg
images.1plus1.video/card-5/nRAVUWV2/ 30 KB
31 KB 517ms
515ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/card-5/nRAVUWV2/8e8cb6e0f36b0d85cd8c6981e4eb4b31.285x285.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 9fc647aa2ef1f6aa26e64231a4f860b77f8e5ca45ddb241de99581e1235df68d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:20:12 GMT
last-modified: Wed, 16 Feb 2022 16:37:24 GMT
server: nginx
etag: "da80bf2f888498741dc109276ffe8f47"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 31038
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 03 May 2022 09:20:12 GMT
expires: Tue, 10 May 2022 09:20:12 GMT

GET
H2 200 68536a5f7c4f28c824ac18907f67e6c0.285x285.jpg
images.1plus1.video/card-5/9CmkgJyR/ 25 KB
25 KB 461ms
459ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/card-5/9CmkgJyR/68536a5f7c4f28c824ac18907f67e6c0.285x285.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: bc963544c7b58831207820ca1f6aa75f0265843be105cab7b7c3744155616f3a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:20:12 GMT
last-modified: Wed, 16 Feb 2022 16:24:36 GMT
server: nginx
etag: "5bfc6a30c49959728c337dce58dda0a3"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 25395
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 03 May 2022 09:20:12 GMT
expires: Tue, 10 May 2022 09:20:12 GMT

GET
H2 200 cdce52f6d8885ef25314a4977eb592c8.490x300.jpg
images.1plus1.video/playlist-1/140731/ 98 KB
98 KB 532ms
530ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/140731/cdce52f6d8885ef25314a4977eb592c8.490x300.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: cb33386457609ed59866c61e2d9b0d4f4c3c5c6e2c7401c0a0a9fd8f5ff0c951

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:20:12 GMT
last-modified: Tue, 18 Jan 2022 14:42:46 GMT
server: nginx
etag: "8bbc0a9d2074e0f2861716372d19b7a8"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 100315
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 03 May 2022 09:20:12 GMT
expires: Tue, 10 May 2022 09:20:12 GMT

GET
H2 200 8789930c322a5a2de04ad202edee81be.490x300.jpg
images.1plus1.video/playlist-1/145042/ 72 KB
72 KB 452ms
451ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/145042/8789930c322a5a2de04ad202edee81be.490x300.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 6da76e0407ac20e5be7f38f73d9eae1ffc3bd492aa79769c9d900613db9b5dd5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:20:12 GMT
last-modified: Tue, 18 Jan 2022 14:41:33 GMT
server: nginx
etag: "6fe6cd0165380ba7809f27a4e2029504"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 73347
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 03 May 2022 09:20:12 GMT
expires: Tue, 10 May 2022 09:20:12 GMT

GET
H2 200 5dc777c6a08b8536906fff608805f4ad.490x300.jpg
images.1plus1.video/playlist-1/70286/ 100 KB
100 KB 481ms
479ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/70286/5dc777c6a08b8536906fff608805f4ad.490x300.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: e0f2bfbabb9841847f2a5b6e1a90ea85ed2cda2648ac0ced424a8e9769e38514

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:20:12 GMT
last-modified: Wed, 16 Jun 2021 15:26:13 GMT
server: nginx
etag: "61a7a9a574200a699aba40246cff75f8"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 101953
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 03 May 2022 09:20:12 GMT
expires: Tue, 10 May 2022 09:20:12 GMT

GET
H2 200 73f64084c4b6012843a0ad4a723ab950.490x300.jpg
images.1plus1.video/playlist-1/93757/ 84 KB
84 KB 517ms
516ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/93757/73f64084c4b6012843a0ad4a723ab950.490x300.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: f375aaa522232e786256e11ddb093a95c35026397d3967ba0b66dd427d833a2e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:20:12 GMT
last-modified: Tue, 22 Jun 2021 07:50:02 GMT
server: nginx
etag: "3fcbb749663669f24ae1bf6426c6776a"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 85576
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 03 May 2022 09:20:12 GMT
expires: Tue, 10 May 2022 09:20:12 GMT

GET
H2 200 d3374a1b77fa3b8ce94d5845e061d8f0.490x300.jpg
images.1plus1.video/playlist-1/4844/ 97 KB
97 KB 477ms
475ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/4844/d3374a1b77fa3b8ce94d5845e061d8f0.490x300.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 373deb961a720e1e159bdafc2ab4e9ad0478f910034025f667c92e21dbd0a044

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:20:12 GMT
last-modified: Tue, 18 Jan 2022 14:44:06 GMT
server: nginx
etag: "a8a6b117d153ff197675175afd73848d"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 99044
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 03 May 2022 09:20:12 GMT
expires: Tue, 10 May 2022 09:20:12 GMT

GET
H2 200 512ac948dba8c0ed8ed754631bb4084f.490x300.jpg
images.1plus1.video/playlist-1/5252/ 161 KB
161 KB 460ms
458ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/5252/512ac948dba8c0ed8ed754631bb4084f.490x300.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 10066841bfc9534e75adc9de3c5b8f027a6d4cf60e8cc53debef50491928e60d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:20:12 GMT
last-modified: Fri, 18 Jun 2021 07:37:16 GMT
server: nginx
etag: "f3aeeec15e404524760bdf792fd61b50"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 164699
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 03 May 2022 09:20:12 GMT
expires: Tue, 10 May 2022 09:20:12 GMT

GET
H2 200 7685b7308bb44288c4f399496048c4df.220x330.jpg
images.1plus1.video/playlist-1/945/ 59 KB
60 KB 473ms
471ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/945/7685b7308bb44288c4f399496048c4df.220x330.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 143f50225190e7a587d8e43d7504c7645b29f1dfb957eae82f59977a6cc35c98

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:20:12 GMT
last-modified: Thu, 20 Jan 2022 12:33:22 GMT
server: nginx
etag: "8bae3cce1b9ac9a8d0dc652c45b532de"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 60741
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 03 May 2022 09:20:12 GMT
expires: Tue, 10 May 2022 09:20:12 GMT

GET
H2 200 74a4f00b1034d1e5de44c52c5afaf1fd.220x330.jpg
images.1plus1.video/playlist-1/5312/ 32 KB
32 KB 513ms
511ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/5312/74a4f00b1034d1e5de44c52c5afaf1fd.220x330.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 564790a34f4bb222b6812e6c32b124320b3ccd5db9a922fcff71f72a4bd02673

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:20:12 GMT
last-modified: Wed, 19 Jan 2022 15:44:36 GMT
server: nginx
etag: "051dae29b6412985e0d02f1883f31c84"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 32599
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 03 May 2022 09:20:12 GMT
expires: Tue, 10 May 2022 09:20:12 GMT

GET
H2 200 d3374a1b77fa3b8ce94d5845e061d8f0.220x330.jpg
images.1plus1.video/playlist-1/4844/ 68 KB
68 KB 406ms
404ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/4844/d3374a1b77fa3b8ce94d5845e061d8f0.220x330.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 1ec70c7fb22a0abb4cf77eab8f2b4b3a5c674107b30f1bdf7f4d118a9c61e7da

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:20:12 GMT
last-modified: Tue, 18 Jan 2022 14:44:06 GMT
server: nginx
etag: "af334573b8e9890738512cd9a210350e"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 69740
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 03 May 2022 09:20:12 GMT
expires: Tue, 10 May 2022 09:20:12 GMT

GET
H2 200 5ee354d25b6e1328f52453b530bd859f.220x330.jpg
images.1plus1.video/playlist-1/46546/ 18 KB
19 KB 461ms
460ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/46546/5ee354d25b6e1328f52453b530bd859f.220x330.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: e24ce462b090fdbb38af89384909309483db1a66bc0d1ce4a5141c4864467868

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:20:12 GMT
last-modified: Wed, 23 Feb 2022 11:06:28 GMT
server: nginx
etag: "7037a4d516fbc5445a7d1a251f1a5c6f"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 18756
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 03 May 2022 09:20:12 GMT
expires: Tue, 10 May 2022 09:20:12 GMT

GET
H2 200 c9b0c9a776f78f3b56b9024ff259bf6d.220x330.jpg
images.1plus1.video/playlist-1/5252/ 86 KB
87 KB 486ms
484ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/5252/c9b0c9a776f78f3b56b9024ff259bf6d.220x330.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: ded40bc9b131ce8d897e8319b65b204d44da586ca44e661f3acc33cb6438b1f4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:20:12 GMT
last-modified: Wed, 19 Jan 2022 15:43:20 GMT
server: nginx
etag: "90f688b5780469424dc2f50e497a080f"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 88537
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 03 May 2022 09:20:12 GMT
expires: Tue, 10 May 2022 09:20:12 GMT

GET
H/1.1 200
OK footer-email.png
2plus2.ua/img/ 774 B
1 KB 134ms
67ms Image
image/png 195.137.240.82
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2plus2.ua/img/footer-email.png
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.82 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front02.1plus1.ua
Software: nginx /
Resource Hash: c7571d58fa40f74107002e9991f3b84ca5da3aef2f9f366a7ddc27afb9a90dc0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 03 May 2022 09:20:12 GMT
Last-Modified: Tue, 29 Jan 2019 14:06:43 GMT
Server: nginx
Content-Type: image/png
Cache-Control: max-age=1209600
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 774
Expires: Tue, 17 May 2022 09:20:12 GMT

GET
H/1.1 200
OK ads.js Show response
2plus2.ua/js/ 19 B
351 B 130ms
67ms Script
application/javascript 195.137.240.82
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://2plus2.ua/js/ads.js?id=fb4f4a7ed8a8020a4ad9
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.82 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front02.1plus1.ua
Software: nginx /
Resource Hash: e029f52d3ee7b5d529e43509e78c8aad836f222e32a308e61360e3fddcec6320

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 03 May 2022 09:20:12 GMT
Last-Modified: Tue, 29 Jan 2019 14:06:43 GMT
Server: nginx
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=1209600
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 19
Expires: Tue, 17 May 2022 09:20:12 GMT

GET
H/1.1 200
OK jquery-3.2.1.min.js Show response
2plus2.ua/js/vendor/ 85 KB
35 KB 138ms
137ms Script
application/javascript 195.137.240.82
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://2plus2.ua/js/vendor/jquery-3.2.1.min.js?id=c9f5aeeca3ad37bf2aa0
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.82 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front02.1plus1.ua
Software: nginx /
Resource Hash: 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 03 May 2022 09:20:12 GMT
Content-Encoding: gzip
Last-Modified: Tue, 27 Nov 2018 12:17:34 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=1209600
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Tue, 17 May 2022 09:20:12 GMT

GET
H/1.1 200
OK owl.carousel.min.js Show response
2plus2.ua/js/vendor/ 42 KB
13 KB 71ms
70ms Script
application/javascript 195.137.240.82
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://2plus2.ua/js/vendor/owl.carousel.min.js?id=b7b9c97cd68ec336d01a
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.82 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front02.1plus1.ua
Software: nginx /
Resource Hash: b394d33b2a7ec654a6b037ebfda6618341b3f897a362be624c923c2711b54a43

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 03 May 2022 09:20:12 GMT
Content-Encoding: gzip
Last-Modified: Tue, 27 Nov 2018 12:17:34 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=1209600
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Tue, 17 May 2022 09:20:12 GMT

GET
H/1.1 200
OK jquery.mousewheel.min.js Show response
2plus2.ua/js/vendor/ 3 KB
2 KB 68ms
67ms Script
application/javascript 195.137.240.82
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://2plus2.ua/js/vendor/jquery.mousewheel.min.js?id=d5843dbdc71ff8014a5e
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.82 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front02.1plus1.ua
Software: nginx /
Resource Hash: 8e73a30d35c83ea6a597c3343324d2b7df097ad26e67b62efb5266ee12d317b5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 03 May 2022 09:20:12 GMT
Content-Encoding: gzip
Last-Modified: Tue, 27 Nov 2018 12:17:34 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=1209600
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Tue, 17 May 2022 09:20:12 GMT

GET
H/1.1 200
OK jquery.mCustomScrollbar.concat.min.js Show response
2plus2.ua/js/vendor/ 44 KB
15 KB 205ms
135ms Script
application/javascript 195.137.240.82
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://2plus2.ua/js/vendor/jquery.mCustomScrollbar.concat.min.js?id=42a368e95b4a38989c89
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.82 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front02.1plus1.ua
Software: nginx /
Resource Hash: fd8027b53a97cbd5782e85c5908e563c39776703ff9279f50658e630927b4167

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 03 May 2022 09:20:12 GMT
Content-Encoding: gzip
Last-Modified: Tue, 27 Nov 2018 12:17:34 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=1209600
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Tue, 17 May 2022 09:20:12 GMT

GET
H/1.1 200
OK app.js Show response
2plus2.ua/js/ 20 KB
8 KB 139ms
68ms Script
application/javascript 195.137.240.82
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://2plus2.ua/js/app.js?id=8e88380a7f509a69a305
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.82 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front02.1plus1.ua
Software: nginx /
Resource Hash: 672ace95a9ff08fd4323923191fafd7b76c9ede3ae21cc62724afb4dff985b24

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 03 May 2022 09:20:12 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Apr 2022 12:23:46 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=1209600
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Tue, 17 May 2022 09:20:12 GMT

GET
H2 200 css2
fonts.googleapis.com/ 28 KB
2 KB 142ms
55ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;0,800;1,300;1,400;1,600;1,700;1,800&display=swap

Requested by

Host: 2plus2.ua
URL: https://2plus2.ua/css/app.css?id=0d35840da3ccf68354bf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a72ee3b483fdcb212b243a4e684c497f598916becbe02e14b48fae84ff65504c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 03 May 2022 08:06:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 03 May 2022 09:20:12 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 03 May 2022 09:20:12 GMT

GET
H2 200 hb_298309_11708.js Show response
player.adtcdn.com/prebidlink/458769/ 374 KB
111 KB 120ms
49ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtcdn.com/prebidlink/458769/hb_298309_11708.js
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e83fe9975d2dd72d4a583fa4b72114cd7f17941a949a037fb961a11b12713e4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:20:12 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 270
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 26 Apr 2022 08:58:07 GMT
server: cloudflare
etag: W/"6267b41f-5d9c4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L4LynzIDGhFB%2BwbhX2rpGdc3WEotMLxprD4C99vaxHr7OFc3kTLTEfT5jbGp2GfJaO%2BGtkrV5a5SoVtCIO3TweL4LYQmrli3DJgKCsk0lrGc%2F0t2QmBVtLS%2BFmx1uR9vx1%2FNNWH944uFedjxfJy3Lw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=345600
cf-ray: 7057eb5eea30776b-LHR
expires: Tue, 03 May 2022 09:30:42 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 82 KB
28 KB 134ms
48ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: 2plus2.ua
URL: https://2plus2.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

sffe /

Resource Hash

d31dd125d16513fbd385f2a6164e2a6fa2bd38d43c366ac474031e46db64d89b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:20:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28399
x-xss-protection: 0
server: sffe
etag: "1203 / 569 of 1000 / last-modified: 1651567328"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 03 May 2022 09:20:12 GMT

GET
H2 200 wrapper_hb_298309_11708.js Show response
player.adtcdn.com/prebidlink/458769/ 787 B
1 KB 40ms
39ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtcdn.com/prebidlink/458769/wrapper_hb_298309_11708.js
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42d66f023bb368180a0b3fe8fb92af402514a0c335f3c16279c020398e6b9308

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:20:12 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 269
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 28 Apr 2022 12:46:22 GMT
server: cloudflare
etag: W/"626a8c9e-313"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uNHR%2BSgAFOAeb3DxAVRnbAvKtziCw1vbCUZl0PPVjtXqAUKg%2Btib%2FhgQwdYtNSW%2BB1WUBt5MYB2860N%2FDafl9DxokBk6t6xxgFg0Q6GHStLhL%2FkFVIb3tODT8FZikTWF5Vf0uvUeMPbHmdjihT4UtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=345600
cf-ray: 7057eb5eea34776b-LHR
expires: Tue, 03 May 2022 09:30:43 GMT

GET
H2 200 piwik.js Show response
assay.1plus1.ua/ 57 KB
23 KB 282ms
133ms Script
application/javascript 195.137.240.12
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL

https://assay.1plus1.ua/piwik.js

Requested by

Host: 2plus2.ua
URL: https://2plus2.ua/js/codes-initialization.js?id=6995a6db18672037bb0c

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

195.137.240.12 , Ukraine, ASN29389 (ASN-UNIAN, UA),

Reverse DNS

assay.1plus1.ua

Software

nginx /

Resource Hash

714576ef1d7b58980b7658ae9b8b4d74a223fba87934dc442db4098873e179a3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:20:12 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Mon, 03 Jul 2017 15:36:13 GMT
server: nginx
etag: W/"595a646d-e3b1"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 171 KB
60 KB 145ms
57ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W2BBRKX

Requested by

Host: 2plus2.ua
URL: https://2plus2.ua/js/codes-initialization.js?id=6995a6db18672037bb0c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

656943dc2c190bb060d375111efe5245891e3def19d195fd568cb48e4452039b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:20:12 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61096
x-xss-protection: 0
last-modified: Tue, 03 May 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 03 May 2022 09:20:12 GMT

GET
H2 200 xgemius.js Show response
gaua.hit.gemius.pl/ 43 KB
12 KB 209ms
61ms Script
application/x-javascript 54.37.238.28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/xgemius.js
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/js/codes-initialization.js?id=6995a6db18672037bb0c
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.37.238.28 , France, ASN16276 (OVH, FR),
Reverse DNS: ip28.ip-54-37-238.eu
Software: GHC /
Resource Hash: e084c8a87da9ce64e34972a1718ce788ea46bb7898330c73e1a7f2b6c9936d98

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:20:12 GMT
content-encoding: gzip
last-modified: Thu, 21 Apr 2022 06:09:03 GMT
server: GHC
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: max-age=43200
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 11715
expires: Tue, 03 May 2022 21:20:12 GMT

GET
H/1.1 200
OK api.gpt.js Show response
api.1plus1.video/static/js/ 12 KB
5 KB 275ms
67ms Script
application/javascript 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.1plus1.video/static/js/api.gpt.js
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: f336a6da2e57a1dd5bcd42f29f901d5252438a16952e4577ebdb6e0871e812a0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 03 May 2022 09:20:12 GMT
Content-Encoding: gzip
Last-Modified: Mon, 26 Jul 2021 13:10:52 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Thu, 02 Jun 2022 09:19:29 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
fonts.gstatic.com/s/opensans/v28/ 24 KB
25 KB 126ms
40ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v28/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;0,800;1,300;1,400;1,600;1,700;1,800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fcbd587432f5e88fc926d1cde0d375084b7f3e711f9ff34571dec52f70fb27cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://2plus2.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 22:47:37 GMT
x-content-type-options: nosniff
age: 556355
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24756
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 22:00:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Apr 2023 22:47:37 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v28/ 44 KB
44 KB 164ms
78ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v28/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;0,800;1,300;1,400;1,600;1,700;1,800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://2plus2.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 22:45:07 GMT
x-content-type-options: nosniff
age: 556505
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 22:03:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Apr 2023 22:45:07 GMT

GET
H/1.1 200
OK 12XPPTDu Show response
1plus1.video/video/embed/ Frame 4595 10 KB
5 KB 337ms
98ms Document
text/html 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://1plus1.video/video/embed/12XPPTDu?autoplay=0&l=ua&logo=plus2
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: c62866ef4a05de040f3ba3391dcb4147021b0deacb5614925ce8c97b0391e683

Request headers

Referer: https://2plus2.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Tue, 03 May 2022 09:20:12 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=15
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H2 200 vunit Show response
a4p.adpartner.pro/ 12 KB
3 KB 171ms
55ms Script
text/html 54.38.197.123
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/vunit?id=1412&0.04250717816442595
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-01.adpartner.pro
Software: nginx /
Resource Hash: d64597e0f7fbfca465f7c2c3c9353a29d4746301632781083f45faed2dcc0b51

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:20:12 GMT
cache-control: no-store no-transform
server: nginx
content-encoding: br
content-type: text/html; charset=utf-8

GET
H/1.1 200
OK pattern.jpg
2plus2.ua/img/ 1 KB
2 KB 70ms
68ms Image
image/jpeg 195.137.240.82
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2plus2.ua/img/pattern.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/css/app.css?id=0d35840da3ccf68354bf
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.82 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front02.1plus1.ua
Software: nginx /
Resource Hash: db1e8ca32d9160e5a98ebab86225e05e9b7557e38d27b0e30d994d4242aae414

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/css/app.css?id=0d35840da3ccf68354bf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 03 May 2022 09:20:12 GMT
Last-Modified: Wed, 10 Oct 2018 15:20:08 GMT
Server: nginx
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 1355
Expires: Tue, 17 May 2022 09:20:12 GMT

GET
H2 200 c7cdf394dc8482759f9077a41e4abf22.custom.jpg
images.1plus1.video/card-5/12XPPTDu/ 512 KB
512 KB 521ms
520ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/card-5/12XPPTDu/c7cdf394dc8482759f9077a41e4abf22.custom.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 0479c803e597c9eacc35328c18e47b75104c9c67359da67d31fa807de6309663

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:20:12 GMT
last-modified: Wed, 23 Feb 2022 17:22:14 GMT
server: nginx
etag: "8cdf6bac6c3c122e283456481462d852"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 523866
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 03 May 2022 09:20:12 GMT
expires: Tue, 10 May 2022 09:20:12 GMT

GET
H2 200 hbw_master_298309_11708.js Show response
player.adtelligent.com/prebidlink/458769/ 138 KB
30 KB 210ms
122ms Script
application/javascript 45.133.44.4
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/prebidlink/458769/hbw_master_298309_11708.js
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/458769/wrapper_hb_298309_11708.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 30982a416cf3e54bb5ed0e4c19bbf23067b316aaf9fddffe75b4c2f96a930a3e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:20:12 GMT
content-encoding: gzip
last-modified: Thu, 28 Apr 2022 12:46:22 GMT
server: nginx
etag: W/"626a8c9e-227a1"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Thu, 05 May 2022 09:20:12 GMT
cache-control: max-age=172800
x-proxy-cache: MISS

GET
H2 200 pubads_impl_2022042801.js Show response
securepubads.g.doubleclick.net/gpt/ 367 KB
125 KB 39ms
38ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042801.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

sffe /

Resource Hash

0b8a17793a0291b59ff3b8553ec9fe1d3cccc8cf1b482a408184d3a2f4d1405f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 08:50:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1754
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127788
x-xss-protection: 0
last-modified: Thu, 28 Apr 2022 08:38:15 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 03 May 2023 08:50:58 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 98 B
115 B 127ms
48ms XHR
application/json 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=2plus2.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

e0dcc09367b71426fd856d00aae49c2e678cf9dceb55c88bf0b5e24517f0bbfe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 03 May 2022 09:20:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 90
x-xss-protection: 0
expires: Tue, 03 May 2022 09:20:12 GMT

GET
H/1.1 200
OK ovva.0.3.0.css
1plus1.video/static/player/css/ Frame 4595 171 KB
26 KB 134ms
134ms Stylesheet
text/css 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://1plus1.video/static/player/css/ovva.0.3.0.css?v=e5d7a0e0edee2e1241fd9b3cb5108a742a385aed
Requested by: Host: 1plus1.video
URL: https://1plus1.video/video/embed/12XPPTDu?autoplay=0&l=ua&logo=plus2
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: 3dac64a94fcc4eae3c54f1f12824e9b82bebbec1acb3cb8b908f4ecc1f90e578

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/video/embed/12XPPTDu?autoplay=0&l=ua&logo=plus2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 03 May 2022 09:20:12 GMT
Content-Encoding: gzip
Last-Modified: Mon, 29 Nov 2021 13:05:56 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Thu, 02 Jun 2022 09:18:31 GMT

GET
H/1.1 200
OK ovva.0.3.0.js Show response
1plus1.video/static/player/js/ Frame 4595 198 KB
69 KB 273ms
138ms Script
application/javascript 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=e5d7a0e0edee2e1241fd9b3cb5108a742a385aed
Requested by: Host: 1plus1.video
URL: https://1plus1.video/video/embed/12XPPTDu?autoplay=0&l=ua&logo=plus2
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: 517d4417f1918881abb8b87e7be918ca95b9eb50de3a5ef4a46e2e39626aba7b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/video/embed/12XPPTDu?autoplay=0&l=ua&logo=plus2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 03 May 2022 09:20:13 GMT
Content-Encoding: gzip
Last-Modified: Wed, 12 Jan 2022 10:03:07 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Thu, 02 Jun 2022 09:18:39 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 4595 98 KB
38 KB 57ms
56ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-104502981-1

Requested by

Host: 1plus1.video
URL: https://1plus1.video/video/embed/12XPPTDu?autoplay=0&l=ua&logo=plus2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ce8a22120122bba344fbe1047b0735721a9f395e4fbc53712f15f79b9b20cdd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:20:13 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38729
x-xss-protection: 0
last-modified: Tue, 03 May 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 03 May 2022 09:20:13 GMT

GET
H2 200 vunit.min.js Show response
a4p.adpartner.pro/apstc/ 48 KB
12 KB 63ms
63ms Script
application/javascript 54.38.197.123
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/apstc/vunit.min.js?v=1.1.423
Requested by: Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/vunit?id=1412&0.04250717816442595
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-01.adpartner.pro
Software: nginx /
Resource Hash: dc41a2546e6b5e28ddf2602393ecf0337cf32b46eefecea182a5e3a08f1edaff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:20:12 GMT
cache-control: no-store no-transform
last-modified: Tue, 15 Mar 2022 16:47:24 GMT
server: nginx
content-encoding: br
etag: W/"6230c31c-c158"
content-type: application/javascript

GET
H2 204 tt
a4p.adpartner.pro/ Frame 8D97 0
0 729ms
729ms Document
text/plain 54.38.197.123
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/tt?time=0&apuid=undefined&session_pageview=1&session_id=edf12791-999c-4c6e-9a82-476e30e6bffd&site_visited=1&location=https%3A%2F%2F2plus2.ua%2F&referer=
Requested by: Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/vunit?id=1412&0.04250717816442595
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-01.adpartner.pro
Software: nginx /
Resource Hash

Request headers

Referer: https://2plus2.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store no-transform
date: Tue, 03 May 2022 09:20:13 GMT
server: nginx

GET
H2 200 ls Show response
a4p.adpartner.pro/vunit/ Frame D86D 5 KB
2 KB 104ms
104ms Document
text/html 54.38.197.123
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/vunit/ls?vunit=1412&bannerNum=43046749553641760&apuid=d7d48cc1-6e44-4292-b809-7a99e28e983f&session_pageview=1&session_id=edf12791-999c-4c6e-9a82-476e30e6bffd&site_visited=1&location=https%3A%2F%2F2plus2.ua%2F
Requested by: Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/vunit?id=1412&0.04250717816442595
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-01.adpartner.pro
Software: nginx /
Resource Hash: 132768547caca742c09fe512f1d1b1dec877d7effec7182931c37d4c7876f6e1

Request headers

Referer: https://2plus2.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store no-transform
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 03 May 2022 09:20:12 GMT
server: nginx

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 180 KB
66 KB 144ms
65ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-KRRGZR24WG&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W2BBRKX

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8fc39f78a07698ed99010ce721749f6fe9fb11aeda225204e01ac37d72b9abf3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:20:13 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67670
x-xss-protection: 0
expires: Tue, 03 May 2022 09:20:13 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 124ms
38ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W2BBRKX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 6323
date: Tue, 03 May 2022 07:34:50 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 03 May 2022 09:34:50 GMT

GET
H2

200

960ccfd6-74cb-4236-9230-f2f5d1c9d1c7_eu.js Show response
cdn.mouseflow.com/projects/
Redirect Chain

https://cdn.mouseflow.com/projects/960ccfd6-74cb-4236-9230-f2f5d1c9d1c7.js
https://cdn.mouseflow.com/projects/960ccfd6-74cb-4236-9230-f2f5d1c9d1c7_eu.js

53 KB
17 KB

51ms
51ms

Script
application/javascript

23.111.9.38
STACKPATH

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mouseflow.com/projects/960ccfd6-74cb-4236-9230-f2f5d1c9d1c7_eu.js
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Server: 23.111.9.38 , United States, ASN33438 (STACKPATH, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 33a45a5a9868fae393389cde23193e59ecadb3a257550ceb3d7499b15d985d10

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:20:13 GMT
content-encoding: gzip
last-modified: Wed, 13 Apr 2022 09:09:45 GMT
server: NetDNA-cache/2.2
etag: W/"65602a38164fd81:0"
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400

Redirect headers

location: https://cdn.mouseflow.com/projects/960ccfd6-74cb-4236-9230-f2f5d1c9d1c7_eu.js
date: Tue, 03 May 2022 09:20:12 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
content-length: 178
content-type: text/html

GET
H2 410 3674.js
script.crazyegg.com/pages/scripts/0068/ 0
0 124ms
41ms Script
application/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0068/3674.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W2BBRKX
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:20:13 GMT
cf-cache-status: HIT
last-modified: Tue, 03 May 2022 01:01:16 GMT
server: cloudflare
age: 29937
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86400, s-maxage=86400
cf-ray: 7057eb613b2d719c-LHR
content-length: 0

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 125ms
41ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: 2plus2.ua
URL: https://2plus2.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26311
x-xss-protection: 0
pragma: public
x-fb-debug: xUhz0Ym3+x8EByoni5VlqCXtb9UhxKaxMNHeLMiImZU67rbtKnkjzzAkGHqXf8kEPXXC/yNJSppt3v+Phfd+JQ==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Tue, 03 May 2022 09:20:13 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 al26fychxj Show response
www.clarity.ms/tag/ 1 KB
2 KB 322ms
159ms Script
application/x-javascript 2620:1ec:27::cafe:1835
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/al26fychxj
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:1835 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: db81c854ae9940a86357abd2ee5a3d34671975b72b8de85f06913a893dd2ec68

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:20:13 GMT
x-powered-by: ASP.NET
x-azure-ref: 0zfNwYgAAAABABu0EnQSTSKHxDzzhJFKlV0FXMDFFREdFMDUxMgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
expires: -1
cache-control: no-cache, no-store
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

GET
H2 200 fpdata.js Show response
gaua.hit.gemius.pl/ 278 B
392 B 59ms
57ms Script
application/x-javascript 54.37.238.28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/fpdata.js?href=2plus2.ua
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.37.238.28 , France, ASN16276 (OVH, FR),
Reverse DNS: ip28.ip-54-37-238.eu
Software: GHC /
Resource Hash: bda4e4579ce3fd96ff81d1053eeaef708c7c71ef12129715f542779dd6df1d29

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:20:12 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
server: GHC
etag: PRIVATE7520710249
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: private, max-age=2592000
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 278
expires: Thu, 02 Jun 2022 09:20:12 GMT

GET
H2 200 lsget.html Show response
ls.hit.gemius.pl/ Frame 60B5 5 KB
3 KB 197ms
58ms Document
text/html 146.59.30.108
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ls.hit.gemius.pl/lsget.html
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.30.108 , France, ASN16276 (OVH, FR),
Reverse DNS: ip108.ip-146-59-30.eu
Software: GHC /
Resource Hash: 9235a349e920e8b323bd8832e7b11699fb951f2a739c18cfced8760997c0ffbb

Request headers

Referer: https://2plus2.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: none
cache-control: private, max-age=2592000
content-encoding: gzip
content-length: 2722
content-type: text/html;charset=utf-8
cross-origin-resource-policy: cross-origin
date: Tue, 03 May 2022 09:20:13 GMT
etag: PRIVATE7520710249
expires: Thu, 02 Jun 2022 09:20:13 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
p3p: CP="NOI DSP COR NID PSAo OUR IND"
server: GHC
vary: Accept-Encoding,Origin,User-Agent

GET
H2 200 piwik.php
assay.1plus1.ua/ 43 B
145 B 71ms
70ms Image
image/gif 195.137.240.12
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assay.1plus1.ua/piwik.php?action_name=2%2B2%20-%20%D0%9E%D1%84%D1%96%D1%86%D1%96%D0%B9%D0%BD%D0%B8%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%D1%83%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&idsite=6&rec=1&r=266675&h=9&m=20&s=12&url=https%3A%2F%2F2plus2.ua%2F&_id=d500de9c54203912&_idts=1651569613&_idvc=1&_idn=0&_refts=0&_viewts=1651569613&send_image=1&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&gt_ms=312

Requested by

Host: 2plus2.ua
URL: https://2plus2.ua/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

195.137.240.12 , Ukraine, ASN29389 (ASN-UNIAN, UA),

Reverse DNS

assay.1plus1.ua

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:20:12 GMT
content-encoding: none
server: nginx
content-length: 43
x-frame-options: SAMEORIGIN
content-type: image/gif

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame D86D 49 KB
20 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/vunit/ls?vunit=1412&bannerNum=43046749553641760&apuid=d7d48cc1-6e44-4292-b809-7a99e28e983f&session_pageview=1&session_id=edf12791-999c-4c6e-9a82-476e30e6bffd&site_visited=1&location=https%3A%2F%2F2plus2.ua%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a4p.adpartner.pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 6323
date: Tue, 03 May 2022 07:34:50 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 03 May 2022 09:34:50 GMT

POST
H2 200 vunit Show response
a4p.adpartner.pro/ Frame D86D 3 KB
1 KB 61ms
61ms XHR
text/html 54.38.197.123
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/vunit?id=1412&session_id=edf12791-999c-4c6e-9a82-476e30e6bffd&session_pageview=1&site_visited=1
Requested by: Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/vunit/ls?vunit=1412&bannerNum=43046749553641760&apuid=d7d48cc1-6e44-4292-b809-7a99e28e983f&session_pageview=1&session_id=edf12791-999c-4c6e-9a82-476e30e6bffd&site_visited=1&location=https%3A%2F%2F2plus2.ua%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-01.adpartner.pro
Software: nginx /
Resource Hash: d0e607d7c8e5c37f9f8cd2115fee1a4fadb8bce390c8925e66119de3114dde49

Request headers

Referer: https://a4p.adpartner.pro/vunit/ls?vunit=1412&bannerNum=43046749553641760&apuid=d7d48cc1-6e44-4292-b809-7a99e28e983f&session_pageview=1&session_id=edf12791-999c-4c6e-9a82-476e30e6bffd&site_visited=1&location=https%3A%2F%2F2plus2.ua%2F
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type: text/plain

Response headers

date: Tue, 03 May 2022 09:20:13 GMT
cache-control: no-store no-transform
server: nginx
content-encoding: br
content-type: text/html; charset=utf-8

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 131ms
49ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2028930833&t=pageview&_s=1&dl=https%3A%2F%2F2plus2.ua%2F&ul=en-us&de=UTF-8&dt=2%2B2%20-%20%D0%9E%D1%84%D1%96%D1%86%D1%96%D0%B9%D0%BD%D0%B8%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%D1%83%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=249004163&gjid=1821141301&cid=1188064340.1651569613&tid=UA-3838466-26&_gid=925035109.1651569613&_r=1&gtm=2wg4r0W2BBRKX&z=1496293918

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://2plus2.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 03 May 2022 09:20:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://2plus2.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 127ms
49ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2028930833&t=pageview&_s=1&dl=https%3A%2F%2F2plus2.ua%2F&ul=en-us&de=UTF-8&dt=2%2B2%20-%20%D0%9E%D1%84%D1%96%D1%86%D1%96%D0%B9%D0%BD%D0%B8%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%D1%83%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAEABAAAAAC~&jid=525718744&gjid=491810005&cid=1188064340.1651569613&tid=UA-113262294-1&_gid=925035109.1651569613&_r=1&gtm=2wg4r0W2BBRKX&z=260449002

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://2plus2.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 03 May 2022 09:20:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://2plus2.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 450887889857312 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 141ms
93ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/450887889857312?v=2.9.57&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

265564711b8fd136d368efb9154e8b2758c252140b92d442bf497e60ceffd01b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: JEDH+b/wrWk3SvH3kSr8RI8Ngo3zDxly5ig8H/CKmMx6QBXSaQeQzEgKvy2U8oa0GIUAlA9IeUFGcDkjOCiAOw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 03 May 2022 09:20:13 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1651569613169
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 config.json Show response
player.adtelligent.com/exchange_rates/298308/ 4 KB
2 KB 103ms
34ms XHR
application/json 45.133.44.4
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/exchange_rates/298308/config.json?cb=https%3A%2F%2F2plus2.ua%2F
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/458769/hb_298309_11708.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 3f50a16dffeaef2c0c4366289ed1a8e5dc3c9be677de8fa24e2f1b0e0186ebe1

Request headers

Referer: https://2plus2.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 03 May 2022 09:20:13 GMT
content-encoding: gzip
last-modified: Mon, 02 May 2022 00:02:11 GMT
server: nginx
etag: W/"626f1f83-1170"
content-type: application/json
access-control-allow-origin: https://2plus2.ua
expires: Thu, 05 May 2022 09:20:13 GMT
cache-control: max-age=172800
x-proxy-cache: HIT

GET
H/1.1 200
OK / Show response
ghb.adtelligent.com/geo/ 125 B
367 B 130ms
33ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/geo/
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/458769/hbw_master_298309_11708.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: a75712c3b675d8655d638dec427bbd5c965a063576ce726bc69017b54a21e551

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://2plus2.ua
Date: Tue, 03 May 2022 09:20:12 GMT
Access-Control-Allow-Credentials: true
Server: Adtelligent
Connection: Keep-Alive
Content-Length: 125
Content-Type: application/json

GET
H/1.1 200
OK tracking Show response
ghb.adtelligent.com/adunit/ 43 B
403 B 130ms
33ms XHR
image/gif 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/adunit/tracking?event=11&type=0&client_id=298309&site_id=11708&full_page_url=https%3A%2F%2F2plus2.ua%2F&adid=pxwld9.z8&features=16416&vpbv=N058&lifecycle_tte=1569
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/458769/hbw_master_298309_11708.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://2plus2.ua
Date: Tue, 03 May 2022 09:20:12 GMT
Access-Control-Allow-Credentials: true
Server: Adtelligent
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 55ms
55ms Ping
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-KRRGZR24WG&gtm=2oe4r0&_p=2028930833&_z=ccd.tbB&cid=1188064340.1651569613&ul=en-us&sr=1600x1200&_s=1&sid=1651569612&sct=1&seg=0&dl=https%3A%2F%2F2plus2.ua%2F&dt=2%2B2%20-%20%D0%9E%D1%84%D1%96%D1%86%D1%96%D0%B9%D0%BD%D0%B8%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%D1%83%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KRRGZR24WG&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 May 2022 09:20:13 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://2plus2.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rexdot.js Show response
gaua.hit.gemius.pl/__/_1651569613172/
Redirect Chain

https://gaua.hit.gemius.pl/_1651569613172/rexdot.js?l=100&id=nGhLmYBVmH9lDxK8n6qDIKPertEG4oNkPFAhnpWOfo3.H7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2F2plus2.ua%2...
https://gaua.hit.gemius.pl/__/_1651569613172/rexdot.js?l=100&id=nGhLmYBVmH9lDxK8n6qDIKPertEG4oNkPFAhnpWOfo3.H7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2F2plus2.u...

169 B
424 B

158ms
157ms

Script
application/x-javascript

54.37.238.28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/__/_1651569613172/rexdot.js?l=100&id=nGhLmYBVmH9lDxK8n6qDIKPertEG4oNkPFAhnpWOfo3.H7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2F2plus2.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=253&lsdata=tm7LCtvZ0enAbRpYs8W1qNXvvsmlfxf6Z9AUMP_NvyH.97w_ihXOQxGUYQ2QxqJQneDEX2Nov88kvKupi6IdTXNtxZcD/LVNbCBSAih.ni/&fpdata=i4PWg3A1Dd5Y9VdlFp6CTPO.d6VXRPK9.szL4jZVymn.g7&vis=1&fpcap=
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Server: 54.37.238.28 , France, ASN16276 (OVH, FR),
Reverse DNS: ip28.ip-54-37-238.eu
Software: GHC /
Resource Hash: cb317043e8a130c62c91a27c2c592a7ce3de7d6e6bc7c4c1ca6bef1f1e24394e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 May 2022 09:20:13 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 169
expires: Mon, 02 May 2022 09:20:13 GMT

Redirect headers

pragma: no-cache
date: Tue, 03 May 2022 09:20:13 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: /__/_1651569613172/rexdot.js?l=100&id=nGhLmYBVmH9lDxK8n6qDIKPertEG4oNkPFAhnpWOfo3.H7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2F2plus2.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=253&lsdata=tm7LCtvZ0enAbRpYs8W1qNXvvsmlfxf6Z9AUMP_NvyH.97w_ihXOQxGUYQ2QxqJQneDEX2Nov88kvKupi6IdTXNtxZcD/LVNbCBSAih.ni/&fpdata=i4PWg3A1Dd5Y9VdlFp6CTPO.d6VXRPK9.szL4jZVymn.g7&vis=1&fpcap=
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Mon, 02 May 2022 09:20:13 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 7 B
440 B 104ms
31ms XHR
text/plain 2a00:1450:400c:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-3838466-26&cid=1188064340.1651569613&jid=249004163&gjid=1821141301&_gid=925035109.1651569613&_u=YEBAAAAAAAAAAC~&z=472776701

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://2plus2.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 03 May 2022 09:20:13 GMT
content-type: text/plain
access-control-allow-origin: https://2plus2.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 jsunit Show response
a4p.adpartner.pro/ 12 KB
3 KB 56ms
56ms Script
application/javascript 54.38.197.123
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/jsunit?id=7803&ref=&0.5544453199120609
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-01.adpartner.pro
Software: nginx /
Resource Hash: 57e1213d74683144f04fdf75985a34d9ebb797c85505fa93e439b6b42ed7a5a7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:20:13 GMT
cache-control: no-store no-transform
server: nginx
content-encoding: br
content-type: application/javascript; charset=utf-8

GET
H2 200 if Show response
a4p.adpartner.pro/tracker/ Frame DEB5 0
139 B 55ms
54ms Document
image/gif 54.38.197.123
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522d7d48cc1-6e44-4292-b809-7a99e28e983f%2522%252C%2522event%2522%253A%2522load%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2067646%252C%2522rule_id%2522%253A184166%252C%2522show_id%2522%253A%25223adcde4e-2611-4c81-a0f3-9146a61fbb25%2522%257D%255D%252C%2522unit_id%2522%253A1412%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%25223adcde4e-2611-4c81-a0f3-9146a61fbb25%2522%252C%2522url%2522%253A%2522https%25253A%25252F%25252F2plus2.ua%25252F%2522%257D
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-01.adpartner.pro
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate no-store no-transform
content-length: 0
content-type: image/gif
date: Tue, 03 May 2022 09:20:13 GMT
expires: 0
pragma: no-cache
server: nginx

GET
H/1.1 200
OK l.js Show response
api.1plus1.video/u/ Frame 4595 898 B
2 KB 82ms
81ms Script
application/javascript 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.1plus1.video/u/l.js?p=4844&l=ua&f=0&auth=1&login_profile=1&_t=1651569613223
Requested by: Host: 1plus1.video
URL: https://1plus1.video/video/embed/12XPPTDu?autoplay=0&l=ua&logo=plus2
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: 57d5b86e29be7f91b581e0cdebad0951f86fcacf271e11ef6496d27b71e103ea

Request headers

Referer: https://1plus1.video/
Origin: https://1plus1.video
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 03 May 2022 09:20:13 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: https://1plus1.video
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Keep-Alive: timeout=15
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame 4595 118 KB
44 KB 47ms
47ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WPC3Q76

Requested by

Host: 1plus1.video
URL: https://1plus1.video/video/embed/12XPPTDu?autoplay=0&l=ua&logo=plus2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ece9c9031515a5a73dd7e8f94a0444db45f8c7b057ef0ecb1935242cb3cd5c68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:20:13 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44753
x-xss-protection: 0
last-modified: Tue, 03 May 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 03 May 2022 09:20:13 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 4595 49 KB
20 KB 40ms
38ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-104502981-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 6323
date: Tue, 03 May 2022 07:34:50 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 03 May 2022 09:34:50 GMT

GET
H2 200 clarity.js Show response
f.clarity.ms/s/0.6.34/ 53 KB
23 KB 324ms
104ms Script
application/javascript 20.84.22.197
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://f.clarity.ms/s/0.6.34/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/al26fychxj
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.84.22.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ca63193ce799e4e00c9106349365981dc6e26cb77632ebf5df23dffba2aaccfa

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:20:13 GMT
content-encoding: br
etag: "1d85c13ded4d154"
last-modified: Fri, 29 Apr 2022 21:55:42 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
accept-ranges: bytes
content-length: 23150
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

POST i
ads.adnuntius.delivery/ 0
0

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
171 B 147ms
39ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/458769/hb_298309_11708.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://2plus2.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://2plus2.ua
date: Tue, 03 May 2022 09:20:13 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H/1.1 200
OK / Show response
ghb.adtelligent.com/v2/auction/ 3 KB
657 B 27ms
27ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/v2/auction/
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/458769/hb_298309_11708.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: f5583c8f568ed12196f2cc6786b948409a67d87570654f71c46badcdaf61cd1c

Request headers

Referer: https://2plus2.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 03 May 2022 09:20:12 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://2plus2.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Length: 376

POST
H/1.1 200
OK / Show response
ghb1.adtelligent.com/v2/auction/ 549 B
541 B 103ms
27ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb1.adtelligent.com/v2/auction/
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/458769/hb_298309_11708.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 0b5855b39b004137a6ab302f59540d00209c5abd4663a2477fc7fa05fb33958c

Request headers

Referer: https://2plus2.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 03 May 2022 09:20:13 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://2plus2.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Length: 260

POST
H2 200 bid Show response
a4p.adpartner.pro/hb/ 3 B
249 B 57ms
56ms XHR
application/json 54.38.197.123
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/hb/bid?tag=8047&sizes=1440x180&referer=https%3A%2F%2F2plus2.ua%2F
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/458769/hb_298309_11708.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-01.adpartner.pro
Software: nginx /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://2plus2.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://2plus2.ua
date: Tue, 03 May 2022 09:20:13 GMT
cache-control: no-store no-transform
access-control-allow-credentials: true
server: nginx
content-length: 3
content-type: application/json

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
211 B 131ms
34ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.7.0-pre&cb=85581843919

Requested by

Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/458769/hb_298309_11708.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://2plus2.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 03 May 2022 09:20:13 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://2plus2.ua
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

POST prebid
ib.adnxs.com/ut/v3/ 0
0

GET fastlane.json
fastlane.rubiconproject.com/a/api/ 0
0

POST c
prebid.a-mo.net/a/ 0
0

GET
H2 200 arj Show response
adtelligent-d.openx.net/w/1.0/ 71 B
372 B 93ms
32ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adtelligent-d.openx.net/w/1.0/arj?ju=https%3A%2F%2F2plus2.ua%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=5ec0779c-0218-42fe-8615-426ccc224b85%2Cb0d4d4a9-bac5-4696-9e55-9d2c1c30c532%2Cbe50e00f-28fe-4e56-a420-8885cb961b15%2Cd33cd54a-93d0-4484-9cc9-cac83e9876b9&nocache=1651569613287&pubcid=0ed01618-9e8e-4813-a642-9d56efcbd391&schain=1.0%2C1!adtelligent.com%2C298309%2C1%2C%2C%2C&aus=2000x1300%7C300x250%7C300x600%7C1440x180&divids=div-gpt-ad-1563887551234-0%2Cad-slot-1%2Cad-slot-2%2Cgpt-4888be31-cb4f-47ce-88e3-9bea39af3650&aucs=%252F82479101%252F2plus2.ua%252FBranding%2523div-gpt-ad-1563887551234-0%2C%252F82479101%252F2plus2.ua%252F2plus2_300x250%2523ad-slot-1%2C%252F82479101%252F2plus2.ua%252F2plus2_300x600_2%2523ad-slot-2%2C%252F82479101%252F2plus2.ua%252Fcatfish%2523gpt-4888be31-cb4f-47ce-88e3-9bea39af3650&auid=541177132%2C541177132%2C541177132%2C541177132
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/458769/hb_298309_11708.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/18.1.0 /
Resource Hash: 571d29030eddb0ad8e924f625d155f38e67271b228e59afba74ad2304369ee75

Request headers

Referer: https://2plus2.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 03 May 2022 09:20:13 GMT
content-encoding: gzip
server: OXGW/18.1.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://2plus2.ua
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET fastlane.json
fastlane.rubiconproject.com/a/api/ 0
0

GET
H2

200

ROS Show response
pbjs.e-planning.net/hb/1/2e43c/1/2plus2.ua/
Redirect Chain

https://pbjs.e-planning.net/pbjs/1/2e43c/1/2plus2.ua/ROS?rnd=0.39885061471669414&e=2000x1300_0%3A2000x1300%2B300x250_0%3A300x250%2B300x600_0%3A300x600%2B1440x180_0%3A1440x180&ur=https%3A%2F%2F2plus...
https://pbjs.e-planning.net/hb/1/2e43c/1/2plus2.ua/ROS?ct=1&r=pbjs&rnd=0.39885061471669414&e=2000x1300_0%3A2000x1300%2B300x250_0%3A300x250%2B300x600_0%3A300x600%2B1440x180_0%3A1440x180&ur=https%3A%...

433 B
844 B

36ms
35ms

XHR
application/json

46.249.52.249
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pbjs.e-planning.net/hb/1/2e43c/1/2plus2.ua/ROS?ct=1&r=pbjs&rnd=0.39885061471669414&e=2000x1300_0%3A2000x1300%2B300x250_0%3A300x250%2B300x600_0%3A300x600%2B1440x180_0%3A1440x180&ur=https%3A%2F%2F2plus2.ua%2F&pbv=6.7.0-pre&ncb=1&vs=FFFF&crs=UTF-8&fr=https%3A%2F%2F2plus2.ua%2F&e_pubcid=0ed01618-9e8e-4813-a642-9d56efcbd391
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Server: 46.249.52.249 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: fa6b6e3804d27952e60bba62059b44a9aa470d384da576e1af8499d358733b5d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:20:13 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://2plus2.ua
expires: Tue, 03 May 2022 09:20:13 GMT
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 433
x-sid: AMS-738

Redirect headers

date: Tue, 03 May 2022 09:20:13 GMT
server: openresty
location: /hb/1/2e43c/1/2plus2.ua/ROS?ct=1&r=pbjs&rnd=0.39885061471669414&e=2000x1300_0%3A2000x1300%2B300x250_0%3A300x250%2B300x600_0%3A300x600%2B1440x180_0%3A1440x180&ur=https%3A%2F%2F2plus2.ua%2F&pbv=6.7.0-pre&ncb=1&vs=FFFF&crs=UTF-8&fr=https%3A%2F%2F2plus2.ua%2F&e_pubcid=0ed01618-9e8e-4813-a642-9d56efcbd391
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://2plus2.ua
access-control-allow-credentials: true
content-type: text/html; charset=iso-8859-1
x-sid: AMS-738

POST
H/1.1 200
OK prebid.1.2.aspx Show response
inv-nets.admixer.net/ 42 B
499 B 125ms
40ms XHR
text/javascript 146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/prebid.1.2.aspx

Requested by

Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/458769/hb_298309_11708.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://2plus2.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 03 May 2022 09:20:13 GMT
Server: nginx
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: https://2plus2.ua
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Keep-Alive: timeout=25
Content-Length: 42
X-Xss-Protection: 0

POST translator
hbopenbid.pubmatic.com/ 0
0

POST prebid
ib.adnxs.com/ut/v3/ 0
0

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
356 B 128ms
38ms XHR
application/json 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/458769/hb_298309_11708.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://2plus2.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://2plus2.ua
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 138ms
51ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-3838466-26&cid=1188064340.1651569613&jid=249004163&_u=YEBAAAAAAAAAAC~&z=1753269295

Requested by

Host: 2plus2.ua
URL: https://2plus2.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 May 2022 09:20:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.co.uk/ads/ 42 B
501 B 155ms
68ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-3838466-26&cid=1188064340.1651569613&jid=249004163&_u=YEBAAAAAAAAAAC~&z=1753269295

Requested by

Host: 2plus2.ua
URL: https://2plus2.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 May 2022 09:20:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK csyncs Show response
ghb.adtelligent.com/ 302 B
504 B 26ms
26ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/csyncs?aid1=648466&aid2=648467&aid3=undefined
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/458769/hbw_master_298309_11708.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e8bc4e2d593bea6f6640df74d4c2be4a6a8a74047c0cfb437f1eb97fe7f48afc

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 03 May 2022 09:20:12 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://2plus2.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Length: 223

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 118ms
39ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=450887889857312&ev=PageView&dl=https%3A%2F%2F2plus2.ua%2F&rl=&if=false&ts=1651569613320&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&fbp=fb.1.1651569613319.1394053815&it=1651569613054&coo=false&rqm=GET

Requested by

Host: 2plus2.ua
URL: https://2plus2.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:20:13 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Tue, 03 May 2022 09:20:13 GMT

POST
H2 200 jsunit Show response
a4p.adpartner.pro/ 29 KB
7 KB 175ms
175ms XHR
application/javascript 54.38.197.123
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/jsunit?id=7803&unit_id=7803&shown=&session_pageview=1&session_id=edf12791-999c-4c6e-9a82-476e30e6bffd&site_visited=1&ref=&reload_count=0&banner_num=1651569613226984547&is_in_viewport=1&location=https%3A%2F%2F2plus2.ua%2F
Requested by: Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/jsunit?id=7803&ref=&0.5544453199120609
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-01.adpartner.pro
Software: nginx /
Resource Hash: 1202e9fd4247d4bf83413c7c2f8ce83667773dfdd2f422c9a6d99dd23366cd28

Request headers

Referer: https://2plus2.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type: text/plain

Response headers

access-control-allow-origin: https://2plus2.ua
date: Tue, 03 May 2022 09:20:13 GMT
cache-control: no-store no-transform
access-control-allow-credentials: true
server: nginx
content-encoding: br
content-type: application/javascript; charset=utf-8

GET
H/1.1 200
OK api.auth.0.0.5.js Show response
api.1plus1.video/static/js/ Frame 4595 108 KB
33 KB 135ms
135ms Script
application/javascript 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.1plus1.video/static/js/api.auth.0.0.5.js?v=e5d7a0e0edee2e1241fd9b3cb5108a742a385aed
Requested by: Host: api.1plus1.video
URL: https://api.1plus1.video/u/l.js?p=4844&l=ua&f=0&auth=1&login_profile=1&_t=1651569613223
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: 792972a6b7f330144c0cf22b9c63f8efaff4665dfb2b43868d0cbbaff721d100

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 03 May 2022 09:20:13 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Apr 2022 11:59:04 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Thu, 02 Jun 2022 09:16:19 GMT

GET
H/1.1

200
OK

csync
sync.adtelligent.com/
Redirect Chain

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=d7d48cc1-6e44-4292-b809-7a99e28e983f

0
407 B

692ms
93ms

Image
text/plain

23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=d7d48cc1-6e44-4292-b809-7a99e28e983f
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: HTTP/1.1
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 03 May 2022 09:20:13 GMT
Server: VertaMedia 1.0
Etag: 3e9f23ecbac7d2f3
Content-Length: 0

Redirect headers

location: https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=d7d48cc1-6e44-4292-b809-7a99e28e983f
date: Tue, 03 May 2022 09:20:13 GMT
cache-control: no-store no-transform
server: nginx
content-length: 166
content-type: text/html; charset=utf-8

GET
H/1.1 200
OK api.auth.css
api.1plus1.video/static/css/ Frame 4595 56 KB
9 KB 68ms
68ms Stylesheet
text/css 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.1plus1.video/static/css/api.auth.css?_t422596126998
Requested by: Host: client
URL: about:client
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: a691ce0fb054d5f2128394b9ad9c5961d7c0cdc1804bc83d6760df78ee304d7f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 03 May 2022 09:20:13 GMT
Content-Encoding: gzip
Last-Modified: Mon, 03 Aug 2020 07:12:56 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Thu, 02 Jun 2022 09:20:13 GMT

GET
H2 204 g_pbto
1x1.a-mo.net/hbx/ 0
89 B 306ms
99ms Image
text/plain 3.223.60.98
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1x1.a-mo.net/hbx/g_pbto?A=undefined&bid=undefined&a=undefined&cn=undefined&aud=undefined&ts=1651569613479&eid=72883912b0c6382
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.223.60.98 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-223-60-98.compute-1.amazonaws.com
Software: MonetEngine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:20:13 GMT
cache-control: max-age=0, private, must-revalidate
server: MonetEngine

GET
H2 200 integrator.js Show response
adservice.google.com.tr/adsid/ 107 B
792 B 248ms
49ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com.tr/adsid/integrator.js?domain=2plus2.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 03 May 2022 09:20:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 135ms
51ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=2plus2.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 03 May 2022 09:20:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 75 KB
24 KB 398ms
397ms XHR
text/plain 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2308176489802007&correlator=2718689850730165&eid=31065401%2C31061828%2C31065517&output=ldjh&gdfp_req=1&vrg=2022042801&ptt=17&impl=fifs&iu_parts=82479101%2C2plus2.ua%2CBranding%2C2plus2_300x250%2C2plus2_300x600_2%2Ccatfish&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F5&prev_iu_szs=2000x1300%2C300x250%2C300x600%2C1440x180&ifi=1&adks=3753537382%2C3937908213%2C3276604062%2C3172664935&didk=2018265100~952673874~952673875~985666713&sfv=1-0-38&ecs=20220503&fsapi=false&prev_scp=Project_2plus2%3DMain%26hb_rfBid%3D0%26excl_cat%3DPREPOST%7CProject_2plus2%3DOther%26hb_rfBid%3D0%26excl_cat%3DPREPOST%7CProject_2plus2%3DMain%26hb_rfBid%3D0%26excl_cat%3DPREPOST%7CProject_2plus2%3DMain%26hb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1651569613494&lmt=1651569613&dlt=1651569612231&idt=675&biw=1600&bih=1200&adxs=-200%2C992%2C1015%2C-12245933&adys=50%2C645%2C1025%2C-12245933&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2F2plus2.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=2000x-1%7C300x250%7C300x600%7C1600x-1&msz=2000x-1%7C300x0%7C300x0%7C0x-1&fws=516%2C4%2C4%2C644&ohw=1600%2C300%2C300%2C1600&ga_vid=1188064340.1651569613&ga_sid=1651569613&ga_hid=2028930833&ga_fc=true&btvi=0%7C0%7C0%7C-1&topics=1&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

8416561f2139485c18ce4e7a5fa6f92a7dad20f86ddcda9042d96c0e111b10dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:20:13 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24262
x-xss-protection: 0
google-lineitem-id: -2,-1,-1,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://2plus2.ua
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
476a1c182686a12c4c773233b90813f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 656D 6 KB
4 KB 164ms
46ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://476a1c182686a12c4c773233b90813f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2plus2.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 03 May 2022 09:20:13 GMT
expires: Wed, 03 May 2023 09:20:13 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK 1px-matching-adpartner.gif
t.trafmag.com/images/ 35 B
351 B 103ms
33ms Image
image/gif 193.200.65.5
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.trafmag.com/images/1px-matching-adpartner.gif?id=d7d48cc1-6e44-4292-b809-7a99e28e983f
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.200.65.5 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: t.trafmag.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 03 May 2022 09:20:13 GMT
Server: nginx
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
P3P: CP="NON DSP COR CURa TIA"

GET
H2 200 uid=d7d48cc1-6e44-4292-b809-7a99e28e983f
s.uuidksinc.net/match/798/ 74 B
241 B 108ms
33ms Image
image/png 31.220.27.134
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.uuidksinc.net/match/798/uid=d7d48cc1-6e44-4292-b809-7a99e28e983f
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.220.27.134 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.19.0 /
Resource Hash: 01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:20:13 GMT
server: nginx/1.19.0
content-length: 74
content-type: image/png

GET
H2 200 d7d48cc1-6e44-4292-b809-7a99e28e983f
go.rcvlink.com/mtch/31/ 43 B
109 B 212ms
49ms Image
image/gif 136.243.84.74
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.rcvlink.com/mtch/31/d7d48cc1-6e44-4292-b809-7a99e28e983f
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.74.84.243.136.clients.your-server.de
Software: nginx /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

hn: b11
date: Tue, 03 May 2022 09:20:13 GMT
server: nginx
content-type: image/gif

GET
H2 200 pix
dsp-trk.eskimi.com/ 43 B
256 B 99ms
34ms Image
image/gif 34.120.139.69
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsp-trk.eskimi.com/pix?e=24&exuid=d7d48cc1-6e44-4292-b809-7a99e28e983f
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.139.69 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 69.139.120.34.bc.googleusercontent.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:20:13 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
content-type: image/gif

GET
H2

200

adpdigital
px.adhigh.net/p/cm/
Redirect Chain

https://px.adhigh.net/p/cm/adpdigital
https://px.adhigh.net/p/cm/adpdigital?bounced=1

49 B
325 B

78ms
78ms

Image
image/gif

193.232.148.145
UMA-TECH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.adhigh.net/p/cm/adpdigital?bounced=1
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Server: 193.232.148.145 , Russian Federation, ASN48061 (UMA-TECH-AS, RU),
Reverse DNS: smtp6.sender.ltmse.com
Software: nginx /
Resource Hash: d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 May 2022 09:20:13 GMT
server: nginx
x-backend-id: f6-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-type: image/gif
content-length: 49
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 03 May 2022 09:20:13 GMT
server: nginx
access-control-allow-origin: *
x-backend-id: f6-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://px.adhigh.net/p/cm/adpdigital?bounced=1
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 204 match
dm-eu.hybrid.ai/ 0
238 B 108ms
32ms Image
text/plain 37.18.103.21
HYBRID-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dm-eu.hybrid.ai/match?id=177&vid=d7d48cc1-6e44-4292-b809-7a99e28e983f

Requested by

Host: 2plus2.ua
URL: https://2plus2.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.103.21 , Netherlands, ASN205675 (HYBRID-AS, DE),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 May 2022 09:20:13 GMT
server: Hybrid Web Server
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin: *
cache-control: no-cache, no-store
x-mode: 512
x-xss-protection: 1; mode=block
expires: -1

GET
H2

200

match
a4p.adpartner.pro/ssp/
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=44025&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D47%26user_id%3D%24%7BUSER_ID%7D
https://ads.betweendigital.com/match?bidder_id=44025&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D47%26user_id%3D%24%7BUSER_ID%7D&crf=1
https://a4p.adpartner.pro/ssp/match?dsp_id=47&user_id=c6c01f59-0eb9-527b-8bda-97afe9aa6462

43 B
456 B

54ms
54ms

Image
image/gif

54.38.197.123
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a4p.adpartner.pro/ssp/match?dsp_id=47&user_id=c6c01f59-0eb9-527b-8bda-97afe9aa6462
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Server: 54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-01.adpartner.pro
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 May 2022 09:20:13 GMT
last-modified: Tue, 03 May 2022 09:20:13 GMT
server: nginx
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length: 43
expires: Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

location: https://a4p.adpartner.pro/ssp/match?dsp_id=47&user_id=c6c01f59-0eb9-527b-8bda-97afe9aa6462
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2

200

match
a4p.adpartner.pro/ssp/
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=44053&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D57%26user_id%3D%24%7BUSER_ID%7D
https://ads.betweendigital.com/match?bidder_id=44053&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D57%26user_id%3D%24%7BUSER_ID%7D&crf=1
https://a4p.adpartner.pro/ssp/match?dsp_id=57&user_id=c6c01f59-0eb9-527b-8bda-97afe9aa6462

43 B
456 B

54ms
53ms

Image
image/gif

54.38.197.123
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a4p.adpartner.pro/ssp/match?dsp_id=57&user_id=c6c01f59-0eb9-527b-8bda-97afe9aa6462
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Server: 54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-01.adpartner.pro
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 May 2022 09:20:13 GMT
last-modified: Tue, 03 May 2022 09:20:13 GMT
server: nginx
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length: 43
expires: Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

location: https://a4p.adpartner.pro/ssp/match?dsp_id=57&user_id=c6c01f59-0eb9-527b-8bda-97afe9aa6462
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2

200

match
a4p.adpartner.pro/ssp/
Redirect Chain

https://exchange.buzzoola.com/cookiesync/redirect/adpartner?redirect_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D63%26user_id%3D%24%7BUUID%7D
https://a4p.adpartner.pro/ssp/match?dsp_id=63&user_id=669034d5-660d-4318-5e63-7e07298bb191

43 B
457 B

53ms
53ms

Image
image/gif

54.38.197.123
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a4p.adpartner.pro/ssp/match?dsp_id=63&user_id=669034d5-660d-4318-5e63-7e07298bb191
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Server: 54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-01.adpartner.pro
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 May 2022 09:20:13 GMT
last-modified: Tue, 03 May 2022 09:20:13 GMT
server: nginx
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length: 43
expires: Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

location: https://a4p.adpartner.pro/ssp/match?dsp_id=63&user_id=669034d5-660d-4318-5e63-7e07298bb191
date: Tue, 03 May 2022 09:20:13 GMT
server: nginx
content-length: 129
serverid: TODO
content-type: text/html; charset=utf-8

GET
H2

200

match
a4p.adpartner.pro/ssp/
Redirect Chain

https://exchange.buzzoola.com/cookiesync/redirect/adpartner?redirect_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D64%26user_id%3D%24%7BUUID%7D
https://a4p.adpartner.pro/ssp/match?dsp_id=64&user_id=f9a8a3c6-b43f-49b2-4c96-744e1c966f30

43 B
457 B

54ms
54ms

Image
image/gif

54.38.197.123
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a4p.adpartner.pro/ssp/match?dsp_id=64&user_id=f9a8a3c6-b43f-49b2-4c96-744e1c966f30
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Server: 54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-01.adpartner.pro
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 May 2022 09:20:13 GMT
last-modified: Tue, 03 May 2022 09:20:13 GMT
server: nginx
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length: 43
expires: Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

location: https://a4p.adpartner.pro/ssp/match?dsp_id=64&user_id=f9a8a3c6-b43f-49b2-4c96-744e1c966f30
date: Tue, 03 May 2022 09:20:13 GMT
server: nginx
content-length: 129
serverid: TODO
content-type: text/html; charset=utf-8

GET
H/1.1

200
OK

adxcm.aspx
inv-nets.admixer.net/
Redirect Chain

https://a4p.adpartner.pro/ssp/match?redirect=https://inv-nets.admixer.net/adxcm.aspx?ssp=5942A2DB-845D-4521-B8C1-8F2E4FE4D122&id={user_id}
https://inv-nets.admixer.net/adxcm.aspx?ssp=5942A2DB-845D-4521-B8C1-8F2E4FE4D122

43 B
463 B

39ms
39ms

Image
image/gif

146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/adxcm.aspx?ssp=5942A2DB-845D-4521-B8C1-8F2E4FE4D122

Requested by

Host: 2plus2.ua
URL: https://2plus2.ua/

Protocol

HTTP/1.1

Server

146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 03 May 2022 09:20:13 GMT
Server: nginx
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

Redirect headers

location: https://inv-nets.admixer.net/adxcm.aspx?ssp=5942A2DB-845D-4521-B8C1-8F2E4FE4D122
date: Tue, 03 May 2022 09:20:13 GMT
cache-control: no-store no-transform
server: nginx
content-length: 146
content-type: text/html; charset=utf-8

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ 87 KB
28 KB 149ms
66ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/458769/hb_298309_11708.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:20:13 GMT
content-encoding: gzip
last-modified: Wed, 29 Dec 2021 12:30:46 GMT
server: nginx
etag: W/"61cc54f6-15c19"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 04 May 2022 09:20:13 GMT

GET
H3 200 api.js Show response
www.google.com/recaptcha/ Frame 4595 925 B
607 B 128ms
48ms Script
text/javascript 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=__api_auth_recaptcha_on_load__&render=explicit&hl=uk

Requested by

Host: api.1plus1.video
URL: https://api.1plus1.video/static/js/api.auth.0.0.5.js?v=e5d7a0e0edee2e1241fd9b3cb5108a742a385aed

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4dfcc59345601436c5a52aea77795af215ca3cc868f16625e9831bb3436c46b5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:20:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 586
x-xss-protection: 1; mode=block
expires: Tue, 03 May 2022 09:20:13 GMT

GET
H2 200 if Show response
a4p.adpartner.pro/tracker/ Frame F28A 0
139 B 56ms
56ms Document
image/gif 54.38.197.123
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%22d7d48cc1-6e44-4292-b809-7a99e28e983f%22%2C%22event%22%3A%22load%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A965093%2C%22cost%22%3A0.000859951%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%223e2d6bba-85f5-49f6-b7ce-6322715babdc%22%7D%2C%7B%22ad_id%22%3A965090%2C%22cost%22%3A0.000810185%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%224de889b5-1fb9-49b4-8cf5-b813b7d4501b%22%7D%2C%7B%22ad_id%22%3A987710%2C%22cost%22%3A0.000543109%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22c825b40e-22d7-4537-b8fc-32c0c190ef49%22%7D%2C%7B%22ad_id%22%3A989137%2C%22cost%22%3A0.000528751%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%228e72179c-ef48-48f4-b0f4-bdcb955921cb%22%7D%5D%2C%22unit_id%22%3A7803%2C%22region_id%22%3A112%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252F2plus2.ua%252F%22%7D
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-01.adpartner.pro
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate no-store no-transform
content-length: 0
content-type: image/gif
date: Tue, 03 May 2022 09:20:13 GMT
expires: 0
pragma: no-cache
server: nginx

GET
H3 200 css
fonts.googleapis.com/ Frame 4595 5 KB
665 B 125ms
48ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700&subset=cyrillic-ext,latin-ext

Requested by

Host: api.1plus1.video
URL: https://api.1plus1.video/static/css/api.auth.css?_t422596126998

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fa3bcc93d1be83ac7d82cd6182d25741cdef5d016e40436266df12a50abbebc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://api.1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 03 May 2022 08:05:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 03 May 2022 09:20:13 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 03 May 2022 09:20:13 GMT

GET
H2 200 recaptcha__uk.js Show response
www.gstatic.com/recaptcha/releases/2W_gRz39xX8G13fM-OdyQPlc/ Frame 4595 394 KB
146 KB 123ms
40ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/2W_gRz39xX8G13fM-OdyQPlc/recaptcha__uk.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=__api_auth_recaptcha_on_load__&render=explicit&hl=uk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70fc6297755708572b6259cc6e6da1bde39fcecf116ae7613812851387ede878

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1plus1.video/
Origin: https://1plus1.video
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 17:53:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55621
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 148993
x-xss-protection: 0
last-modified: Mon, 25 Apr 2022 04:02:19 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 02 May 2023 17:53:12 GMT

POST
H2 204 collect Show response
f.clarity.ms/ 0
65 B 309ms
308ms XHR
text/plain 20.84.22.197
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://f.clarity.ms/collect
Requested by: Host: f.clarity.ms
URL: https://f.clarity.ms/s/0.6.34/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.84.22.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://2plus2.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: https://2plus2.ua
date: Tue, 03 May 2022 09:20:13 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 95 KB
31 KB 137ms
67ms XHR
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8fb8fc201a6f570ebfce0b3504f6da40f0976cd36c20e2983b6e5b172ebf56a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:20:13 GMT
content-encoding: gzip
last-modified: Tue, 05 Apr 2022 12:58:03 GMT
server: nginx
etag: W/"624c3cdb-17cf9"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 04 May 2022 09:20:13 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 53A7 0
18 B 82ms
39ms Document
text/plain 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: 2plus2.ua
URL: https://2plus2.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://2plus2.ua
Referer: https://2plus2.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://2plus2.ua
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Tue, 03 May 2022 09:20:13 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H3 200 container.html Show response
476a1c182686a12c4c773233b90813f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5ED1 6 KB
3 KB 123ms
44ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://476a1c182686a12c4c773233b90813f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2plus2.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 03 May 2022 09:20:13 GMT
expires: Wed, 03 May 2023 09:20:13 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012203150226000/ Frame BEA0 222 KB
62 KB 159ms
38ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b94ed570e00f5bba0eaed65da67bf6f2fc5e107446a682eb045f20dbd12ab0e8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 2775
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62084
x-xss-protection: 0
server: sffe
date: Tue, 03 May 2022 08:33:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "fa1474a6dd6481f4"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 03 May 2023 08:33:59 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame BEA0 16 KB
6 KB 223ms
102ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aec5ee5147fdc283bcb601dc6231c234d9bec077d32756aef2a75eeedf78038f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 2775
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5728
x-xss-protection: 0
server: sffe
date: Tue, 03 May 2022 08:33:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "d91e62368f79b48d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 03 May 2023 08:33:59 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame BEA0 96 KB
29 KB 229ms
109ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

213738a8de7a1e55874dcbc92825c84599256579b64f60f19c2514e61844e6bb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 2775
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29618
x-xss-protection: 0
server: sffe
date: Tue, 03 May 2022 08:33:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9a9baa9802fa29d2"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 03 May 2023 08:33:59 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame BEA0 5 KB
2 KB 254ms
134ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2eb2a641ec9143273f4f5ba4f1526364fd4b1a040b628b4be54b77dbe362690f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 2775
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1900
x-xss-protection: 0
server: sffe
date: Tue, 03 May 2022 08:33:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "3393210d007db9ca"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 03 May 2023 08:33:59 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame BEA0 42 KB
13 KB 257ms
137ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b43999f77e447254a78e068f55a6cc9075071b252277337b901e095e607e474

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 2775
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13669
x-xss-protection: 0
server: sffe
date: Tue, 03 May 2022 08:33:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "565eca32a909292d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 03 May 2023 08:33:59 GMT

GET
DATA 200
OK truncated
/ Frame BEA0 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 15d0fd856f9aeaf5a589b7051e8c36d19580cc9bdedfa0f90b66e16eff43119c

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 container.html Show response
476a1c182686a12c4c773233b90813f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2677 6 KB
3 KB 114ms
43ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://476a1c182686a12c4c773233b90813f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2plus2.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 03 May 2022 09:20:13 GMT
expires: Wed, 03 May 2023 09:20:13 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 12456820542043226909
tpc.googlesyndication.com/simgad/ Frame BEA0 120 KB
121 KB 128ms
41ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12456820542043226909?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnIXbgczspV10schISmzEEkpIDsYA

Requested by

Host: 2plus2.ua
URL: https://2plus2.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c83d4944e19d7034cfd5679ce0b2301dbb5d11fd9998aff2c52503b83c35a687

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 07:15:11 GMT
x-content-type-options: nosniff
age: 266703
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 123329
x-xss-protection: 0
last-modified: Tue, 28 Sep 2021 11:28:34 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 30 Apr 2023 07:15:11 GMT

GET
H2 200 uk.png
tpc.googlesyndication.com/pagead/images/abg/ Frame BEA0 3 KB
3 KB 126ms
39ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/uk.png

Requested by

Host: 2plus2.ua
URL: https://2plus2.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3877a009c29d6544113f27118f4d44385da6d6703ff8d53ed031e6da71825888

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 07:29:49 GMT
x-content-type-options: nosniff
server: cafe
age: 6625
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14587847488922671356
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3073
x-xss-protection: 0
expires: Wed, 04 May 2022 07:29:49 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame BEA0 344 B
807 B 125ms
38ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: 2plus2.ua
URL: https://2plus2.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 16:59:05 GMT
x-content-type-options: nosniff
server: cafe
age: 58869
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 6766994032117382215
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Tue, 03 May 2022 16:59:05 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame BEA0 0
0 47ms
46ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR3PABb8ZyghWpIhAz80M1kwe30N7f0Txf5CP_j3db0UAPbjq0JCruwfy8QSYm2c6lIrKNo
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame BEA0 0
0 81ms
81ms Image
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CqHPYzfNwYs32It_G7_UPhPO6kA2oraLsafiNmYaZD5CSyePCARABIP3_hSNg7QSgAaup6JwByAECqQINVcYq1KexPuACAKgDAcgDCKoEjgJP0JqcSKOghpwy4Bf9TMReLwcXPjPVS5d0zNq3kphWYPHSduVTcuW8kTdxQdBl2Su0zIi0XJmqUfdib5-03n1n5qv1_HBRFS2xZSFmlzp49etFE2C8MDpK-R7jYpHwKZUrjz-KPI2umY0D9Ya2coOpMsnuQ04e8cDWOAgf6wAoq0lL228SH_nx6TE-xrXBknKxzZpTJmBLAXBnI3h0mVO-SieRuGclYs5j42Dw9v59OmqHVaDNScyHAyglUrO4keoAXMRfyOj-E3Onrh8AYmn_H10PwqEtbJsHSeorLjGRDSNNL-f61BB6BpnMvpyd0sSkD0TlCcp8yK7gddXt3qWTDRIibfHUNcDn2L3baDrABJXW-9TaA-AEAZIFBAgEGAGSBQQIBRgEoAYCgAe91pfjAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEMn6AdIICQiI4YAQEAEYHYAKA8gLAdgTDdAVAYAXAbIXHgocCAASFHB1Yi05MTM4MjQ3NjUzNzU0NTMzGNXbFg&sigh=cWlNSoFBttg&uach_m=[UACH]&cid=CAQSLgCNIrLMe6jhWf3nwTas_SqRWkKId_U1i462VEI6okJYTx2st3maIPiJXoFFHRMYAQ
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: zrh04s06-in-f130.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H/1.1 200
OK hls.light.min.js Show response
1plus1.video/static/player/js/ Frame 4595 153 KB
53 KB 84ms
83ms Script
application/javascript 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://1plus1.video/static/player/js/hls.light.min.js
Requested by: Host: 1plus1.video
URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=e5d7a0e0edee2e1241fd9b3cb5108a742a385aed
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: bd9072da49e87b2c3688527532eb51a54a6886366915be497e4e2de0c83e5859

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/video/embed/12XPPTDu?autoplay=0&l=ua&logo=plus2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 03 May 2022 09:20:14 GMT
Content-Encoding: gzip
Last-Modified: Mon, 11 Dec 2017 12:35:16 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Thu, 02 Jun 2022 09:17:12 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame A54A 624 B
340 B 141ms
52ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CP3nKBC3mejsAhiB15WzATAB&v=APEucNWAsUl0Ffk8UdBkogRmh5AXVns9tA0kHsdurxwtBZ9tzvinYqu2bUUsdmihZls0CJU5MTyIef7kFz6-0sUB2o4CFC3e0HstsGQux8WN9dJpmN3BTyrXtcjEoK43uTcTRumUbbVj7JkSwtjclmgkQddfxosuy_4ZvMwVLIgRJjwG3pSzr3E

Requested by

Host: 2plus2.ua
URL: https://2plus2.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://476a1c182686a12c4c773233b90813f0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 03 May 2022 09:20:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 47E3 93 KB
34 KB 182ms
94ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C3OtFTHk_LzdNYCPU66Z_hpKFv4hyb7h4HrxjWhCk_WFx73K8WJMffedpZHo6ca8ewlEwMAymINwb70K0hoqVjpSpBYLfc56ZG4MuGTwHfqrL3BQkBvaSM7LXrr3bSCVreKBWRAy79eOIfeikKqKJpnt0-1A&dbm_d=AKAmf-BnAGh1j-ohU50OrbmusU894T-uXT8LhqkNb6_GyLN88bRWvU6fFvdz127iKdHpk9qVMg7XOpXps3cnQsxiQHQdC6oSQ95cg_xl7c0elqmQQ-D_kX7L67lVU9WVT2nFi7avLnnR0lKMxvs1cRDmyJsSLv_NBu9FDPqgZT5xjnVHON3819pGiJlZAllnnaBjRy47l1J2NQcAAnpw9FdQd35ZT-6TQ8XeX-WuccLoaNDknpLQ9Go8Vna8NzNXzwmasFqERPHP2UQmOZ-WQSvblR4OFbePFCuciCF8fC9gvw09K3a8mYA1cgumyMIfIxfZYfy1DMJjUUxpTrAEkzldNxz-uf7EfSWeeP1IjjmhHYp5S-CX7vMe_eZhKn4YPvugAfttaps64gWfT2__u453k9bRDQ-uLFMIbCVqwBYIto0Z95uTIjABOE07oyEFPhSEhmaijZVe4QVOwqhLdXf6YiilhcKJPr0xcwog1bF5-AngZRoDH2VhbTRimM1QNqVx08BG7e_X-ukKe7ldDLArFEYrUig5n2IQcf--D8KBwSBTjYAuEtRbSzDyj-VtGe_v3pVzyyeoqqxSztbw6EtEXf2EovVWbFis8g8bnYXCX8nTZifPNciPfm3tZYBfU-sSRcQnaskxhKChQn3lCgcjt_gR14Q0h5qEHgZBk9LonS3p5uEXYWjosrH5R3sJvpgrqJQCMRlYjE7BdTH9JquwMVaZi3_3pWz-LFvI-ndvuuF-FMZLQNnhk82pb-Qinxqs0Em017pouckU7OVjtCjoWgzzHz-b9704Y-JdrZpeSi0f5JabgJBDnVDv-wwTGh7jyLEg_GGKL-Gi6ULbnNDEB9fHpbUal4pnKQqNZJXZ8a_FhWK1BHKuhg2H8kLI20UTa3XGcNfBS73gUzTTiiHa5EoiEwvTbrJUaGNtOw8YIPGcqAnHgS1i36Zgjzog6L_Z1XfIjmrLMMdUw48wCp09lb5y9HkbaX1KrMULFS9M0r_G-YtVQz1kir9KAdq4yCh3zEq9slv901sSfxpgM81-aMgGtJ35iQZ5DWL3J8k9hj0eHLFfgOI0IV-Da-SqfjNsPFMZlSK7Hyo1VNjKxkVP7ICRwpB2AirdiDpC4f9-nb33Ft8XrzS8IDfUtD-w3prSSgn2mlsSfm-7ev-tMilaCXApgGD4PNNNAOqM6snEADB-FjzaMdTjV4nSNLYXcUA8T8uPhvWkN5pCQ4C0n8B8Pj-VudVDHLjnw-CJG0h0u8XkiidLMEwxEpp4mYHAfBv-q6xJuHhSdAy8ifcJCGBZkVoNutF5m8k9n2Do5Z1-Z7UaX6cNrxnJZ8SLjf2Eg9vhfEUlYgGbXr8k4vMxcLgASkQXw-j5FEaR62awmGuijHs5iuoA-MqVaG51J79p-Gq4PSraa8xaByKzH-ryKzWRH4A_OKwuaeFWDRE2JboahQv_Lf77LUjD4EZR-TZ2kOfUdyARN7rcWS5u8Ru7MDVnRu4xEAuORYKqWFeP_j6kuMPy6MheUdT70Czcc77gF01MIulqB7hrPyPsfwMPzZEbAE1ZUEAYshb2rfEK2KlPxvFmlqxODdDpyHfxk1D5NrtSyrs9gEL--dvdYADsh_04nwaa2EGps6dOJJNjMUlHJckGB3S15_QlWXBXZlv-M53G9xvHmDTE6cHYLRvHIX9SG8cP86Ogd0X9pIo4dOmEc81mwB3OOlgi3teUn4oin_m-PFu4jMcjzRI9M6jTJeTH26apFy-oZf0D6-K323PGv_o6p8GXinYmbmsqquxoMXEJ7WT28CNG2uVmY7DQaz9ZvowKpcDDD0XJja_U2AzBU5zxRsBvyziutcUtCmxGLEE0X809etoNW0wl8vUBGoA21-bD89XovKezQSaHVWMs_N3WgFP4ysVYf70TBTuE-YPFwk-OQSJ0lUXVAuW2F4Ts5eYBceGQo413WUF8f5T_xTgt26EBJK3vSgqotcF38cVJVvt-qyhAcFuGoWIVJhhIpeiFO4eS0AwQk0DXoYBhiiFS4q_v2C0sBFjWPLBIgdZa7AvLy_wKnA-oXoqG5luQ2G_nURjaiUtAZxIh6zNJBIU24QCGyIbivBvM5tkQfU0wtjCMwJwYmbz4sQhvFGXZ8mtCRyz3orxAetvXk37F_6k3QBqgJuB_Py0aaPDUjKLhMVISIOSISeIbXuEpbY9Jfj9mW8WPrx-1acTu1bsQKrLRlBg0gjlET0DlbF9L2wluD-g9CmOLvJp27zZU3PNHeMcvG1rdPMdCZcei-to92DcECOi7KjiTh_2oJmYkwOwumIiyDVfTC2P2craxfWzHVsAWWRN7g4CBE399WlNUqS2hSq0JbTbOn537eXZ48LIabZqidp8s7ckqLX7PMdSU37Db7BvXvY1tZdJDvg4HcyWxuPQWXx-i6cs0ao24iAup99cLGi7RWEphcqv3xnIzwWkqDAdPkj1aUPA2cqeQMi7IuxP2zQT4q69VJds1lzHZakybOU8rWnS0kezqK91dwZxcpmlyb_z_SPCdxZp1uDOOD0r06GcsiDrsP2YbIB0PRXbofmGfPKj-7s2YSSnC1Uv14so3G286VG-cMR0fF0hKNNH4XmxYMLK7WBo6yHjGlh9qiCzcnIJN2DCre-O3NjZtlA-1GglAcUFhcs_SLJ0TM6RQ9mNXgg4s6gxe308C53eJL32Dz2JNNmVHfEhiSHiA2O20caDCbJ4j6rD6SyaFEgZBOppNF3xN6xODwgPZWsOqh7SolSVPcIceJEuca_zHVqb96o8TnCCwQqBg4_NCMNj2oSza_Y2F71EZRrJYBjiwiw0cTIhkKYnwVEek_AKIguk4lfjahk222eJzkM3axW7UoXN3pb-LLlih0269cBDVdlpjEgxtFOoVhB6RuN6RNTOkQFMn74RhXCSqPybGBue-CLINhi7H-PYVO4CuxfDz6ADCcObA6aL3KA7_NP5y-lxU_07FS_fuXEKwjn9j8NfP3-Xp4VREpOc1dhy_08lWxZEjzjcPMmDTTblP4rX4zczUhr3rcAf3Qw2Xyt51PsaP6oZMGlkscX_DaJ4n9mUi4kM06ovgEvgJX10p5pYVgJ7O8Gvw_fI6oWRXa9uNv0lVVMM4kjEFUuVmDaS3zwpEmlw0bxz5bToOBuhqj0VQranSqAM-yQrKyJqvaqL6CNxn0hcyQ6BhdQys8zcnkv4NDO2kdrAQJj7RPyXRG6Pj1khMD4dj9ehX8iorizgsFHQhD1apwyqodaW8-6aoaTTM-CjL9CjgMLc-A0YGYul_YIvpwcjoMpKh_mJkc8tMBbJass8VqLthgkmxF7ZhMtUAoyZIooIX09HskhR9PTxC8TqHsg&cid=CAQSLgCNIrLMe6jhWf3nwTas_SqRWkKId_U1i462VEI6okJYTx2st3maIPiJXoFFHRMYAQ&rfl=2%2Chttps%253A%252F%252F2plus2.ua%252F%240

Requested by

Host: 2plus2.ua
URL: https://2plus2.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb62b8801f88f71c80551430afacbbadf647cd1d717a3609205ce687cc667c12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://476a1c182686a12c4c773233b90813f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 May 2022 09:20:14 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34788
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220428/r20110914/client/ Frame 47E3 3 KB
1 KB 130ms
48ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220428/r20110914/client/window_focus_fy2019.js

Requested by

Host: 2plus2.ua
URL: https://2plus2.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://476a1c182686a12c4c773233b90813f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:14:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 330
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 May 2022 09:14:44 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 47E3 120 KB
37 KB 138ms
51ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 2plus2.ua
URL: https://2plus2.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

160178c39d1766871699e6ec601ded1376873834318f71aab6bc76017cedb34a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://476a1c182686a12c4c773233b90813f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:20:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37332
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1651491962848324"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 03 May 2022 09:20:14 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220428/r20110914/client/ Frame 47E3 15 KB
6 KB 120ms
39ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220428/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 2plus2.ua
URL: https://2plus2.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://476a1c182686a12c4c773233b90813f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:16:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 207
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 567849196274905959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 May 2022 09:16:47 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 47E3 0
0 47ms
46ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSpLIruuOBE_vWYE7KZHWARwH1dYe9SBlNRdEZW4ACI3CsQ44a93SQp-fXEjFQ0VzTEQ1rJ
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://476a1c182686a12c4c773233b90813f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 47E3 42 B
494 B 157ms
70ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CfvQ2Eoe0a9xktvTCLG7vwn7bLvzc0iTBpqRDKkMltjVinezRu_5Y6wtzWBqaBy8XI_YXTFDd-tWC1i4grS7ljcvUO95FKoVouCu7iIxOFADr7uPw

Requested by

Host: 2plus2.ua
URL: https://2plus2.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://476a1c182686a12c4c773233b90813f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 May 2022 09:20:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame DF0A 624 B
733 B 136ms
51ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CP3nKBC3mejsAhiI15WzATAB&v=APEucNXFSLkXj5LlauaFBRMg777vTMJ_t_FQOHlF5X3vJxfwyeVKvCKZeHBQu8wqiC7TL_6mpQRYDmE3scJUY4TkDti1kG4JppFmhbRGAE7jXwFqlyOxJ4xV78Con73N0DBV_CnkVsGAAgQ2QrmDQuRNqjxyBb-or7MA77jBg1hsJ95UsvNuEW8

Requested by

Host: 476a1c182686a12c4c773233b90813f0.safeframe.googlesyndication.com
URL: https://476a1c182686a12c4c773233b90813f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://476a1c182686a12c4c773233b90813f0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 03 May 2022 09:20:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 5ED1 94 KB
34 KB 220ms
135ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BMjs0my95xP86L7HoWta4mgDa0CZ2WL96aVKRpUM5l4J0IkC8DF34u44Ljkh67vD-fDFXuwLCn7x-5toerxOgwDeMLSl_6dsee_EkvO7qasm7Z3MTctZfS2mGxC0QNkFZvjUIkYscvjizvxkM79GfvwdvRug&dbm_d=AKAmf-BPnQ--GyQRr2P7XS6u5RBjfwrGiJqphzzM5wzRCGtaFj35-wh5X5lKxu4iPKRcY0LUL8Sa1FtlyOl1knTU_RNb56Q4WljEJi9kBJ1aZS0RNC-df5C-OByQjxKJiqAencc2HGjgN-A0eV7jbrimnsGnv4XPUK7kft6yRnIMRWIEcQsHd47jaNuSlDD2Ir4VWSFcRAxNImdbGQdU68AJhWcylqv0kTWNx_jET1esVqs8aUooTOtKMTccbycPq9Xwg7f5vudU3D5_zOToBZPUbjYYymL4-bxZG5KwxldMu_CHz6lrktU32h0YsKGSLMRvOS5Bm1hYwaOXZQ8N87yV1vxXNRYJW7WRyazKHQ73dMbPzdbsRnlR0VOxIKQT-w8xsOqjob2XZLxFyqqPAcvDZ6qXBjsaicTixdJi9Y7j40QpniKdfnoZHG1Ity7BhgfTZpw4PnbvcqKaknHoEDpd7J5jZlyXZeOQIEtGPy_rPbR3MMW94euxt8cxwugWlDLeH0fNANAFoavOsVSONJJwEy3Swu61qGrYIOLJpY4SIeRo40zKHScbWaBEUDrRrIRnEufCvopv331Xx6pvZ7O2x027bH_vyGsO58AI_oWWU7lAQM70v3zjMpDSruP7jCI4MsnaEDkyI86UU_ZBkfZ0aw6Fdm4dngBdfgx2-wwFKLXgEy4e0ZmeLqzWEX165e7uJHi7YcJQ-mtTycn5WH2ruJbNcgAummypUluQGgjSrfPPKKLsx3JM9aTBzK7CJnqBZCUIEtyMo5_pvv1Whdm1aJH5_lZWh180_CYxjtqBnyGNTEvsboJZAUgT5HlK-9HkfBxrNGpqMAK2ZAxopt5YwK50GMPpLbDZmEIWwjpDQmKMTgRTo3nszqsoi9Ca0L8WjJA2qb5jCxxA_vVFqQceu83NkJJipnE5BTGGJuuRrg2KgZyy0WrOdsB0_r4mZr1cWmlNxc94lv7KFZ93Ma8w2m7P_SYLAeui0VboR6JnXW8LUMRHejjiW646lSZH3HZox9nyBq5vTVVAbQR1a3_M52YMfRBenI28uXEmkKL3P_ThQWPvbVMiG-wYpfk6IJt6StENBoByQKvHhRKqsfVPXnAHXh0c6PP6szuEvMVZGJaE0SdOgtyYydJJ1DhAz3SHnTjOBg6w7nU4KcC20JwW_GZPjyuSQjJRK6M4iw27a-D-IQQxXKTQjX9KzpWeHu8wtPG8vK-X0TKXL8EXOI_sZa1OQk55z_XQL2Jy3NYNpWcxP3m682-LIkFHnEQdt1KWHDoNBQ3TgXimKm5tnDjePA9qJhpnmun_mQDErqucyYQMgpwudoUeM44WrnNcBMXhZqLPpxCrFQ-dcJcCO8ChZG_TBlLEV0LLbZNsY0phA_e72CemxKBFqHL3MNeYGv3uP_sbIGGy8UCnlgdcP0NwVv_0BPhgqaXV4oD5r7XBqAMmgqbpxIfYQqdMSiEs8R_lu2ZEAlIL5Low2vIbJwjW99ry7QeI3GIudfA1G1ITP8VVc0C1aXjR8zcTMtDyqAmYaYlqKUZ02wrfNy1Y0wy36OqNwdMhTh-3RITHQJ0m1A9j8Y_Rt3YGFElwCsWYInP5XVfKgwSy6kc4CAUY5naHbVNg7J5toax8JuuNOz_3BjmZGbcNL_6Pb0oNJvEvHXeMlBVBpCeIOsf8Z75Fp5Cxzofqr72uOnID6hR3a2V5FVfifOlYyg02bThtV49Gzbm7VS5uN7AFT61JiF40nebLQk5fGVeeClV8zE4lUsCA3FzXNgmr-JIZ49ec8a45Y1Ie7THAZKKOPkv_9AqpRrXQAxmdOh1IAHN6674izoKWoKSctqCVAYyP9LlbRW0tproMP44MVVjfsYrmvEjSxCmQLtOyozUWjxM1RhX3GrvWKToiB6S70NbFVfQ6DNS3X4tNbYhVpgQ3gRr-zPnOyZwfTysOZ0Qsqw1mYFT5rVxT9PyKLNOXnUrZzvoy6plh4VDg30Fes4HILrW5zAbV80kEySXicoKTbvyjWh7iEkWsiyhuOaWuDo1yKE_ltTjiEdKTZiWmqMWXYH8VbcqA-l25uiS75uNXKsX-ZkGKSnSlSIeTTrUaQwmLcAYKfYkJre_GH-4KanlIvgT8zclYS0IRJMGfRYWxnwuSNO4ZQ2HwZNjya7Ju9JldpTrSTZvsbSd_A5UNUbLB8NU-uOVTwHnOHeIPixocpvR_9YdwYCprx624iehEEFtnUOMv47NV-tYGZs1zeE8LDkhO-PybvI0gljqy6bwvvl8oDxO50WLSd5P4KyDF4-S3_2O2HmSs-wPf4nbOPfNIQYvOA73EAolrsFwkPOesXOiJpmtiklj5eb2Cy4Poqu0c-k7lDHCFxveL92cEsLqoPMoEw_bJeNMWMFueCNgQf2v6o-s5xNxATi5e8fCbpSDDJfMWVqK0ExwKakMs4xqYt_ughiQxgZKVBB7q0qSPEnkIu0oFXOp9Bnuk2fpxEpj3eFnOFDGkF75yp8TpNip--Ww6lEbYC-UPydjVVBU1I4mG3U1EUwQMO69pti9icMQoDvYQizFBgFyytAVfsrbihtr8P7BMCdTy9ZbXrN-JhW0aDJ2sNvlZ7LBtLo4HDybYOu1YKmcmjNJeLpnISUkGhvY9CSZZDCAdty2Gd2wAUIYzWXeVJ9DpCyAPi_8ZNpdgWFAQ6adMgjGsis_4pI77mydCKvUqPAY-AUQy6RBzkJTLCnn9DReCYEoHWndtrY7ciKhT66AvWSAnh65nmpIQhhXbhy61RbN_xnJorVIsX5co-YtcpuGCUu8Ehl6P7U7aLJO3i9hvmm5SdDIoHZW2RPrRC1m-v2WZnStSQJ3FRCfKL2Wb323MQmY_rYJyRxZrnVP9CGXdfs3uJjtveFjLuUiaJMiCux6Sd_X94od7ncI0KhhoiHWq2ImyR6-F8qBm5iChM7mFiHaWX_vO0n_WYNxvSPD2zA3HiyE7r1RqxnNfqivm1F9BF-2qAaP9w9xVShPWqL6qvpLPkgpPLDkPDFIbpvz2FQOTd551AILUzZRIGslNO6zimY1VtyRA2uRYbi0zKOeu3Jg3ePXXnXe5-YyNG9TQfu-ZbJ5YMeCKn5Q7kHwF9Ga-zV29g80WjpeZh5fLxfVzGh1B2_WfHDyO916wtZGafdGIE5GXyPHJ1SJuCgLQsBsBZcvrOQbBMcB1Vbw4ysUgWwkkTytBkWHaURrJ8XCCz6HXVWIyDVPhp7U74fKjPrKDApEYIqWyFSuWn2jw5fbZC6-r99xeS9d7wFZgl7eMQJN8o7IR5O920aAtapiUHTTbnTWqiuB1uBCVlN6riTab79RRZQf1jsk4rBTYnxfR098aA4GQEKqCXw&cid=CAQSLgCNIrLMe6jhWf3nwTas_SqRWkKId_U1i462VEI6okJYTx2st3maIPiJXoFFHRMYAQ&rfl=1%2Chttps%253A%252F%252F2plus2.ua%252F%240

Requested by

Host: 2plus2.ua
URL: https://2plus2.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f251b8d9cb9dce33881d16be7107b98e191f0e720c2b749241f03c06f2c05ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://476a1c182686a12c4c773233b90813f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 May 2022 09:20:14 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34852
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5ED1 42 B
107 B 154ms
70ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Bt36aUaoNs3ZOpcUvJwumUADKsyBBhD3XUHgVAlHxM3XXHXJCHHUPZ85RxUVrhohi5N8DqtVAr7UThRvipYQi1Jh7vwgvY7o7spDyEmAUk5wE0xME

Requested by

Host: 476a1c182686a12c4c773233b90813f0.safeframe.googlesyndication.com
URL: https://476a1c182686a12c4c773233b90813f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://476a1c182686a12c4c773233b90813f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 May 2022 09:20:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220428/r20110914/client/ Frame 5ED1 3 KB
1 KB 125ms
48ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220428/r20110914/client/window_focus_fy2019.js

Requested by

Host: 476a1c182686a12c4c773233b90813f0.safeframe.googlesyndication.com
URL: https://476a1c182686a12c4c773233b90813f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://476a1c182686a12c4c773233b90813f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:14:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 330
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 May 2022 09:14:44 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5ED1 120 KB
37 KB 180ms
96ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 476a1c182686a12c4c773233b90813f0.safeframe.googlesyndication.com
URL: https://476a1c182686a12c4c773233b90813f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

160178c39d1766871699e6ec601ded1376873834318f71aab6bc76017cedb34a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://476a1c182686a12c4c773233b90813f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:20:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37332
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1651491962848324"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 03 May 2022 09:20:14 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220428/r20110914/client/ Frame 5ED1 15 KB
6 KB 115ms
38ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220428/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 476a1c182686a12c4c773233b90813f0.safeframe.googlesyndication.com
URL: https://476a1c182686a12c4c773233b90813f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://476a1c182686a12c4c773233b90813f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:16:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 207
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 567849196274905959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 May 2022 09:16:47 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 5ED1 0
0 47ms
46ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRgBBC6RMUT0j6pC7yn09KZx-J2bzGs_dOP9O_B7fIYnF4AlVu_ffVpHyABxTj0HeLKJAES
Requested by: Host: 476a1c182686a12c4c773233b90813f0.safeframe.googlesyndication.com
URL: https://476a1c182686a12c4c773233b90813f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://476a1c182686a12c4c773233b90813f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 c7cdf394dc8482759f9077a41e4abf22.custom.jpg
images.1plus1.video/card-5/12XPPTDu/ Frame 4595 512 KB
512 KB 77ms
77ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/card-5/12XPPTDu/c7cdf394dc8482759f9077a41e4abf22.custom.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 0479c803e597c9eacc35328c18e47b75104c9c67359da67d31fa807de6309663

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:20:14 GMT
last-modified: Wed, 23 Feb 2022 17:22:14 GMT
server: nginx
etag: "8cdf6bac6c3c122e283456481462d852"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 523866
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 03 May 2022 09:20:14 GMT
expires: Tue, 10 May 2022 09:20:14 GMT

GET
DATA 200
OK truncated
/ Frame 4595 369 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5f9ecc527406b9b72bc3a9f4527892dcf842584b7e6aeb7ce816a4c7c8803954

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
fonts.gstatic.com/s/opensans/v28/ Frame 4595 24 KB
24 KB 134ms
43ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v28/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700&subset=cyrillic-ext,latin-ext

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fcbd587432f5e88fc926d1cde0d375084b7f3e711f9ff34571dec52f70fb27cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://1plus1.video
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 22:47:37 GMT
x-content-type-options: nosniff
age: 556357
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24756
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 22:00:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Apr 2023 22:47:37 GMT

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v28/ Frame 4595 44 KB
44 KB 127ms
39ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v28/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700&subset=cyrillic-ext,latin-ext

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://1plus1.video
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 22:45:07 GMT
x-content-type-options: nosniff
age: 556507
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 22:03:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Apr 2023 22:45:07 GMT

GET
H2 200 gplayer.js Show response
gaua.hit.gemius.pl/ Frame 4595 22 KB
6 KB 59ms
58ms Script
application/x-javascript 54.37.238.28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/gplayer.js
Requested by: Host: 1plus1.video
URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=e5d7a0e0edee2e1241fd9b3cb5108a742a385aed
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.37.238.28 , France, ASN16276 (OVH, FR),
Reverse DNS: ip28.ip-54-37-238.eu
Software: GHC /
Resource Hash: 8ea36d679c5c9dd3d5582d5f55c70ef4d7e3cf8d5360f8c45a637587483f6ee1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:20:14 GMT
content-encoding: gzip
last-modified: Thu, 21 Apr 2022 06:09:03 GMT
server: GHC
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: max-age=43200
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 5978
expires: Tue, 03 May 2022 21:20:14 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 38ms
38ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=2028930833&t=event&ni=1&_s=2&dl=https%3A%2F%2F2plus2.ua%2F&ul=en-us&de=UTF-8&dt=2%2B2%20-%20%D0%9E%D1%84%D1%96%D1%86%D1%96%D0%B9%D0%BD%D0%B8%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%D1%83%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Clarity&ea=108kdim&_u=aHDAAEABAAAAAC~&jid=&gjid=&cid=1188064340.1651569613&tid=UA-3838466-26&_gid=925035109.1651569613&gtm=2wg4r0W2BBRKX&cd1=https%3A%2F%2Fclarity.microsoft.com%2Fga%2Fal26fychxj%2Ffmiav4%2F108kdim&z=311421843

Requested by

Host: 2plus2.ua
URL: https://2plus2.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 10:58:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 80496
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 4844 Show response
api.1plus1.video/v2/ua/recommendation_projects/ Frame 4595 5 KB
2 KB 90ms
89ms XHR
application/json 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.1plus1.video/v2/ua/recommendation_projects/4844?cid=12XPPTDu&vct=3&_t75866466006
Requested by: Host: 1plus1.video
URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=e5d7a0e0edee2e1241fd9b3cb5108a742a385aed
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: 9a28fedf4a224ca7b3ef2e7cdf7ac33a4e5900aa47e391bdea0baea46e61bb18

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 03 May 2022 09:20:14 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://1plus1.video
Cache-Control: no-store, no-cache, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Keep-Alive: timeout=15
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame BEA0
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

185ms
104ms

Image
text/html

2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H3
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

date: Tue, 03 May 2022 09:20:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 74a4f00b1034d1e5de44c52c5afaf1fd.220x330.jpg
images.1plus1.video/playlist-1/5312/ Frame 4595 32 KB
32 KB 88ms
88ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/5312/74a4f00b1034d1e5de44c52c5afaf1fd.220x330.jpg
Requested by: Host: 1plus1.video
URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=e5d7a0e0edee2e1241fd9b3cb5108a742a385aed
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 564790a34f4bb222b6812e6c32b124320b3ccd5db9a922fcff71f72a4bd02673

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:20:14 GMT
last-modified: Wed, 19 Jan 2022 15:44:36 GMT
server: nginx
etag: "051dae29b6412985e0d02f1883f31c84"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 32599
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 03 May 2022 09:20:14 GMT
expires: Tue, 10 May 2022 09:20:14 GMT

GET
H2 200 c9b0c9a776f78f3b56b9024ff259bf6d.220x330.jpg
images.1plus1.video/playlist-1/5252/ Frame 4595 86 KB
87 KB 115ms
115ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/5252/c9b0c9a776f78f3b56b9024ff259bf6d.220x330.jpg
Requested by: Host: 1plus1.video
URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=e5d7a0e0edee2e1241fd9b3cb5108a742a385aed
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: ded40bc9b131ce8d897e8319b65b204d44da586ca44e661f3acc33cb6438b1f4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:20:14 GMT
last-modified: Wed, 19 Jan 2022 15:43:20 GMT
server: nginx
etag: "90f688b5780469424dc2f50e497a080f"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 88537
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 03 May 2022 09:20:14 GMT
expires: Tue, 10 May 2022 09:20:14 GMT

GET
H2 200 7685b7308bb44288c4f399496048c4df.220x330.jpg
images.1plus1.video/playlist-1/945/ Frame 4595 59 KB
60 KB 99ms
99ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/945/7685b7308bb44288c4f399496048c4df.220x330.jpg
Requested by: Host: 1plus1.video
URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=e5d7a0e0edee2e1241fd9b3cb5108a742a385aed
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 143f50225190e7a587d8e43d7504c7645b29f1dfb957eae82f59977a6cc35c98

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:20:14 GMT
last-modified: Thu, 20 Jan 2022 12:33:22 GMT
server: nginx
etag: "8bae3cce1b9ac9a8d0dc652c45b532de"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 60741
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 03 May 2022 09:20:14 GMT
expires: Tue, 10 May 2022 09:20:14 GMT

GET
H2 200 55f1bedc694d3cc5486c48c37f4c37cc.220x330.jpg
images.1plus1.video/playlist-1/103957/ Frame 4595 74 KB
74 KB 89ms
87ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/103957/55f1bedc694d3cc5486c48c37f4c37cc.220x330.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: d6a2db3e79fe9b07cd3d639778ab7a14c6b84fb1b8adb4bb7c4148a0ab070de0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:20:14 GMT
last-modified: Wed, 03 Feb 2021 13:04:39 GMT
server: nginx
etag: "f6b24d693a392d33eccdd561badd41d4"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 75576
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 03 May 2022 09:20:14 GMT
expires: Tue, 10 May 2022 09:20:14 GMT

GET
H2 200 c86c98626e6650b7cc45b9399ba831a7.220x330.jpg
images.1plus1.video/playlist-1/7442/ Frame 4595 53 KB
53 KB 162ms
160ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/7442/c86c98626e6650b7cc45b9399ba831a7.220x330.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 79bfb57ae767aa4d6ff454d85780b53b8b3c9c3c5407efa9a423e1d4b3a57603

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:20:14 GMT
last-modified: Wed, 23 Oct 2019 08:24:22 GMT
server: nginx
etag: "05c80966c5cb92f8fc27ec548a7ea448"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 54238
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 03 May 2022 09:20:14 GMT
expires: Tue, 10 May 2022 09:20:14 GMT

GET
H2 200 200x335.jpg
images.1plus1.video/playlist-1/9960/ Frame 4595 14 KB
14 KB 98ms
96ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/9960/200x335.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 5767504edc32715193265cf5d3b599a76184ee3dc0856d90915fff2474ee1b24

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:20:14 GMT
last-modified: Fri, 27 Oct 2017 07:02:02 GMT
server: nginx
etag: "d341bae25e9d8c82ed89d493016581f7"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 14487
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 03 May 2022 09:20:14 GMT
expires: Tue, 10 May 2022 09:20:14 GMT

GET
H2 200 59c27a9e093f1ea64707f67133bcd71f.220x330.jpg
images.1plus1.video/playlist-1/7441/ Frame 4595 43 KB
43 KB 99ms
96ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/7441/59c27a9e093f1ea64707f67133bcd71f.220x330.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 7aaa78bc1b01f0a951224964358a71ff90abc02b7492f64c88980a13f73dbf95

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:20:14 GMT
last-modified: Wed, 26 Aug 2020 15:55:10 GMT
server: nginx
etag: "2a81b5e2906718ff87f0cab7caa5818e"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 44174
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 03 May 2022 09:20:14 GMT
expires: Tue, 10 May 2022 09:20:14 GMT

GET
H2 200 200x335.jpg
images.1plus1.video/playlist-1/41106/ Frame 4595 13 KB
14 KB 89ms
87ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/41106/200x335.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 6aa5844ad135353e46dc232fe26175ca0b49c9b5ae0fca001f03c06496c05c1a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:20:14 GMT
last-modified: Fri, 27 Oct 2017 07:17:14 GMT
server: nginx
etag: "0320d58c71f341a6792beac800431198"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 13823
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 03 May 2022 09:20:14 GMT
expires: Tue, 10 May 2022 09:20:14 GMT

GET
H2 200 228b454045e09c310f5527498a6a5ce1.220x330.jpg
images.1plus1.video/playlist-1/120214/ Frame 4595 81 KB
82 KB 107ms
105ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/120214/228b454045e09c310f5527498a6a5ce1.220x330.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: bf4b80d75d372b22fefb1daed5d5d5113b8895af5d6f876a67dfaa07b6593c30

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:20:14 GMT
last-modified: Mon, 08 Nov 2021 14:27:00 GMT
server: nginx
etag: "71bf4a961435d1e5ba11acad363e4916"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 83351
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 03 May 2022 09:20:14 GMT
expires: Tue, 10 May 2022 09:20:14 GMT

GET
H2 200 1757fcb6a34daa11f893254fee0138b4.220x330.jpg
images.1plus1.video/playlist-1/7446/ Frame 4595 42 KB
43 KB 88ms
86ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/7446/1757fcb6a34daa11f893254fee0138b4.220x330.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 7f573b2edce0b3073451c72bda43d4ae913c43a4ce64d90e69ae2897aa89c1b1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:20:14 GMT
last-modified: Wed, 26 Aug 2020 15:50:23 GMT
server: nginx
etag: "f2333e2ee23e5c2e678d7020c404c167"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 43372
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 03 May 2022 09:20:14 GMT
expires: Tue, 10 May 2022 09:20:14 GMT

GET
H2 200 200x335.jpg
images.1plus1.video/playlist-1/10772/ Frame 4595 14 KB
14 KB 153ms
151ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/10772/200x335.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 3e50ec9bf9cd0bd36e6893758780613e45003ce16354ba6d3efff6e51edb6ef6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:20:14 GMT
last-modified: Fri, 27 Oct 2017 07:02:21 GMT
server: nginx
etag: "26ad09546b4e87969d932db4f3ddc063"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 13879
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 03 May 2022 09:20:14 GMT
expires: Tue, 10 May 2022 09:20:14 GMT

GET
H2 200 200x335.jpg
images.1plus1.video/playlist-1/48/ Frame 4595 12 KB
12 KB 148ms
146ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/48/200x335.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 0a79e4b9555c24441d9c72f0c51a7793442ecb15b2b801a802fefca592b91c65

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:20:14 GMT
last-modified: Fri, 27 Oct 2017 06:54:58 GMT
server: nginx
etag: "2fc219c3f164ac38c04373b9337a23ee"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 11853
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 03 May 2022 09:20:14 GMT
expires: Tue, 10 May 2022 09:20:14 GMT

GET
H2 200 220x330.jpg
images.1plus1.video/playlist-1/44376/ Frame 4595 14 KB
14 KB 145ms
144ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/44376/220x330.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: e907d3f2e9ab46e2d2959431618413d3cbe722b9761e406bf765d156b154f90b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:20:14 GMT
last-modified: Fri, 27 Oct 2017 07:18:50 GMT
server: nginx
etag: "396db528b829a5251e8fc08d8ff63368"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 14386
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 03 May 2022 09:20:14 GMT
expires: Tue, 10 May 2022 09:20:14 GMT

GET
H2 200 220x330.jpg
images.1plus1.video/playlist-1/46079/ Frame 4595 16 KB
17 KB 154ms
152ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/46079/220x330.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: ce43847a09e5b32264fd405cadb39468fa323414fb98a57cf90ca100ecc3f365

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:20:14 GMT
last-modified: Fri, 27 Oct 2017 07:19:12 GMT
server: nginx
etag: "49f87d8676cf58992125d43f8dfe90bd"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 16618
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 03 May 2022 09:20:14 GMT
expires: Tue, 10 May 2022 09:20:14 GMT

GET
H2 200 12b3926bb861a8b9a74c7c08aa0b50c5.220x330.jpg
images.1plus1.video/playlist-1/659/ Frame 4595 37 KB
38 KB 143ms
141ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/659/12b3926bb861a8b9a74c7c08aa0b50c5.220x330.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: b2e6c00a45288868369ef6ac73eebb20af2b8a404f13a7a6d2ad2f3854282116

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:20:14 GMT
last-modified: Fri, 26 Jun 2020 10:56:32 GMT
server: nginx
etag: "e245ad3d562db3f3947df4042e215baa"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 38340
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 03 May 2022 09:20:14 GMT
expires: Tue, 10 May 2022 09:20:14 GMT

GET
H2 200 56bed3dbc2477b78fa6cf738a9952f4e.220x330.jpg
images.1plus1.video/playlist-1/126226/ Frame 4595 47 KB
47 KB 152ms
150ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/126226/56bed3dbc2477b78fa6cf738a9952f4e.220x330.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 47e0d362a8eaa14f412baa47e2e6be04c9c65e479e6de1281fdb511611ac917e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:20:14 GMT
last-modified: Tue, 09 Mar 2021 11:43:06 GMT
server: nginx
etag: "63d497ab8c8f34bcf71c318a6f3101bb"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 48068
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 03 May 2022 09:20:14 GMT
expires: Tue, 10 May 2022 09:20:14 GMT

GET
H2 200 6377a284bdacb578df4878bc8331958f.220x330.jpg
images.1plus1.video/playlist-1/7444/ Frame 4595 42 KB
43 KB 178ms
176ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/7444/6377a284bdacb578df4878bc8331958f.220x330.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 1494d2b38bdef6a3475b947ca1d5f10a402a0005b5ac0e1f052e689219dfd703

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:20:14 GMT
last-modified: Wed, 26 Aug 2020 15:52:34 GMT
server: nginx
etag: "ffb806c41dc466bdf688de555519a6ee"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 43433
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 03 May 2022 09:20:14 GMT
expires: Tue, 10 May 2022 09:20:14 GMT

GET
H2 200 200x335.jpg
images.1plus1.video/playlist-1/41551/ Frame 4595 9 KB
9 KB 139ms
137ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/41551/200x335.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: aff66da2e24f7833ec3ac1e7136c44b55c3ed0118957894c77eca728bd5fac50

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:20:14 GMT
last-modified: Fri, 27 Oct 2017 07:17:24 GMT
server: nginx
etag: "c6748e2cfd7e4055f74da8f1ff19ffa4"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 8833
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 03 May 2022 09:20:14 GMT
expires: Tue, 10 May 2022 09:20:14 GMT

GET
H2 200 gemiuslib.js Show response
gaua.hit.gemius.pl/ Frame 4595 41 KB
11 KB 60ms
60ms Script
application/x-javascript 54.37.238.28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/gemiuslib.js
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/gplayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.37.238.28 , France, ASN16276 (OVH, FR),
Reverse DNS: ip28.ip-54-37-238.eu
Software: GHC /
Resource Hash: c4a648b90b933da069c2324f7919ea7e313922f846864276c5f33bcc95506103

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:20:14 GMT
content-encoding: gzip
last-modified: Thu, 21 Apr 2022 06:09:03 GMT
server: GHC
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: max-age=43200
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 11182
expires: Tue, 03 May 2022 21:20:14 GMT

GET
H/1.1 200
OK api.chat.0.0.1.js Show response
api.1plus1.video/static/js/ Frame 4595 33 KB
13 KB 67ms
67ms Script
application/javascript 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.1plus1.video/static/js/api.chat.0.0.1.js
Requested by: Host: 1plus1.video
URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=e5d7a0e0edee2e1241fd9b3cb5108a742a385aed
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: e2b2134adf52398755a5e6428ee95f6a6f99db6b82530f2b3e964c5be470cfe0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 03 May 2022 09:20:14 GMT
Content-Encoding: gzip
Last-Modified: Wed, 23 Feb 2022 14:15:30 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Thu, 02 Jun 2022 09:19:22 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 4595 376 KB
126 KB 145ms
51ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: 1plus1.video
URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=e5d7a0e0edee2e1241fd9b3cb5108a742a385aed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61b2100a8748346132ab227b5cbb6710c66aa8ed5c6caf241e1d85e7bcc049bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:20:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 128368
x-xss-protection: 0
expires: Tue, 03 May 2022 09:20:14 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame DF0A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOrkWv5e5bfwn0NBPRX6sMc&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOrkWv5e5bfwn0NBPRX6sMc&google_cver=1&C=1

43 B
1012 B

126ms
126ms

Image
image/gif

92.122.147.230
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOrkWv5e5bfwn0NBPRX6sMc&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP3nKBC3mejsAhiI15WzATAB&v=APEucNXFSLkXj5LlauaFBRMg777vTMJ_t_FQOHlF5X3vJxfwyeVKvCKZeHBQu8wqiC7TL_6mpQRYDmE3scJUY4TkDti1kG4JppFmhbRGAE7jXwFqlyOxJ4xV78Con73N0DBV_CnkVsGAAgQ2QrmDQuRNqjxyBb-or7MA77jBg1hsJ95UsvNuEW8
Protocol: HTTP/1.1
Server: 92.122.147.230 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-122-147-230.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 03 May 2022 09:20:14 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 03 May 2022 09:20:14 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 03 May 2022 09:20:14 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOrkWv5e5bfwn0NBPRX6sMc&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Tue, 03 May 2022 09:20:14 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame DF0A
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YnDzzkGTbhl1xl25GTGmOwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOrkWv5e5bfwn0NBPRX6sMc&google_cver=1

43 B
892 B

81ms
81ms

Image
image/gif

92.122.147.230
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOrkWv5e5bfwn0NBPRX6sMc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP3nKBC3mejsAhiI15WzATAB&v=APEucNXFSLkXj5LlauaFBRMg777vTMJ_t_FQOHlF5X3vJxfwyeVKvCKZeHBQu8wqiC7TL_6mpQRYDmE3scJUY4TkDti1kG4JppFmhbRGAE7jXwFqlyOxJ4xV78Con73N0DBV_CnkVsGAAgQ2QrmDQuRNqjxyBb-or7MA77jBg1hsJ95UsvNuEW8
Protocol: HTTP/1.1
Server: 92.122.147.230 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-122-147-230.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 03 May 2022 09:20:14 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 03 May 2022 09:20:14 GMT

Redirect headers

pragma: no-cache
date: Tue, 03 May 2022 09:20:14 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOrkWv5e5bfwn0NBPRX6sMc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame DF0A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEG4j_CuWrzNBZZCWVfISKwg&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEG4j_CuWrzNBZZCWVfISKwg%26google_cver%3D1

43 B
1 KB

34ms
33ms

Image
image/gif

185.33.221.88
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEG4j_CuWrzNBZZCWVfISKwg%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP3nKBC3mejsAhiI15WzATAB&v=APEucNXFSLkXj5LlauaFBRMg777vTMJ_t_FQOHlF5X3vJxfwyeVKvCKZeHBQu8wqiC7TL_6mpQRYDmE3scJUY4TkDti1kG4JppFmhbRGAE7jXwFqlyOxJ4xV78Con73N0DBV_CnkVsGAAgQ2QrmDQuRNqjxyBb-or7MA77jBg1hsJ95UsvNuEW8

Protocol

HTTP/1.1

Server

185.33.221.88 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 03 May 2022 09:20:14 GMT
X-Proxy-Origin: 5.187.21.110; 5.187.21.110; 726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 98d2c4fe-c7c7-4ce3-b6a6-82d7b6fc9962
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 03 May 2022 09:20:14 GMT
X-Proxy-Origin: 5.187.21.110; 5.187.21.110; 726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: abf41b7e-b509-4c25-810d-47969408fc8e
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEG4j_CuWrzNBZZCWVfISKwg%26google_cver%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DF0A
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODYxODgzOTEzOTA2NTM1MzQ1Nw%3D%3D

170 B
188 B

50ms
50ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODYxODgzOTEzOTA2NTM1MzQ1Nw%3D%3D

Requested by

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 May 2022 09:20:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 03 May 2022 09:20:14 GMT
X-Proxy-Origin: 5.187.21.110; 5.187.21.110; 726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 1cdef60c-a26d-487e-bfd4-eb056db496d9
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODYxODgzOTEzOTA2NTM1MzQ1Nw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame A54A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOrkWv5e5bfwn0NBPRX6sMc&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOrkWv5e5bfwn0NBPRX6sMc&google_cver=1&C=1

43 B
1012 B

123ms
123ms

Image
image/gif

92.122.147.230
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOrkWv5e5bfwn0NBPRX6sMc&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP3nKBC3mejsAhiB15WzATAB&v=APEucNWAsUl0Ffk8UdBkogRmh5AXVns9tA0kHsdurxwtBZ9tzvinYqu2bUUsdmihZls0CJU5MTyIef7kFz6-0sUB2o4CFC3e0HstsGQux8WN9dJpmN3BTyrXtcjEoK43uTcTRumUbbVj7JkSwtjclmgkQddfxosuy_4ZvMwVLIgRJjwG3pSzr3E
Protocol: HTTP/1.1
Server: 92.122.147.230 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-122-147-230.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 03 May 2022 09:20:14 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 03 May 2022 09:20:14 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 03 May 2022 09:20:14 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOrkWv5e5bfwn0NBPRX6sMc&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Tue, 03 May 2022 09:20:14 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame A54A
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YnDzzkGTbhl1xl25GTGmOwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOrkWv5e5bfwn0NBPRX6sMc&google_cver=1

43 B
892 B

78ms
77ms

Image
image/gif

92.122.147.230
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOrkWv5e5bfwn0NBPRX6sMc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP3nKBC3mejsAhiB15WzATAB&v=APEucNWAsUl0Ffk8UdBkogRmh5AXVns9tA0kHsdurxwtBZ9tzvinYqu2bUUsdmihZls0CJU5MTyIef7kFz6-0sUB2o4CFC3e0HstsGQux8WN9dJpmN3BTyrXtcjEoK43uTcTRumUbbVj7JkSwtjclmgkQddfxosuy_4ZvMwVLIgRJjwG3pSzr3E
Protocol: HTTP/1.1
Server: 92.122.147.230 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-122-147-230.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 03 May 2022 09:20:14 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 03 May 2022 09:20:14 GMT

Redirect headers

pragma: no-cache
date: Tue, 03 May 2022 09:20:14 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOrkWv5e5bfwn0NBPRX6sMc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame A54A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEG4j_CuWrzNBZZCWVfISKwg&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEG4j_CuWrzNBZZCWVfISKwg%26google_cver%3D1

43 B
1 KB

34ms
34ms

Image
image/gif

185.33.221.88
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEG4j_CuWrzNBZZCWVfISKwg%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP3nKBC3mejsAhiB15WzATAB&v=APEucNWAsUl0Ffk8UdBkogRmh5AXVns9tA0kHsdurxwtBZ9tzvinYqu2bUUsdmihZls0CJU5MTyIef7kFz6-0sUB2o4CFC3e0HstsGQux8WN9dJpmN3BTyrXtcjEoK43uTcTRumUbbVj7JkSwtjclmgkQddfxosuy_4ZvMwVLIgRJjwG3pSzr3E

Protocol

HTTP/1.1

Server

185.33.221.88 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 03 May 2022 09:20:14 GMT
X-Proxy-Origin: 5.187.21.110; 5.187.21.110; 726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: ec5b6998-5c3d-42fc-a52b-dc6acbbd1950
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 03 May 2022 09:20:14 GMT
X-Proxy-Origin: 5.187.21.110; 5.187.21.110; 726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 4f6b52fa-597a-420b-bc9f-92507a1021ca
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEG4j_CuWrzNBZZCWVfISKwg%26google_cver%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A54A
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjczNjI1MDI5Mzg0MjI3NjU1NA%3D%3D

170 B
188 B

53ms
52ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjczNjI1MDI5Mzg0MjI3NjU1NA%3D%3D

Requested by

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 May 2022 09:20:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 03 May 2022 09:20:14 GMT
X-Proxy-Origin: 5.187.21.110; 5.187.21.110; 726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 59c99b1e-721d-4085-86b7-bb34ff56d245
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjczNjI1MDI5Mzg0MjI3NjU1NA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 fpdata.js Show response
gaua.hit.gemius.pl/ Frame 4595 281 B
353 B 60ms
58ms Script
application/x-javascript 54.37.238.28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/fpdata.js?href=1plus1.video
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/gemiuslib.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.37.238.28 , France, ASN16276 (OVH, FR),
Reverse DNS: ip28.ip-54-37-238.eu
Software: GHC /
Resource Hash: 2dd781ab7eb10be349902e8bccdfd6e76e0d5eac500f914bfa8a20467a3c24e0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:20:14 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
server: GHC
etag: PRIVATE7520710249
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: private, max-age=2592000
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 281
expires: Thu, 02 Jun 2022 09:20:14 GMT

GET
H2 200 lsget.html Show response
ls.hit.gemius.pl/ Frame 3A64 5 KB
3 KB 55ms
55ms Document
text/html 146.59.30.108
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ls.hit.gemius.pl/lsget.html
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/gemiuslib.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.30.108 , France, ASN16276 (OVH, FR),
Reverse DNS: ip108.ip-146-59-30.eu
Software: GHC /
Resource Hash: 414bacb3295683649bd61fe8b2cb624267dce08720c1b473ae17398ec198a155

Request headers

Referer: https://1plus1.video/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: none
cache-control: private, max-age=2592000
content-encoding: gzip
content-length: 2716
content-type: text/html;charset=utf-8
cross-origin-resource-policy: cross-origin
date: Tue, 03 May 2022 09:20:14 GMT
etag: PRIVATE7520710249
expires: Thu, 02 Jun 2022 09:20:14 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
p3p: CP="NOI DSP COR NID PSAo OUR IND"
server: GHC
vary: Accept-Encoding,Origin,User-Agent

GET
H2 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 47E3 170 KB
59 KB 152ms
38ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: 2plus2.ua
URL: https://2plus2.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://476a1c182686a12c4c773233b90813f0.safeframe.googlesyndication.com/
Origin: https://476a1c182686a12c4c773233b90813f0.safeframe.googlesyndication.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 10:47:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81152
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 03 May 2022 10:47:42 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220428/r20110914/elements/html/ Frame 47E3 8 KB
3 KB 140ms
55ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220428/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C3OtFTHk_LzdNYCPU66Z_hpKFv4hyb7h4HrxjWhCk_WFx73K8WJMffedpZHo6ca8ewlEwMAymINwb70K0hoqVjpSpBYLfc56ZG4MuGTwHfqrL3BQkBvaSM7LXrr3bSCVreKBWRAy79eOIfeikKqKJpnt0-1A&dbm_d=AKAmf-BnAGh1j-ohU50OrbmusU894T-uXT8LhqkNb6_GyLN88bRWvU6fFvdz127iKdHpk9qVMg7XOpXps3cnQsxiQHQdC6oSQ95cg_xl7c0elqmQQ-D_kX7L67lVU9WVT2nFi7avLnnR0lKMxvs1cRDmyJsSLv_NBu9FDPqgZT5xjnVHON3819pGiJlZAllnnaBjRy47l1J2NQcAAnpw9FdQd35ZT-6TQ8XeX-WuccLoaNDknpLQ9Go8Vna8NzNXzwmasFqERPHP2UQmOZ-WQSvblR4OFbePFCuciCF8fC9gvw09K3a8mYA1cgumyMIfIxfZYfy1DMJjUUxpTrAEkzldNxz-uf7EfSWeeP1IjjmhHYp5S-CX7vMe_eZhKn4YPvugAfttaps64gWfT2__u453k9bRDQ-uLFMIbCVqwBYIto0Z95uTIjABOE07oyEFPhSEhmaijZVe4QVOwqhLdXf6YiilhcKJPr0xcwog1bF5-AngZRoDH2VhbTRimM1QNqVx08BG7e_X-ukKe7ldDLArFEYrUig5n2IQcf--D8KBwSBTjYAuEtRbSzDyj-VtGe_v3pVzyyeoqqxSztbw6EtEXf2EovVWbFis8g8bnYXCX8nTZifPNciPfm3tZYBfU-sSRcQnaskxhKChQn3lCgcjt_gR14Q0h5qEHgZBk9LonS3p5uEXYWjosrH5R3sJvpgrqJQCMRlYjE7BdTH9JquwMVaZi3_3pWz-LFvI-ndvuuF-FMZLQNnhk82pb-Qinxqs0Em017pouckU7OVjtCjoWgzzHz-b9704Y-JdrZpeSi0f5JabgJBDnVDv-wwTGh7jyLEg_GGKL-Gi6ULbnNDEB9fHpbUal4pnKQqNZJXZ8a_FhWK1BHKuhg2H8kLI20UTa3XGcNfBS73gUzTTiiHa5EoiEwvTbrJUaGNtOw8YIPGcqAnHgS1i36Zgjzog6L_Z1XfIjmrLMMdUw48wCp09lb5y9HkbaX1KrMULFS9M0r_G-YtVQz1kir9KAdq4yCh3zEq9slv901sSfxpgM81-aMgGtJ35iQZ5DWL3J8k9hj0eHLFfgOI0IV-Da-SqfjNsPFMZlSK7Hyo1VNjKxkVP7ICRwpB2AirdiDpC4f9-nb33Ft8XrzS8IDfUtD-w3prSSgn2mlsSfm-7ev-tMilaCXApgGD4PNNNAOqM6snEADB-FjzaMdTjV4nSNLYXcUA8T8uPhvWkN5pCQ4C0n8B8Pj-VudVDHLjnw-CJG0h0u8XkiidLMEwxEpp4mYHAfBv-q6xJuHhSdAy8ifcJCGBZkVoNutF5m8k9n2Do5Z1-Z7UaX6cNrxnJZ8SLjf2Eg9vhfEUlYgGbXr8k4vMxcLgASkQXw-j5FEaR62awmGuijHs5iuoA-MqVaG51J79p-Gq4PSraa8xaByKzH-ryKzWRH4A_OKwuaeFWDRE2JboahQv_Lf77LUjD4EZR-TZ2kOfUdyARN7rcWS5u8Ru7MDVnRu4xEAuORYKqWFeP_j6kuMPy6MheUdT70Czcc77gF01MIulqB7hrPyPsfwMPzZEbAE1ZUEAYshb2rfEK2KlPxvFmlqxODdDpyHfxk1D5NrtSyrs9gEL--dvdYADsh_04nwaa2EGps6dOJJNjMUlHJckGB3S15_QlWXBXZlv-M53G9xvHmDTE6cHYLRvHIX9SG8cP86Ogd0X9pIo4dOmEc81mwB3OOlgi3teUn4oin_m-PFu4jMcjzRI9M6jTJeTH26apFy-oZf0D6-K323PGv_o6p8GXinYmbmsqquxoMXEJ7WT28CNG2uVmY7DQaz9ZvowKpcDDD0XJja_U2AzBU5zxRsBvyziutcUtCmxGLEE0X809etoNW0wl8vUBGoA21-bD89XovKezQSaHVWMs_N3WgFP4ysVYf70TBTuE-YPFwk-OQSJ0lUXVAuW2F4Ts5eYBceGQo413WUF8f5T_xTgt26EBJK3vSgqotcF38cVJVvt-qyhAcFuGoWIVJhhIpeiFO4eS0AwQk0DXoYBhiiFS4q_v2C0sBFjWPLBIgdZa7AvLy_wKnA-oXoqG5luQ2G_nURjaiUtAZxIh6zNJBIU24QCGyIbivBvM5tkQfU0wtjCMwJwYmbz4sQhvFGXZ8mtCRyz3orxAetvXk37F_6k3QBqgJuB_Py0aaPDUjKLhMVISIOSISeIbXuEpbY9Jfj9mW8WPrx-1acTu1bsQKrLRlBg0gjlET0DlbF9L2wluD-g9CmOLvJp27zZU3PNHeMcvG1rdPMdCZcei-to92DcECOi7KjiTh_2oJmYkwOwumIiyDVfTC2P2craxfWzHVsAWWRN7g4CBE399WlNUqS2hSq0JbTbOn537eXZ48LIabZqidp8s7ckqLX7PMdSU37Db7BvXvY1tZdJDvg4HcyWxuPQWXx-i6cs0ao24iAup99cLGi7RWEphcqv3xnIzwWkqDAdPkj1aUPA2cqeQMi7IuxP2zQT4q69VJds1lzHZakybOU8rWnS0kezqK91dwZxcpmlyb_z_SPCdxZp1uDOOD0r06GcsiDrsP2YbIB0PRXbofmGfPKj-7s2YSSnC1Uv14so3G286VG-cMR0fF0hKNNH4XmxYMLK7WBo6yHjGlh9qiCzcnIJN2DCre-O3NjZtlA-1GglAcUFhcs_SLJ0TM6RQ9mNXgg4s6gxe308C53eJL32Dz2JNNmVHfEhiSHiA2O20caDCbJ4j6rD6SyaFEgZBOppNF3xN6xODwgPZWsOqh7SolSVPcIceJEuca_zHVqb96o8TnCCwQqBg4_NCMNj2oSza_Y2F71EZRrJYBjiwiw0cTIhkKYnwVEek_AKIguk4lfjahk222eJzkM3axW7UoXN3pb-LLlih0269cBDVdlpjEgxtFOoVhB6RuN6RNTOkQFMn74RhXCSqPybGBue-CLINhi7H-PYVO4CuxfDz6ADCcObA6aL3KA7_NP5y-lxU_07FS_fuXEKwjn9j8NfP3-Xp4VREpOc1dhy_08lWxZEjzjcPMmDTTblP4rX4zczUhr3rcAf3Qw2Xyt51PsaP6oZMGlkscX_DaJ4n9mUi4kM06ovgEvgJX10p5pYVgJ7O8Gvw_fI6oWRXa9uNv0lVVMM4kjEFUuVmDaS3zwpEmlw0bxz5bToOBuhqj0VQranSqAM-yQrKyJqvaqL6CNxn0hcyQ6BhdQys8zcnkv4NDO2kdrAQJj7RPyXRG6Pj1khMD4dj9ehX8iorizgsFHQhD1apwyqodaW8-6aoaTTM-CjL9CjgMLc-A0YGYul_YIvpwcjoMpKh_mJkc8tMBbJass8VqLthgkmxF7ZhMtUAoyZIooIX09HskhR9PTxC8TqHsg&cid=CAQSLgCNIrLMe6jhWf3nwTas_SqRWkKId_U1i462VEI6okJYTx2st3maIPiJXoFFHRMYAQ&rfl=2%2Chttps%253A%252F%252F2plus2.ua%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://476a1c182686a12c4c773233b90813f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:12:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 439
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 May 2022 09:12:55 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220428/r20110914/ Frame 47E3 25 KB
10 KB 121ms
39ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220428/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36998456859e35cf76812894575b0203d48ad8ac11d3165c5449d1fa73f19800

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://476a1c182686a12c4c773233b90813f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:14:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 372
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9783
x-xss-protection: 0
server: cafe
etag: 9821519945299111448
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 May 2022 09:14:02 GMT

GET
H2 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 5ED1 170 KB
59 KB 164ms
82ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: 2plus2.ua
URL: https://2plus2.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://476a1c182686a12c4c773233b90813f0.safeframe.googlesyndication.com/
Origin: https://476a1c182686a12c4c773233b90813f0.safeframe.googlesyndication.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 10:47:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81152
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 03 May 2022 10:47:42 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220428/r20110914/elements/html/ Frame 5ED1 8 KB
3 KB 110ms
58ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220428/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BMjs0my95xP86L7HoWta4mgDa0CZ2WL96aVKRpUM5l4J0IkC8DF34u44Ljkh67vD-fDFXuwLCn7x-5toerxOgwDeMLSl_6dsee_EkvO7qasm7Z3MTctZfS2mGxC0QNkFZvjUIkYscvjizvxkM79GfvwdvRug&dbm_d=AKAmf-BPnQ--GyQRr2P7XS6u5RBjfwrGiJqphzzM5wzRCGtaFj35-wh5X5lKxu4iPKRcY0LUL8Sa1FtlyOl1knTU_RNb56Q4WljEJi9kBJ1aZS0RNC-df5C-OByQjxKJiqAencc2HGjgN-A0eV7jbrimnsGnv4XPUK7kft6yRnIMRWIEcQsHd47jaNuSlDD2Ir4VWSFcRAxNImdbGQdU68AJhWcylqv0kTWNx_jET1esVqs8aUooTOtKMTccbycPq9Xwg7f5vudU3D5_zOToBZPUbjYYymL4-bxZG5KwxldMu_CHz6lrktU32h0YsKGSLMRvOS5Bm1hYwaOXZQ8N87yV1vxXNRYJW7WRyazKHQ73dMbPzdbsRnlR0VOxIKQT-w8xsOqjob2XZLxFyqqPAcvDZ6qXBjsaicTixdJi9Y7j40QpniKdfnoZHG1Ity7BhgfTZpw4PnbvcqKaknHoEDpd7J5jZlyXZeOQIEtGPy_rPbR3MMW94euxt8cxwugWlDLeH0fNANAFoavOsVSONJJwEy3Swu61qGrYIOLJpY4SIeRo40zKHScbWaBEUDrRrIRnEufCvopv331Xx6pvZ7O2x027bH_vyGsO58AI_oWWU7lAQM70v3zjMpDSruP7jCI4MsnaEDkyI86UU_ZBkfZ0aw6Fdm4dngBdfgx2-wwFKLXgEy4e0ZmeLqzWEX165e7uJHi7YcJQ-mtTycn5WH2ruJbNcgAummypUluQGgjSrfPPKKLsx3JM9aTBzK7CJnqBZCUIEtyMo5_pvv1Whdm1aJH5_lZWh180_CYxjtqBnyGNTEvsboJZAUgT5HlK-9HkfBxrNGpqMAK2ZAxopt5YwK50GMPpLbDZmEIWwjpDQmKMTgRTo3nszqsoi9Ca0L8WjJA2qb5jCxxA_vVFqQceu83NkJJipnE5BTGGJuuRrg2KgZyy0WrOdsB0_r4mZr1cWmlNxc94lv7KFZ93Ma8w2m7P_SYLAeui0VboR6JnXW8LUMRHejjiW646lSZH3HZox9nyBq5vTVVAbQR1a3_M52YMfRBenI28uXEmkKL3P_ThQWPvbVMiG-wYpfk6IJt6StENBoByQKvHhRKqsfVPXnAHXh0c6PP6szuEvMVZGJaE0SdOgtyYydJJ1DhAz3SHnTjOBg6w7nU4KcC20JwW_GZPjyuSQjJRK6M4iw27a-D-IQQxXKTQjX9KzpWeHu8wtPG8vK-X0TKXL8EXOI_sZa1OQk55z_XQL2Jy3NYNpWcxP3m682-LIkFHnEQdt1KWHDoNBQ3TgXimKm5tnDjePA9qJhpnmun_mQDErqucyYQMgpwudoUeM44WrnNcBMXhZqLPpxCrFQ-dcJcCO8ChZG_TBlLEV0LLbZNsY0phA_e72CemxKBFqHL3MNeYGv3uP_sbIGGy8UCnlgdcP0NwVv_0BPhgqaXV4oD5r7XBqAMmgqbpxIfYQqdMSiEs8R_lu2ZEAlIL5Low2vIbJwjW99ry7QeI3GIudfA1G1ITP8VVc0C1aXjR8zcTMtDyqAmYaYlqKUZ02wrfNy1Y0wy36OqNwdMhTh-3RITHQJ0m1A9j8Y_Rt3YGFElwCsWYInP5XVfKgwSy6kc4CAUY5naHbVNg7J5toax8JuuNOz_3BjmZGbcNL_6Pb0oNJvEvHXeMlBVBpCeIOsf8Z75Fp5Cxzofqr72uOnID6hR3a2V5FVfifOlYyg02bThtV49Gzbm7VS5uN7AFT61JiF40nebLQk5fGVeeClV8zE4lUsCA3FzXNgmr-JIZ49ec8a45Y1Ie7THAZKKOPkv_9AqpRrXQAxmdOh1IAHN6674izoKWoKSctqCVAYyP9LlbRW0tproMP44MVVjfsYrmvEjSxCmQLtOyozUWjxM1RhX3GrvWKToiB6S70NbFVfQ6DNS3X4tNbYhVpgQ3gRr-zPnOyZwfTysOZ0Qsqw1mYFT5rVxT9PyKLNOXnUrZzvoy6plh4VDg30Fes4HILrW5zAbV80kEySXicoKTbvyjWh7iEkWsiyhuOaWuDo1yKE_ltTjiEdKTZiWmqMWXYH8VbcqA-l25uiS75uNXKsX-ZkGKSnSlSIeTTrUaQwmLcAYKfYkJre_GH-4KanlIvgT8zclYS0IRJMGfRYWxnwuSNO4ZQ2HwZNjya7Ju9JldpTrSTZvsbSd_A5UNUbLB8NU-uOVTwHnOHeIPixocpvR_9YdwYCprx624iehEEFtnUOMv47NV-tYGZs1zeE8LDkhO-PybvI0gljqy6bwvvl8oDxO50WLSd5P4KyDF4-S3_2O2HmSs-wPf4nbOPfNIQYvOA73EAolrsFwkPOesXOiJpmtiklj5eb2Cy4Poqu0c-k7lDHCFxveL92cEsLqoPMoEw_bJeNMWMFueCNgQf2v6o-s5xNxATi5e8fCbpSDDJfMWVqK0ExwKakMs4xqYt_ughiQxgZKVBB7q0qSPEnkIu0oFXOp9Bnuk2fpxEpj3eFnOFDGkF75yp8TpNip--Ww6lEbYC-UPydjVVBU1I4mG3U1EUwQMO69pti9icMQoDvYQizFBgFyytAVfsrbihtr8P7BMCdTy9ZbXrN-JhW0aDJ2sNvlZ7LBtLo4HDybYOu1YKmcmjNJeLpnISUkGhvY9CSZZDCAdty2Gd2wAUIYzWXeVJ9DpCyAPi_8ZNpdgWFAQ6adMgjGsis_4pI77mydCKvUqPAY-AUQy6RBzkJTLCnn9DReCYEoHWndtrY7ciKhT66AvWSAnh65nmpIQhhXbhy61RbN_xnJorVIsX5co-YtcpuGCUu8Ehl6P7U7aLJO3i9hvmm5SdDIoHZW2RPrRC1m-v2WZnStSQJ3FRCfKL2Wb323MQmY_rYJyRxZrnVP9CGXdfs3uJjtveFjLuUiaJMiCux6Sd_X94od7ncI0KhhoiHWq2ImyR6-F8qBm5iChM7mFiHaWX_vO0n_WYNxvSPD2zA3HiyE7r1RqxnNfqivm1F9BF-2qAaP9w9xVShPWqL6qvpLPkgpPLDkPDFIbpvz2FQOTd551AILUzZRIGslNO6zimY1VtyRA2uRYbi0zKOeu3Jg3ePXXnXe5-YyNG9TQfu-ZbJ5YMeCKn5Q7kHwF9Ga-zV29g80WjpeZh5fLxfVzGh1B2_WfHDyO916wtZGafdGIE5GXyPHJ1SJuCgLQsBsBZcvrOQbBMcB1Vbw4ysUgWwkkTytBkWHaURrJ8XCCz6HXVWIyDVPhp7U74fKjPrKDApEYIqWyFSuWn2jw5fbZC6-r99xeS9d7wFZgl7eMQJN8o7IR5O920aAtapiUHTTbnTWqiuB1uBCVlN6riTab79RRZQf1jsk4rBTYnxfR098aA4GQEKqCXw&cid=CAQSLgCNIrLMe6jhWf3nwTas_SqRWkKId_U1i462VEI6okJYTx2st3maIPiJXoFFHRMYAQ&rfl=1%2Chttps%253A%252F%252F2plus2.ua%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://476a1c182686a12c4c773233b90813f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:12:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 439
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 May 2022 09:12:55 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220428/r20110914/ Frame 5ED1 25 KB
10 KB 87ms
40ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220428/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36998456859e35cf76812894575b0203d48ad8ac11d3165c5449d1fa73f19800

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://476a1c182686a12c4c773233b90813f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:14:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 372
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9783
x-xss-protection: 0
server: cafe
etag: 9821519945299111448
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 May 2022 09:14:02 GMT

GET
H2 200 redot.js Show response
gaua.hit.gemius.pl/_1651569614422/ Frame 4595 2 B
201 B 58ms
58ms Script
application/x-javascript 54.37.238.28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/_1651569614422/redot.js?l=107&id=ByA1NmOpnbt8LmYqyjQkWrd8.l0YgocyqLXiHjiJayv.h7&et=data&hsrc=3&extra=_EC%3Dstreamcontent%7C_SPI%3D1651569614722%7C_SP%3D12XPPTDu%7C_SPD%3D2plus2.ua%7C_SPV%3D100%7C_SPR%3D655x370%7C_SC%3D12XPPTDu%7CcurrentDomain%3D2plus2.ua%7CcurrentNetwork%3Dhome%7CprojectID%3D4844%7C_SCV%3D100%7Cmute%3Dfalse%7C_SCR%3D655x370%7C_SCT%3DChomu%20ne%20varto%20vikladati%20fotografiyi%20ukrayinskoyi%20tehniki%20ta%20vijskovih%20v%20internet%7CvideoType%3D3%7CUserType%3DNotAuthorized%7CCategory%3DNWS_2P2%7C_SCD%3D210%7C_SCTE%3DVideo%7C_SCPD%3D20220223%7C_SCTY%3D12%2F00%7CcontentType%3Dnegative%7C_SCTT%3D1&eventid=0&fr=3&tz=0&fv=-&href=https%3A%2F%2F1plus1.video%2Fvideo%2Fembed%2F12XPPTDu%3Fautoplay%3D0%26l%3Dua%26logo%3Dplus2&ref=https%3A%2F%2F2plus2.ua%2F&screen=1600x1200r1000&col=24&window=655x370&ltime=80&lsdata=Qiogsce9eF5gwYwfVmv9zZMasloiUzz9vU776wi1P47.R7d24GamYNM.4UlZVdfrN5cswHKvjcs.W0QBd0h8penVt7qJ/nNpCfbSZtcpsF/&fpdata=-TURNEDOFF&vis=1
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/gemiuslib.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.37.238.28 , France, ASN16276 (OVH, FR),
Reverse DNS: ip28.ip-54-37-238.eu
Software: GHC /
Resource Hash: 75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 May 2022 09:20:14 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 2
expires: Mon, 02 May 2022 09:20:14 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 5ED1 41 KB
15 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 476a1c182686a12c4c773233b90813f0.safeframe.googlesyndication.com
URL: https://476a1c182686a12c4c773233b90813f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://476a1c182686a12c4c773233b90813f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 14:39:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67222
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 May 2023 14:39:52 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 47E3 41 KB
15 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 476a1c182686a12c4c773233b90813f0.safeframe.googlesyndication.com
URL: https://476a1c182686a12c4c773233b90813f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://476a1c182686a12c4c773233b90813f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 14:39:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67222
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 May 2023 14:39:52 GMT

GET
DATA 200
OK truncated
/ Frame 47E3 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 82c01b26d0f792f12965b3f465c2dfc0478a0bd63aecbc16e5fdfb2315198e36

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 5ED1 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 15edf991a5ad8030b38e7922f76383ae95dd7db45666685447064f239cedc5d5

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

POST
H/1.1 204
No Content multitracking Show response
ghb.adtelligent.com/adunit/ 0
197 B 52ms
52ms XHR
text/plain 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/adunit/multitracking
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/458769/hbw_master_298309_11708.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://2plus2.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://2plus2.ua
Date: Tue, 03 May 2022 09:20:14 GMT
Access-Control-Allow-Credentials: true
Server: Adtelligent
Connection: Keep-Alive

GET
H3 200 bridge3.512.0_uk.html Show response
imasdk.googleapis.com/js/core/ Frame 17BE 631 KB
205 KB 120ms
40ms Document
text/html 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.512.0_uk.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

155044da3bf9c8ad13a0788720b187d7d78971f4acc628e695c5c52aa31469c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1plus1.video/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 479834
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 209646
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Wed, 27 Apr 2022 20:03:00 GMT
expires: Thu, 27 Apr 2023 20:03:00 GMT
last-modified: Thu, 21 Apr 2022 16:19:01 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 4595 44 KB
16 KB 128ms
49ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:20:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 03 May 2022 09:20:14 GMT

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 4595 107 B
122 B 131ms
52ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=1plus1.video

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 03 May 2022 09:20:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 87C1 37 KB
13 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 08:47:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1982
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Tue, 03 May 2022 09:47:12 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 35C7 22 KB
8 KB 39ms
39ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://476a1c182686a12c4c773233b90813f0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 67221
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 02 May 2022 14:39:53 GMT
expires: Tue, 02 May 2023 14:39:53 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 2FAF 22 KB
8 KB 38ms
38ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://476a1c182686a12c4c773233b90813f0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 67221
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 02 May 2022 14:39:53 GMT
expires: Tue, 02 May 2023 14:39:53 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 creative.html Show response
s0.2mdn.net/sadbundle/4537377904274702336/980x90/ Frame D093 907 B
417 B 77ms
48ms Document
text/html 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4537377904274702336/980x90/creative.html?e=69&leftOffset=0&topOffset=0&c=ylLLqaiUMC&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e82e0ce80da3ce181167754918605832db26bbd638f21bae9dc7a6cbdf53e34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://476a1c182686a12c4c773233b90813f0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 389
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 03 May 2022 09:20:14 GMT
expires: Wed, 03 May 2023 09:20:14 GMT
last-modified: Wed, 01 Dec 2021 21:17:16 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 47E3 0
64 B 196ms
83ms Ping
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstUEhfPh3f7SXoo5E-iZNbo_-tC0X-WGlrR4_EbRzJl-YmavK8gJTqt5lowaHe9erxQ44e1IamNGr8Oq_cZFfR5GJUFBxAaWjwWZRDQ4fPd17UZhUNI-xrDRX1JUwkTp0czfBRBYTclWO6LGYYMtgMVl2ttGWPwgUaXXfDYl7iPveaQjyWkhiwhrkqWnLpHx7Wg6hrb46ECUuGXK67ZiGaGX5Wr5a-3IOgv7gPLLjcI0i8_LtKfNPAQVA-e_jDZUvfUuYooo8cA0grmmnY_tysxP6Knd_4CURxAwUHPyipnkRCpcwHbHXle498tEURK6oi2vbx0AKv9tX4o_EDf-CDhk59GDv8m1QrfHvRDUB5taDN8CZNft6uTCokUwSjfC2VKfIG9sxmR-I35nDe4WkW_FBDKYWnCH3SmcyHiem8mh_Pkv7XYdsNQe1I4ihKoi6UVBcaQyjMOP-wgnvQQnhActTR2wju03MOCiicD3jRjleNKB0OT25Szcme2aiPmiKwYCx-ha8JnW-0E_medPlFjNpcL-b4XzwxXPU1sese7sIm9OkxxYox3odQ2gyuiCY2vE5x1H81NsG_Oqt0UEEYUgb0oyBUj0oZYbagUJ6oJZkW7UH8j2gjR69PY7Xvp_qkgjDbVfli7l-9sca2qQ-35jGZysbgS0W_11-nzva6j9_uKNPorLcPdP04RRp9bDqHHOVwzST3-iOi_mENuSOGEQ4tiYPoPMILm5uDYsTACeEv0RrTeI6BlbL2WMcXnV_6DA5zcO7KkFhzuxUBDpLRB3CaaexsuSCk_vjjj9NRT8SVrOkEIdO0TaIr1ysywglm_vpx-fSW6VdoW454X8WMDk9JONZ66TAgZVo2ySBxB8Nn1wRkQIoYOOA7T8-36JR89xshdnLUdG6L7R_C-CUcK6sV3FfXf3RCuQGHDIOzbeZGicEfXvzVHpyM7uQtRU1TSAz76fAi_wBdiXEl-IVPtDlgBJI7wgpJfvMifP9HOwmhJUcW3PUluS0y1cGGlDljGxwcZ5I-E5541WEknjVycGdTulJ4l2YnQKAaxWY3PfvnQ7ZSN_nOnivWF490nIJVyEGZYxnJHfX70d_lbj9EFmXs2Hsy4W8UeLHxeFnLGX_7nISPcOoGJTYDtw7XjqUVR_TGk3KUEQuA7FCaRLQdCrR3KOlNxLK9v4TkV9xS8B2Q&sai=AMfl-YTofB2txehPYkBiyXYWbmPA9EeaMIt9FSNsySTPcOMYsTEMBTKt95jOace1cmyAzg_e-EIZBQ21nWzANQrwiF0u-VttW0snfsJr2XMnmPVpiTyGCzdWjzBZhaCjk0eT2CFfIHCKUXtX0AhH5OhG-ExZIVb18Qehq9uUpxDuE__DixQnJYeynGLuoHG1CV4qmM1VVvfspJVSd7OhvaWviNimqeMdVKdrrT_7AxqgWAUf&sig=Cg0ArKJSzGAXsgl_vUWnEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=261&cbvp=1&cstd=255&cisv=r20220428.82819&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: 2plus2.ua
URL: https://2plus2.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://476a1c182686a12c4c773233b90813f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Tue, 03 May 2022 09:20:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 creative.html Show response
s0.2mdn.net/sadbundle/13257486755633823744/ Frame C987 1 KB
473 B 65ms
48ms Document
text/html 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/13257486755633823744/creative.html?e=69&leftOffset=0&topOffset=0&c=98EVoVlnAK&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5089ebf7f8ca652e7a0153451389a00ab07d11d0b0028fe6ddfcef076fba0f94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://476a1c182686a12c4c773233b90813f0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 445
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 03 May 2022 09:20:14 GMT
expires: Wed, 03 May 2023 09:20:14 GMT
last-modified: Mon, 28 Feb 2022 16:31:41 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5ED1 0
622 B 185ms
82ms Ping
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv7wA4gga-21Q4CQpdRAFIonmi9Cbk2ZPbXmt0D0-EldhBPB5bsUIdC_mx2j-x3R0slColcFs-nDG6HKWnvfz6no2fIqzbhsB3yoxGndzCU1yeKo4ZAfNGsRh047MaovTIj-rDR8vWZP6T4ncKWdYVSpMxrBZXwVmYcpvWwlETP9FosVusR1FjPjEpfkJGe2UJqFH_ihZOsTqRNpV6COTyDn-H9f8J0kgT5MhEJmad1Ig8cmykz3ECWpePPyB7Vt4-hKTGEz7syU55TUrP2W1l1S7ooTXQcMTIlSlpYGmzplmakccJP9Kyq9MtL8IhgrKs8AYA9w3Wh7sLWLNBczGK_SGyv92a66hyOZtpUUrog2frK0Cpbl40UgRn1w99D1hT23CgDNghTfyc_EOQ8Mfx9MuMe9cP9R3OMUIbg5v-AQnW7oRni_i5VOCg2eGarV644bne-49hktvx6n9FQQ6gdFfItuAoXlOfGyXRAlpIoX7STXLmuwHZVpp30HrvOrRY456c0ZzOSGYue6Oay4DAVLZ4-qIPt9wNwFibVKg_p8vD9KoxGgrMnBXLzC_Q4AZztelDQ-SG9WxXjGCfvBo-X1IQ81wANrGENuS3Xs8C7UdsXwPIjYwSP_4kfJ0oEp-w9iC9ATQCWxXAh7fCQf8SpuhHfOvvBDNNuAmOdvE4HQr9SHDNQIkR7UrzaGLM-TtKZsVl0NpNja0rSejFWH5JQQgZfmGb8q6Ag3gvlo_GScJ6eLKyVCZVs1lFCiAdfVh6lABtKMi_KYVSjWczQUOjuQPJR-lUuU14TQxs4aB8KffcW-BiUanCFNj_BNjMYtjHhy3YSAvAX_qffsFRpdo5QJLlYw8Bh_yQ1JGcniK1MTY8VAxuBEF1xRTWD_iwNdKVUznR13AdM_jjHLD3g7SWTguywl31-oM3y8JtP8ALHMhHNJ3hYpisZ__bDChbEvEWvf4IJGIenBwwgYmlCdB6HQ6KSJX2ty71BDFQ0HywmRdVe-1EJA86cUG3PTEubIuAWko_9w6YTmS6NG1Tvv3JrZycLHTNpNyP2kNID8KhBAzqQuFML8Jk5cYEfJPsgB6FnYeV0Gt3g5-TFoxoJOqnAzd7jlhoON6Bd6nwQMNDI3oNNllW8NLUe92UDzNv7y3BNDJV7SWj9DUTn0K5xV8BWck4M3e7WO5ZwPl8tfke8CnxqI9g&sai=AMfl-YRxWJDMcsdzNne4imcw0F0kfwzCqqMOTnO6Yt-96UB1k7EsvXqcWVhjGBpDFFle30TDxoeF2YTyQe4TY2ChyZmbaNKrbHrX1tNBXeKBTBQg5JRqXYwTNN_IQNn1ZgEpG_8J6396D8lVCHtQX8jpYen2NENIE53Cm4m0aM2aaJ1_Ry4249b6pnakpzwM__wgXDv00owouC-EF6A2yQpritBepCpG1MSYpam0vMAUJyjb&sig=Cg0ArKJSzEgXSimlvNq2EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=237&cbvp=1&cstd=234&cisv=r20220428.81059&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: 2plus2.ua
URL: https://2plus2.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://476a1c182686a12c4c773233b90813f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Tue, 03 May 2022 09:20:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 L40_bwVzlW8spCJYIlxRfazkqz_naZf8jNC5QLvZgqM.js Show response
pagead2.googlesyndication.com/bg/ Frame 35C7 35 KB
13 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/L40_bwVzlW8spCJYIlxRfazkqz_naZf8jNC5QLvZgqM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f8d3f6f0573956f2ca42258225c517dace4ab3fe76997fc8cd0b940bbd982a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 01 May 2022 23:24:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 122173
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13610
x-xss-protection: 0
last-modified: Mon, 25 Apr 2022 12:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 01 May 2023 23:24:01 GMT

GET
H3 200 L40_bwVzlW8spCJYIlxRfazkqz_naZf8jNC5QLvZgqM.js Show response
pagead2.googlesyndication.com/bg/ Frame 2FAF 35 KB
13 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/L40_bwVzlW8spCJYIlxRfazkqz_naZf8jNC5QLvZgqM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f8d3f6f0573956f2ca42258225c517dace4ab3fe76997fc8cd0b940bbd982a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 01 May 2022 23:24:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 122173
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13610
x-xss-protection: 0
last-modified: Mon, 25 Apr 2022 12:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 01 May 2023 23:24:01 GMT

GET
H3 200 initial.css
s0.2mdn.net/sadbundle/4537377904274702336/980x90/assets/css/ Frame D093 2 KB
910 B 46ms
45ms Stylesheet
text/css 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4537377904274702336/980x90/assets/css/initial.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4537377904274702336/980x90/creative.html?e=69&leftOffset=0&topOffset=0&c=ylLLqaiUMC&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8923bc30cad516c2c834120416328544cd19e0895eca0bf23c9dd1fc4bf62aa9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4537377904274702336/980x90/creative.html?e=69&leftOffset=0&topOffset=0&c=ylLLqaiUMC&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:37:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74553
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 881
x-xss-protection: 0
last-modified: Wed, 01 Dec 2021 21:17:16 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 02 May 2023 12:37:41 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame D093 118 KB
40 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4537377904274702336/980x90/creative.html?e=69&leftOffset=0&topOffset=0&c=ylLLqaiUMC&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4537377904274702336/980x90/creative.html?e=69&leftOffset=0&topOffset=0&c=ylLLqaiUMC&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 18:54:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 51925
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 03 May 2022 18:54:49 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.1.1/ Frame D093 82 KB
29 KB 81ms
79ms Script
text/javascript 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4537377904274702336/980x90/creative.html?e=69&leftOffset=0&topOffset=0&c=ylLLqaiUMC&t=1&renderingType=2&ev=01_247

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 06:31:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 442152
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29671
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 Apr 2023 06:31:02 GMT

GET
H2 200 jquery-ui.min.js Show response
ajax.googleapis.com/ajax/libs/jqueryui/1.11.1/ Frame D093 233 KB
63 KB 43ms
41ms Script
text/javascript 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.11.1/jquery-ui.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4537377904274702336/980x90/creative.html?e=69&leftOffset=0&topOffset=0&c=ylLLqaiUMC&t=1&renderingType=2&ev=01_247

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e09639315704980552b92eaae21f66af00a6e8a371f757f76b0b12420c2ed2a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 06:26:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 356038
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63865
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 29 Apr 2023 06:26:16 GMT

GET
H3 200 initial.js Show response
s0.2mdn.net/sadbundle/4537377904274702336/980x90/assets/js/ Frame D093 17 KB
3 KB 61ms
60ms Script
application/x-javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4537377904274702336/980x90/assets/js/initial.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4537377904274702336/980x90/creative.html?e=69&leftOffset=0&topOffset=0&c=ylLLqaiUMC&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b4de5b6baafbf7b0b9855347f108191888234be438e06f49613927e178efa44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4537377904274702336/980x90/creative.html?e=69&leftOffset=0&topOffset=0&c=ylLLqaiUMC&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:37:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74553
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2927
x-xss-protection: 0
last-modified: Wed, 01 Dec 2021 21:17:16 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 02 May 2023 12:37:41 GMT

GET
H3 200 logo.jpg
s0.2mdn.net/sadbundle/4537377904274702336/980x90/assets/images/ Frame D093 3 KB
3 KB 39ms
39ms Image
image/jpeg 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4537377904274702336/980x90/assets/images/logo.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4537377904274702336/980x90/creative.html?e=69&leftOffset=0&topOffset=0&c=ylLLqaiUMC&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

794d61e219331f90223f84b6f7806082dd2fb5388d3c74af6bab63ad2ce022bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4537377904274702336/980x90/creative.html?e=69&leftOffset=0&topOffset=0&c=ylLLqaiUMC&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 15:51:57 GMT
x-content-type-options: nosniff
age: 408497
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2754
x-xss-protection: 0
last-modified: Wed, 01 Dec 2021 21:17:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 28 Apr 2023 15:51:57 GMT

GET
H3 200 spinner.gif
s0.2mdn.net/sadbundle/4537377904274702336/980x90/assets/images/ Frame D093 7 KB
7 KB 39ms
39ms Image
image/gif 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4537377904274702336/980x90/assets/images/spinner.gif

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4537377904274702336/980x90/creative.html?e=69&leftOffset=0&topOffset=0&c=ylLLqaiUMC&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bcc5de0f53784c98bf4b3345b43f7d95736bd096e7ce0b8132a0555624adc13a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4537377904274702336/980x90/creative.html?e=69&leftOffset=0&topOffset=0&c=ylLLqaiUMC&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 07:44:51 GMT
x-content-type-options: nosniff
age: 5723
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6841
x-xss-protection: 0
last-modified: Wed, 01 Dec 2021 21:17:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 03 May 2023 07:44:51 GMT

GET
H3 200 initial.css
s0.2mdn.net/sadbundle/13257486755633823744/assets/css/ Frame C987 2 KB
1008 B 45ms
44ms Stylesheet
text/css 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/13257486755633823744/assets/css/initial.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13257486755633823744/creative.html?e=69&leftOffset=0&topOffset=0&c=98EVoVlnAK&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9e15c4552956ffe977ef5ec2483b3ab95cc0c73fbec1df597a9a8ab557082b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13257486755633823744/creative.html?e=69&leftOffset=0&topOffset=0&c=98EVoVlnAK&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 08:46:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 88398
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 979
x-xss-protection: 0
last-modified: Mon, 28 Feb 2022 16:31:41 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 02 May 2023 08:46:56 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame C987 118 KB
40 KB 46ms
46ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13257486755633823744/creative.html?e=69&leftOffset=0&topOffset=0&c=98EVoVlnAK&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13257486755633823744/creative.html?e=69&leftOffset=0&topOffset=0&c=98EVoVlnAK&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 18:54:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 51925
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 03 May 2022 18:54:49 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.1.1/ Frame C987 82 KB
29 KB 124ms
123ms Script
text/javascript 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13257486755633823744/creative.html?e=69&leftOffset=0&topOffset=0&c=98EVoVlnAK&t=1&renderingType=2&ev=01_247

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 06:31:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 442152
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29671
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 Apr 2023 06:31:02 GMT

GET
H2 200 jquery-ui.min.js Show response
ajax.googleapis.com/ajax/libs/jqueryui/1.11.1/ Frame C987 233 KB
62 KB 102ms
101ms Script
text/javascript 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.11.1/jquery-ui.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13257486755633823744/creative.html?e=69&leftOffset=0&topOffset=0&c=98EVoVlnAK&t=1&renderingType=2&ev=01_247

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e09639315704980552b92eaae21f66af00a6e8a371f757f76b0b12420c2ed2a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 06:26:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 356038
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63865
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 29 Apr 2023 06:26:16 GMT

GET
H3 200 initial.js Show response
s0.2mdn.net/sadbundle/13257486755633823744/assets/js/ Frame C987 17 KB
3 KB 62ms
62ms Script
application/x-javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/13257486755633823744/assets/js/initial.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13257486755633823744/creative.html?e=69&leftOffset=0&topOffset=0&c=98EVoVlnAK&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4613197e4af367199f6835b609e010eb3e5256f982cd18671688fa08e722f83d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13257486755633823744/creative.html?e=69&leftOffset=0&topOffset=0&c=98EVoVlnAK&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 08:46:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 88398
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3154
x-xss-protection: 0
last-modified: Mon, 28 Feb 2022 16:31:41 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 02 May 2023 08:46:56 GMT

GET
H3 200 logo.jpg
s0.2mdn.net/sadbundle/13257486755633823744/assets/images/ Frame C987 3 KB
3 KB 39ms
39ms Image
image/jpeg 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13257486755633823744/assets/images/logo.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13257486755633823744/creative.html?e=69&leftOffset=0&topOffset=0&c=98EVoVlnAK&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

794d61e219331f90223f84b6f7806082dd2fb5388d3c74af6bab63ad2ce022bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13257486755633823744/creative.html?e=69&leftOffset=0&topOffset=0&c=98EVoVlnAK&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 20:54:12 GMT
x-content-type-options: nosniff
age: 217562
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2754
x-xss-protection: 0
last-modified: Mon, 28 Feb 2022 16:31:41 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 30 Apr 2023 20:54:12 GMT

GET
H3 200 spinner.gif
s0.2mdn.net/sadbundle/13257486755633823744/assets/images/ Frame C987 7 KB
7 KB 40ms
40ms Image
image/gif 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13257486755633823744/assets/images/spinner.gif

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13257486755633823744/creative.html?e=69&leftOffset=0&topOffset=0&c=98EVoVlnAK&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bcc5de0f53784c98bf4b3345b43f7d95736bd096e7ce0b8132a0555624adc13a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13257486755633823744/creative.html?e=69&leftOffset=0&topOffset=0&c=98EVoVlnAK&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 08:46:56 GMT
x-content-type-options: nosniff
age: 88398
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6841
x-xss-protection: 0
last-modified: Mon, 28 Feb 2022 16:31:41 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 02 May 2023 08:46:56 GMT

POST
H2 204 collect Show response
f.clarity.ms/ 0
48 B 205ms
205ms XHR
text/plain 20.84.22.197
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://f.clarity.ms/collect
Requested by: Host: f.clarity.ms
URL: https://f.clarity.ms/s/0.6.34/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.84.22.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://2plus2.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: https://2plus2.ua
date: Tue, 03 May 2022 09:20:14 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

GET
H/1.1 200
OK / Show response
api.1plus1.video/home/vmap/ Frame 17BE 753 B
1 KB 85ms
84ms XHR
application/xml 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.1plus1.video/home/vmap/?s=2plus2.ua&r=YUhSMGNITTZMeTh5Y0d4MWN6SXVkV0V2&w=655&h=370&c=12XPPTDu&d=web&p1v=0&pid=4844
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.512.0_uk.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: 1f4c8e17bff3797ed97f1363f741abcf3a47e93630a83c5efd8ac31be60a03f0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 03 May 2022 09:20:14 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: application/xml
Access-Control-Allow-Origin: https://imasdk.googleapis.com
Cache-Control: no-store, no-cache, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Keep-Alive: timeout=15
Expires: Thu, 19 Nov 1981 08:52:00 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 47E3 0
26 B 158ms
77ms Ping
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstUEhfPh3f7SXoo5E-iZNbo_-tC0X-WGlrR4_EbRzJl-YmavK8gJTqt5lowaHe9erxQ44e1IamNGr8Oq_cZFfR5GJUFBxAaWjwWZRDQ4fPd17UZhUNI-xrDRX1JUwkTp0czfBRBYTclWO6LGYYMtgMVl2ttGWPwgUaXXfDYl7iPveaQjyWkhiwhrkqWnLpHx7Wg6hrb46ECUuGXK67ZiGaGX5Wr5a-3IOgv7gPLLjcI0i8_LtKfNPAQVA-e_jDZUvfUuYooo8cA0grmmnY_tysxP6Knd_4CURxAwUHPyipnkRCpcwHbHXle498tEURK6oi2vbx0AKv9tX4o_EDf-CDhk59GDv8m1QrfHvRDUB5taDN8CZNft6uTCokUwSjfC2VKfIG9sxmR-I35nDe4WkW_FBDKYWnCH3SmcyHiem8mh_Pkv7XYdsNQe1I4ihKoi6UVBcaQyjMOP-wgnvQQnhActTR2wju03MOCiicD3jRjleNKB0OT25Szcme2aiPmiKwYCx-ha8JnW-0E_medPlFjNpcL-b4XzwxXPU1sese7sIm9OkxxYox3odQ2gyuiCY2vE5x1H81NsG_Oqt0UEEYUgb0oyBUj0oZYbagUJ6oJZkW7UH8j2gjR69PY7Xvp_qkgjDbVfli7l-9sca2qQ-35jGZysbgS0W_11-nzva6j9_uKNPorLcPdP04RRp9bDqHHOVwzST3-iOi_mENuSOGEQ4tiYPoPMILm5uDYsTACeEv0RrTeI6BlbL2WMcXnV_6DA5zcO7KkFhzuxUBDpLRB3CaaexsuSCk_vjjj9NRT8SVrOkEIdO0TaIr1ysywglm_vpx-fSW6VdoW454X8WMDk9JONZ66TAgZVo2ySBxB8Nn1wRkQIoYOOA7T8-36JR89xshdnLUdG6L7R_C-CUcK6sV3FfXf3RCuQGHDIOzbeZGicEfXvzVHpyM7uQtRU1TSAz76fAi_wBdiXEl-IVPtDlgBJI7wgpJfvMifP9HOwmhJUcW3PUluS0y1cGGlDljGxwcZ5I-E5541WEknjVycGdTulJ4l2YnQKAaxWY3PfvnQ7ZSN_nOnivWF490nIJVyEGZYxnJHfX70d_lbj9EFmXs2Hsy4W8UeLHxeFnLGX_7nISPcOoGJTYDtw7XjqUVR_TGk3KUEQuA7FCaRLQdCrR3KOlNxLK9v4TkV9xS8B2Q&sai=AMfl-YTofB2txehPYkBiyXYWbmPA9EeaMIt9FSNsySTPcOMYsTEMBTKt95jOace1cmyAzg_e-EIZBQ21nWzANQrwiF0u-VttW0snfsJr2XMnmPVpiTyGCzdWjzBZhaCjk0eT2CFfIHCKUXtX0AhH5OhG-ExZIVb18Qehq9uUpxDuE__DixQnJYeynGLuoHG1CV4qmM1VVvfspJVSd7OhvaWviNimqeMdVKdrrT_7AxqgWAUf&sig=Cg0ArKJSzGAXsgl_vUWnEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=617&vt=11&dtpt=356&dett=3&cstd=255&cisv=r20220428.82819&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: 2plus2.ua
URL: https://2plus2.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://476a1c182686a12c4c773233b90813f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 03 May 2022 09:20:15 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame D093 7 KB
6 KB 133ms
53ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1f6b48bc75aec4cbc56ce525a287844e832f01c262d4d64eccbd195a7f86d2f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 03 May 2022 09:20:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5640
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame C987 7 KB
5 KB 129ms
57ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

799af27d5651a4bdd3bcd6c4a27a85c5598a0853cbff1cc1c88a92bb5b3b6575

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 03 May 2022 09:20:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5462
x-xss-protection: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5ED1 0
26 B 132ms
76ms Ping
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv7wA4gga-21Q4CQpdRAFIonmi9Cbk2ZPbXmt0D0-EldhBPB5bsUIdC_mx2j-x3R0slColcFs-nDG6HKWnvfz6no2fIqzbhsB3yoxGndzCU1yeKo4ZAfNGsRh047MaovTIj-rDR8vWZP6T4ncKWdYVSpMxrBZXwVmYcpvWwlETP9FosVusR1FjPjEpfkJGe2UJqFH_ihZOsTqRNpV6COTyDn-H9f8J0kgT5MhEJmad1Ig8cmykz3ECWpePPyB7Vt4-hKTGEz7syU55TUrP2W1l1S7ooTXQcMTIlSlpYGmzplmakccJP9Kyq9MtL8IhgrKs8AYA9w3Wh7sLWLNBczGK_SGyv92a66hyOZtpUUrog2frK0Cpbl40UgRn1w99D1hT23CgDNghTfyc_EOQ8Mfx9MuMe9cP9R3OMUIbg5v-AQnW7oRni_i5VOCg2eGarV644bne-49hktvx6n9FQQ6gdFfItuAoXlOfGyXRAlpIoX7STXLmuwHZVpp30HrvOrRY456c0ZzOSGYue6Oay4DAVLZ4-qIPt9wNwFibVKg_p8vD9KoxGgrMnBXLzC_Q4AZztelDQ-SG9WxXjGCfvBo-X1IQ81wANrGENuS3Xs8C7UdsXwPIjYwSP_4kfJ0oEp-w9iC9ATQCWxXAh7fCQf8SpuhHfOvvBDNNuAmOdvE4HQr9SHDNQIkR7UrzaGLM-TtKZsVl0NpNja0rSejFWH5JQQgZfmGb8q6Ag3gvlo_GScJ6eLKyVCZVs1lFCiAdfVh6lABtKMi_KYVSjWczQUOjuQPJR-lUuU14TQxs4aB8KffcW-BiUanCFNj_BNjMYtjHhy3YSAvAX_qffsFRpdo5QJLlYw8Bh_yQ1JGcniK1MTY8VAxuBEF1xRTWD_iwNdKVUznR13AdM_jjHLD3g7SWTguywl31-oM3y8JtP8ALHMhHNJ3hYpisZ__bDChbEvEWvf4IJGIenBwwgYmlCdB6HQ6KSJX2ty71BDFQ0HywmRdVe-1EJA86cUG3PTEubIuAWko_9w6YTmS6NG1Tvv3JrZycLHTNpNyP2kNID8KhBAzqQuFML8Jk5cYEfJPsgB6FnYeV0Gt3g5-TFoxoJOqnAzd7jlhoON6Bd6nwQMNDI3oNNllW8NLUe92UDzNv7y3BNDJV7SWj9DUTn0K5xV8BWck4M3e7WO5ZwPl8tfke8CnxqI9g&sai=AMfl-YRxWJDMcsdzNne4imcw0F0kfwzCqqMOTnO6Yt-96UB1k7EsvXqcWVhjGBpDFFle30TDxoeF2YTyQe4TY2ChyZmbaNKrbHrX1tNBXeKBTBQg5JRqXYwTNN_IQNn1ZgEpG_8J6396D8lVCHtQX8jpYen2NENIE53Cm4m0aM2aaJ1_Ry4249b6pnakpzwM__wgXDv00owouC-EF6A2yQpritBepCpG1MSYpam0vMAUJyjb&sig=Cg0ArKJSzEgXSimlvNq2EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=607&vt=11&dtpt=370&dett=3&cstd=234&cisv=r20220428.81059&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: 2plus2.ua
URL: https://2plus2.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://476a1c182686a12c4c773233b90813f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 03 May 2022 09:20:15 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=CC75FAD5CCD84471958AA0AC9F673801&RedC=c.clarity.ms&MXFR=2E142F1DC9F56BE135993E84CDF5651D
https://c.clarity.ms/c.gif?CtsSyncId=CC75FAD5CCD84471958AA0AC9F673801&MUID=03F5168D576463DB3710071456076267

42 B
368 B

37ms
37ms

Image
image/gif

52.142.114.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=CC75FAD5CCD84471958AA0AC9F673801&MUID=03F5168D576463DB3710071456076267
Protocol: H2
Server: 52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 May 2022 09:20:14 GMT
last-modified: Fri, 18 Mar 2022 19:39:54 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "8120eaf0ff3ad81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Tue, 03 May 2022 09:20:14 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 43A555A7842E489FB7A58825734309D0 Ref B: LTSEDGE1014 Ref C: 2022-05-03T09:20:15Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=CC75FAD5CCD84471958AA0AC9F673801&MUID=03F5168D576463DB3710071456076267
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 120ms
63ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022042801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2738ba67c621eb3358507c6322fb7ef3a26e309f6aac919a0e014397fe001f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 03 May 2022 09:20:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10536
x-xss-protection: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 275F 14 KB
6 KB 108ms
39ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=2plus2.ua

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

9f91c1388dbe365f97266d27ba1552f59cfbd080290b31a58b1e6c615e9fae1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://2plus2.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-length: 5884
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 03 May 2022 09:20:14 GMT
server-processing-duration-in-ticks: 2050
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 style.css
s0.2mdn.net/sadbundle/4537377904274702336/980x90/assets/css/ Frame D093 22 KB
2 KB 40ms
39ms Stylesheet
text/css 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4537377904274702336/980x90/assets/css/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4537377904274702336/980x90/assets/js/initial.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb7915288c6aa2217da8a06f3dde2a32afa68281b10c7215130f64057db060d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4537377904274702336/980x90/creative.html?e=69&leftOffset=0&topOffset=0&c=ylLLqaiUMC&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 07:44:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5723
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2436
x-xss-protection: 0
last-modified: Wed, 01 Dec 2021 21:17:16 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 03 May 2023 07:44:51 GMT

GET
H3 200 jquery.textfit.min.js Show response
s0.2mdn.net/sadbundle/4537377904274702336/980x90/assets/js/ Frame D093 1 KB
677 B 41ms
40ms Script
application/x-javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4537377904274702336/980x90/assets/js/jquery.textfit.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4537377904274702336/980x90/assets/js/initial.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2c5aae989ebecc48aa3e455d9e066b4f90add7ecafef55cef8fce5a5823a735

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4537377904274702336/980x90/creative.html?e=69&leftOffset=0&topOffset=0&c=ylLLqaiUMC&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 15:51:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 408497
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 648
x-xss-protection: 0
last-modified: Wed, 01 Dec 2021 21:17:16 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 28 Apr 2023 15:51:57 GMT

GET
H3 200 nhdynamic.js Show response
s0.2mdn.net/sadbundle/4537377904274702336/980x90/assets/js/ Frame D093 36 KB
6 KB 41ms
40ms Script
application/x-javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4537377904274702336/980x90/assets/js/nhdynamic.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4537377904274702336/980x90/assets/js/initial.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

753d27a5b343eb9b0f4352b332917973b9b4b2a35abd8f4c8d20d2245a84b0d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4537377904274702336/980x90/creative.html?e=69&leftOffset=0&topOffset=0&c=ylLLqaiUMC&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 15:51:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 408497
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5743
x-xss-protection: 0
last-modified: Wed, 01 Dec 2021 21:17:16 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 28 Apr 2023 15:51:57 GMT

GET
H3 200 youtubeApi.js Show response
s0.2mdn.net/sadbundle/4537377904274702336/980x90/assets/js/ Frame D093 1 KB
474 B 41ms
40ms Script
application/x-javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4537377904274702336/980x90/assets/js/youtubeApi.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4537377904274702336/980x90/assets/js/initial.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

590c9c8a499bf5bd52784c2bbbe0c69bc4f2f8c2ed0cc0e44c3cdaa62e1d672b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4537377904274702336/980x90/creative.html?e=69&leftOffset=0&topOffset=0&c=ylLLqaiUMC&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 07:44:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5723
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 445
x-xss-protection: 0
last-modified: Wed, 01 Dec 2021 21:17:16 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 03 May 2023 07:44:51 GMT

GET
H3 200 style.css
s0.2mdn.net/sadbundle/13257486755633823744/assets/css/ Frame C987 38 KB
3 KB 40ms
39ms Stylesheet
text/css 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/13257486755633823744/assets/css/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13257486755633823744/assets/js/initial.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af2497deef4e5817714307172348fd769450ff768ae44786d90eff608deb4207

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13257486755633823744/creative.html?e=69&leftOffset=0&topOffset=0&c=98EVoVlnAK&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 08:46:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 88397
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3307
x-xss-protection: 0
last-modified: Mon, 28 Feb 2022 16:31:41 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 02 May 2023 08:46:57 GMT

GET
H3 200 nhdynamic.js Show response
s0.2mdn.net/sadbundle/13257486755633823744/assets/js/ Frame C987 32 KB
5 KB 44ms
43ms Script
application/x-javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/13257486755633823744/assets/js/nhdynamic.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13257486755633823744/assets/js/initial.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81979f14d2642e23f5e528631a42caf71e2da909e3605a5324dda52cba304d44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13257486755633823744/creative.html?e=69&leftOffset=0&topOffset=0&c=98EVoVlnAK&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 01 May 2022 17:19:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 144023
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5410
x-xss-protection: 0
last-modified: Mon, 28 Feb 2022 16:31:41 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 01 May 2023 17:19:51 GMT

GET
H3 200 youtubeApi.js Show response
s0.2mdn.net/sadbundle/13257486755633823744/assets/js/ Frame C987 1 KB
474 B 42ms
41ms Script
application/x-javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/13257486755633823744/assets/js/youtubeApi.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13257486755633823744/assets/js/initial.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

590c9c8a499bf5bd52784c2bbbe0c69bc4f2f8c2ed0cc0e44c3cdaa62e1d672b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13257486755633823744/creative.html?e=69&leftOffset=0&topOffset=0&c=98EVoVlnAK&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 20:54:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 217561
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 445
x-xss-protection: 0
last-modified: Mon, 28 Feb 2022 16:31:41 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 30 Apr 2023 20:54:13 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2FAF 0
20 B 80ms
78ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BZCkAzvNwYtH3C9Wt3gPk45aIBAAAAAA4AeAEAg&bg=!TE-lTwvNAAZNIUvJbSE7ACkAdvg8WkPJQc-HYZZovtVz5fpJHTkNwCc_3n1tQkLJJBeqX1_uR4noQQIAAAEbUgAAAANoAQeZAy2Wn8nw4S7fJLwJUCS0xV_TWO9M7LKQZxDz-H_yG41aYLT3R6NwUDrs8W9arbKD3F3_c-bqR0dsLvBLHNd2WDmtWyO5TkEPWxwqRcL1VToZv85Q_t_eCorln8JWyWyLIjHuL3hPAw1A8mq_aDQ-_WKciPx5yinchUKbZDXyplZMYnWX-w4jvxWziD2He2MbcVxy_DktQniPyNXjlJLI66yRUrDIcavFjzWZtTsEWj2OpFFUfyPBIfz6Q-VZQjvThSRnCeOMkKaD1sLy5edXJsObyrWz66xGE2nTVKjPSxqzJDbQGUsfuWvo5yqsmGqSvqK5d8qXV_1B67Zs-IgTZZ_wmcm7xARWoaywd86JK15QHxcyetb8Z8rlWG4yw7DtNafe8Fvqp4yAj3j5pBqpaeq7eIOsCsYEdv6NpD-uWoaA84zy4YVt3WLoDjmQjnL8r37tdjLmIahpBudFdCeIT4YLX_cay5Ne3r4NDl09FvlN7KE3-KMXvbg8x9MErPqlluX63nNsEvNq1KELAnemwugOt3gXK0W697V_y5_6rnZC-TRTRuZ2aU_IWgsqm9Uv2gyBLl_FCtLZ75uzoXRl5Khsy4MDShMFixfKVeiVKkV-q6zEWNDau73zrpTYY5cKseWq31so9K2f6EdmBe_elG-FjUe3FJN5DTy6mUPawWfTEuR1v2tIl9G9HIy5vbJYtwuSVEXEs7Vm-_y16c1CRMUVBz_Wk7_9Al3O6-pPopLwJmORcRqocnRmOfsGwRvCkcSyihUtK2-yPFkeLzNSuE_CWlAIg7PVlHwOV8W1XLGFrbADyQdg_pDpti9kl7BP3WHdaG7smQWKBhgA0bX85-n8Vvt7kePbyNvUhFXeHO0Otk2Hwq6i1IcGe5BwdzMhAdjidk-ucOl8divlYH3kLZjEnAQ2BOGfp0QNF3t5IxHccHtlyra4Ivk_PltfWc8TQpv4TLGIcQSPJ_pd4qjC2pmVdhdaXWMXaFNDQ-FfWG_DCjDfUhRPWtL1o1eJNeSrN7QE8_8gahU5szkJmFlN307xMF8NzuPSaz8DkTnVXrlIwYc6jQwNJ42h9oRepdI

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 May 2022 09:20:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 iframe_api Show response
www.youtube.com/ Frame D093 980 B
806 B 146ms
61ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4537377904274702336/980x90/assets/js/youtubeApi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

24c20afcfcae6b8d263d90aaa9f6fc4d73ce39ff65bfbb3c99ceea042f67c6d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:20:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en-GB for more info."
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Tue, 03 May 2022 09:20:15 GMT

GET
H3 200 63009_20220325045512315_background_980x90_1.jpg
s0.2mdn.net/ads/richmedia/studio/63009/ Frame D093 28 KB
28 KB 40ms
39ms Image
image/jpeg 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/63009/63009_20220325045512315_background_980x90_1.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46e7181ef3d1b31ca4e35d1f1a0a4be9aa4b027a4d19ee9681ff728ae7563ebd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4537377904274702336/980x90/creative.html?e=69&leftOffset=0&topOffset=0&c=ylLLqaiUMC&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:14:31 GMT
x-content-type-options: nosniff
age: 344
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28433
x-xss-protection: 0
last-modified: Fri, 25 Mar 2022 11:55:12 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 04 May 2022 09:14:31 GMT

GET
H3 200 63009_20220325045515289_background_980x90_2.jpg
s0.2mdn.net/ads/richmedia/studio/63009/ Frame D093 28 KB
28 KB 137ms
137ms Image
image/jpeg 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/63009/63009_20220325045515289_background_980x90_2.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46e7181ef3d1b31ca4e35d1f1a0a4be9aa4b027a4d19ee9681ff728ae7563ebd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4537377904274702336/980x90/creative.html?e=69&leftOffset=0&topOffset=0&c=ylLLqaiUMC&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:14:31 GMT
x-content-type-options: nosniff
age: 344
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28433
x-xss-protection: 0
last-modified: Fri, 25 Mar 2022 11:55:15 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 04 May 2022 09:14:31 GMT

GET
H3 200 63009_20220325045518131_background_980x90_3.jpg
s0.2mdn.net/ads/richmedia/studio/63009/ Frame D093 28 KB
28 KB 138ms
137ms Image
image/jpeg 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/63009/63009_20220325045518131_background_980x90_3.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46e7181ef3d1b31ca4e35d1f1a0a4be9aa4b027a4d19ee9681ff728ae7563ebd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4537377904274702336/980x90/creative.html?e=69&leftOffset=0&topOffset=0&c=ylLLqaiUMC&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:14:31 GMT
x-content-type-options: nosniff
age: 344
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28433
x-xss-protection: 0
last-modified: Fri, 25 Mar 2022 11:55:18 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 04 May 2022 09:14:31 GMT

GET
H3 200 GothamNarrow-Bold.woff
s0.2mdn.net/sadbundle/4537377904274702336/980x90/assets/fonts/ Frame D093 80 KB
80 KB 42ms
42ms Font
font/woff 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4537377904274702336/980x90/assets/fonts/GothamNarrow-Bold.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4537377904274702336/980x90/assets/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a7b3c6dd66c88e7db6eeb6ca64342e2256a61bcd96889b2f6337aca61a0237a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/4537377904274702336/980x90/assets/css/style.css
Origin: https://s0.2mdn.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 15:51:57 GMT
x-content-type-options: nosniff
age: 408498
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 81884
x-xss-protection: 0
last-modified: Wed, 01 Dec 2021 21:17:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 28 Apr 2023 15:51:57 GMT

GET
H3 200 GothamNarrow-Medium.woff
s0.2mdn.net/sadbundle/4537377904274702336/980x90/assets/fonts/ Frame D093 81 KB
81 KB 46ms
46ms Font
font/woff 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4537377904274702336/980x90/assets/fonts/GothamNarrow-Medium.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4537377904274702336/980x90/assets/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5d958be76e970124b20b9d17b84962fae1ad78a436652cf10194ac5fb3ab27f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/4537377904274702336/980x90/assets/css/style.css
Origin: https://s0.2mdn.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 15:51:57 GMT
x-content-type-options: nosniff
age: 408498
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 82744
x-xss-protection: 0
last-modified: Wed, 01 Dec 2021 21:17:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 28 Apr 2023 15:51:57 GMT

GET
H3 200 flecha.png
s0.2mdn.net/sadbundle/4537377904274702336/980x90/assets/images/ Frame D093 1 KB
1 KB 140ms
140ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4537377904274702336/980x90/assets/images/flecha.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3042250e6e9ece43bc139bb6a515d7e75012e511f655015d64798a84e8e1cf0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4537377904274702336/980x90/creative.html?e=69&leftOffset=0&topOffset=0&c=ylLLqaiUMC&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 07:44:51 GMT
x-content-type-options: nosniff
age: 5724
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1053
x-xss-protection: 0
last-modified: Wed, 01 Dec 2021 21:17:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 03 May 2023 07:44:51 GMT

GET
H2 200 if Show response
a4p.adpartner.pro/tracker/ Frame 7896 0
139 B 56ms
56ms Document
image/gif 54.38.197.123
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%22d7d48cc1-6e44-4292-b809-7a99e28e983f%22%2C%22event%22%3A%22ad_iab_show%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A965093%2C%22cost%22%3A0.000859951%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%223e2d6bba-85f5-49f6-b7ce-6322715babdc%22%7D%5D%2C%22unit_id%22%3A7803%2C%22region_id%22%3A112%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252F2plus2.ua%252F%22%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-01.adpartner.pro
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate no-store no-transform
content-length: 0
content-type: image/gif
date: Tue, 03 May 2022 09:20:15 GMT
expires: 0
pragma: no-cache
server: nginx

GET
H2 200 if Show response
a4p.adpartner.pro/tracker/ Frame EA3B 0
139 B 56ms
54ms Document
image/gif 54.38.197.123
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%22d7d48cc1-6e44-4292-b809-7a99e28e983f%22%2C%22event%22%3A%22ad_iab_show%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A965090%2C%22cost%22%3A0.000810185%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%224de889b5-1fb9-49b4-8cf5-b813b7d4501b%22%7D%5D%2C%22unit_id%22%3A7803%2C%22region_id%22%3A112%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252F2plus2.ua%252F%22%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-01.adpartner.pro
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate no-store no-transform
content-length: 0
content-type: image/gif
date: Tue, 03 May 2022 09:20:15 GMT
expires: 0
pragma: no-cache
server: nginx

GET
H2 200 if Show response
a4p.adpartner.pro/tracker/ Frame BAF0 0
139 B 55ms
53ms Document
image/gif 54.38.197.123
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%22d7d48cc1-6e44-4292-b809-7a99e28e983f%22%2C%22event%22%3A%22ad_iab_show%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A987710%2C%22cost%22%3A0.000543109%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22c825b40e-22d7-4537-b8fc-32c0c190ef49%22%7D%5D%2C%22unit_id%22%3A7803%2C%22region_id%22%3A112%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252F2plus2.ua%252F%22%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-01.adpartner.pro
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate no-store no-transform
content-length: 0
content-type: image/gif
date: Tue, 03 May 2022 09:20:15 GMT
expires: 0
pragma: no-cache
server: nginx

GET
H2 200 if Show response
a4p.adpartner.pro/tracker/ Frame EBBA 0
139 B 56ms
55ms Document
image/gif 54.38.197.123
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%22d7d48cc1-6e44-4292-b809-7a99e28e983f%22%2C%22event%22%3A%22ad_iab_show%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A989137%2C%22cost%22%3A0.000528751%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%228e72179c-ef48-48f4-b0f4-bdcb955921cb%22%7D%5D%2C%22unit_id%22%3A7803%2C%22region_id%22%3A112%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252F2plus2.ua%252F%22%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-01.adpartner.pro
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate no-store no-transform
content-length: 0
content-type: image/gif
date: Tue, 03 May 2022 09:20:15 GMT
expires: 0
pragma: no-cache
server: nginx

GET
H2 200 if Show response
a4p.adpartner.pro/tracker/ Frame BB1A 0
139 B 55ms
54ms Document
image/gif 54.38.197.123
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%22d7d48cc1-6e44-4292-b809-7a99e28e983f%22%2C%22event%22%3A%22unit_iab_show%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A965093%2C%22cost%22%3A0.000859951%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%223e2d6bba-85f5-49f6-b7ce-6322715babdc%22%7D%2C%7B%22ad_id%22%3A965090%2C%22cost%22%3A0.000810185%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%224de889b5-1fb9-49b4-8cf5-b813b7d4501b%22%7D%2C%7B%22ad_id%22%3A987710%2C%22cost%22%3A0.000543109%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22c825b40e-22d7-4537-b8fc-32c0c190ef49%22%7D%2C%7B%22ad_id%22%3A989137%2C%22cost%22%3A0.000528751%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%228e72179c-ef48-48f4-b0f4-bdcb955921cb%22%7D%5D%2C%22unit_id%22%3A7803%2C%22region_id%22%3A112%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252F2plus2.ua%252F%22%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-01.adpartner.pro
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate no-store no-transform
content-length: 0
content-type: image/gif
date: Tue, 03 May 2022 09:20:15 GMT
expires: 0
pragma: no-cache
server: nginx

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 35C7 0
20 B 75ms
75ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BfOHwzvNwYuuADKaM3gPdqKuIDAAAAAA4AeAEAg&bg=!8vGl8bXNAAZNIUvJbSE7ACkAdvg8WqPxI9AFGhbatt-XA9shv-KeW671tk8FnAeVlnnHtn02wgBnMAIAAAFGUgAAAAJoAQeZAuPB6PlLPhN_bPd0qzDY9YkGcQ-mSkc4lyoiVUxN13FPmSHlfBwSfmQLLANjWE_oX_VdFwk2lfjRvxDj1Vl6N-14ax24F37AO-CW-nHHKNlwVcOEvAAYdQPOiZw92Ebb91AkRz43GVb82wIpGcv3ovoEAKJQP0GBLdGM8BtHWUCbpw2hE9WkrEulSLhxbbnrVW7XhmdqXe4tUWsbLYzkfa4ekqjvCxC-kSIiYxFjLX0W5BPTtSK-fO6lsIKg-ozL6c697I6K1NaknTitudEcZw53IrzJg39RtTLBOiJ5NUr_sJSJaapPUpouDbU_42ZFlBdjrWYxOSmPajGYyLiIJ2VOg-RPV7rtf0LQVvHemEOiY5ttRZqJvPjVIjnh40COay1nY-HJnZ3PD89HZE4lH5mGIJEHLLlPlWN95JzhTy08U1vaE6npDSlhcfYKArNw2GEcegE_cBxnLfEi2yNOxFAQKgPzwhX5QhjNofNDEDYRcjg7K53xUqWyl4prJXn5CN0tqnYKxEbKdnErR9izBrT0iipu3dj2xGfB-UChymH0R_0N5i1pxOGq4GdyfcZqMOuf22GWmJ8uSfc8nBhE6Z2PGNL2_CmbNTFUZc6Kx9pMnhEbsc_7ZeBr8aztLlH0dnnYQ-8gcUXdgTBoN1-PCv7IXuDmDjRjM4hXNGSGqCzr7ey8aKSBvYPz85knF3rHnKaRO7S0Bzt-_MjPuf25-F7rO1Vi8wFFoG-GnbEGNY6_rrCCIWBMMi-okXZYmEHlgD7TDD_vMvGCbz1rLWIgm84FaVbW4Yx5Lca270uq8lGcZYT8z6K6K5gQss8V__TpV1b86_cAsIehFtGQeB30tTSdMgQzlGbPpydzIBusC6I79ClcC4ME-ZjrSFtnGwpg5dKqPzXhk3B4JRPQ1D2oTjBq67LF6ahWh4ihRlFDTcDK57iMVn81wKI7JXtTCzilcFwwb1dP2Os5xZ6XDTo-uZ5umlUo

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 May 2022 09:20:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame C987 17 KB
6 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:20:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 03 May 2022 09:20:15 GMT

GET
H2 200 iframe_api Show response
www.youtube.com/ Frame C987 980 B
2 KB 76ms
56ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13257486755633823744/assets/js/youtubeApi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

24c20afcfcae6b8d263d90aaa9f6fc4d73ce39ff65bfbb3c99ceea042f67c6d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:20:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en-GB for more info."
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Tue, 03 May 2022 09:20:15 GMT

GET
H3 200 63009_20220325045341299_background_300x250_1.jpg
s0.2mdn.net/ads/richmedia/studio/63009/ Frame C987 41 KB
41 KB 118ms
118ms Image
image/jpeg 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/63009/63009_20220325045341299_background_300x250_1.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7559277c95fdb841965396b8b5340113d8cab8a3b029f75bcfddb847644876a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13257486755633823744/creative.html?e=69&leftOffset=0&topOffset=0&c=98EVoVlnAK&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 04:53:11 GMT
x-content-type-options: nosniff
age: 16024
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41659
x-xss-protection: 0
last-modified: Fri, 25 Mar 2022 11:53:41 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 04 May 2022 04:53:11 GMT

GET
H3 200 63009_20220325045344397_background_300x250_2.jpg
s0.2mdn.net/ads/richmedia/studio/63009/ Frame C987 41 KB
41 KB 121ms
121ms Image
image/jpeg 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/63009/63009_20220325045344397_background_300x250_2.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7559277c95fdb841965396b8b5340113d8cab8a3b029f75bcfddb847644876a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13257486755633823744/creative.html?e=69&leftOffset=0&topOffset=0&c=98EVoVlnAK&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 04:53:11 GMT
x-content-type-options: nosniff
age: 16024
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41659
x-xss-protection: 0
last-modified: Fri, 25 Mar 2022 11:53:44 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 04 May 2022 04:53:11 GMT

GET
H3 200 63009_20220325045347378_background_300x250_3.jpg
s0.2mdn.net/ads/richmedia/studio/63009/ Frame C987 41 KB
41 KB 124ms
123ms Image
image/jpeg 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/63009/63009_20220325045347378_background_300x250_3.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7559277c95fdb841965396b8b5340113d8cab8a3b029f75bcfddb847644876a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13257486755633823744/creative.html?e=69&leftOffset=0&topOffset=0&c=98EVoVlnAK&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 04:53:11 GMT
x-content-type-options: nosniff
age: 16024
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41659
x-xss-protection: 0
last-modified: Fri, 25 Mar 2022 11:53:47 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 04 May 2022 04:53:11 GMT

GET
H3 200 GothamNarrow-Bold.woff
s0.2mdn.net/sadbundle/13257486755633823744/assets/fonts/ Frame C987 80 KB
80 KB 62ms
60ms Font
font/woff 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/13257486755633823744/assets/fonts/GothamNarrow-Bold.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13257486755633823744/assets/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a7b3c6dd66c88e7db6eeb6ca64342e2256a61bcd96889b2f6337aca61a0237a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/13257486755633823744/assets/css/style.css
Origin: https://s0.2mdn.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 08:48:01 GMT
x-content-type-options: nosniff
age: 88334
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 81884
x-xss-protection: 0
last-modified: Mon, 28 Feb 2022 16:31:41 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 02 May 2023 08:48:01 GMT

GET
H3 200 GothamNarrow-Medium.woff
s0.2mdn.net/sadbundle/13257486755633823744/assets/fonts/ Frame C987 81 KB
81 KB 64ms
62ms Font
font/woff 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/13257486755633823744/assets/fonts/GothamNarrow-Medium.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13257486755633823744/assets/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5d958be76e970124b20b9d17b84962fae1ad78a436652cf10194ac5fb3ab27f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/13257486755633823744/assets/css/style.css
Origin: https://s0.2mdn.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 08:48:01 GMT
x-content-type-options: nosniff
age: 88334
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 82744
x-xss-protection: 0
last-modified: Mon, 28 Feb 2022 16:31:41 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 02 May 2023 08:48:01 GMT

GET
H3 200 flecha.png
s0.2mdn.net/sadbundle/13257486755633823744/assets/images/ Frame C987 1 KB
1 KB 110ms
109ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13257486755633823744/assets/images/flecha.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c105e09261837014bfa09a76c87ebcb5dc83606c1ce6f8bae7049b6037c6bed8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13257486755633823744/creative.html?e=69&leftOffset=0&topOffset=0&c=98EVoVlnAK&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 08:46:57 GMT
x-content-type-options: nosniff
age: 88398
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1061
x-xss-protection: 0
last-modified: Mon, 28 Feb 2022 16:31:41 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 02 May 2023 08:46:57 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame D093 17 KB
6 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:20:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 03 May 2022 09:20:15 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 63ms
63ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:20:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 03 May 2022 09:20:15 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 275F
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=2plus2.ua&sn=ChromeSyncframe&so=0&topUrl=2plus2.ua&cw=1&lsw=1&topicsavail=0
https://mug.criteo.com/sid?cpp=Xt91V3x6cFRuN1lnbjBJZmNraHpnQVRQVWFyTXdRSGV1ZU9ucWt0MXlMSDFjQnFWZlhpUFBoZlg1eUg0em0wWHBQak9lUStlYWFyL2RVWkVScnpxblFoN1Iyb3FUUTBiZjRGYUlPTEhBV0VlUVkwWktsc3hScldBUmV5V0...

441 B
641 B

140ms
37ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=Xt91V3x6cFRuN1lnbjBJZmNraHpnQVRQVWFyTXdRSGV1ZU9ucWt0MXlMSDFjQnFWZlhpUFBoZlg1eUg0em0wWHBQak9lUStlYWFyL2RVWkVScnpxblFoN1Iyb3FUUTBiZjRGYUlPTEhBV0VlUVkwWktsc3hScldBUmV5V0d1MDc1dGM1bGVqWnZlZFBHdksrZ3pJZG8rYmVRN1h4U0Q5T1FBUXlQY056RGJBSXV5N21Mb3lrSGxZZWc5c01KRURzaFpmaWJnRURNZGduWlVUa3hzTmRESHFOR1BMUFZQSVpKekFnWWFkKytvWkcrblRGYXAxeGZSb21XT3JSbW5PUnlHUXRrbGlRUk1DeW1nZE1QMklrMHNQQjFMZz09fA&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

ad91aca1b613fb264a07497ce3ecb9bc81fafdff7e5124ca6d458a9b56471b20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 May 2022 09:20:14 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 4437
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 03 May 2022 09:20:14 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=Xt91V3x6cFRuN1lnbjBJZmNraHpnQVRQVWFyTXdRSGV1ZU9ucWt0MXlMSDFjQnFWZlhpUFBoZlg1eUg0em0wWHBQak9lUStlYWFyL2RVWkVScnpxblFoN1Iyb3FUUTBiZjRGYUlPTEhBV0VlUVkwWktsc3hScldBUmV5V0d1MDc1dGM1bGVqWnZlZFBHdksrZ3pJZG8rYmVRN1h4U0Q5T1FBUXlQY056RGJBSXV5N21Mb3lrSGxZZWc5c01KRURzaFpmaWJnRURNZGduWlVUa3hzTmRESHFOR1BMUFZQSVpKekFnWWFkKytvWkcrblRGYXAxeGZSb21XT3JSbW5PUnlHUXRrbGlRUk1DeW1nZE1QMklrMHNQQjFMZz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1760
content-length: 541
expires: 0

GET
H3 200 L40_bwVzlW8spCJYIlxRfazkqz_naZf8jNC5QLvZgqM.js Show response
pagead2.googlesyndication.com/bg/ Frame DDE4 35 KB
13 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/L40_bwVzlW8spCJYIlxRfazkqz_naZf8jNC5QLvZgqM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f8d3f6f0573956f2ca42258225c517dace4ab3fe76997fc8cd0b940bbd982a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 01 May 2022 23:24:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 122174
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13610
x-xss-protection: 0
last-modified: Mon, 25 Apr 2022 12:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 01 May 2023 23:24:01 GMT

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/dfe7ea14/www-widgetapi.vflset/ Frame C987 154 KB
50 KB 121ms
41ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/dfe7ea14/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b1aa3a577a8d3f6b07d5dbdb094173604819f73d335e78762298bffac5391dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 08:00:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4784
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51077
x-xss-protection: 0
last-modified: Mon, 02 May 2022 00:13:46 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 03 May 2023 08:00:31 GMT

GET
H3 200 L40_bwVzlW8spCJYIlxRfazkqz_naZf8jNC5QLvZgqM.js Show response
pagead2.googlesyndication.com/bg/ Frame 6BCE 35 KB
13 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/L40_bwVzlW8spCJYIlxRfazkqz_naZf8jNC5QLvZgqM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f8d3f6f0573956f2ca42258225c517dace4ab3fe76997fc8cd0b940bbd982a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 01 May 2022 23:24:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 122174
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13610
x-xss-protection: 0
last-modified: Mon, 25 Apr 2022 12:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 01 May 2023 23:24:01 GMT

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/dfe7ea14/www-widgetapi.vflset/ Frame D093 154 KB
50 KB 114ms
40ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/dfe7ea14/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b1aa3a577a8d3f6b07d5dbdb094173604819f73d335e78762298bffac5391dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 08:00:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4784
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51077
x-xss-protection: 0
last-modified: Mon, 02 May 2022 00:13:46 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 03 May 2023 08:00:31 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DB09 13 KB
5 KB 39ms
38ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2plus2.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 148
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 03 May 2022 09:17:47 GMT
expires: Wed, 03 May 2023 09:17:47 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 49A0 783 B
535 B 48ms
48ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

68f8b1f76b2a4907c4fe8ec6bbabe02c0e331a3234e959c379b5ba731aa85451

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-PJz0BGnnHzdNYzyBs6/hZg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://2plus2.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-PJz0BGnnHzdNYzyBs6/hZg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 03 May 2022 09:20:15 GMT
expires: Tue, 03 May 2022 09:20:15 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 49A0 0
0 90ms
90ms Image
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022042801&jk=2308176489802007&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 L40_bwVzlW8spCJYIlxRfazkqz_naZf8jNC5QLvZgqM.js Show response
pagead2.googlesyndication.com/bg/ Frame DB09 35 KB
13 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/L40_bwVzlW8spCJYIlxRfazkqz_naZf8jNC5QLvZgqM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f8d3f6f0573956f2ca42258225c517dace4ab3fe76997fc8cd0b940bbd982a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 01 May 2022 23:24:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 122174
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13610
x-xss-protection: 0
last-modified: Mon, 25 Apr 2022 12:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 01 May 2023 23:24:01 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame DB09 0
9 B 38ms
38ms Image
text/plain 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?8vPm8w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:20:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 47E3 42 B
64 B 73ms
73ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssjMsbzvVtKXzYZC0DyDE9WCYzk0OExehQMapZ0YbqfLoLzRozZjwzgAoSmRP-g0T0mLv9DHPziP8jiT8_N_Esybp9uFKu19vWbWJsCFsC8LelAQywmCzSh0wtj&sai=AMfl-YQ7xMrC5IoQ_Bz7PnOu15JwtjP5rtCpV-DZRt8an8gI25V9X8qnZ3GIvlx7v13QvYGYWAEGygbkVOdeLbaP4jF4OIIzMpu398J8F1O5Vw&sig=Cg0ArKJSzA_ra5vF5lnTEAE&cid=CAQSLgCNIrLMe6jhWf3nwTas_SqRWkKId_U1i462VEI6okJYTx2st3maIPiJXoFFHRMYAQ&id=lidar2&mcvt=1014&p=1020,80,1110,1060&mtos=1014,1014,1014,1014,1014&tos=1014,0,0,0,0&v=20220502&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3172664935&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1651569614071&rpt=415&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://476a1c182686a12c4c773233b90813f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 May 2022 09:20:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5ED1 42 B
64 B 74ms
73ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss6HduxOnk23WUkrpdpboiCR6QcAsK3ojGMAuXsiiCmgGxbhzdD6yLT19GpRgVYBqkmrVqDDLOWP73spcya5Sl3Q3buLn5vhXlx_oXpNWerLH_WS14Tz1ojWY6Q&sai=AMfl-YTPESAoizwd2ZEFCcL1qq-i-QwNdFNJhpnAG9xvAciCVJd-GB0YqztWbWhASQ9XHVPYb9Yccgf6SmMdBW4OqdU0FwUNyJxzjkGWy73l1g&sig=Cg0ArKJSzEy34SRYSlQQEAE&cid=CAQSLgCNIrLMe6jhWf3nwTas_SqRWkKId_U1i462VEI6okJYTx2st3maIPiJXoFFHRMYAQ&id=lidar2&mcvt=1016&p=645,992,895,1292&mtos=1016,1016,1016,1016,1016&tos=1016,0,0,0,0&v=20220502&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3937908213&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1651569613923&rpt=549&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://476a1c182686a12c4c773233b90813f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 May 2022 09:20:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 107ms
106ms Image
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022042801&jk=2308176489802007&bg=!oKOlo-fNAAZNIUvJbSE7ACkAdvg8WpK-hIwBVjxKebVOZK3JP2nhpUaCmSByetONGAZethxrZGrN1wIAAACgUgAAAANoAQeZApNFwhIqz8XK4-qzGd_SvQvBIa1zYrCM1zLiSXS9BcBU9n9S-OGn6Q9XaHMDo_EoTlrTm9J69OFR0h_4TQFAHohUUUtP-atmvFBD8koD_rjkqjD5rj1LTIDpvF_-r24Hjp4PNwLMuCBBw4N_Ubj5q0YUf5ZTUM_HLg57qL3r4LoUKINLz4YTSqzQaP_GG5twV6SZKVoIXIPwYLrJya071IMzsm4mT2uqhC7domfRfNyDPePJcKZ-ZhAnDWBLV0PVQAipjJBvVfP6y43OUxNvptump2jEoTMR_QfK8Sq3lAz7_3tZTavo7-DK9A09e0jLnu6tL3uPiiw-U3pRUh3efNq2WypUGa9UZL1sTuD3gvx8lmwGaCFEA_IvCSGF9-qIYpq5-5xQOnJMG_sqgLr7ejMgc_JFycZcrtgdn6D3HduxJ0UOpnQxNH5fuYGrYLec6-KbCpb8fwYhxuK8Z1KQb1OMp2LhUsYy5jxK4dR8b4R9RDvulJOSKvxRq4rXTHBPtQ7-oBEjos2ObkSpnw7tZehgcTdMNLR4-VZWbH9Eq9kpu_GF3JXyXlLoEedKZYesK8LmspEwnwlnmVdw2DBM1U9pmZhZKJaYfjagyr40mwrMHMS0yG0avako2t32ZGqQW95EO1iORxP3psKLu5rpQ2gTI66A5JXyxTz0O2oBNI3ymRLJf8_w6A2h6FSP-mF8VeHziOQpdqO0pcyy94v2nYX0_Aov1RryJvgqoNeLI20GrwPYELKugb51_EifQpnGz-U_f3yEA7Q5fX51Ihc1C9ynFiE5CiIonIIioe38XnVUlXOpFMIFGF7EK2WkybwbafTw1fLgYCFCxiNAljP59RM7n5LLCU8MQxia3hSB1K8OEmBKQg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 104ms
35ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2F2plus2.ua%2F&domain=2plus2.ua&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://2plus2.ua
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://2plus2.ua
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Tue, 03 May 2022 09:20:16 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 1398
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2F2plus2.ua%2F&domain=2plus2.ua&cw=1&pbt=1&lsw=1
https://mug.criteo.com/sid?cpp=v__rKXwwd0Y1SDJ0REJWdUNvaEkyNmZuV0tlYzdNTVZibC8yejBJbUhTN1lHc0pOU0JoNzZZdnFKRjMyQVhCbzhudE1Odzg1QlVuekNselNFQmRWWEpJaklGemg0T3B3ZEtUb3BFdjVtM2thK1gwdmFkWkRFRkVTaDJUQW...

401 B
656 B

37ms
37ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=v__rKXwwd0Y1SDJ0REJWdUNvaEkyNmZuV0tlYzdNTVZibC8yejBJbUhTN1lHc0pOU0JoNzZZdnFKRjMyQVhCbzhudE1Odzg1QlVuekNselNFQmRWWEpJaklGemg0T3B3ZEtUb3BFdjVtM2thK1gwdmFkWkRFRkVTaDJUQWl0TmlXRWpDa0xkdmF1KytrWVZKbkhHQ0FyeHFQS0kxdmk1bTVSa2JpWWhuWHk1dzVXSGdUZmdKcmVGZnVpMG55OGkrZDNETEZPVXRpSEVESmFiY3loWU93MU5IMVVoUFpiV0d0T051dEdZR1ZuekIxT3dEQjAxUEVVSzN6TVVxMFlHUFpCMmJSbkRxb2RpWnZzb0V1ZjFBNSthSmljUT09fA&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

c7966ee282a67fbbe27f0b6472868a758490134dc1b9c189f4d0ad7a031ed9da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 May 2022 09:20:15 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 3194
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 03 May 2022 09:20:15 GMT
location: https://mug.criteo.com/sid?cpp=v__rKXwwd0Y1SDJ0REJWdUNvaEkyNmZuV0tlYzdNTVZibC8yejBJbUhTN1lHc0pOU0JoNzZZdnFKRjMyQVhCbzhudE1Odzg1QlVuekNselNFQmRWWEpJaklGemg0T3B3ZEtUb3BFdjVtM2thK1gwdmFkWkRFRkVTaDJUQWl0TmlXRWpDa0xkdmF1KytrWVZKbkhHQ0FyeHFQS0kxdmk1bTVSa2JpWWhuWHk1dzVXSGdUZmdKcmVGZnVpMG55OGkrZDNETEZPVXRpSEVESmFiY3loWU93MU5IMVVoUFpiV0d0T051dEdZR1ZuekIxT3dEQjAxUEVVSzN6TVVxMFlHUFpCMmJSbkRxb2RpWnZzb0V1ZjFBNSthSmljUT09fA&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://2plus2.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1322
content-length: 541
expires: 0

POST
H/1.1 200 692.json Show response
id5-sync.com/g/v2/ 213 B
616 B 157ms
38ms XHR
application/json 141.95.34.104
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/692.json

Requested by

Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/458769/hb_298309_11708.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

141.95.34.104 Paris, France, ASN16276 (OVH, FR),

Reverse DNS

p33.id5-sync.com

Software

Resource Hash

982dde99473d9957b94692add7472bddbe60487e6060091692419e7a1fda8932

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://2plus2.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://2plus2.ua
Date: Tue, 03 May 2022 09:20:15 GMT
Access-Control-Allow-Credentials: true
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: application/json;charset=UTF-8

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 104ms
35ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Tue, 03 May 2022 09:20:15 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 1159
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

POST
H2 204 collect Show response
f.clarity.ms/ 0
48 B 203ms
203ms XHR
text/plain 20.84.22.197
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://f.clarity.ms/collect
Requested by: Host: f.clarity.ms
URL: https://f.clarity.ms/s/0.6.34/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.84.22.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://2plus2.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: https://2plus2.ua
date: Tue, 03 May 2022 09:20:16 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ads.adnuntius.delivery
URL: https://ads.adnuntius.delivery/i?tzo=0&format=json

Domain: ib.adnxs.com
URL: https://ib.adnxs.com/ut/v3/prebid

Domain: fastlane.rubiconproject.com
URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2126352&size_id=15&eid_pubcid.org=0ed01618-9e8e-4813-a642-9d56efcbd391%5E1&rf=https%3A%2F%2F2plus2.ua%2F&tg_i.pbadslot=%2F82479101%2F2plus2.ua%2F2plus2_300x250%23ad-slot-1&tk_flint=pbjs_lite_v6.7.0-pre&x_source.tid=b0d4d4a9-bac5-4696-9e55-9d2c1c30c532&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F82479101%2F2plus2.ua%2F2plus2_300x250%23ad-slot-1&slots=1&rand=0.5673258635422744

Domain: fastlane.rubiconproject.com
URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2126352&size_id=10&eid_pubcid.org=0ed01618-9e8e-4813-a642-9d56efcbd391%5E1&rf=https%3A%2F%2F2plus2.ua%2F&tg_i.pbadslot=%2F82479101%2F2plus2.ua%2F2plus2_300x600_2%23ad-slot-2&tk_flint=pbjs_lite_v6.7.0-pre&x_source.tid=be50e00f-28fe-4e56-a420-8885cb961b15&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F82479101%2F2plus2.ua%2F2plus2_300x600_2%23ad-slot-2&slots=1&rand=0.7750664410419461

Domain: prebid.a-mo.net
URL: https://prebid.a-mo.net/a/c

Domain: fastlane.rubiconproject.com
URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48106&zone_id=2153570&size_id=15&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=0ed01618-9e8e-4813-a642-9d56efcbd391%5E1&rf=https%3A%2F%2F2plus2.ua%2F&tg_i.pbadslot=%2F82479101%2F2plus2.ua%2F2plus2_300x250%23ad-slot-1&tk_flint=pbjs_lite_v6.7.0-pre&x_source.tid=b0d4d4a9-bac5-4696-9e55-9d2c1c30c532&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F82479101%2F2plus2.ua%2F2plus2_300x250%23ad-slot-1&slots=1&rand=0.3694626138380108

Domain: fastlane.rubiconproject.com
URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48106&zone_id=2153570&size_id=10&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=0ed01618-9e8e-4813-a642-9d56efcbd391%5E1&rf=https%3A%2F%2F2plus2.ua%2F&tg_i.pbadslot=%2F82479101%2F2plus2.ua%2F2plus2_300x600_2%23ad-slot-2&tk_flint=pbjs_lite_v6.7.0-pre&x_source.tid=be50e00f-28fe-4e56-a420-8885cb961b15&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F82479101%2F2plus2.ua%2F2plus2_300x600_2%23ad-slot-2&slots=1&rand=0.8697520822015996

Domain: hbopenbid.pubmatic.com
URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client

Domain: ib.adnxs.com
URL: https://ib.adnxs.com/ut/v3/prebid

Verdicts & Comments Add Verdict or Comment

110 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

60 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
2plus2.ua/	1970-01-20 02:46:16	Name: XSRF-TOKEN Value: eyJpdiI6Im9HREJoS21ITEtZK3N2a2FKV2FWelE9PSIsInZhbHVlIjoibHZ4V0ljaGtpOE1FVUZGR3A0T3ZVQmx2dGhPUmVJQ1krUlJGT3YwV2RUUDM5TnZ5K1dKbmprdEJcL2hIMWlJWUsiLCJtYWMiOiIxNDQxMDdjNWMyMzdiNmZiYmZjNjI2OWE1NDVjNDdkNTZmMTRmNzIxYWVlN2VkNjljOTNiZmFlZjRmMTM0NjQ5In0%3D
2plus2.ua/	1970-01-20 02:46:16	Name: 2plus2_session Value: eyJpdiI6IndZWlZYUkFuQkFWU2J1eVRLa1wvN2dBPT0iLCJ2YWx1ZSI6Im1VZkNaVVJUakVpdjRlclhtN2U3aVpFajRmYkcxS1FzTUlYQVpDTk15eDZaZmRObWpTXC9HaUVLcFRwaWdGMUhmIiwibWFjIjoiMjRlNDYyMGI2ZWYwNWVjNGU3YjEwZmYzNTYyZTZlN2U5N2ZhNjUzOWVkMDkzY2QzN2FkOTJjMmUwYjMyMWVlYSJ9
.1plus1.video/	1970-01-20 20:17:21	Name: _opov_sid_ Value: 2n6uenh68b4pqo0lu580clvse5
2plus2.ua/	1970-01-20 02:46:11	Name: session_id Value: edf12791-999c-4c6e-9a82-476e30e6bffd
2plus2.ua/	1970-01-20 02:46:11	Name: session_pageview Value: 1651569613.1
2plus2.ua/	1970-01-20 03:29:21	Name: site_visited Value: 1651656013.1
2plus2.ua/	1970-01-21 06:32:49	Name: lapuid Value: d7d48cc1-6e44-4292-b809-7a99e28e983f
2plus2.ua/	1970-01-20 12:12:04	Name: _pk_id.6.87d8 Value: d500de9c54203912.1651569613.1.1651569613.1651569613.
2plus2.ua/	1970-01-20 02:46:11	Name: _pk_ses.6.87d8 Value: *
a4p.adpartner.pro/	1970-01-20 04:12:33	Name: apuid Value: d7d48cc1-6e44-4292-b809-7a99e28e983f
a4p.adpartner.pro/	1970-01-21 06:32:49	Name: apudmg Value: 1
.2plus2.ua/	1970-01-20 02:47:36	Name: _gid Value: GA1.2.925035109.1651569613
.2plus2.ua/	1970-01-20 02:46:09	Name: _gat_UA-3838466-26 Value: 1
.2plus2.ua/	1970-01-20 02:46:09	Name: _gat_UA-113262294-1 Value: 1
.2plus2.ua/	1970-01-20 12:14:57	Name: __gfp_64b Value: i4PWg3A1Dd5Y9VdlFp6CTPO.d6VXRPK9.szL4jZVymn.g7\|1651569612
.2plus2.ua/	1970-01-20 20:17:21	Name: _ga_KRRGZR24WG Value: GS1.1.1651569612.1.0.1651569612.0
.2plus2.ua/	1970-01-20 20:17:21	Name: _ga Value: GA1.1.1188064340.1651569613
www.clarity.ms/	1970-01-20 11:31:45	Name: CLID Value: d66a748c0bbb4c738226ec5431d6deb2.20220503.20230503
2plus2.ua/	1970-01-20 03:29:21	Name: _pbjs_userid_consent_data Value: 3524755945110770
.2plus2.ua/	1970-01-20 11:31:45	Name: _pubcid Value: 0ed01618-9e8e-4813-a642-9d56efcbd391
.2plus2.ua/	1970-01-20 04:55:45	Name: _fbp Value: fb.1.1651569613319.1394053815
1plus1.video/	1970-01-21 05:02:57	Name: _opov_hid_l Value: 95af63b5-237d-5511-90aa-646d6a7857bc
pbjs.e-planning.net/	1969-12-31 23:59:59	Name: CT Value: 1
.admixer.net/	1970-01-20 04:55:45	Name: am-uid Value: 1b2d01047053497399a3cd06f7be655c
.e-planning.net/	1970-01-22 16:05:21	Name: E Value: ABxLfbAbhqUUFiCS
.eskimi.com/	1970-01-20 03:29:21	Name: __eConsent Value: 1
.uuidksinc.net/	1970-01-20 11:31:45	Name: jcsuuid Value: wYesqiMGg5tF4bgfMgrP
.betweendigital.com/	1970-01-20 11:31:45	Name: dc Value: lux1
.betweendigital.com/	1970-01-20 11:31:45	Name: ss Value: 1
.betweendigital.com/	1970-01-20 11:31:45	Name: tuuid Value: c6c01f59-0eb9-527b-8bda-97afe9aa6462
.2plus2.ua/	1970-01-20 11:31:45	Name: _clck Value: fmiav4\|1\|f15\|0
.betweendigital.com/	1970-01-20 11:31:45	Name: ut Value: YnDzzQAKQQA0MkeRhBXg5_FmiMUPm3DANKUe0w==
a4p.adpartner.pro/	1970-01-20 11:31:45	Name: buyeruid_57 Value: c6c01f59-0eb9-527b-8bda-97afe9aa6462
a4p.adpartner.pro/	1970-01-20 11:31:45	Name: buyeruid_47 Value: c6c01f59-0eb9-527b-8bda-97afe9aa6462
a4p.adpartner.pro/	1970-01-20 11:31:45	Name: buyeruid_63 Value: 669034d5-660d-4318-5e63-7e07298bb191
a4p.adpartner.pro/	1970-01-20 11:31:45	Name: buyeruid_64 Value: f9a8a3c6-b43f-49b2-4c96-744e1c966f30
.adhigh.net/	1970-01-20 11:31:45	Name: gi_u Value: u7ZEo9Xew0ax.AikABlGAiThcDg
.2plus2.ua/	1970-01-20 12:07:45	Name: __gads Value: ID=97ca1e0904faea9a:T=1651569613:S=ALNI_MZcGjdfBZQ_lBFPHonJxvT-acj3og
.doubleclick.net/	1970-01-20 12:07:45	Name: IDE Value: AHWqTUnXT6mv_3xzKeBbG6dxddsOsn_WMTT7RZ54b2F9F23yQ_VdcCkxFosTFomdv6E
.2plus2.ua/	1970-01-20 02:47:36	Name: _clsk Value: 108kdim\|1651569614099\|1\|1\|f.clarity.ms/collect
.adtelligent.com/	1970-01-20 04:15:26	Name: vmuid Value: 3e9f23ecbac7d2f3
.adtelligent.com/	1970-01-20 04:15:26	Name: a307558 Value: d7d48cc1-6e44-4292-b809-7a99e28e983f
.adnxs.com/	1970-01-20 04:55:45	Name: anj Value: dTM7k!M41.D>6NRF']wIg2C%yM2Dv-!@wnfH8K6pQK`!5=E<L5?%M</Z1ec4vbi3hVGCi6FWp?4^F@'C2]R3dnwg!bpRzqF1`b^Zh*(:m3
.hit.gemius.pl/	1970-01-20 12:14:57	Name: Gdyn Value: KlQx6RMGQMQGUChQa5FZxccissGMj19oL6nxmG7QWGLty6aiGsRP0QlGvGQpIRg8SLS8RgTSFsCB0788MG..
.doubleclick.net/	1970-01-20 02:46:13	Name: DSID Value: NO_DATA
.adnxs.com/	1970-01-20 04:55:45	Name: uuid2 Value: 2736250293842276554
.casalemedia.com/	1970-01-20 04:55:45	Name: CMPS Value: 689
.casalemedia.com/	1970-01-20 02:47:36	Name: CMST Value: YnDzzmJw884A
.casalemedia.com/	1970-01-20 11:31:45	Name: CMID Value: YnDzzos2qQjQ1tR7A5WpfAAA
.casalemedia.com/	1970-01-20 04:55:45	Name: CMPRO Value: 220
.casalemedia.com/	1970-01-20 11:31:45	Name: CMRUM3 Value: 2d6270f3ce2760CAESEOrkWv5e5bfwn0NBPRX6sMc
.criteo.com/	1970-01-20 12:07:45	Name: uid Value: aadc6449-b49d-4606-a0fd-5fd3cb587b3e
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: psGYqnO1LPk
.youtube.com/	1970-01-20 07:05:21	Name: VISITOR_INFO1_LIVE Value: RWbkz3bQQZ8
.c.bing.com/	1970-01-20 12:07:45	Name: SRM_B Value: 03F5168D576463DB3710071456076267
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 12:07:45	Name: MUID Value: 03F5168D576463DB3710071456076267
.c.clarity.ms/	1970-01-20 02:46:10	Name: ANONCHK Value: 0
.2plus2.ua/	1970-01-20 12:07:45	Name: cto_bundle Value: vploCl90T0JYMzlob2k1NHA0d0FqUXpydUhYZGVMU0NpJTJCcDdCTm1vWVl1VkM2bGRSOGQwZ3laaXF0NXF1WTQ1WHB3U2xGY0czSVhRR0ZNZUxhSGNqeWRIUEhVWlZDMmtJVTcwVno4NmIxenpteWxXeWQ5U2ppMGpTS281NGJNeTcwTW9Cc0ZGNldTUVhGYW5GcjJSQkMxYk9kQSUzRCUzRA
.2plus2.ua/	1970-01-20 12:07:45	Name: cto_bidid Value: vZ7S4l9qb2VteEE3VEpsanhUVEdkOEVIMklVclRYTncxY3owVld1Wlh2cTlGeU9LZ2NCVHZnaGpNRXM5dTgwbzYzWSUyRkpIMG9uaGY0bUxRdUJ4MkRYTWt4MnBmUjA4JTJCendqTGxvM041aFhnY1ZCenMlM0Q

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://script.crazyegg.com/pages/scripts/0068/3674.js Message: Failed to load resource: the server responded with a status of 410 ()
other	warning	URL: https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1plus1.video
1x1.a-mo.net
2plus2.ua
476a1c182686a12c4c773233b90813f0.safeframe.googlesyndication.com
a4p.adpartner.pro
ads.adnuntius.delivery
ads.betweendigital.com
adservice.google.com
adservice.google.com.tr
adtelligent-d.openx.net
ajax.googleapis.com
api.1plus1.video
assay.1plus1.ua
bidder.criteo.com
c.bing.com
c.clarity.ms
cdn.ampproject.org
cdn.mouseflow.com
cm.g.doubleclick.net
connect.facebook.net
dm-eu.hybrid.ai
dsp-trk.eskimi.com
dsum-sec.casalemedia.com
exchange.buzzoola.com
f.clarity.ms
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
gaua.hit.gemius.pl
ghb.adtelligent.com
ghb1.adtelligent.com
go.rcvlink.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
ib.adnxs.com
id5-sync.com
images.1plus1.video
imasdk.googleapis.com
inv-nets.admixer.net
ls.hit.gemius.pl
mug.criteo.com
onetag-sys.com
pagead2.googlesyndication.com
pbjs.e-planning.net
player.adtcdn.com
player.adtelligent.com
prebid-eu.creativecdn.com
prebid.a-mo.net
px.adhigh.net
s.uuidksinc.net
s0.2mdn.net
script.crazyegg.com
securepubads.g.doubleclick.net
static.criteo.net
stats.g.doubleclick.net
sync.adtelligent.com
t.trafmag.com
tpc.googlesyndication.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.co.uk
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.youtube.com
ads.adnuntius.delivery
fastlane.rubiconproject.com
hbopenbid.pubmatic.com
ib.adnxs.com
prebid.a-mo.net
136.243.84.74
141.95.34.104
142.250.185.226
146.0.227.110
146.59.30.108
168.119.9.59
172.217.16.130
178.250.0.157
178.250.0.165
185.184.8.90
185.33.221.88
188.42.196.115
193.200.65.5
193.232.148.145
195.137.240.108
195.137.240.12
195.137.240.20
195.137.240.82
20.84.22.197
23.111.9.38
23.227.139.243
2606:4700::6813:9308
2620:1ec:27::cafe:1835
2620:1ec:c11::200
2a00:1450:4001:800::2002
2a00:1450:4001:802::2002
2a00:1450:4001:803::2002
2a00:1450:4001:803::200e
2a00:1450:4001:808::2002
2a00:1450:4001:809::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2001
2a00:1450:4001:811::2002
2a00:1450:4001:811::2008
2a00:1450:4001:812::2001
2a00:1450:4001:827::2003
2a00:1450:4001:829::2006
2a00:1450:4001:82b::2004
2a00:1450:4001:830::2001
2a00:1450:4001:830::2003
2a00:1450:4001:830::200a
2a00:1450:4001:831::200a
2a00:1450:400c:c06::9c
2a02:2638::1c
2a02:2638::3
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
2a06:98c1:3121::7
2a0c:5c81:5142::2
3.223.60.98
31.220.27.134
34.120.139.69
35.244.159.8
37.18.103.21
45.133.44.4
46.249.52.249
51.89.9.254
52.142.114.2
54.37.238.28
54.38.197.123
92.122.147.230
01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb
0479c803e597c9eacc35328c18e47b75104c9c67359da67d31fa807de6309663
0504d9f9a134a9acc6d5ffefacd131df9ed5ac7023d3c2aeecd48a4d0419a3e8
086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e
08c321615bfe65e41e8aef06d659058d5bbcf35c9d6e539962337833d7178b8a
0a79e4b9555c24441d9c72f0c51a7793442ecb15b2b801a802fefca592b91c65
0b43999f77e447254a78e068f55a6cc9075071b252277337b901e095e607e474
0b5855b39b004137a6ab302f59540d00209c5abd4663a2477fc7fa05fb33958c
0b8a17793a0291b59ff3b8553ec9fe1d3cccc8cf1b482a408184d3a2f4d1405f
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
10066841bfc9534e75adc9de3c5b8f027a6d4cf60e8cc53debef50491928e60d
10b4752844612d53e2d4a3ef1beaaa11ea8159b0fb727a5a90ca9ea6e664b532
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1202e9fd4247d4bf83413c7c2f8ce83667773dfdd2f422c9a6d99dd23366cd28
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
132768547caca742c09fe512f1d1b1dec877d7effec7182931c37d4c7876f6e1
143f50225190e7a587d8e43d7504c7645b29f1dfb957eae82f59977a6cc35c98
1494d2b38bdef6a3475b947ca1d5f10a402a0005b5ac0e1f052e689219dfd703
155044da3bf9c8ad13a0788720b187d7d78971f4acc628e695c5c52aa31469c0
15d0fd856f9aeaf5a589b7051e8c36d19580cc9bdedfa0f90b66e16eff43119c
15edf991a5ad8030b38e7922f76383ae95dd7db45666685447064f239cedc5d5
160178c39d1766871699e6ec601ded1376873834318f71aab6bc76017cedb34a
162494aa6881face214d38b96351f874a65216201f50e94761ca21808c0aa93f
1c78b444de0ac1641cfc7bb6b1d107d52b027d88f75c7321a1dbb137a3fc5607
1e82e0ce80da3ce181167754918605832db26bbd638f21bae9dc7a6cbdf53e34
1ec70c7fb22a0abb4cf77eab8f2b4b3a5c674107b30f1bdf7f4d118a9c61e7da
1f4c8e17bff3797ed97f1363f741abcf3a47e93630a83c5efd8ac31be60a03f0
1f6b48bc75aec4cbc56ce525a287844e832f01c262d4d64eccbd195a7f86d2f3
213738a8de7a1e55874dcbc92825c84599256579b64f60f19c2514e61844e6bb
24c20afcfcae6b8d263d90aaa9f6fc4d73ce39ff65bfbb3c99ceea042f67c6d6
265564711b8fd136d368efb9154e8b2758c252140b92d442bf497e60ceffd01b
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
28248c0db11f5e2524839566141999868b3647c6d2271b3501d2c68a5f02a616
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2b1aa3a577a8d3f6b07d5dbdb094173604819f73d335e78762298bffac5391dc
2dd781ab7eb10be349902e8bccdfd6e76e0d5eac500f914bfa8a20467a3c24e0
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e8f5106994ae2b4e233b9266d17fdf4bd1f6f51aea08aeb6e5a97844dd2d833
2eb2a641ec9143273f4f5ba4f1526364fd4b1a040b628b4be54b77dbe362690f
2f488a23fe332868855dfba61081897ca435847b702c9a574fc5b6392513ab62
2f8d3f6f0573956f2ca42258225c517dace4ab3fe76997fc8cd0b940bbd982a3
3042250e6e9ece43bc139bb6a515d7e75012e511f655015d64798a84e8e1cf0c
30982a416cf3e54bb5ed0e4c19bbf23067b316aaf9fddffe75b4c2f96a930a3e
33a45a5a9868fae393389cde23193e59ecadb3a257550ceb3d7499b15d985d10
344eccc5f3ea7ebac658c1b57b9b4a21b83405d1065a480bf2bb3d01628e5e20
36998456859e35cf76812894575b0203d48ad8ac11d3165c5449d1fa73f19800
373deb961a720e1e159bdafc2ab4e9ad0478f910034025f667c92e21dbd0a044
3877a009c29d6544113f27118f4d44385da6d6703ff8d53ed031e6da71825888
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
3dac64a94fcc4eae3c54f1f12824e9b82bebbec1acb3cb8b908f4ecc1f90e578
3dbecf3f90bdbdc47492de7dfd9648ea6d496d3b191a9329ae4a6567dafd3622
3e50ec9bf9cd0bd36e6893758780613e45003ce16354ba6d3efff6e51edb6ef6
3f50a16dffeaef2c0c4366289ed1a8e5dc3c9be677de8fa24e2f1b0e0186ebe1
414bacb3295683649bd61fe8b2cb624267dce08720c1b473ae17398ec198a155
42d66f023bb368180a0b3fe8fb92af402514a0c335f3c16279c020398e6b9308
4613197e4af367199f6835b609e010eb3e5256f982cd18671688fa08e722f83d
46e7181ef3d1b31ca4e35d1f1a0a4be9aa4b027a4d19ee9681ff728ae7563ebd
47e0d362a8eaa14f412baa47e2e6be04c9c65e479e6de1281fdb511611ac917e
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4dfcc59345601436c5a52aea77795af215ca3cc868f16625e9831bb3436c46b5
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5089ebf7f8ca652e7a0153451389a00ab07d11d0b0028fe6ddfcef076fba0f94
517d4417f1918881abb8b87e7be918ca95b9eb50de3a5ef4a46e2e39626aba7b
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
564790a34f4bb222b6812e6c32b124320b3ccd5db9a922fcff71f72a4bd02673
571d29030eddb0ad8e924f625d155f38e67271b228e59afba74ad2304369ee75
5767504edc32715193265cf5d3b599a76184ee3dc0856d90915fff2474ee1b24
57d5b86e29be7f91b581e0cdebad0951f86fcacf271e11ef6496d27b71e103ea
57e1213d74683144f04fdf75985a34d9ebb797c85505fa93e439b6b42ed7a5a7
590c9c8a499bf5bd52784c2bbbe0c69bc4f2f8c2ed0cc0e44c3cdaa62e1d672b
5b4de5b6baafbf7b0b9855347f108191888234be438e06f49613927e178efa44
5f9ecc527406b9b72bc3a9f4527892dcf842584b7e6aeb7ce816a4c7c8803954
61b2100a8748346132ab227b5cbb6710c66aa8ed5c6caf241e1d85e7bcc049bf
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64018c36747d449e570f24cab8b3c9d1e9ea794cf06a288e5adafff3da652ab3
656943dc2c190bb060d375111efe5245891e3def19d195fd568cb48e4452039b
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
672ace95a9ff08fd4323923191fafd7b76c9ede3ae21cc62724afb4dff985b24
68f8b1f76b2a4907c4fe8ec6bbabe02c0e331a3234e959c379b5ba731aa85451
69566e3a63a3cf817d7fac4b2d98606e1532f1f1a35d9eaa2e12af46c47696f8
6a7b3c6dd66c88e7db6eeb6ca64342e2256a61bcd96889b2f6337aca61a0237a
6aa5844ad135353e46dc232fe26175ca0b49c9b5ae0fca001f03c06496c05c1a
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6da76e0407ac20e5be7f38f73d9eae1ffc3bd492aa79769c9d900613db9b5dd5
6f251b8d9cb9dce33881d16be7107b98e191f0e720c2b749241f03c06f2c05ac
6ffa5fd683a8e61e0a4e754b3e49b86bb60102f2f8a49fe436246fe9f75cc056
706b7830e41acd35a828939c9ce2d7702584ac798bb2977869a853e322fab7e6
70fc6297755708572b6259cc6e6da1bde39fcecf116ae7613812851387ede878
714576ef1d7b58980b7658ae9b8b4d74a223fba87934dc442db4098873e179a3
73c476eef63aee5c3c020993999eb1d4d11bc57c80463acefcf409d18b90b91f
753d27a5b343eb9b0f4352b332917973b9b4b2a35abd8f4c8d20d2245a84b0d6
7559277c95fdb841965396b8b5340113d8cab8a3b029f75bcfddb847644876a4
75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070
792972a6b7f330144c0cf22b9c63f8efaff4665dfb2b43868d0cbbaff721d100
794d61e219331f90223f84b6f7806082dd2fb5388d3c74af6bab63ad2ce022bb
799af27d5651a4bdd3bcd6c4a27a85c5598a0853cbff1cc1c88a92bb5b3b6575
79bfb57ae767aa4d6ff454d85780b53b8b3c9c3c5407efa9a423e1d4b3a57603
7a880289fbfdd6a7934a97c21d72b7e05336862d40f60b63b7e006f1b5fa6ce4
7aaa78bc1b01f0a951224964358a71ff90abc02b7492f64c88980a13f73dbf95
7e83fe9975d2dd72d4a583fa4b72114cd7f17941a949a037fb961a11b12713e4
7f573b2edce0b3073451c72bda43d4ae913c43a4ce64d90e69ae2897aa89c1b1
7f762d150b278fbad4b4bdbd0caf5635b9ecede82630ada5e7937c7af204c260
81979f14d2642e23f5e528631a42caf71e2da909e3605a5324dda52cba304d44
82c01b26d0f792f12965b3f465c2dfc0478a0bd63aecbc16e5fdfb2315198e36
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8416561f2139485c18ce4e7a5fa6f92a7dad20f86ddcda9042d96c0e111b10dd
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
8923bc30cad516c2c834120416328544cd19e0895eca0bf23c9dd1fc4bf62aa9
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8e73a30d35c83ea6a597c3343324d2b7df097ad26e67b62efb5266ee12d317b5
8ea36d679c5c9dd3d5582d5f55c70ef4d7e3cf8d5360f8c45a637587483f6ee1
8fb8fc201a6f570ebfce0b3504f6da40f0976cd36c20e2983b6e5b172ebf56a0
8fc39f78a07698ed99010ce721749f6fe9fb11aeda225204e01ac37d72b9abf3
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
9235a349e920e8b323bd8832e7b11699fb951f2a739c18cfced8760997c0ffbb
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
982dde99473d9957b94692add7472bddbe60487e6060091692419e7a1fda8932
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a28fedf4a224ca7b3ef2e7cdf7ac33a4e5900aa47e391bdea0baea46e61bb18
9f91c1388dbe365f97266d27ba1552f59cfbd080290b31a58b1e6c615e9fae1c
9fc647aa2ef1f6aa26e64231a4f860b77f8e5ca45ddb241de99581e1235df68d
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2738ba67c621eb3358507c6322fb7ef3a26e309f6aac919a0e014397fe001f1
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5d958be76e970124b20b9d17b84962fae1ad78a436652cf10194ac5fb3ab27f
a691ce0fb054d5f2128394b9ad9c5961d7c0cdc1804bc83d6760df78ee304d7f
a72ee3b483fdcb212b243a4e684c497f598916becbe02e14b48fae84ff65504c
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a75712c3b675d8655d638dec427bbd5c965a063576ce726bc69017b54a21e551
a8cebc2cb04ac75776e861a533e41ea0bd3b69d06f461cb78e086602dac603aa
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ab913a87b721b324515eba65e3e6824a4eca503780e9deb7e4d375204c282e95
ad91aca1b613fb264a07497ce3ecb9bc81fafdff7e5124ca6d458a9b56471b20
aec5ee5147fdc283bcb601dc6231c234d9bec077d32756aef2a75eeedf78038f
af2497deef4e5817714307172348fd769450ff768ae44786d90eff608deb4207
aff66da2e24f7833ec3ac1e7136c44b55c3ed0118957894c77eca728bd5fac50
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2e6c00a45288868369ef6ac73eebb20af2b8a404f13a7a6d2ad2f3854282116
b394d33b2a7ec654a6b037ebfda6618341b3f897a362be624c923c2711b54a43
b6145297abbb7f5a058310058dac23d3cab9a55025b7bc5213fd21929e5950f2
b94ed570e00f5bba0eaed65da67bf6f2fc5e107446a682eb045f20dbd12ab0e8
bc963544c7b58831207820ca1f6aa75f0265843be105cab7b7c3744155616f3a
bcc5de0f53784c98bf4b3345b43f7d95736bd096e7ce0b8132a0555624adc13a
bd9072da49e87b2c3688527532eb51a54a6886366915be497e4e2de0c83e5859
bda4e4579ce3fd96ff81d1053eeaef708c7c71ef12129715f542779dd6df1d29
bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f
bf4b80d75d372b22fefb1daed5d5d5113b8895af5d6f876a67dfaa07b6593c30
c105e09261837014bfa09a76c87ebcb5dc83606c1ce6f8bae7049b6037c6bed8
c4a648b90b933da069c2324f7919ea7e313922f846864276c5f33bcc95506103
c62866ef4a05de040f3ba3391dcb4147021b0deacb5614925ce8c97b0391e683
c7571d58fa40f74107002e9991f3b84ca5da3aef2f9f366a7ddc27afb9a90dc0
c7966ee282a67fbbe27f0b6472868a758490134dc1b9c189f4d0ad7a031ed9da
c83d4944e19d7034cfd5679ce0b2301dbb5d11fd9998aff2c52503b83c35a687
c8c9282bac0c52f3cb2d49215efe8727bb99da2e83220c8c7d40ddac223a39f3
c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca63193ce799e4e00c9106349365981dc6e26cb77632ebf5df23dffba2aaccfa
cb317043e8a130c62c91a27c2c592a7ce3de7d6e6bc7c4c1ca6bef1f1e24394e
cb33386457609ed59866c61e2d9b0d4f4c3c5c6e2c7401c0a0a9fd8f5ff0c951
cb62b8801f88f71c80551430afacbbadf647cd1d717a3609205ce687cc667c12
cb7915288c6aa2217da8a06f3dde2a32afa68281b10c7215130f64057db060d8
ce43847a09e5b32264fd405cadb39468fa323414fb98a57cf90ca100ecc3f365
ce8a22120122bba344fbe1047b0735721a9f395e4fbc53712f15f79b9b20cdd6
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0e607d7c8e5c37f9f8cd2115fee1a4fadb8bce390c8925e66119de3114dde49
d31dd125d16513fbd385f2a6164e2a6fa2bd38d43c366ac474031e46db64d89b
d3fd91ee62256b439f81a02c678e02a4ac665a52642a475e1cec17e5959db19b
d58baaa76012a58d311450b536bb07e9f5140c57e0fe5283c573d097ac00e748
d64597e0f7fbfca465f7c2c3c9353a29d4746301632781083f45faed2dcc0b51
d6a2db3e79fe9b07cd3d639778ab7a14c6b84fb1b8adb4bb7c4148a0ab070de0
db1e8ca32d9160e5a98ebab86225e05e9b7557e38d27b0e30d994d4242aae414
db81c854ae9940a86357abd2ee5a3d34671975b72b8de85f06913a893dd2ec68
dc41a2546e6b5e28ddf2602393ecf0337cf32b46eefecea182a5e3a08f1edaff
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
ded40bc9b131ce8d897e8319b65b204d44da586ca44e661f3acc33cb6438b1f4
e029f52d3ee7b5d529e43509e78c8aad836f222e32a308e61360e3fddcec6320
e084c8a87da9ce64e34972a1718ce788ea46bb7898330c73e1a7f2b6c9936d98
e09639315704980552b92eaae21f66af00a6e8a371f757f76b0b12420c2ed2a7
e0dcc09367b71426fd856d00aae49c2e678cf9dceb55c88bf0b5e24517f0bbfe
e0f2bfbabb9841847f2a5b6e1a90ea85ed2cda2648ac0ced424a8e9769e38514
e24ce462b090fdbb38af89384909309483db1a66bc0d1ce4a5141c4864467868
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e2b2134adf52398755a5e6428ee95f6a6f99db6b82530f2b3e964c5be470cfe0
e2c5aae989ebecc48aa3e455d9e066b4f90add7ecafef55cef8fce5a5823a735
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e42e9f3908b5c563f7d59e4853dfd44e543c1cd82d52b81a8800d943719d69ea
e8bc4e2d593bea6f6640df74d4c2be4a6a8a74047c0cfb437f1eb97fe7f48afc
e907d3f2e9ab46e2d2959431618413d3cbe722b9761e406bf765d156b154f90b
e9e15c4552956ffe977ef5ec2483b3ab95cc0c73fbec1df597a9a8ab557082b7
ea578146e0253fda18cc798dd3eda36a7a8a96343162e14f78c2556c644b4faf
ece9c9031515a5a73dd7e8f94a0444db45f8c7b057ef0ecb1935242cb3cd5c68
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f336a6da2e57a1dd5bcd42f29f901d5252438a16952e4577ebdb6e0871e812a0
f375aaa522232e786256e11ddb093a95c35026397d3967ba0b66dd427d833a2e
f5583c8f568ed12196f2cc6786b948409a67d87570654f71c46badcdaf61cd1c
fa3bcc93d1be83ac7d82cd6182d25741cdef5d016e40436266df12a50abbebc3
fa6b6e3804d27952e60bba62059b44a9aa470d384da576e1af8499d358733b5d
fcbd587432f5e88fc926d1cde0d375084b7f3e711f9ff34571dec52f70fb27cf
fd8027b53a97cbd5782e85c5908e563c39776703ff9279f50658e630927b4167
ffae8c08ef2ca5270a7b17fb5e855df2cf389d69b3b6d347be545def159c3ce6
ffd4dc484943174781bcde95fc3eb8a447c4b210f31db0652aadbe21fae2fbe8

2plus2.ua Open in urlscan Pro 195.137.240.82 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

306 Requests

89 %HTTPS

46 %IPv6

48 Domains

69 Subdomains

59 IPs

12 Countries

7261 kBTransfer

12990 kBSize

60 Cookies

28 Outgoing links

Page URL History

Redirected requests

306 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

2plus2.ua Open in urlscan Pro
195.137.240.82 Public Scan

Screenshot
Live screenshot

Full Image

306
Requests

89 %
HTTPS

46 %
IPv6

48
Domains

69
Subdomains

59
IPs

12
Countries

7261 kB
Transfer

12990 kB
Size

60
Cookies

306 HTTP transactions
2 data transactions