2plus2.ua Open in urlscan Pro
195.137.240.102 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://2plus2.ua/
Effective URL:
https://2plus2.ua/
Submission: On April 26 via api (April 26th 2022, 9:32:16 am UTC) from GB — Scanned from GB

Summary HTTP 258 Redirects Links 24 Behaviour Indicators

Summary

This website contacted 57 IPs in 10 countries across 49 domains to perform 258 HTTP transactions. The main IP is 195.137.240.102, located in Ukraine and belongs to ASN-UNIAN, UA. The main domain is 2plus2.ua.
TLS certificate: Issued by R3 on March 21st 2022. Valid for: 3 months.

This is the only time 2plus2.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 13	195.137.240.102 195.137.240.102	29389 (ASN-UNIAN) (ASN-UNIAN)
54	195.137.240.20 195.137.240.20	29389 (ASN-UNIAN) (ASN-UNIAN)
4	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
2	2a06:98c1:312... 2a06:98c1:3121::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
2	195.137.240.12 195.137.240.12	29389 (ASN-UNIAN) (ASN-UNIAN)
4	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
1 9	54.37.238.28 54.37.238.28	16276 (OVH) (OVH)
7	195.137.240.108 195.137.240.108	29389 (ASN-UNIAN) (ASN-UNIAN)
7	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
4	195.137.240.88 195.137.240.88	29389 (ASN-UNIAN) (ASN-UNIAN)
2 21	54.38.197.123 54.38.197.123	16276 (OVH) (OVH)
2	45.133.44.3 45.133.44.3	7018 (ATT-INTER...) (ATT-INTERNET4)
2	146.59.30.104 146.59.30.104	16276 (OVH) (OVH)
5	209.205.201.34 209.205.201.34	55081 (24SHELLS) (24SHELLS)
8	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1 2	23.111.9.38 23.111.9.38	33438 (STACKPATH) (STACKPATH)
1	2606:4700::68... 2606:4700::6813:9408	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2620:1ec:27::... 2620:1ec:27::cafe:1734	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
4	40.76.174.66 40.76.174.66	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3 8	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3030::6815:5525	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	146.0.227.109 146.0.227.109	29066 (VELIANET-...) (VELIANET-AS velia.net Internetdienste GmbH)
1	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	51.38.120.206 51.38.120.206	16276 (OVH) (OVH)
1	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1 2	46.249.52.249 46.249.52.249	50673 (SERVERIUS-AS) (SERVERIUS-AS)
1	193.200.65.5 193.200.65.5	6681 (GIVEME-CLOUD) (GIVEME-CLOUD)
1	31.220.27.134 31.220.27.134	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	136.243.84.74 136.243.84.74	24940 (HETZNER-AS) (HETZNER-AS)
1	34.120.139.69 34.120.139.69	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	193.232.150.61 193.232.150.61	48061 (UMA-TECH-AS) (UMA-TECH-AS)
1	37.18.103.21 37.18.103.21	205675 (HYBRID-AS) (HYBRID-AS)
1	217.65.2.150 217.65.2.150	3175 (CITYTELEC...) (CITYTELECOM-MSK)
6 6	46.4.121.26 46.4.121.26	24940 (HETZNER-AS) (HETZNER-AS)
2 2	168.119.145.118 168.119.145.118	24940 (HETZNER-AS) (HETZNER-AS)
4 4	96.46.186.57 96.46.186.57	7979 (SERVERS-COM) (SERVERS-COM)
2 2	144.76.118.200 144.76.118.200	24940 (HETZNER-AS) (HETZNER-AS)
1	45.133.44.36 45.133.44.36	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	23.227.139.243 23.227.139.243	55081 (24SHELLS) (24SHELLS)
1	3.223.60.98 3.223.60.98	14618 (AMAZON-AES) (AMAZON-AES)
9	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
2	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
10	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
21	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400e:801::2006	15169 (GOOGLE) (GOOGLE)
1 2	52.142.114.2 52.142.114.2	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 4	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	51.89.42.88 51.89.42.88	16276 (OVH) (OVH)
258	57

13 195.137.240.102 (Ukraine) 1 redirects

ASN29389 (ASN-UNIAN, UA)
PTR: front03.1plus1.ua

2plus2.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

54 195.137.240.20 (Ukraine)

ASN29389 (ASN-UNIAN, UA)
PTR: images.1plus1.ua

images.1plus1.video	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3121::7 (United States)

ASN13335 (CLOUDFLARENET, US)

player.adtcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.137.240.12 (Ukraine)

ASN29389 (ASN-UNIAN, UA)
PTR: assay.1plus1.ua

assay.1plus1.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 54.37.238.28 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip28.ip-54-37-238.eu

gaua.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 195.137.240.108 (Ukraine)

ASN29389 (ASN-UNIAN, UA)
PTR: front03.1plus1.ua

api.1plus1.video	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 195.137.240.88 (Ukraine)

ASN29389 (ASN-UNIAN, UA)
PTR: front02.1plus1.ua

1plus1.video	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 54.38.197.123 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: app-ngx-pl-01.adpartner.pro

a4p.adpartner.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.133.44.3 (Philadelphia, United States)

ASN7018 (ATT-INTERNET4, US)

player.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 146.59.30.104 (France)

ASN16276 (OVH, FR)
PTR: ip104.ip-146-59-30.eu

ls.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 209.205.201.34 (Piscataway, United States)

ASN55081 (24SHELLS, US)
PTR: static-34-201-205-209.24shells.net

ghb.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.111.9.38 (United States) 1 redirects

ASN33438 (STACKPATH, US)

cdn.mouseflow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9408 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:27::cafe:1734 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 40.76.174.66 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

d.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::6815:5525 (United States)

ASN13335 (CLOUDFLARENET, US)

ads.adnuntius.delivery	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 146.0.227.109 (Ascension Island)

ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE)

inv-nets.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.38.120.206 (France)

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.249.52.249 (Amsterdam, Netherlands) 1 redirects

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net

pbjs.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.200.65.5 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: t.trafmag.com

t.trafmag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.220.27.134 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

s.uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 136.243.84.74 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.74.84.243.136.clients.your-server.de

go.rcvlink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.139.69 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 69.139.120.34.bc.googleusercontent.com

dsp-trk.eskimi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.232.150.61 (Russian Federation) 1 redirects

ASN48061 (UMA-TECH-AS, RU)
PTR: smtp21.sender.ltmse.com

px.adhigh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.18.103.21 (Netherlands)

ASN205675 (HYBRID-AS, DE)

dm-eu.hybrid.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.65.2.150 (Moscow, Russian Federation)

ASN3175 (CITYTELECOM-MSK, RU)

match.new-programmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 46.4.121.26 (Germany) 6 redirects

ASN24940 (HETZNER-AS, DE)
PTR: hz1271109.aucourant.info

www.acint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
acint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 168.119.145.118 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: hz1359803.sapientru.net

ssp-rtb.sape.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 96.46.186.57 (United States) 4 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 144.76.118.200 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.200.118.76.144.clients.your-server.de

exchange.buzzoola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.133.44.36 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

i.cdnkimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.227.139.243 (Piscataway, United States)

ASN55081 (24SHELLS, US)

sync.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.223.60.98 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-223-60-98.compute-1.amazonaws.com

1x1.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

f0009bcbdfe4baf56000cd1b0d8d600f.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400e:801::2006 (Ireland)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.142.114.2 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638::1c (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.42.88 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: p27.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
65	1plus1.video images.1plus1.video — Cisco Umbrella Rank: 430498 api.1plus1.video — Cisco Umbrella Rank: 245932 1plus1.video — Cisco Umbrella Rank: 203054	4 MB
31	googlesyndication.com f0009bcbdfe4baf56000cd1b0d8d600f.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 127 pagead2.googlesyndication.com — Cisco Umbrella Rank: 96	247 KB
21	adpartner.pro 2 redirects a4p.adpartner.pro — Cisco Umbrella Rank: 6240	32 KB
13	2plus2.ua 1 redirects 2plus2.ua	142 KB
12	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 174 stats.g.doubleclick.net — Cisco Umbrella Rank: 80 googleads.g.doubleclick.net — Cisco Umbrella Rank: 38	208 KB
11	gemius.pl 1 redirects gaua.hit.gemius.pl — Cisco Umbrella Rank: 52625 ls.hit.gemius.pl — Cisco Umbrella Rank: 13716	48 KB
10	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 384	222 KB
10	google.com 3 redirects www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 64	2 KB
10	gstatic.com fonts.gstatic.com www.gstatic.com encrypted-tbn1.gstatic.com encrypted-tbn0.gstatic.com	382 KB
8	criteo.com 2 redirects bidder.criteo.com — Cisco Umbrella Rank: 746 gum.criteo.com — Cisco Umbrella Rank: 381 mug.criteo.com — Cisco Umbrella Rank: 3086	8 KB
8	adtelligent.com player.adtelligent.com — Cisco Umbrella Rank: 4493 ghb.adtelligent.com — Cisco Umbrella Rank: 4856 ghb1.adtelligent.com Failed sync.adtelligent.com — Cisco Umbrella Rank: 3368	35 KB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1220 d.clarity.ms — Cisco Umbrella Rank: 1920 c.clarity.ms — Cisco Umbrella Rank: 626	25 KB
7	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	59 KB
6	acint.net 6 redirects www.acint.net — Cisco Umbrella Rank: 36864 acint.net — Cisco Umbrella Rank: 27345	2 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 39 imasdk.googleapis.com — Cisco Umbrella Rank: 411	334 KB
4	betweendigital.com 4 redirects ads.betweendigital.com — Cisco Umbrella Rank: 1831	3 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 58	208 KB
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 628	59 KB
2	buzzoola.com 2 redirects exchange.buzzoola.com — Cisco Umbrella Rank: 20704	380 B
2	sape.ru 2 redirects ssp-rtb.sape.ru — Cisco Umbrella Rank: 37854	1 KB
2	adhigh.net 1 redirects px.adhigh.net — Cisco Umbrella Rank: 11544	730 B
2	e-planning.net 1 redirects pbjs.e-planning.net — Cisco Umbrella Rank: 5531	1 KB
2	admixer.net inv-nets.admixer.net — Cisco Umbrella Rank: 2408	962 B
2	google.de www.google.de — Cisco Umbrella Rank: 6544 adservice.google.de — Cisco Umbrella Rank: 9242	1 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 102	315 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 137	114 KB
2	mouseflow.com 1 redirects cdn.mouseflow.com — Cisco Umbrella Rank: 6120	17 KB
2	1plus1.ua assay.1plus1.ua	23 KB
2	adtcdn.com player.adtcdn.com — Cisco Umbrella Rank: 22438	112 KB
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 639	527 B
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 209	555 B
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 252	17 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 163	37 KB
1	cdnkimg.com i.cdnkimg.com — Cisco Umbrella Rank: 9577	96 KB
1	new-programmatic.com match.new-programmatic.com — Cisco Umbrella Rank: 41604	110 B
1	hybrid.ai dm-eu.hybrid.ai — Cisco Umbrella Rank: 25429	239 B
1	eskimi.com dsp-trk.eskimi.com — Cisco Umbrella Rank: 40002	256 B
1	rcvlink.com go.rcvlink.com — Cisco Umbrella Rank: 62718	110 B
1	uuidksinc.net s.uuidksinc.net — Cisco Umbrella Rank: 3122	242 B
1	trafmag.com t.trafmag.com — Cisco Umbrella Rank: 6868	351 B
1	creativecdn.com prebid-eu.creativecdn.com — Cisco Umbrella Rank: 6092	171 B
1	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 778	356 B
1	adnuntius.delivery ads.adnuntius.delivery — Cisco Umbrella Rank: 87692	2 KB
1	a-mo.net prebid.a-mo.net Failed 1x1.a-mo.net — Cisco Umbrella Rank: 3612	89 B
1	crazyegg.com script.crazyegg.com — Cisco Umbrella Rank: 1712
0	adnxs.com Failed ib.adnxs.com Failed
0	pubmatic.com Failed hbopenbid.pubmatic.com Failed
0	openx.net Failed adtelligent-d.openx.net Failed
0	rubiconproject.com Failed fastlane.rubiconproject.com Failed
258	49

	Domain	Requested by
54	images.1plus1.video	2plus2.ua 1plus1.video
21	tpc.googlesyndication.com	2plus2.ua tpc.googlesyndication.com securepubads.g.doubleclick.net
21	a4p.adpartner.pro	2 redirects 2plus2.ua a4p.adpartner.pro player.adtcdn.com
13	2plus2.ua	1 redirects 2plus2.ua
10	cdn.ampproject.org	securepubads.g.doubleclick.net
9	gaua.hit.gemius.pl	1 redirects 2plus2.ua gaua.hit.gemius.pl api.1plus1.video 1plus1.video
8	pagead2.googlesyndication.com	srcdoc tpc.googlesyndication.com www.googletagservices.com 2plus2.ua securepubads.g.doubleclick.net
8	www.google.com	3 redirects api.1plus1.video 2plus2.ua tpc.googlesyndication.com
7	www.google-analytics.com	www.googletagmanager.com a4p.adpartner.pro www.google-analytics.com 2plus2.ua
7	fonts.gstatic.com	fonts.googleapis.com
7	api.1plus1.video	2plus2.ua 1plus1.video api.1plus1.video client imasdk.googleapis.com
7	securepubads.g.doubleclick.net	2plus2.ua securepubads.g.doubleclick.net
5	ghb.adtelligent.com	player.adtelligent.com player.adtcdn.com
4	gum.criteo.com	2 redirects static.criteo.net
4	googleads.g.doubleclick.net	2plus2.ua f0009bcbdfe4baf56000cd1b0d8d600f.safeframe.googlesyndication.com
4	ads.betweendigital.com	4 redirects
4	www.acint.net	4 redirects
4	d.clarity.ms	www.clarity.ms d.clarity.ms
4	1plus1.video	2plus2.ua 1plus1.video
4	www.googletagmanager.com	2plus2.ua 1plus1.video www.googletagmanager.com
4	fonts.googleapis.com	2plus2.ua api.1plus1.video securepubads.g.doubleclick.net
3	mug.criteo.com
2	c.clarity.ms	1 redirects
2	imasdk.googleapis.com	1plus1.video imasdk.googleapis.com
2	static.criteo.net	player.adtcdn.com static.criteo.net
2	f0009bcbdfe4baf56000cd1b0d8d600f.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	adservice.google.com	securepubads.g.doubleclick.net imasdk.googleapis.com
2	exchange.buzzoola.com	2 redirects
2	acint.net	2 redirects
2	ssp-rtb.sape.ru	2 redirects
2	px.adhigh.net	1 redirects 2plus2.ua
2	pbjs.e-planning.net	1 redirects 2plus2.ua
2	inv-nets.admixer.net	player.adtcdn.com 2plus2.ua
2	www.facebook.com	2plus2.ua
2	connect.facebook.net	2plus2.ua connect.facebook.net
2	cdn.mouseflow.com	1 redirects 2plus2.ua
2	ls.hit.gemius.pl	gaua.hit.gemius.pl
2	player.adtelligent.com	player.adtcdn.com
2	assay.1plus1.ua	2plus2.ua
2	player.adtcdn.com	2plus2.ua
1	id5-sync.com	player.adtcdn.com
1	c.bing.com	1 redirects
1	s0.2mdn.net	imasdk.googleapis.com
1	www.googletagservices.com	2plus2.ua
1	encrypted-tbn0.gstatic.com	2plus2.ua
1	encrypted-tbn1.gstatic.com	2plus2.ua
1	adservice.google.de	securepubads.g.doubleclick.net
1	1x1.a-mo.net	2plus2.ua
1	sync.adtelligent.com	2plus2.ua
1	www.gstatic.com	www.google.com
1	i.cdnkimg.com	2plus2.ua
1	match.new-programmatic.com	2plus2.ua
1	dm-eu.hybrid.ai	2plus2.ua
1	dsp-trk.eskimi.com	2plus2.ua
1	go.rcvlink.com	2plus2.ua
1	s.uuidksinc.net	2plus2.ua
1	t.trafmag.com	2plus2.ua
1	prebid-eu.creativecdn.com	player.adtcdn.com
1	onetag-sys.com	player.adtcdn.com
1	bidder.criteo.com	player.adtcdn.com
1	ads.adnuntius.delivery	player.adtcdn.com
1	www.google.de	2plus2.ua
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.clarity.ms	2plus2.ua
1	script.crazyegg.com	www.googletagmanager.com
0	ib.adnxs.com Failed	player.adtcdn.com
0	ghb1.adtelligent.com Failed	player.adtcdn.com
0	hbopenbid.pubmatic.com Failed	player.adtcdn.com
0	adtelligent-d.openx.net Failed	player.adtcdn.com
0	prebid.a-mo.net Failed	player.adtcdn.com
0	fastlane.rubiconproject.com Failed	player.adtcdn.com
258	71

This site contains links to these domains. Also see Links.

Domain
1plus1.video
1plus1.ua
tsn.ua
plus-plus.tv
tet.tv
1plus1.international
biguditv.com
www.unian.net
paramountcomedy.com.ua
tv.kyivstar.ua
media.1plus1.ua
sales.1plus1.digital
www.facebook.com
www.youtube.com
twitter.com
plus.google.com
vb.me
t.me

Subject Issuer	Validity	Valid
2plus2.ua R3	`2022-03-21` - `2022-06-19`	3 months	crt.sh
*.1plus1.video Go Daddy Secure Certificate Authority - G2	`2021-10-22` - `2022-08-14`	10 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-17` - `2022-07-16`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
assay.1plus1.ua R3	`2022-03-10` - `2022-06-08`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.hit.gemius.pl Sectigo ECC Domain Validation Secure Server CA	`2021-09-08` - `2022-09-25`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
adpartner.pro R3	`2022-03-31` - `2022-06-29`	3 months	crt.sh
player.adtelligent.com R3	`2022-03-21` - `2022-06-19`	3 months	crt.sh
ghb.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2022-04-07` - `2022-07-06`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-02-01` - `2022-05-02`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-02-27` - `2023-02-27`	a year	crt.sh
a.clarity.ms Microsoft RSA TLS CA 01	`2021-07-27` - `2022-07-27`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.admixer.net Sectigo ECC Domain Validation Secure Server CA	`2021-11-16` - `2022-12-17`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-11` - `2022-07-07`	3 months	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-10` - `2023-01-03`	a year	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-17` - `2023-04-12`	a year	crt.sh
*.trafmag.com Sectigo RSA Domain Validation Secure Server CA	`2021-06-10` - `2022-06-22`	a year	crt.sh
uuidksinc.net R3	`2022-03-21` - `2022-06-19`	3 months	crt.sh
*.rcvlink.com Thawte RSA CA 2018	`2021-10-01` - `2022-10-01`	a year	crt.sh
*.eskimi.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2022-04-14` - `2023-05-15`	a year	crt.sh
*.hybrid.ai Sectigo RSA Domain Validation Secure Server CA	`2020-07-07` - `2022-10-05`	2 years	crt.sh
new-programmatic.com R3	`2022-04-20` - `2022-07-19`	3 months	crt.sh
i.cdnkimg.com R3	`2022-04-02` - `2022-07-01`	3 months	crt.sh
*.a-mo.net Amazon	`2021-08-10` - `2022-09-08`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-11` - `2022-07-13`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.id5-sync.com R3	`2022-03-08` - `2022-06-06`	3 months	crt.sh

This page contains 25 frames:

Primary Page: https://2plus2.ua/
Frame ID: D0161131B53681E3F1C04E5F90DA3755
Requests: 137 HTTP requests in this frame

Frame: https://1plus1.video/video/embed/12XPPTDu?autoplay=0&l=ua&logo=plus2
Frame ID: 997D1DB0FABF00F373B58C72A5E396EE
Requests: 44 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tt?time=0&apuid=undefined&session_pageview=1&session_id=53cebb5e-8ad2-40b7-93eb-04119e24b261&site_visited=1&location=https%3A%2F%2F2plus2.ua%2F&referer=
Frame ID: C7CB6E6547D8913AECFA81118D04F92E
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/vunit/ls?vunit=1412&bannerNum=51871773489982840&apuid=0bd1f457-d36b-4630-87bc-e02d7106f2e1&session_pageview=1&session_id=53cebb5e-8ad2-40b7-93eb-04119e24b261&site_visited=1&location=https%3A%2F%2F2plus2.ua%2F
Frame ID: 1E9D1F5D698DCB0A25DAE0B20E0FCB93
Requests: 3 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: DCB08856FB9E1B32F5A91967D57F1A8A
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%25220bd1f457-d36b-4630-87bc-e02d7106f2e1%2522%252C%2522event%2522%253A%2522load%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2067646%252C%2522rule_id%2522%253A184166%252C%2522show_id%2522%253A%2522ea7106e6-030e-424a-b76f-4c16b2c21c42%2522%257D%255D%252C%2522unit_id%2522%253A1412%252C%2522region_id%2522%253A86%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522ea7106e6-030e-424a-b76f-4c16b2c21c42%2522%252C%2522url%2522%253A%2522https%25253A%25252F%25252F2plus2.ua%25252F%2522%257D
Frame ID: C08A97C10636F40C3658B195A53C4BE9
Requests: 1 HTTP requests in this frame

Frame: https://i.cdnkimg.com/image/banner/2537/537/625044d428d11t1649427668r812.jpg
Frame ID: C08737FA88601D2E3D81A0E167C529CC
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%220bd1f457-d36b-4630-87bc-e02d7106f2e1%22%2C%22event%22%3A%22load%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A0%2C%22cost%22%3A0.0021380956177334%2C%22dsp_id%22%3A51%2C%22rule_id%22%3A0%2C%22show_id%22%3A%229cbf18a5-ee0d-4d56-a436-103d73d0fe43%22%7D%5D%2C%22unit_id%22%3A7803%2C%22region_id%22%3A86%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252F2plus2.ua%252F%22%7D
Frame ID: 858B4E57C1B671A079C8649CFA1C6648
Requests: 1 HTTP requests in this frame

Frame: https://f0009bcbdfe4baf56000cd1b0d8d600f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E95203C85E52ED118C108254DC20A96A
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: F5B55A579ED8070B711E5DCFDBDBB2FC
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs
Frame ID: B45C896D8D10CA32F0B256F93F189921
Requests: 12 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs
Frame ID: 18EDE00325DF3288E8941BDF1E311F77
Requests: 18 HTTP requests in this frame

Frame: https://f0009bcbdfe4baf56000cd1b0d8d600f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: AE12E7A4F86EE39CFC46674C0FDBBC93
Requests: 1 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: C369F964DA74F655FD93D23885994E7A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14495005349147051939/index.html
Frame ID: DFCB30085832F04804116D65CAE5B3F6
Requests: 11 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pagead/adview?ai=CvcT7FrxnYsLmIIfO3gOFnpnIBczb0-hpwpivrKoOrgIQASD9_4UjYJWikoKgB6AB0Maj4QPIAQmpAqjT39Urs3s-4AIAqAMByANIqgSYAk_Q6TPPNZHkWVlv-3bzjvxEKj4tt5nEECmyALw6GAiXT0tLPbsBBtpYLT8se8QUYXcdwWOo_1J04VaBjMMoNzObmnAWX_tQsQY0g5JfS2wvyw-LEgzP4FOMNNHKtFj7RGL7gZIICWv0KkusEY7uXCvDCLa5XjkNAbvVv5k6x-GBiavGHktZJNBQ0oZcUmPgwPDyELE3zpQeYOekLFlHfzhKtoav7Dd7nNQ1Grkh8xavSuo8krsOK-RAzpKYZOqqxBHkznpG-I0mVXwAb1WTcG7g5XF7AH4mFEtMuejsP_ZF4C6brOsL-RZ7KybOkZ7DYMCdcvxbSLb3AV-mnYwDcOgM3mPpEYNB6Xz6mnmbayL9CLNARR6n51TABN-X4NCZAuAEAZIFBAgEGAGSBQQIBRgEoAYugAeYudweqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwUQkvaUAdIICQiI4YAQEAEYHYAKA8gLAdgTCogUAdAVAZgWAYAXAbIXHgocCAASFHB1Yi05MTM4MjQ3NjUzNzU0NTMzGNXbFg&sigh=a8EO7sPIsNI&uach_m=[UACH]&template_id=419
Frame ID: 2DD56ADEBF950F411845DFCB5CD5FC8D
Requests: 8 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.512.0_uk.html
Frame ID: CBFC106760D9072A1394E9410AA72C2A
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 03F6C552F83C8D5099ED18D9AAFA84F5
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 161D69F0A7071B5523FCADFB61D272D6
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%220bd1f457-d36b-4630-87bc-e02d7106f2e1%22%2C%22event%22%3A%22unit_iab_show%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A0%2C%22cost%22%3A0.0021380956177334%2C%22dsp_id%22%3A51%2C%22rule_id%22%3A0%2C%22show_id%22%3A%229cbf18a5-ee0d-4d56-a436-103d73d0fe43%22%7D%5D%2C%22unit_id%22%3A7803%2C%22region_id%22%3A86%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252F2plus2.ua%252F%22%7D
Frame ID: 0472D0E62FD16B7E5CC04D23133DF6AB
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%220bd1f457-d36b-4630-87bc-e02d7106f2e1%22%2C%22event%22%3A%22ad_iab_show%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A0%2C%22cost%22%3A0.0021380956177334%2C%22dsp_id%22%3A51%2C%22rule_id%22%3A0%2C%22show_id%22%3A%229cbf18a5-ee0d-4d56-a436-103d73d0fe43%22%7D%5D%2C%22unit_id%22%3A7803%2C%22region_id%22%3A86%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252F2plus2.ua%252F%22%7D
Frame ID: ECF1CC9C7378ABD6EBA4BE6FB5A9025F
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=2plus2.ua
Frame ID: DBE35919948A3CAD0F52FDB5AA342C9D
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5FC9D6FAE33D9DA9E4158927DCA4D7FB
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E92A4B84DCA4564A3C54CF2E8920DA3A
Requests: 2 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tt?time=10&apuid=0bd1f457-d36b-4630-87bc-e02d7106f2e1&session_pageview=1&session_id=53cebb5e-8ad2-40b7-93eb-04119e24b261&site_visited=1&location=https%3A%2F%2F2plus2.ua%2F&referer=
Frame ID: 8DC4479844F6E98C4DAC65A2897456A7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

2+2 - Офіційний сайт каналу онлайнKyivstar

Page URL History Show full URLs

http://2plus2.ua/ HTTP 301
https://2plus2.ua/ Page URL

Detected technologies

Crazy Egg (Analytics) Expand

Overall confidence: 100%
Detected patterns

script\.crazyegg\.com/pages/scripts/\d+/\d+\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Gemius (Analytics) Expand

Overall confidence: 100%
Detected patterns

hit\.gemius\.pl/xgemius\.js
hit\.gemius\.pl
xgemius\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Matomo Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

piwik\.js|piwik\.php

Mouse Flow (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.mouseflow\.com

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

owl\.carousel.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

258
Requests

88 %
HTTPS

43 %
IPv6

49
Domains

71
Subdomains

57
IPs

10
Countries

6386 kB
Transfer

11051 kB
Size

59
Cookies

24 Outgoing links

These are links going to different origins than the main page.

URL: https://1plus1.video/groshi
Title: Гроші

Search URL Search Domain Scan URL

URL: https://1plus1.video/sekretnye-materialy
Title: Секретні матеріали

Search URL Search Domain Scan URL

URL: https://1plus1.video/speckor
Title: Спецкор

Search URL Search Domain Scan URL

URL: https://1plus1.video/zateryannyj-mir
Title: Загублений світ

Search URL Search Domain Scan URL

URL: https://1plus1.video/dzhedai-voiny-dorog
Title: ДЖЕДАІ

Search URL Search Domain Scan URL

URL: https://1plus1.ua/

Search URL Search Domain Scan URL

URL: https://tsn.ua/

Search URL Search Domain Scan URL

URL: http://plus-plus.tv/

Search URL Search Domain Scan URL

URL: https://tet.tv/

Search URL Search Domain Scan URL

URL: https://1plus1.international/

Search URL Search Domain Scan URL

URL: https://biguditv.com/

Search URL Search Domain Scan URL

URL: https://www.unian.net/

Search URL Search Domain Scan URL

URL: https://1plus1.video/

Search URL Search Domain Scan URL

URL: https://paramountcomedy.com.ua/

Search URL Search Domain Scan URL

URL: https://tv.kyivstar.ua/ua/
Title: Kyivstar

Search URL Search Domain Scan URL

URL: https://media.1plus1.ua/ua/hr
Title: Кар'єра

Search URL Search Domain Scan URL

URL: https://media.1plus1.ua/ua/media/channels/problems
Title: Технічний розділ

Search URL Search Domain Scan URL

URL: https://sales.1plus1.digital/
Title: Реклама

Search URL Search Domain Scan URL

URL: https://www.facebook.com/2plus2.ua

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC0rUcXe-tsu_MA33brxjDNg?sub_confirmation=1#utm_source=1plus1&utm_medium=social-button-header&utm_campaign=youtube

Search URL Search Domain Scan URL

URL: https://twitter.com/2plus2tvchannel

Search URL Search Domain Scan URL

URL: https://plus.google.com/+2plus2TVchannel

Search URL Search Domain Scan URL

URL: https://vb.me/2plus2

Search URL Search Domain Scan URL

URL: https://t.me/channel2plus2

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://2plus2.ua/ HTTP 301
https://2plus2.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 74

https://cdn.mouseflow.com/projects/960ccfd6-74cb-4236-9230-f2f5d1c9d1c7.js HTTP 301
https://cdn.mouseflow.com/projects/960ccfd6-74cb-4236-9230-f2f5d1c9d1c7_eu.js

Request Chain 90

https://gaua.hit.gemius.pl/_1650965525921/rexdot.js?l=100&id=nGhLmYBVmH9lDxK8n6qDIKPertEG4oNkPFAhnpWOfo3.H7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2F2plus2.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=455&lsdata=JcUn.umjW3lOnsQ0s916SP_1nXVPRKVXIBa98E7c2WP.S7BM8kAg8MjrodPsG30sYZNCdiwnQP6Ei4HhJGAhdqW.0oCj/OqmQrabDcTrlk/&fpdata=9ArXRDrJC2ldCePhAgTIOQaFlzrggWyRq3VyJyYgIsr.P7&vis=1&fpcap= HTTP 301
https://gaua.hit.gemius.pl/__/_1650965525921/rexdot.js?l=100&id=nGhLmYBVmH9lDxK8n6qDIKPertEG4oNkPFAhnpWOfo3.H7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2F2plus2.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=455&lsdata=JcUn.umjW3lOnsQ0s916SP_1nXVPRKVXIBa98E7c2WP.S7BM8kAg8MjrodPsG30sYZNCdiwnQP6Ei4HhJGAhdqW.0oCj/OqmQrabDcTrlk/&fpdata=9ArXRDrJC2ldCePhAgTIOQaFlzrggWyRq3VyJyYgIsr.P7&vis=1&fpcap=

Request Chain 118

https://pbjs.e-planning.net/pbjs/1/2e43c/1/2plus2.ua/ROS?rnd=0.7605878515659497&e=2000x1300_0%3A2000x1300%2B300x250_0%3A300x250%2B300x600_0%3A300x600%2B1440x180_0%3A1440x180&ur=https%3A%2F%2F2plus2.ua%2F&pbv=6.7.0-pre&ncb=1&vs=FFFF&crs=UTF-8&fr=https%3A%2F%2F2plus2.ua%2F&e_pubcid=9f8094a4-5736-442d-bc2e-7aaa4ce2af91 HTTP 302
https://pbjs.e-planning.net/hb/1/2e43c/1/2plus2.ua/ROS?ct=1&r=pbjs&rnd=0.7605878515659497&e=2000x1300_0%3A2000x1300%2B300x250_0%3A300x250%2B300x600_0%3A300x600%2B1440x180_0%3A1440x180&ur=https%3A%2F%2F2plus2.ua%2F&pbv=6.7.0-pre&ncb=1&vs=FFFF&crs=UTF-8&fr=https%3A%2F%2F2plus2.ua%2F&e_pubcid=9f8094a4-5736-442d-bc2e-7aaa4ce2af91

Request Chain 124

https://px.adhigh.net/p/cm/adpdigital HTTP 302
https://px.adhigh.net/p/cm/adpdigital?bounced=1

Request Chain 127

https://www.acint.net/rmatch?dp=152&r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D53%26user_id%3D%24%7BUSER_ID%7D HTTP 302
https://www.acint.net/rmatch?r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D53%26user_id%3D$%7BUSER_ID%7D&dp=152&tc=1 HTTP 302
https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fssp%252Fmatch%253Fdsp_id%253D53%2526user_id%253D$%257BUSER_ID%257D&dp=14 HTTP 302
https://acint.net/rmatch?dp=14&euid=0100007F18BC67624000572602A347B5&r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D53%26user_id%3D$%7BUSER_ID%7D HTTP 302
https://a4p.adpartner.pro/ssp/match?dsp_id=53&user_id=0100007F18BC6762770AA80302182506

Request Chain 128

https://www.acint.net/rmatch?dp=152&r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D55%26user_id%3D%24%7BUSER_ID%7D HTTP 302
https://www.acint.net/rmatch?r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D55%26user_id%3D$%7BUSER_ID%7D&dp=152&tc=1 HTTP 302
https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fssp%252Fmatch%253Fdsp_id%253D55%2526user_id%253D$%257BUSER_ID%257D&dp=14 HTTP 302
https://acint.net/rmatch?dp=14&euid=0100007F18BC67623D002E2602523694&r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D55%26user_id%3D$%7BUSER_ID%7D HTTP 302
https://a4p.adpartner.pro/ssp/match?dsp_id=55&user_id=0100007F18BC6762770AA80302182506

Request Chain 129

https://ads.betweendigital.com/match?bidder_id=44025&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D47%26user_id%3D%24%7BUSER_ID%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=44025&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D47%26user_id%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
https://a4p.adpartner.pro/ssp/match?dsp_id=47&user_id=ba589e51-2265-5374-aeeb-e029cc8c5c3f

Request Chain 130

https://ads.betweendigital.com/match?bidder_id=44053&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D57%26user_id%3D%24%7BUSER_ID%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=44053&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D57%26user_id%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
https://a4p.adpartner.pro/ssp/match?dsp_id=57&user_id=ba589e51-2265-5374-aeeb-e029cc8c5c3f

Request Chain 131

https://exchange.buzzoola.com/cookiesync/redirect/adpartner?redirect_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D63%26user_id%3D%24%7BUUID%7D HTTP 301
https://a4p.adpartner.pro/ssp/match?dsp_id=63&user_id=bfeed611-ec73-4470-734b-1b0e95fdb0cf

Request Chain 132

https://exchange.buzzoola.com/cookiesync/redirect/adpartner?redirect_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D64%26user_id%3D%24%7BUUID%7D HTTP 301
https://a4p.adpartner.pro/ssp/match?dsp_id=64&user_id=0ef52fa8-e2d0-4907-6fa5-fe53e29fefa1

Request Chain 133

https://a4p.adpartner.pro/ssp/match?redirect=https://inv-nets.admixer.net/adxcm.aspx?ssp=5942A2DB-845D-4521-B8C1-8F2E4FE4D122&id={user_id} HTTP 302
https://inv-nets.admixer.net/adxcm.aspx?ssp=5942A2DB-845D-4521-B8C1-8F2E4FE4D122

Request Chain 137

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=0bd1f457-d36b-4630-87bc-e02d7106f2e1

Request Chain 215

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 216

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 232

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 241

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=26FB80642D3E4FE7BC7D8081F48BCF0F&RedC=c.clarity.ms&MXFR=09785F38D0386A0837E04EAAD4386415 HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=26FB80642D3E4FE7BC7D8081F48BCF0F&MUID=3287A780370E6F730134B61236856E6E

Request Chain 247

https://gum.criteo.com/sid/json?origin=publishertag&domain=2plus2.ua&sn=ChromeSyncframe&so=0&topUrl=2plus2.ua&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=kXwXnnxrUjRKUzUxU0xSQ1BRa0NEekxpUmFQVENPMENGbitoVU9kYVJoU2xSVExPV3p6d0xQd2szN21QbG1INUsySGIxUWxGTFgvUFJFNDdlRFl5NCtJS2tmNDZPQ0tKUXAzK3E0ZEpwNkxhUEtwajF6K1c0MzBIVlB2WnpvMHg1RXJnSkFhNEFFRTJiS3Jmb0VOZ0djakNZNG9Nb0phckpmamJvL1ZHbmtqSTdySG9KaXF5TUF2TWVWMWtidXBvL21nbUJncWUxSmd1VzdYUjNydmVHRHE0SFdJNGZxUnZpdHRjbkJsZFRmUXZ5Y1BxOFZkMlMvTHpWcENaR1Z4TnArYUFWWVd5dDhsc1VXMlZ5MnlZUlZZMzRndz09fA&cppv=2

Request Chain 252

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2F2plus2.ua%2F&domain=2plus2.ua&cw=1&pbt=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=bQcObHxENXB2cUpoM1ZaNTYwTDdoSzBCdVdLR1g3ZG5iQlE0dTBsMnAzclB3QWZWS2J0T09pN0gxQ2JhUzMwdFBrd2M2UGZCc0cyYmJCSXA2WHN0SHBjQ0NOakhqUU5VbjFPUkdCYU42cDNISGU3R0dxLzNXUnNDc1dDSFdkeVI5Y2hLTlcwZWtPK3REbElmTFR5VU5sSXBzMDRqSldYNXAwOUFhNHJkdHF6aVhIR3pZQTBYTXZReDZIT0NFbU1Ud0ptZHZkaUxIL0xSc1Y2Y0xXUHdZREMrWG0xOVMwV3p1ZVJVUFFCdnFveWhnVk1ranYxdXgxV3VHb3NHYk1nZjQ3VUJydDVmdGNWeGR4c1lBcGh6ayt6cmx6UT09fA&cppv=2

258 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
2plus2.ua/
Redirect Chain

http://2plus2.ua/
https://2plus2.ua/

127 KB
31 KB

578ms
323ms

Document
text/html

195.137.240.102
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://2plus2.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.102 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: bf0d8eaae1c5d97a327ea3bb90659b207bf15d403249634b604181fd82ecc427

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Cache-Control: no-cache, private
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Tue, 26 Apr 2022 09:32:04 GMT
Keep-Alive: timeout=15
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

Redirect headers

Connection: keep-alive
Content-Length: 178
Content-Type: text/html
Date: Tue, 26 Apr 2022 09:32:03 GMT
Keep-Alive: timeout=15
Location: https://2plus2.ua/
Server: nginx

GET
H/1.1 200
OK app.css
2plus2.ua/css/ 163 KB
34 KB 87ms
87ms Stylesheet
text/css 195.137.240.102
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://2plus2.ua/css/app.css?id=0d35840da3ccf68354bf
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.102 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: c8c9282bac0c52f3cb2d49215efe8727bb99da2e83220c8c7d40ddac223a39f3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 26 Apr 2022 09:32:04 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Apr 2022 12:23:46 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=1209600
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Tue, 10 May 2022 09:32:04 GMT

GET
H/1.1 200
OK codes-initialization.js Show response
2plus2.ua/js/ 2 KB
1 KB 173ms
84ms Script
application/javascript 195.137.240.102
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://2plus2.ua/js/codes-initialization.js?id=6995a6db18672037bb0c
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.102 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: 0504d9f9a134a9acc6d5ffefacd131df9ed5ac7023d3c2aeecd48a4d0419a3e8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 26 Apr 2022 09:32:04 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Oct 2021 08:57:18 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=1209600
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Tue, 10 May 2022 09:32:04 GMT

GET
H/1.1 200
OK logo.svg
2plus2.ua/img/icons/ 574 B
883 B 242ms
86ms Image
image/svg+xml 195.137.240.102
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2plus2.ua/img/icons/logo.svg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.102 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: d3fd91ee62256b439f81a02c678e02a4ac665a52642a475e1cec17e5959db19b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 26 Apr 2022 09:32:04 GMT
Last-Modified: Wed, 19 Sep 2018 09:53:34 GMT
Server: nginx
Content-Type: image/svg+xml
Cache-Control: max-age=1209600
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 574
Expires: Tue, 10 May 2022 09:32:04 GMT

GET
H2 200 e2861f1619973d76f56ed0df427c3c2d.jpg
images.1plus1.video/other-1/ 92 KB
93 KB 780ms
506ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/other-1/e2861f1619973d76f56ed0df427c3c2d.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 08c321615bfe65e41e8aef06d659058d5bbcf35c9d6e539962337833d7178b8a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 09:32:05 GMT
last-modified: Mon, 14 Mar 2022 09:09:43 GMT
server: nginx
etag: "e2861f1619973d76f56ed0df427c3c2d"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 94507
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 26 Apr 2022 09:32:05 GMT
expires: Tue, 03 May 2022 09:32:05 GMT

GET
H2 200 98c2160bfdac3da90abbe0f808ea0a72.jpg
images.1plus1.video/other-1/ 144 KB
145 KB 689ms
415ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/other-1/98c2160bfdac3da90abbe0f808ea0a72.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: da9cef05bb3578a7a64b84c5c60ffd0c825548b4dfb0096955cfc1ccc408205d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 09:32:05 GMT
last-modified: Mon, 21 Mar 2022 10:55:48 GMT
server: nginx
etag: "98c2160bfdac3da90abbe0f808ea0a72"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 147595
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 26 Apr 2022 09:32:05 GMT
expires: Tue, 03 May 2022 09:32:05 GMT

GET
H2 200 ceb56f0f3f537ac55cc52a60f7f0e7e7.jpg
images.1plus1.video/other-1/ 149 KB
150 KB 771ms
497ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/other-1/ceb56f0f3f537ac55cc52a60f7f0e7e7.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 84832082edd30098694a82d30d83fea657ab39289a655e26a9a080d6c73ce6fb

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 09:32:05 GMT
last-modified: Thu, 10 Mar 2022 13:29:18 GMT
server: nginx
etag: "ceb56f0f3f537ac55cc52a60f7f0e7e7"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 152959
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 26 Apr 2022 09:32:05 GMT
expires: Tue, 03 May 2022 09:32:05 GMT

GET
H2 200 2248efa20ef583a3c94154fe1b7f7e44.jpg
images.1plus1.video/other-1/ 100 KB
100 KB 531ms
257ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/other-1/2248efa20ef583a3c94154fe1b7f7e44.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: e8bd6044578f524a466c53fa6636fe598ff060f30bb0f62999bbfd217de1d574

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 09:32:05 GMT
last-modified: Mon, 14 Mar 2022 09:07:27 GMT
server: nginx
etag: "2248efa20ef583a3c94154fe1b7f7e44"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 101989
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 26 Apr 2022 09:32:05 GMT
expires: Tue, 03 May 2022 09:32:05 GMT

GET
H2 200 09a2b84853a3d266541bc71bb29ffbf5.jpg
images.1plus1.video/other-1/ 41 KB
42 KB 408ms
174ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/other-1/09a2b84853a3d266541bc71bb29ffbf5.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 9d7667843315003196c81adfcd081e8b7bcc59babfff2b503e00cf0bf4f9629d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 09:32:05 GMT
last-modified: Mon, 25 Apr 2022 16:40:22 GMT
server: nginx
etag: "4d2e052b4015056c118eab4c3a785482"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 42264
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 26 Apr 2022 09:32:05 GMT
expires: Tue, 03 May 2022 09:32:05 GMT

GET
H2 200 6de8cd46fafe694d82523077b82fb064.jpg
images.1plus1.video/other-1/ 22 KB
22 KB 740ms
505ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/other-1/6de8cd46fafe694d82523077b82fb064.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 162494aa6881face214d38b96351f874a65216201f50e94761ca21808c0aa93f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 09:32:05 GMT
last-modified: Wed, 13 Apr 2022 17:04:07 GMT
server: nginx
etag: "d4e63aed867ec770d35150e553ced06c"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 22460
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 26 Apr 2022 09:32:05 GMT
expires: Tue, 03 May 2022 09:32:05 GMT

GET
H2 200 d60a60f745b324b51d9c38bf3c6188d1.315x280.jpg
images.1plus1.video/news-1/42957/ 24 KB
25 KB 639ms
414ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/news-1/42957/d60a60f745b324b51d9c38bf3c6188d1.315x280.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: f8853600f75988f9c7eadff8c841791ed037d018027ab20bf39ff4aa5bafcd97

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 09:32:05 GMT
last-modified: Tue, 26 Apr 2022 09:09:20 GMT
server: nginx
etag: "843d86f76a4fa9da451f882354e9c9cb"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 25035
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 26 Apr 2022 09:32:05 GMT
expires: Tue, 03 May 2022 09:32:05 GMT

GET
H2 200 96b750ed95525f6af6216423c6d8a03e.315x280.jpg
images.1plus1.video/news-1/42945/ 16 KB
17 KB 733ms
508ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/news-1/42945/96b750ed95525f6af6216423c6d8a03e.315x280.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 8abec3cbedab47bb75f8d39609d43909430614b0988625729409118f3ba6e6b8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 09:32:05 GMT
last-modified: Tue, 26 Apr 2022 09:04:15 GMT
server: nginx
etag: "f833c5c0acffcbdfb2993db7a7148e47"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 16709
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 26 Apr 2022 09:32:05 GMT
expires: Tue, 03 May 2022 09:32:05 GMT

GET
H2 200 c27c5490017f5090cabbd07ee53a0a95.315x280.jpg
images.1plus1.video/news-1/42942/ 38 KB
38 KB 579ms
576ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/news-1/42942/c27c5490017f5090cabbd07ee53a0a95.315x280.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 93bbf507c6856f0455811573b7fe0161419e7691d52ccc1759eb89177b184061

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 09:32:05 GMT
last-modified: Mon, 25 Apr 2022 16:23:11 GMT
server: nginx
etag: "97e129852c72a5a1133bc5e3e68d6c53"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 38502
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 26 Apr 2022 09:32:05 GMT
expires: Tue, 03 May 2022 09:32:05 GMT

GET
H2 200 f4946a9acf3296d718bf3ea346654549.315x280.jpg
images.1plus1.video/news-1/42954/ 44 KB
45 KB 568ms
565ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/news-1/42954/f4946a9acf3296d718bf3ea346654549.315x280.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 52594576579dee9defc0f23f35b99dc85f670032a4eb011486033b4da95841cf

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 09:32:05 GMT
last-modified: Tue, 26 Apr 2022 07:56:28 GMT
server: nginx
etag: "5ea21798986d701e765f32452124e344"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 45433
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 26 Apr 2022 09:32:05 GMT
expires: Tue, 03 May 2022 09:32:05 GMT

GET
H2 200 293ab1f00ed12303e29f3ae18076246c.315x280.jpg
images.1plus1.video/news-1/42930/ 43 KB
43 KB 489ms
487ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/news-1/42930/293ab1f00ed12303e29f3ae18076246c.315x280.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: c1a812779f6809a6d1ae9a59824d3c629ac28da52b79b7c5d2a8494ca73e6313

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 09:32:05 GMT
last-modified: Mon, 25 Apr 2022 15:05:09 GMT
server: nginx
etag: "7ad71d40d2cf2bea069764fbb9fac664"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 44036
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 26 Apr 2022 09:32:05 GMT
expires: Tue, 03 May 2022 09:32:05 GMT

GET
H2 200 ed62e7e17c4c9996f5379b0e59891cb0.315x280.jpg
images.1plus1.video/news-1/42948/ 23 KB
23 KB 489ms
486ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/news-1/42948/ed62e7e17c4c9996f5379b0e59891cb0.315x280.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: ef7915cf753934066d9f4218ee3eb174d1942572fd93443425e7ac952cba3d34

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 09:32:05 GMT
last-modified: Mon, 25 Apr 2022 21:19:40 GMT
server: nginx
etag: "b8445988cdf4e5ab866ff77ea0ae35c7"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 23761
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 26 Apr 2022 09:32:05 GMT
expires: Tue, 03 May 2022 09:32:05 GMT

GET
H2 200 88582ed6831bf6fd6f6ba9863f786dee.315x280.jpg
images.1plus1.video/news-1/42939/ 36 KB
37 KB 568ms
566ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/news-1/42939/88582ed6831bf6fd6f6ba9863f786dee.315x280.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 57b96a2c6ebb815ad47defc14076c1edf72ff3dc1b50e04911c0458630d8ccaf

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 09:32:05 GMT
last-modified: Mon, 25 Apr 2022 16:37:20 GMT
server: nginx
etag: "2e6b9ba389175244fe8edf051870ed99"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 37118
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 26 Apr 2022 09:32:05 GMT
expires: Tue, 03 May 2022 09:32:05 GMT

GET
H2 200 52cc397b6db761676b665b7b6461e3f1.315x280.jpg
images.1plus1.video/news-1/42933/ 17 KB
17 KB 573ms
570ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/news-1/42933/52cc397b6db761676b665b7b6461e3f1.315x280.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: e36f39713469bd849c4e48f1b99cf3070003cd0613e5cfce4900c082427bf770

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 09:32:05 GMT
last-modified: Mon, 25 Apr 2022 15:21:22 GMT
server: nginx
etag: "29569126fbb2414ee7a41cc0ec8a5597"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 17505
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 26 Apr 2022 09:32:05 GMT
expires: Tue, 03 May 2022 09:32:05 GMT

GET
H2 200 a4d08bd4994e14c9955313db91f9a5d4.jpg
images.1plus1.video/other-1/ 134 KB
135 KB 743ms
740ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/other-1/a4d08bd4994e14c9955313db91f9a5d4.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 344eccc5f3ea7ebac658c1b57b9b4a21b83405d1065a480bf2bb3d01628e5e20

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 09:32:05 GMT
last-modified: Thu, 14 Apr 2022 11:33:41 GMT
server: nginx
etag: "847844816f7853a633ce073538d91224"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 137706
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 26 Apr 2022 09:32:05 GMT
expires: Tue, 03 May 2022 09:32:05 GMT

GET
H2 200 248fb5ca74d280ee0a3a0d1167d6de42.315x280.jpg
images.1plus1.video/news-1/42927/ 22 KB
22 KB 568ms
566ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/news-1/42927/248fb5ca74d280ee0a3a0d1167d6de42.315x280.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 791e612349aed62a9516d58dd78dd4b6d4ff989934bc99075adb9c10287da2ee

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 09:32:05 GMT
last-modified: Mon, 25 Apr 2022 14:22:03 GMT
server: nginx
etag: "e665b4016c34423929dc4ab483ce48fa"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 22154
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 26 Apr 2022 09:32:05 GMT
expires: Tue, 03 May 2022 09:32:05 GMT

GET
H2 200 7e9f07a24d1d60112d66352a88c511b1.315x280.jpg
images.1plus1.video/news-1/42924/ 32 KB
33 KB 658ms
656ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/news-1/42924/7e9f07a24d1d60112d66352a88c511b1.315x280.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 1532bcc72c38d2a840ec42e83b35d53515146a8401f7424bcc666c982cefe93e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 09:32:05 GMT
last-modified: Mon, 25 Apr 2022 13:41:24 GMT
server: nginx
etag: "5f8754920894098525eef0cd3a55a6b1"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 33262
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 26 Apr 2022 09:32:05 GMT
expires: Tue, 03 May 2022 09:32:05 GMT

GET
H2 200 2c39a19ea49fb9158dce1ba1e011b854.315x280.jpg
images.1plus1.video/news-1/42918/ 28 KB
29 KB 745ms
742ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/news-1/42918/2c39a19ea49fb9158dce1ba1e011b854.315x280.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: f01c0bb056018ce4ff8b87be39cfe730a10f4988667a0d3e559c145e493a8f83

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 09:32:05 GMT
last-modified: Mon, 25 Apr 2022 12:17:21 GMT
server: nginx
etag: "29740a91af3c1d003cf069927be8dbdd"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 29017
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 26 Apr 2022 09:32:05 GMT
expires: Tue, 03 May 2022 09:32:05 GMT

GET
H2 200 3c5c29a352791c18019bdcc02ee5fbc7.285x285.jpg
images.1plus1.video/card-5/GRsFFLJ2/ 18 KB
18 KB 564ms
561ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/card-5/GRsFFLJ2/3c5c29a352791c18019bdcc02ee5fbc7.285x285.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: a8cebc2cb04ac75776e861a533e41ea0bd3b69d06f461cb78e086602dac603aa

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 09:32:05 GMT
last-modified: Tue, 22 Feb 2022 17:53:08 GMT
server: nginx
etag: "1fff169ec8591ae472ce69439a5f36a9"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 18118
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 26 Apr 2022 09:32:05 GMT
expires: Tue, 03 May 2022 09:32:05 GMT

GET
H2 200 9a5058bd954e39305ea3ca42fdcd186a.285x285.jpg
images.1plus1.video/card-5/ktBGOYx2/ 21 KB
21 KB 569ms
566ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/card-5/ktBGOYx2/9a5058bd954e39305ea3ca42fdcd186a.285x285.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 64018c36747d449e570f24cab8b3c9d1e9ea794cf06a288e5adafff3da652ab3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 09:32:05 GMT
last-modified: Fri, 18 Feb 2022 17:38:19 GMT
server: nginx
etag: "e087103a4d5306b33b4a26ca74f46a95"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 21081
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 26 Apr 2022 09:32:05 GMT
expires: Tue, 03 May 2022 09:32:05 GMT

GET
H2 200 f90d7f24621086ba471318342646e06b.285x285.jpg
images.1plus1.video/card-5/DagrnyGt/ 27 KB
27 KB 569ms
566ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/card-5/DagrnyGt/f90d7f24621086ba471318342646e06b.285x285.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: ab913a87b721b324515eba65e3e6824a4eca503780e9deb7e4d375204c282e95

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 09:32:05 GMT
last-modified: Fri, 18 Feb 2022 17:27:39 GMT
server: nginx
etag: "ca4ef5c2e2792b2dfb7e7787c80e99f6"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 27722
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 26 Apr 2022 09:32:05 GMT
expires: Tue, 03 May 2022 09:32:05 GMT

GET
H2 200 8e8cb6e0f36b0d85cd8c6981e4eb4b31.285x285.jpg
images.1plus1.video/card-5/nRAVUWV2/ 30 KB
31 KB 576ms
574ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/card-5/nRAVUWV2/8e8cb6e0f36b0d85cd8c6981e4eb4b31.285x285.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 9fc647aa2ef1f6aa26e64231a4f860b77f8e5ca45ddb241de99581e1235df68d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 09:32:05 GMT
last-modified: Wed, 16 Feb 2022 16:37:24 GMT
server: nginx
etag: "da80bf2f888498741dc109276ffe8f47"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 31038
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 26 Apr 2022 09:32:05 GMT
expires: Tue, 03 May 2022 09:32:05 GMT

GET
H2 200 68536a5f7c4f28c824ac18907f67e6c0.285x285.jpg
images.1plus1.video/card-5/9CmkgJyR/ 25 KB
25 KB 574ms
571ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/card-5/9CmkgJyR/68536a5f7c4f28c824ac18907f67e6c0.285x285.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: bc963544c7b58831207820ca1f6aa75f0265843be105cab7b7c3744155616f3a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 09:32:05 GMT
last-modified: Wed, 16 Feb 2022 16:24:36 GMT
server: nginx
etag: "5bfc6a30c49959728c337dce58dda0a3"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 25395
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 26 Apr 2022 09:32:05 GMT
expires: Tue, 03 May 2022 09:32:05 GMT

GET
H2 200 cdce52f6d8885ef25314a4977eb592c8.490x300.jpg
images.1plus1.video/playlist-1/140731/ 98 KB
98 KB 566ms
564ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/140731/cdce52f6d8885ef25314a4977eb592c8.490x300.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: cb33386457609ed59866c61e2d9b0d4f4c3c5c6e2c7401c0a0a9fd8f5ff0c951

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 09:32:05 GMT
last-modified: Tue, 18 Jan 2022 14:42:46 GMT
server: nginx
etag: "8bbc0a9d2074e0f2861716372d19b7a8"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 100315
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 26 Apr 2022 09:32:05 GMT
expires: Tue, 03 May 2022 09:32:05 GMT

GET
H2 200 8789930c322a5a2de04ad202edee81be.490x300.jpg
images.1plus1.video/playlist-1/145042/ 72 KB
72 KB 745ms
743ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/145042/8789930c322a5a2de04ad202edee81be.490x300.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 6da76e0407ac20e5be7f38f73d9eae1ffc3bd492aa79769c9d900613db9b5dd5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 09:32:05 GMT
last-modified: Tue, 18 Jan 2022 14:41:33 GMT
server: nginx
etag: "6fe6cd0165380ba7809f27a4e2029504"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 73347
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 26 Apr 2022 09:32:05 GMT
expires: Tue, 03 May 2022 09:32:05 GMT

GET
H2 200 5dc777c6a08b8536906fff608805f4ad.490x300.jpg
images.1plus1.video/playlist-1/70286/ 100 KB
100 KB 745ms
743ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/70286/5dc777c6a08b8536906fff608805f4ad.490x300.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: e0f2bfbabb9841847f2a5b6e1a90ea85ed2cda2648ac0ced424a8e9769e38514

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 09:32:05 GMT
last-modified: Wed, 16 Jun 2021 15:26:13 GMT
server: nginx
etag: "61a7a9a574200a699aba40246cff75f8"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 101953
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 26 Apr 2022 09:32:05 GMT
expires: Tue, 03 May 2022 09:32:05 GMT

GET
H2 200 73f64084c4b6012843a0ad4a723ab950.490x300.jpg
images.1plus1.video/playlist-1/93757/ 84 KB
84 KB 564ms
562ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/93757/73f64084c4b6012843a0ad4a723ab950.490x300.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: f375aaa522232e786256e11ddb093a95c35026397d3967ba0b66dd427d833a2e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 09:32:05 GMT
last-modified: Tue, 22 Jun 2021 07:50:02 GMT
server: nginx
etag: "3fcbb749663669f24ae1bf6426c6776a"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 85576
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 26 Apr 2022 09:32:05 GMT
expires: Tue, 03 May 2022 09:32:05 GMT

GET
H2 200 d3374a1b77fa3b8ce94d5845e061d8f0.490x300.jpg
images.1plus1.video/playlist-1/4844/ 97 KB
97 KB 658ms
656ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/4844/d3374a1b77fa3b8ce94d5845e061d8f0.490x300.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 373deb961a720e1e159bdafc2ab4e9ad0478f910034025f667c92e21dbd0a044

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 09:32:05 GMT
last-modified: Tue, 18 Jan 2022 14:44:06 GMT
server: nginx
etag: "a8a6b117d153ff197675175afd73848d"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 99044
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 26 Apr 2022 09:32:05 GMT
expires: Tue, 03 May 2022 09:32:05 GMT

GET
H2 200 512ac948dba8c0ed8ed754631bb4084f.490x300.jpg
images.1plus1.video/playlist-1/5252/ 161 KB
161 KB 743ms
740ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/5252/512ac948dba8c0ed8ed754631bb4084f.490x300.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 10066841bfc9534e75adc9de3c5b8f027a6d4cf60e8cc53debef50491928e60d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 09:32:05 GMT
last-modified: Fri, 18 Jun 2021 07:37:16 GMT
server: nginx
etag: "f3aeeec15e404524760bdf792fd61b50"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 164699
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 26 Apr 2022 09:32:05 GMT
expires: Tue, 03 May 2022 09:32:05 GMT

GET
H2 200 7685b7308bb44288c4f399496048c4df.220x330.jpg
images.1plus1.video/playlist-1/945/ 59 KB
60 KB 574ms
572ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/945/7685b7308bb44288c4f399496048c4df.220x330.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 143f50225190e7a587d8e43d7504c7645b29f1dfb957eae82f59977a6cc35c98

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 09:32:05 GMT
last-modified: Thu, 20 Jan 2022 12:33:22 GMT
server: nginx
etag: "8bae3cce1b9ac9a8d0dc652c45b532de"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 60741
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 26 Apr 2022 09:32:05 GMT
expires: Tue, 03 May 2022 09:32:05 GMT

GET
H2 200 74a4f00b1034d1e5de44c52c5afaf1fd.220x330.jpg
images.1plus1.video/playlist-1/5312/ 32 KB
32 KB 746ms
743ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/5312/74a4f00b1034d1e5de44c52c5afaf1fd.220x330.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 564790a34f4bb222b6812e6c32b124320b3ccd5db9a922fcff71f72a4bd02673

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 09:32:05 GMT
last-modified: Wed, 19 Jan 2022 15:44:36 GMT
server: nginx
etag: "051dae29b6412985e0d02f1883f31c84"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 32599
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 26 Apr 2022 09:32:05 GMT
expires: Tue, 03 May 2022 09:32:05 GMT

GET
H2 200 d3374a1b77fa3b8ce94d5845e061d8f0.220x330.jpg
images.1plus1.video/playlist-1/4844/ 68 KB
68 KB 745ms
743ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/4844/d3374a1b77fa3b8ce94d5845e061d8f0.220x330.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 1ec70c7fb22a0abb4cf77eab8f2b4b3a5c674107b30f1bdf7f4d118a9c61e7da

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 09:32:05 GMT
last-modified: Tue, 18 Jan 2022 14:44:06 GMT
server: nginx
etag: "af334573b8e9890738512cd9a210350e"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 69740
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 26 Apr 2022 09:32:05 GMT
expires: Tue, 03 May 2022 09:32:05 GMT

GET
H2 200 5ee354d25b6e1328f52453b530bd859f.220x330.jpg
images.1plus1.video/playlist-1/46546/ 18 KB
19 KB 576ms
573ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/46546/5ee354d25b6e1328f52453b530bd859f.220x330.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: e24ce462b090fdbb38af89384909309483db1a66bc0d1ce4a5141c4864467868

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 09:32:05 GMT
last-modified: Wed, 23 Feb 2022 11:06:28 GMT
server: nginx
etag: "7037a4d516fbc5445a7d1a251f1a5c6f"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 18756
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 26 Apr 2022 09:32:05 GMT
expires: Tue, 03 May 2022 09:32:05 GMT

GET
H2 200 c9b0c9a776f78f3b56b9024ff259bf6d.220x330.jpg
images.1plus1.video/playlist-1/5252/ 86 KB
87 KB 745ms
743ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/5252/c9b0c9a776f78f3b56b9024ff259bf6d.220x330.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: ded40bc9b131ce8d897e8319b65b204d44da586ca44e661f3acc33cb6438b1f4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 09:32:05 GMT
last-modified: Wed, 19 Jan 2022 15:43:20 GMT
server: nginx
etag: "90f688b5780469424dc2f50e497a080f"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 88537
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 26 Apr 2022 09:32:05 GMT
expires: Tue, 03 May 2022 09:32:05 GMT

GET
H/1.1 200
OK footer-email.png
2plus2.ua/img/ 774 B
1 KB 169ms
84ms Image
image/png 195.137.240.102
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2plus2.ua/img/footer-email.png
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.102 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: c7571d58fa40f74107002e9991f3b84ca5da3aef2f9f366a7ddc27afb9a90dc0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 26 Apr 2022 09:32:05 GMT
Last-Modified: Tue, 29 Jan 2019 14:06:43 GMT
Server: nginx
Content-Type: image/png
Cache-Control: max-age=1209600
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 774
Expires: Tue, 10 May 2022 09:32:04 GMT

GET
H/1.1 200
OK ads.js Show response
2plus2.ua/js/ 19 B
351 B 167ms
85ms Script
application/javascript 195.137.240.102
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://2plus2.ua/js/ads.js?id=fb4f4a7ed8a8020a4ad9
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.102 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: e029f52d3ee7b5d529e43509e78c8aad836f222e32a308e61360e3fddcec6320

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 26 Apr 2022 09:32:04 GMT
Last-Modified: Tue, 29 Jan 2019 14:06:43 GMT
Server: nginx
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=1209600
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 19
Expires: Tue, 10 May 2022 09:32:04 GMT

GET
H/1.1 200
OK jquery-3.2.1.min.js Show response
2plus2.ua/js/vendor/ 85 KB
35 KB 174ms
173ms Script
application/javascript 195.137.240.102
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://2plus2.ua/js/vendor/jquery-3.2.1.min.js?id=c9f5aeeca3ad37bf2aa0
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.102 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 26 Apr 2022 09:32:04 GMT
Content-Encoding: gzip
Last-Modified: Tue, 27 Nov 2018 12:17:34 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=1209600
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Tue, 10 May 2022 09:32:04 GMT

GET
H/1.1 200
OK owl.carousel.min.js Show response
2plus2.ua/js/vendor/ 42 KB
13 KB 86ms
86ms Script
application/javascript 195.137.240.102
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://2plus2.ua/js/vendor/owl.carousel.min.js?id=b7b9c97cd68ec336d01a
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.102 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: b394d33b2a7ec654a6b037ebfda6618341b3f897a362be624c923c2711b54a43

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 26 Apr 2022 09:32:04 GMT
Content-Encoding: gzip
Last-Modified: Tue, 27 Nov 2018 12:17:34 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=1209600
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Tue, 10 May 2022 09:32:04 GMT

GET
H/1.1 200
OK jquery.mousewheel.min.js Show response
2plus2.ua/js/vendor/ 3 KB
2 KB 109ms
99ms Script
application/javascript 195.137.240.102
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://2plus2.ua/js/vendor/jquery.mousewheel.min.js?id=d5843dbdc71ff8014a5e
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.102 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: 8e73a30d35c83ea6a597c3343324d2b7df097ad26e67b62efb5266ee12d317b5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 26 Apr 2022 09:32:04 GMT
Content-Encoding: gzip
Last-Modified: Tue, 27 Nov 2018 12:17:34 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=1209600
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Tue, 10 May 2022 09:32:04 GMT

GET
H/1.1 200
OK jquery.mCustomScrollbar.concat.min.js Show response
2plus2.ua/js/vendor/ 44 KB
15 KB 170ms
86ms Script
application/javascript 195.137.240.102
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://2plus2.ua/js/vendor/jquery.mCustomScrollbar.concat.min.js?id=42a368e95b4a38989c89
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.102 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: fd8027b53a97cbd5782e85c5908e563c39776703ff9279f50658e630927b4167

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 26 Apr 2022 09:32:04 GMT
Content-Encoding: gzip
Last-Modified: Tue, 27 Nov 2018 12:17:34 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=1209600
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Tue, 10 May 2022 09:32:04 GMT

GET
H/1.1 200
OK app.js Show response
2plus2.ua/js/ 20 KB
8 KB 208ms
99ms Script
application/javascript 195.137.240.102
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://2plus2.ua/js/app.js?id=8e88380a7f509a69a305
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.102 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: 672ace95a9ff08fd4323923191fafd7b76c9ede3ae21cc62724afb4dff985b24

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 26 Apr 2022 09:32:04 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Apr 2022 12:23:46 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=1209600
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Tue, 10 May 2022 09:32:04 GMT

GET
H2 200 css2
fonts.googleapis.com/ 28 KB
2 KB 181ms
65ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;0,800;1,300;1,400;1,600;1,700;1,800&display=swap

Requested by

Host: 2plus2.ua
URL: https://2plus2.ua/css/app.css?id=0d35840da3ccf68354bf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a72ee3b483fdcb212b243a4e684c497f598916becbe02e14b48fae84ff65504c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 08:20:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 26 Apr 2022 09:32:04 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 26 Apr 2022 09:32:04 GMT

GET
H2 200 hb_298309_11708.js Show response
player.adtcdn.com/prebidlink/458601/ 374 KB
111 KB 363ms
216ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtcdn.com/prebidlink/458601/hb_298309_11708.js
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e83fe9975d2dd72d4a583fa4b72114cd7f17941a949a037fb961a11b12713e4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 09:32:05 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 26 Apr 2022 08:58:07 GMT
server: cloudflare
etag: W/"6267b41f-5d9c4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Si0X8OkbFcNoEd%2BEUSMTgpdvVxqhpBqUcNNAeOR1YOhsuH%2BCvNhTUNyYIOVVTsKMU5t27k4kEDV6Pc1wkpJevPwgmM3St8rpAFv1WtAqNZArq2L2DX59e%2FXl5DWZ7r5gGlkcAywKO%2F80DljrNT7oZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=345600
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 701e4f23afd28e1e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 26 Apr 2022 09:47:05 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 84 KB
29 KB 217ms
70ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: 2plus2.ua
URL: https://2plus2.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

76554d6b4c1fab49466d2fcbb7b3a5c9186964de360b2cac5be97f307ce4aa18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 09:32:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28657
x-xss-protection: 0
server: sffe
etag: "1197 / 660 of 1000 / last-modified: 1650962599"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 26 Apr 2022 09:32:05 GMT

GET
H2 200 wrapper_hb_298309_11708.js Show response
player.adtcdn.com/prebidlink/458601/ 787 B
1 KB 142ms
57ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtcdn.com/prebidlink/458601/wrapper_hb_298309_11708.js
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42d66f023bb368180a0b3fe8fb92af402514a0c335f3c16279c020398e6b9308

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 09:32:05 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 656
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 26 Apr 2022 08:58:07 GMT
server: cloudflare
etag: W/"6267b41f-313"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5eMQim9a4pMUVlxSL8kDoZXwJ1y9tnxUE7c50HVQLuCOiUcdL6nl%2Fui1GWny9XN6I8uXwDz1XV68PKL%2FYNqh4ddPP%2B3jKAKVmu9CU%2BuVrZwH8XKz55hSTPQz4f9yAF1o7bGWncFE%2B%2F267%2Fzl5%2BXqOw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=345600
cf-ray: 701e4f23afd48e1e-LHR
expires: Tue, 26 Apr 2022 09:36:09 GMT

GET
H2 200 piwik.js Show response
assay.1plus1.ua/ 57 KB
23 KB 520ms
168ms Script
application/javascript 195.137.240.12
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL

https://assay.1plus1.ua/piwik.js

Requested by

Host: 2plus2.ua
URL: https://2plus2.ua/js/codes-initialization.js?id=6995a6db18672037bb0c

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

195.137.240.12 , Ukraine, ASN29389 (ASN-UNIAN, UA),

Reverse DNS

assay.1plus1.ua

Software

nginx /

Resource Hash

714576ef1d7b58980b7658ae9b8b4d74a223fba87934dc442db4098873e179a3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 09:32:05 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Mon, 03 Jul 2017 15:36:13 GMT
server: nginx
etag: W/"595a646d-e3b1"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 171 KB
60 KB 387ms
73ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W2BBRKX

Requested by

Host: 2plus2.ua
URL: https://2plus2.ua/js/codes-initialization.js?id=6995a6db18672037bb0c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d1cc38116e095a9f6be2ae98a439d78dae4ce2b3022905e8de4efb68b8276a97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 09:32:05 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61065
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 26 Apr 2022 09:32:05 GMT

GET
H2 200 xgemius.js Show response
gaua.hit.gemius.pl/ 43 KB
12 KB 393ms
81ms Script
application/x-javascript 54.37.238.28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/xgemius.js
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/js/codes-initialization.js?id=6995a6db18672037bb0c
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.37.238.28 , France, ASN16276 (OVH, FR),
Reverse DNS: ip28.ip-54-37-238.eu
Software: GHC /
Resource Hash: e084c8a87da9ce64e34972a1718ce788ea46bb7898330c73e1a7f2b6c9936d98

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 09:32:05 GMT
content-encoding: gzip
last-modified: Thu, 21 Apr 2022 06:09:03 GMT
server: GHC
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: max-age=43200
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 11715
expires: Tue, 26 Apr 2022 21:32:05 GMT

GET
H/1.1 200
OK api.gpt.js Show response
api.1plus1.video/static/js/ 12 KB
5 KB 480ms
84ms Script
application/javascript 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.1plus1.video/static/js/api.gpt.js
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: f336a6da2e57a1dd5bcd42f29f901d5252438a16952e4577ebdb6e0871e812a0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 26 Apr 2022 09:32:05 GMT
Content-Encoding: gzip
Last-Modified: Mon, 26 Jul 2021 13:10:52 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Thu, 26 May 2022 09:31:52 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
fonts.gstatic.com/s/opensans/v28/ 24 KB
24 KB 251ms
134ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v28/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;0,800;1,300;1,400;1,600;1,700;1,800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fcbd587432f5e88fc926d1cde0d375084b7f3e711f9ff34571dec52f70fb27cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://2plus2.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 22:47:37 GMT
x-content-type-options: nosniff
age: 557067
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24756
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 22:00:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Apr 2023 22:47:37 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v28/ 44 KB
44 KB 172ms
56ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v28/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;0,800;1,300;1,400;1,600;1,700;1,800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://2plus2.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 22:45:07 GMT
x-content-type-options: nosniff
age: 557217
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 22:03:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Apr 2023 22:45:07 GMT

GET
H/1.1 200
OK 12XPPTDu Show response
1plus1.video/video/embed/ Frame 997D 10 KB
5 KB 393ms
109ms Document
text/html 195.137.240.88
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://1plus1.video/video/embed/12XPPTDu?autoplay=0&l=ua&logo=plus2
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.88 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front02.1plus1.ua
Software: nginx /
Resource Hash: d743cdeee5728b718b26ceffe8d06a4c8ff466355472b8596d087d53faca9476

Request headers

Referer: https://2plus2.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Tue, 26 Apr 2022 09:32:05 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=15
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H2 200 vunit Show response
a4p.adpartner.pro/ 12 KB
3 KB 385ms
77ms Script
text/html 54.38.197.123
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/vunit?id=1412&0.21908007694621845
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-01.adpartner.pro
Software: nginx /
Resource Hash: d64597e0f7fbfca465f7c2c3c9353a29d4746301632781083f45faed2dcc0b51

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 09:32:05 GMT
cache-control: no-store no-transform
server: nginx
content-encoding: br
content-type: text/html; charset=utf-8

GET
H/1.1 200
OK pattern.jpg
2plus2.ua/img/ 1 KB
2 KB 86ms
84ms Image
image/jpeg 195.137.240.102
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2plus2.ua/img/pattern.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/css/app.css?id=0d35840da3ccf68354bf
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.102 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: db1e8ca32d9160e5a98ebab86225e05e9b7557e38d27b0e30d994d4242aae414

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/css/app.css?id=0d35840da3ccf68354bf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 26 Apr 2022 09:32:05 GMT
Last-Modified: Wed, 10 Oct 2018 15:20:08 GMT
Server: nginx
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 1355
Expires: Tue, 10 May 2022 09:32:05 GMT

GET
H2 200 c7cdf394dc8482759f9077a41e4abf22.custom.jpg
images.1plus1.video/card-5/12XPPTDu/ 512 KB
512 KB 574ms
572ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/card-5/12XPPTDu/c7cdf394dc8482759f9077a41e4abf22.custom.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 0479c803e597c9eacc35328c18e47b75104c9c67359da67d31fa807de6309663

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 09:32:05 GMT
last-modified: Wed, 23 Feb 2022 17:22:14 GMT
server: nginx
etag: "8cdf6bac6c3c122e283456481462d852"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 523866
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 26 Apr 2022 09:32:05 GMT
expires: Tue, 03 May 2022 09:32:05 GMT

GET
H2 200 hbw_master_298309_11708.js Show response
player.adtelligent.com/prebidlink/458601/ 138 KB
30 KB 324ms
113ms Script
application/javascript 45.133.44.3
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/prebidlink/458601/hbw_master_298309_11708.js
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/458601/wrapper_hb_298309_11708.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: 7a5314559b244ee1d149577a0cd38e949afd8c05891ac9ff066c05916ce7699f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 09:32:05 GMT
content-encoding: gzip
last-modified: Tue, 26 Apr 2022 08:58:07 GMT
server: nginx
etag: W/"6267b41f-227a1"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Thu, 28 Apr 2022 09:32:05 GMT
cache-control: max-age=172800
x-proxy-cache: HIT

GET
H2 200 pubads_impl_2022042101.js Show response
securepubads.g.doubleclick.net/gpt/ 362 KB
123 KB 54ms
54ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042101.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

baa7346a51ac22b01b0f63ef8be8a7b0946a67fbe68ccf2c8a783a769bad8870

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 09:09:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1344
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126124
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 08:41:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 26 Apr 2023 09:09:41 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 87 B
108 B 173ms
63ms XHR
application/json 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=2plus2.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

12dce315d1b30fafff70b92232490b5b1996e8bebc262cb96da11399f5101707

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 26 Apr 2022 09:32:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 83
x-xss-protection: 0
expires: Tue, 26 Apr 2022 09:32:05 GMT

GET
H/1.1 200
OK ovva.0.3.0.css
1plus1.video/static/player/css/ Frame 997D 171 KB
26 KB 167ms
167ms Stylesheet
text/css 195.137.240.88
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://1plus1.video/static/player/css/ovva.0.3.0.css?v=e5d7a0e0edee2e1241fd9b3cb5108a742a385aed
Requested by: Host: 1plus1.video
URL: https://1plus1.video/video/embed/12XPPTDu?autoplay=0&l=ua&logo=plus2
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.88 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front02.1plus1.ua
Software: nginx /
Resource Hash: 3dac64a94fcc4eae3c54f1f12824e9b82bebbec1acb3cb8b908f4ecc1f90e578

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/video/embed/12XPPTDu?autoplay=0&l=ua&logo=plus2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 26 Apr 2022 09:32:05 GMT
Content-Encoding: gzip
Last-Modified: Mon, 29 Nov 2021 13:05:56 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Thu, 26 May 2022 09:31:09 GMT

GET
H/1.1 200
OK ovva.0.3.0.js Show response
1plus1.video/static/player/js/ Frame 997D 198 KB
69 KB 335ms
166ms Script
application/javascript 195.137.240.88
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=e5d7a0e0edee2e1241fd9b3cb5108a742a385aed
Requested by: Host: 1plus1.video
URL: https://1plus1.video/video/embed/12XPPTDu?autoplay=0&l=ua&logo=plus2
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.88 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front02.1plus1.ua
Software: nginx /
Resource Hash: 517d4417f1918881abb8b87e7be918ca95b9eb50de3a5ef4a46e2e39626aba7b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/video/embed/12XPPTDu?autoplay=0&l=ua&logo=plus2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 26 Apr 2022 09:32:05 GMT
Content-Encoding: gzip
Last-Modified: Wed, 12 Jan 2022 10:03:07 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Thu, 26 May 2022 09:31:10 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 997D 98 KB
38 KB 161ms
63ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-104502981-1

Requested by

Host: 1plus1.video
URL: https://1plus1.video/video/embed/12XPPTDu?autoplay=0&l=ua&logo=plus2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

17c04cf3cf749a7a7ba318bac9fc00761437f300c6ebbb51c04592f594519c08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 09:32:05 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38770
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 26 Apr 2022 09:32:05 GMT

GET
H2 200 vunit.min.js Show response
a4p.adpartner.pro/apstc/ 48 KB
12 KB 149ms
148ms Script
application/javascript 54.38.197.123
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/apstc/vunit.min.js?v=1.1.423
Requested by: Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/vunit?id=1412&0.21908007694621845
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-01.adpartner.pro
Software: nginx /
Resource Hash: dc41a2546e6b5e28ddf2602393ecf0337cf32b46eefecea182a5e3a08f1edaff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 09:32:05 GMT
cache-control: no-store no-transform
last-modified: Tue, 15 Mar 2022 16:47:24 GMT
server: nginx
content-encoding: br
etag: W/"6230c31c-c158"
content-type: application/javascript

GET
H2 204 tt
a4p.adpartner.pro/ Frame C7CB 0
0 440ms
439ms Document
text/plain 54.38.197.123
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/tt?time=0&apuid=undefined&session_pageview=1&session_id=53cebb5e-8ad2-40b7-93eb-04119e24b261&site_visited=1&location=https%3A%2F%2F2plus2.ua%2F&referer=
Requested by: Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/vunit?id=1412&0.21908007694621845
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-01.adpartner.pro
Software: nginx /
Resource Hash

Request headers

Referer: https://2plus2.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store no-transform
date: Tue, 26 Apr 2022 09:32:05 GMT
server: nginx

GET
H2 200 ls Show response
a4p.adpartner.pro/vunit/ Frame 1E9D 5 KB
2 KB 141ms
141ms Document
text/html 54.38.197.123
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/vunit/ls?vunit=1412&bannerNum=51871773489982840&apuid=0bd1f457-d36b-4630-87bc-e02d7106f2e1&session_pageview=1&session_id=53cebb5e-8ad2-40b7-93eb-04119e24b261&site_visited=1&location=https%3A%2F%2F2plus2.ua%2F
Requested by: Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/vunit?id=1412&0.21908007694621845
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-01.adpartner.pro
Software: nginx /
Resource Hash: baaffe9baa5494d0e6b005406165365e99725133e7a1ea1d0292f57dc5be3179

Request headers

Referer: https://2plus2.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store no-transform
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 26 Apr 2022 09:32:05 GMT
server: nginx

GET
H2 200 fpdata.js Show response
gaua.hit.gemius.pl/ 278 B
392 B 78ms
78ms Script
application/x-javascript 54.37.238.28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/fpdata.js?href=2plus2.ua
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.37.238.28 , France, ASN16276 (OVH, FR),
Reverse DNS: ip28.ip-54-37-238.eu
Software: GHC /
Resource Hash: e09d7953d3c71ea19fce955fe5303047363350fb29f62d247a4fb2537dbc941d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 09:32:05 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
server: GHC
etag: PRIVATE7520710249
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: private, max-age=2592000
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 278
expires: Thu, 26 May 2022 09:32:05 GMT

GET
H2 200 lsget.html Show response
ls.hit.gemius.pl/ Frame DCB0 5 KB
3 KB 243ms
77ms Document
text/html 146.59.30.104
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ls.hit.gemius.pl/lsget.html
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.30.104 , France, ASN16276 (OVH, FR),
Reverse DNS: ip104.ip-146-59-30.eu
Software: GHC /
Resource Hash: c47d7a35c17ba5d48070458f909e0da78f86f76ae8a6039a0ebdc4c22318b6eb

Request headers

Referer: https://2plus2.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: none
cache-control: private, max-age=2592000
content-encoding: gzip
content-length: 2721
content-type: text/html;charset=utf-8
cross-origin-resource-policy: cross-origin
date: Tue, 26 Apr 2022 09:32:05 GMT
etag: PRIVATE7520710249
expires: Thu, 26 May 2022 09:32:05 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
p3p: CP="NOI DSP COR NID PSAo OUR IND"
server: GHC
vary: Accept-Encoding,Origin,User-Agent

GET
H2 200 config.json Show response
player.adtelligent.com/exchange_rates/298308/ 4 KB
2 KB 171ms
57ms XHR
application/json 45.133.44.3
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/exchange_rates/298308/config.json?cb=https%3A%2F%2F2plus2.ua%2F
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/458601/hb_298309_11708.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: 71490518b000d62ca2e2d64cce8707a7fb90776da874eb02eed12e40f3350cc3

Request headers

Referer: https://2plus2.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 26 Apr 2022 09:32:05 GMT
content-encoding: gzip
last-modified: Sun, 24 Apr 2022 00:03:03 GMT
server: nginx
etag: W/"626493b7-114e"
content-type: application/json
access-control-allow-origin: https://2plus2.ua
expires: Thu, 28 Apr 2022 09:32:05 GMT
cache-control: max-age=172800
x-proxy-cache: HIT

GET
H/1.1 200
OK / Show response
ghb.adtelligent.com/geo/ 119 B
361 B 685ms
112ms XHR
application/json 209.205.201.34
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/geo/
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/458601/hbw_master_298309_11708.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 209.205.201.34 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS: static-34-201-205-209.24shells.net
Software: Adtelligent /
Resource Hash: 65433b0e22ec641f96ad08e8d70ceec34168321e0994762914d110ce913718f7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://2plus2.ua
Date: Tue, 26 Apr 2022 09:32:05 GMT
Access-Control-Allow-Credentials: true
Server: Adtelligent
Connection: Keep-Alive
Content-Length: 119
Content-Type: application/json

GET
H/1.1 200
OK tracking Show response
ghb.adtelligent.com/adunit/ 43 B
403 B 684ms
112ms XHR
image/gif 209.205.201.34
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/adunit/tracking?event=11&type=0&client_id=298309&site_id=11708&full_page_url=https%3A%2F%2F2plus2.ua%2F&adid=fy8we4.1d&features=16416&vpbv=N058&lifecycle_tte=1955
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/458601/hbw_master_298309_11708.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 209.205.201.34 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS: static-34-201-205-209.24shells.net
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://2plus2.ua
Date: Tue, 26 Apr 2022 09:32:05 GMT
Access-Control-Allow-Credentials: true
Server: Adtelligent
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 180 KB
66 KB 214ms
105ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-KRRGZR24WG&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W2BBRKX

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

38226ef4c4f4558c9b3f34d86b4325786d4d27ab4ac9d95616e628ab0e52521d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 09:32:05 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67811
x-xss-protection: 0
expires: Tue, 26 Apr 2022 09:32:05 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 179ms
54ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W2BBRKX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 4494
date: Tue, 26 Apr 2022 08:17:11 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 26 Apr 2022 10:17:11 GMT

GET
H2

200

960ccfd6-74cb-4236-9230-f2f5d1c9d1c7_eu.js Show response
cdn.mouseflow.com/projects/
Redirect Chain

https://cdn.mouseflow.com/projects/960ccfd6-74cb-4236-9230-f2f5d1c9d1c7.js
https://cdn.mouseflow.com/projects/960ccfd6-74cb-4236-9230-f2f5d1c9d1c7_eu.js

53 KB
17 KB

113ms
113ms

Script
application/javascript

23.111.9.38
STACKPATH

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mouseflow.com/projects/960ccfd6-74cb-4236-9230-f2f5d1c9d1c7_eu.js
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Server: 23.111.9.38 , United States, ASN33438 (STACKPATH, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 33a45a5a9868fae393389cde23193e59ecadb3a257550ceb3d7499b15d985d10

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 09:32:05 GMT
content-encoding: gzip
last-modified: Wed, 13 Apr 2022 09:09:45 GMT
server: NetDNA-cache/2.2
etag: W/"65602a38164fd81:0"
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400

Redirect headers

location: https://cdn.mouseflow.com/projects/960ccfd6-74cb-4236-9230-f2f5d1c9d1c7_eu.js
date: Tue, 26 Apr 2022 09:32:05 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
content-length: 178
content-type: text/html

GET
H2 410 3674.js
script.crazyegg.com/pages/scripts/0068/ 0
0 191ms
73ms Script
application/javascript 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0068/3674.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W2BBRKX
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 09:32:05 GMT
cf-cache-status: HIT
last-modified: Mon, 25 Apr 2022 13:36:34 GMT
server: cloudflare
age: 71731
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86400, s-maxage=86400
cf-ray: 701e4f278bd7752d-LHR
content-length: 0

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 177ms
58ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: 2plus2.ua
URL: https://2plus2.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26311
x-xss-protection: 0
pragma: public
x-fb-debug: HF5mDPz30ZuxM0O+lSMiY13mD05dzBKCdG1GCHl9RDXhVn7R/zjxSwNJM8T5PzpXNroQZfFgUDla/W1dFaPCHQ==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Tue, 26 Apr 2022 09:32:05 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 al26fychxj Show response
www.clarity.ms/tag/ 1 KB
1 KB 425ms
220ms Script
application/x-javascript 2620:1ec:27::cafe:1734
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/al26fychxj
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:1734 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: e22f124c889c38ab588d30d0c68d32a4c65cb8e0bddaa81ce011e7c53ac411bd

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 09:32:05 GMT
x-powered-by: ASP.NET
x-azure-ref: 0FbxnYgAAAAAZB7qe8yu+QK34taw+hkInQVRIMDFFREdFMDQyMQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
expires: -1
cache-control: no-cache, no-store
request-context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8

GET
H2 200 piwik.php
assay.1plus1.ua/ 43 B
145 B 88ms
88ms Image
image/gif 195.137.240.12
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assay.1plus1.ua/piwik.php?action_name=2%2B2%20-%20%D0%9E%D1%84%D1%96%D1%86%D1%96%D0%B9%D0%BD%D0%B8%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%D1%83%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&idsite=6&rec=1&r=590947&h=9&m=32&s=5&url=https%3A%2F%2F2plus2.ua%2F&_id=05650d03634247ce&_idts=1650965526&_idvc=1&_idn=0&_refts=0&_viewts=1650965526&send_image=1&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&gt_ms=327

Requested by

Host: 2plus2.ua
URL: https://2plus2.ua/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

195.137.240.12 , Ukraine, ASN29389 (ASN-UNIAN, UA),

Reverse DNS

assay.1plus1.ua

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 09:32:05 GMT
content-encoding: none
server: nginx
content-length: 43
x-frame-options: SAMEORIGIN
content-type: image/gif

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 1E9D 49 KB
20 KB 123ms
109ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/vunit/ls?vunit=1412&bannerNum=51871773489982840&apuid=0bd1f457-d36b-4630-87bc-e02d7106f2e1&session_pageview=1&session_id=53cebb5e-8ad2-40b7-93eb-04119e24b261&site_visited=1&location=https%3A%2F%2F2plus2.ua%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a4p.adpartner.pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 4494
date: Tue, 26 Apr 2022 08:17:11 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 26 Apr 2022 10:17:11 GMT

POST
H2 200 vunit Show response
a4p.adpartner.pro/ Frame 1E9D 3 KB
1 KB 81ms
78ms XHR
text/html 54.38.197.123
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/vunit?id=1412&session_id=53cebb5e-8ad2-40b7-93eb-04119e24b261&session_pageview=1&site_visited=1
Requested by: Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/vunit/ls?vunit=1412&bannerNum=51871773489982840&apuid=0bd1f457-d36b-4630-87bc-e02d7106f2e1&session_pageview=1&session_id=53cebb5e-8ad2-40b7-93eb-04119e24b261&site_visited=1&location=https%3A%2F%2F2plus2.ua%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-01.adpartner.pro
Software: nginx /
Resource Hash: 1513d4318a1dd86dc18b04a7c79d4881f71be210132625d7dbff1ebad0ea5b5c

Request headers

Referer: https://a4p.adpartner.pro/vunit/ls?vunit=1412&bannerNum=51871773489982840&apuid=0bd1f457-d36b-4630-87bc-e02d7106f2e1&session_pageview=1&session_id=53cebb5e-8ad2-40b7-93eb-04119e24b261&site_visited=1&location=https%3A%2F%2F2plus2.ua%2F
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type: text/plain

Response headers

date: Tue, 26 Apr 2022 09:32:05 GMT
cache-control: no-store no-transform
server: nginx
content-encoding: br
content-type: text/html; charset=utf-8

GET
H3 200 450887889857312 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 238ms
173ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/450887889857312?v=2.9.57&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

265564711b8fd136d368efb9154e8b2758c252140b92d442bf497e60ceffd01b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: IFq1NqkVQLZAOiSsUR5XUm+76ZOCHGaD4ZtJJKJA+m0pE9RpmYDe/iCeeZy9SFXlV+3s73CaVHLihU0L2i2KmA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 26 Apr 2022 09:32:05 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1650965525984
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 174ms
62ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=751794705&t=pageview&_s=1&dl=https%3A%2F%2F2plus2.ua%2F&ul=en-us&de=UTF-8&dt=2%2B2%20-%20%D0%9E%D1%84%D1%96%D1%86%D1%96%D0%B9%D0%BD%D0%B8%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%D1%83%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=1410361638&gjid=1393738071&cid=1097530106.1650965526&tid=UA-3838466-26&_gid=1694986559.1650965526&_r=1&gtm=2wg4k0W2BBRKX&z=1998725557

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://2plus2.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 26 Apr 2022 09:32:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://2plus2.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 167ms
62ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=751794705&t=pageview&_s=1&dl=https%3A%2F%2F2plus2.ua%2F&ul=en-us&de=UTF-8&dt=2%2B2%20-%20%D0%9E%D1%84%D1%96%D1%86%D1%96%D0%B9%D0%BD%D0%B8%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%D1%83%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAEABAAAAAC~&jid=506893001&gjid=955144146&cid=1097530106.1650965526&tid=UA-113262294-1&_gid=1694986559.1650965526&_r=1&gtm=2wg4k0W2BBRKX&z=1163221689

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://2plus2.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 26 Apr 2022 09:32:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://2plus2.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK l.js Show response
api.1plus1.video/u/ Frame 997D 898 B
2 KB 101ms
100ms Script
application/javascript 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.1plus1.video/u/l.js?p=4844&l=ua&f=0&auth=1&login_profile=1&_t=1650965525814
Requested by: Host: 1plus1.video
URL: https://1plus1.video/video/embed/12XPPTDu?autoplay=0&l=ua&logo=plus2
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: 973d6e263b708df291263bd059652e4716d9ad4bf51da9a87f26c3e4a5d7e4a0

Request headers

Referer: https://1plus1.video/
Origin: https://1plus1.video
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 26 Apr 2022 09:32:05 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: https://1plus1.video
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Keep-Alive: timeout=15
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame 997D 118 KB
44 KB 65ms
65ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WPC3Q76

Requested by

Host: 1plus1.video
URL: https://1plus1.video/video/embed/12XPPTDu?autoplay=0&l=ua&logo=plus2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

972488e1cac62fa8e5f2fbdd3714a2fbdfee7a5f8a817331be2ba3a95e4bb0f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 09:32:05 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44668
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 26 Apr 2022 09:32:05 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 997D 49 KB
20 KB 93ms
54ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-104502981-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 4494
date: Tue, 26 Apr 2022 08:17:11 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 26 Apr 2022 10:17:11 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 97ms
77ms Ping
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-KRRGZR24WG&gtm=2oe4k0&_p=751794705&_z=ccd.NbB&cid=1097530106.1650965526&ul=en-us&sr=1600x1200&_s=1&sid=1650965525&sct=1&seg=0&dl=https%3A%2F%2F2plus2.ua%2F&dt=2%2B2%20-%20%D0%9E%D1%84%D1%96%D1%86%D1%96%D0%B9%D0%BD%D0%B8%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%D1%83%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KRRGZR24WG&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Apr 2022 09:32:05 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://2plus2.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 jsunit Show response
a4p.adpartner.pro/ 12 KB
3 KB 73ms
73ms Script
application/javascript 54.38.197.123
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/jsunit?id=7803&ref=&0.3794824932799512
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-01.adpartner.pro
Software: nginx /
Resource Hash: b27bc4768c4299babb24e9953b06abb109dd75b5ee23d8aec2ae96d821363aa7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 09:32:05 GMT
cache-control: no-store no-transform
server: nginx
content-encoding: br
content-type: application/javascript; charset=utf-8

GET
H2 200 if Show response
a4p.adpartner.pro/tracker/ Frame C08A 0
139 B 73ms
73ms Document
image/gif 54.38.197.123
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%25220bd1f457-d36b-4630-87bc-e02d7106f2e1%2522%252C%2522event%2522%253A%2522load%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2067646%252C%2522rule_id%2522%253A184166%252C%2522show_id%2522%253A%2522ea7106e6-030e-424a-b76f-4c16b2c21c42%2522%257D%255D%252C%2522unit_id%2522%253A1412%252C%2522region_id%2522%253A86%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522ea7106e6-030e-424a-b76f-4c16b2c21c42%2522%252C%2522url%2522%253A%2522https%25253A%25252F%25252F2plus2.ua%25252F%2522%257D
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-01.adpartner.pro
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate no-store no-transform
content-length: 0
content-type: image/gif
date: Tue, 26 Apr 2022 09:32:05 GMT
expires: 0
pragma: no-cache
server: nginx

GET
H2

200

rexdot.js Show response
gaua.hit.gemius.pl/__/_1650965525921/
Redirect Chain

https://gaua.hit.gemius.pl/_1650965525921/rexdot.js?l=100&id=nGhLmYBVmH9lDxK8n6qDIKPertEG4oNkPFAhnpWOfo3.H7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2F2plus2.ua%2...
https://gaua.hit.gemius.pl/__/_1650965525921/rexdot.js?l=100&id=nGhLmYBVmH9lDxK8n6qDIKPertEG4oNkPFAhnpWOfo3.H7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2F2plus2.u...

169 B
470 B

141ms
141ms

Script
application/x-javascript

54.37.238.28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/__/_1650965525921/rexdot.js?l=100&id=nGhLmYBVmH9lDxK8n6qDIKPertEG4oNkPFAhnpWOfo3.H7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2F2plus2.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=455&lsdata=JcUn.umjW3lOnsQ0s916SP_1nXVPRKVXIBa98E7c2WP.S7BM8kAg8MjrodPsG30sYZNCdiwnQP6Ei4HhJGAhdqW.0oCj/OqmQrabDcTrlk/&fpdata=9ArXRDrJC2ldCePhAgTIOQaFlzrggWyRq3VyJyYgIsr.P7&vis=1&fpcap=
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Server: 54.37.238.28 , France, ASN16276 (OVH, FR),
Reverse DNS: ip28.ip-54-37-238.eu
Software: GHC /
Resource Hash: 74629f7d3f6367a7fcec7e541f25fbec57fba2552fa7d41ed7f6b7af9e0849e3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Apr 2022 09:32:06 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 169
expires: Mon, 25 Apr 2022 09:32:06 GMT

Redirect headers

pragma: no-cache
date: Tue, 26 Apr 2022 09:32:05 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: /__/_1650965525921/rexdot.js?l=100&id=nGhLmYBVmH9lDxK8n6qDIKPertEG4oNkPFAhnpWOfo3.H7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2F2plus2.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=455&lsdata=JcUn.umjW3lOnsQ0s916SP_1nXVPRKVXIBa98E7c2WP.S7BM8kAg8MjrodPsG30sYZNCdiwnQP6Ei4HhJGAhdqW.0oCj/OqmQrabDcTrlk/&fpdata=9ArXRDrJC2ldCePhAgTIOQaFlzrggWyRq3VyJyYgIsr.P7&vis=1&fpcap=
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Mon, 25 Apr 2022 09:32:05 GMT

GET
H/1.1 200
OK api.auth.0.0.5.js Show response
api.1plus1.video/static/js/ Frame 997D 108 KB
33 KB 171ms
170ms Script
application/javascript 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.1plus1.video/static/js/api.auth.0.0.5.js?v=e5d7a0e0edee2e1241fd9b3cb5108a742a385aed
Requested by: Host: api.1plus1.video
URL: https://api.1plus1.video/u/l.js?p=4844&l=ua&f=0&auth=1&login_profile=1&_t=1650965525814
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: 792972a6b7f330144c0cf22b9c63f8efaff4665dfb2b43868d0cbbaff721d100

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 26 Apr 2022 09:32:05 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Apr 2022 11:58:30 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Thu, 26 May 2022 09:30:28 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
437 B 174ms
56ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-3838466-26&cid=1097530106.1650965526&jid=1410361638&gjid=1393738071&_gid=1694986559.1650965526&_u=YEBAAAAAAAAAAC~&z=898602853

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://2plus2.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 26 Apr 2022 09:32:06 GMT
content-type: text/plain
access-control-allow-origin: https://2plus2.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 jsunit Show response
a4p.adpartner.pro/ 23 KB
6 KB 391ms
390ms XHR
application/javascript 54.38.197.123
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/jsunit?id=7803&unit_id=7803&shown=&session_pageview=1&session_id=53cebb5e-8ad2-40b7-93eb-04119e24b261&site_visited=1&ref=&reload_count=0&banner_num=1650965525936096232&is_in_viewport=1&location=https%3A%2F%2F2plus2.ua%2F
Requested by: Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/jsunit?id=7803&ref=&0.3794824932799512
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-01.adpartner.pro
Software: nginx /
Resource Hash: 2cec75957c7622402fd8427afd02bd2249b749678a35f052774fbee3842795a5

Request headers

Referer: https://2plus2.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type: text/plain

Response headers

access-control-allow-origin: https://2plus2.ua
date: Tue, 26 Apr 2022 09:32:06 GMT
cache-control: no-store no-transform
access-control-allow-credentials: true
server: nginx
content-encoding: br
content-type: application/javascript; charset=utf-8

GET
H2 200 clarity.js Show response
d.clarity.ms/s/0.6.34/ 53 KB
23 KB 496ms
129ms Script
application/javascript 40.76.174.66
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.clarity.ms/s/0.6.34/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/al26fychxj
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.76.174.66 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ca63193ce799e4e00c9106349365981dc6e26cb77632ebf5df23dffba2aaccfa

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 09:32:06 GMT
content-encoding: br
etag: "1d855ec0f04ce54"
last-modified: Fri, 22 Apr 2022 01:55:36 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
accept-ranges: bytes
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

GET
H/1.1 200
OK api.auth.css
api.1plus1.video/static/css/ Frame 997D 56 KB
9 KB 86ms
86ms Stylesheet
text/css 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.1plus1.video/static/css/api.auth.css?_t1033400193566
Requested by: Host: client
URL: about:client
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: a691ce0fb054d5f2128394b9ad9c5961d7c0cdc1804bc83d6760df78ee304d7f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 26 Apr 2022 09:32:06 GMT
Content-Encoding: gzip
Last-Modified: Mon, 03 Aug 2020 07:12:56 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Thu, 26 May 2022 09:32:06 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ Frame 997D 925 B
998 B 293ms
64ms Script
text/javascript 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=__api_auth_recaptcha_on_load__&render=explicit&hl=uk

Requested by

Host: api.1plus1.video
URL: https://api.1plus1.video/static/js/api.auth.0.0.5.js?v=e5d7a0e0edee2e1241fd9b3cb5108a742a385aed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7cd7030765ac761d2d9f1a71728e5801860a4d91c36e74051ceb121237743136

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 09:32:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 585
x-xss-protection: 1; mode=block
expires: Tue, 26 Apr 2022 09:32:06 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 243ms
54ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=450887889857312&ev=PageView&dl=https%3A%2F%2F2plus2.ua%2F&rl=&if=false&ts=1650965526154&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&fbp=fb.1.1650965526153.668903437&it=1650965525773&coo=false&exp=p1&rqm=GET

Requested by

Host: 2plus2.ua
URL: https://2plus2.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 09:32:06 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Tue, 26 Apr 2022 09:32:06 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
296 B 264ms
79ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-3838466-26&cid=1097530106.1650965526&jid=1410361638&_u=YEBAAAAAAAAAAC~&z=1339365714

Requested by

Host: 2plus2.ua
URL: https://2plus2.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Apr 2022 09:32:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 267ms
78ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-3838466-26&cid=1097530106.1650965526&jid=1410361638&_u=YEBAAAAAAAAAAC~&z=1339365714

Requested by

Host: 2plus2.ua
URL: https://2plus2.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Apr 2022 09:32:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 997D 5 KB
665 B 177ms
64ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700&subset=cyrillic-ext,latin-ext

Requested by

Host: api.1plus1.video
URL: https://api.1plus1.video/static/css/api.auth.css?_t1033400193566

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fa3bcc93d1be83ac7d82cd6182d25741cdef5d016e40436266df12a50abbebc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://api.1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 08:16:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 26 Apr 2022 09:32:06 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 26 Apr 2022 09:32:06 GMT

GET fastlane.json
fastlane.rubiconproject.com/a/api/ 0
0

POST c
prebid.a-mo.net/a/ 0
0

POST
H2 200 i Show response
ads.adnuntius.delivery/ 4 KB
2 KB 211ms
99ms XHR
application/json 2606:4700:3030::6815:5525
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adnuntius.delivery/i?tzo=0&format=json
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/458601/hb_298309_11708.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:5525 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04beacc279624ccef5244d9419e8733b4b3e44357844d7bf4a0cb58c795e5f7e

Request headers

Referer: https://2plus2.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 26 Apr 2022 09:32:06 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-adn-diagnostic-request-id: a205164bc30f6e1026e9023bf0b9f0dd
x-adn-backend-server-id: fcb8edb3
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1181
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Db88ZMEG%2FA4tVZj3pxsQZ5T9eTstD%2F5SD1Yg6HFZs5o6TK04yJ8K5uao3r7%2BMKIr2SrJF1Lh%2Bi9b1Had02390MXXNds9Hn4Dyrl5ob91Evzk%2FxDNGKjd%2FN06MRRAguzgzowrTkDOqBWOmOdoxDjmQ%2Fubu8hP"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://2plus2.ua
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 701e4f2bcdd65476-LHR
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid.1.2.aspx Show response
inv-nets.admixer.net/ 42 B
499 B 174ms
56ms XHR
text/javascript 146.0.227.109
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/prebid.1.2.aspx

Requested by

Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/458601/hb_298309_11708.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://2plus2.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 26 Apr 2022 09:32:06 GMT
Server: nginx
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: https://2plus2.ua
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Keep-Alive: timeout=25
Content-Length: 42
X-Xss-Protection: 0

GET arj
adtelligent-d.openx.net/w/1.0/ 0
0

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
211 B 199ms
63ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.7.0-pre&cb=65916327169

Requested by

Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/458601/hb_298309_11708.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://2plus2.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 26 Apr 2022 09:32:06 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://2plus2.ua
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

POST translator
hbopenbid.pubmatic.com/ 0
0

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
356 B 198ms
66ms XHR
application/json 51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/458601/hb_298309_11708.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.38.120.206 , France, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://2plus2.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://2plus2.ua
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H/1.1 200
OK / Show response
ghb.adtelligent.com/v2/auction/ 3 KB
661 B 184ms
184ms XHR
application/json 209.205.201.34
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/v2/auction/
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/458601/hb_298309_11708.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 209.205.201.34 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS: static-34-201-205-209.24shells.net
Software: Adtelligent /
Resource Hash: 86bd644fe7df3d8a25c96f0390d85fcbbe612c1a5c9d12165b3bdf6991ec47a4

Request headers

Referer: https://2plus2.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 26 Apr 2022 09:32:06 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://2plus2.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Length: 380

POST /
ghb1.adtelligent.com/v2/auction/ 0
0

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
171 B 159ms
53ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/458601/hb_298309_11708.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://2plus2.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://2plus2.ua
date: Tue, 26 Apr 2022 09:32:06 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST prebid
ib.adnxs.com/ut/v3/ 0
0

GET fastlane.json
fastlane.rubiconproject.com/a/api/ 0
0

POST
H2 200 bid Show response
a4p.adpartner.pro/hb/ 3 B
250 B 73ms
73ms XHR
application/json 54.38.197.123
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/hb/bid?tag=8047&sizes=1440x180&referer=https%3A%2F%2F2plus2.ua%2F
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/458601/hb_298309_11708.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-01.adpartner.pro
Software: nginx /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://2plus2.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://2plus2.ua
date: Tue, 26 Apr 2022 09:32:06 GMT
cache-control: no-store no-transform
access-control-allow-credentials: true
server: nginx
content-length: 3
content-type: application/json

GET
H2

200

ROS Show response
pbjs.e-planning.net/hb/1/2e43c/1/2plus2.ua/
Redirect Chain

https://pbjs.e-planning.net/pbjs/1/2e43c/1/2plus2.ua/ROS?rnd=0.7605878515659497&e=2000x1300_0%3A2000x1300%2B300x250_0%3A300x250%2B300x600_0%3A300x600%2B1440x180_0%3A1440x180&ur=https%3A%2F%2F2plus2...
https://pbjs.e-planning.net/hb/1/2e43c/1/2plus2.ua/ROS?ct=1&r=pbjs&rnd=0.7605878515659497&e=2000x1300_0%3A2000x1300%2B300x250_0%3A300x250%2B300x600_0%3A300x600%2B1440x180_0%3A1440x180&ur=https%3A%2...

433 B
844 B

51ms
51ms

XHR
application/json

46.249.52.249
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pbjs.e-planning.net/hb/1/2e43c/1/2plus2.ua/ROS?ct=1&r=pbjs&rnd=0.7605878515659497&e=2000x1300_0%3A2000x1300%2B300x250_0%3A300x250%2B300x600_0%3A300x600%2B1440x180_0%3A1440x180&ur=https%3A%2F%2F2plus2.ua%2F&pbv=6.7.0-pre&ncb=1&vs=FFFF&crs=UTF-8&fr=https%3A%2F%2F2plus2.ua%2F&e_pubcid=9f8094a4-5736-442d-bc2e-7aaa4ce2af91
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Server: 46.249.52.249 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ab57099a74901db82b48617000c501bfcbad9d03dc660be639b3fb124ae374f2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 09:32:06 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://2plus2.ua
expires: Tue, 26 Apr 2022 09:32:06 GMT
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 433
x-sid: AMS-744

Redirect headers

date: Tue, 26 Apr 2022 09:32:06 GMT
server: openresty
access-control-allow-origin: https://2plus2.ua
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location: /hb/1/2e43c/1/2plus2.ua/ROS?ct=1&r=pbjs&rnd=0.7605878515659497&e=2000x1300_0%3A2000x1300%2B300x250_0%3A300x250%2B300x600_0%3A300x600%2B1440x180_0%3A1440x180&ur=https%3A%2F%2F2plus2.ua%2F&pbv=6.7.0-pre&ncb=1&vs=FFFF&crs=UTF-8&fr=https%3A%2F%2F2plus2.ua%2F&e_pubcid=9f8094a4-5736-442d-bc2e-7aaa4ce2af91
access-control-allow-credentials: true
content-type: text/html; charset=iso-8859-1
x-sid: AMS-744

GET
H/1.1 200
OK csyncs Show response
ghb.adtelligent.com/ 302 B
504 B 156ms
112ms XHR
application/json 209.205.201.34
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/csyncs?aid1=648466&aid2=648467&aid3=undefined
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/458601/hbw_master_298309_11708.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 209.205.201.34 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS: static-34-201-205-209.24shells.net
Software: Adtelligent /
Resource Hash: e8bc4e2d593bea6f6640df74d4c2be4a6a8a74047c0cfb437f1eb97fe7f48afc

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 26 Apr 2022 09:32:06 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://2plus2.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Length: 223

GET
H/1.1 200
OK 1px-matching-adpartner.gif
t.trafmag.com/images/ 35 B
351 B 264ms
59ms Image
image/gif 193.200.65.5
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.trafmag.com/images/1px-matching-adpartner.gif?id=0bd1f457-d36b-4630-87bc-e02d7106f2e1
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.200.65.5 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: t.trafmag.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 26 Apr 2022 09:32:06 GMT
Server: nginx
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
P3P: CP="NON DSP COR CURa TIA"

GET
H2 200 uid=0bd1f457-d36b-4630-87bc-e02d7106f2e1
s.uuidksinc.net/match/798/ 74 B
242 B 255ms
52ms Image
image/png 31.220.27.134
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.uuidksinc.net/match/798/uid=0bd1f457-d36b-4630-87bc-e02d7106f2e1
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.220.27.134 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.19.0 /
Resource Hash: 01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 09:32:06 GMT
server: nginx/1.19.0
content-length: 74
content-type: image/png

GET
H2 200 0bd1f457-d36b-4630-87bc-e02d7106f2e1
go.rcvlink.com/mtch/31/ 43 B
110 B 265ms
60ms Image
image/gif 136.243.84.74
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.rcvlink.com/mtch/31/0bd1f457-d36b-4630-87bc-e02d7106f2e1
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.74.84.243.136.clients.your-server.de
Software: nginx /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

hn: b25
date: Tue, 26 Apr 2022 09:32:06 GMT
server: nginx
content-type: image/gif

GET
H2 200 pix
dsp-trk.eskimi.com/ 43 B
256 B 265ms
62ms Image
image/gif 34.120.139.69
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsp-trk.eskimi.com/pix?e=24&exuid=0bd1f457-d36b-4630-87bc-e02d7106f2e1
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.139.69 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 69.139.120.34.bc.googleusercontent.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 09:32:06 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
content-type: image/gif

GET
H2

200

adpdigital
px.adhigh.net/p/cm/
Redirect Chain

https://px.adhigh.net/p/cm/adpdigital
https://px.adhigh.net/p/cm/adpdigital?bounced=1

49 B
326 B

136ms
136ms

Image
image/gif

193.232.150.61
UMA-TECH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.adhigh.net/p/cm/adpdigital?bounced=1
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Server: 193.232.150.61 , Russian Federation, ASN48061 (UMA-TECH-AS, RU),
Reverse DNS: smtp21.sender.ltmse.com
Software: nginx /
Resource Hash: d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Apr 2022 09:32:06 GMT
server: nginx
x-backend-id: f21-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-type: image/gif
content-length: 49
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 26 Apr 2022 09:32:06 GMT
server: nginx
access-control-allow-origin: *
x-backend-id: f21-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://px.adhigh.net/p/cm/adpdigital?bounced=1
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 204 match
dm-eu.hybrid.ai/ 0
239 B 264ms
59ms Image
text/plain 37.18.103.21
HYBRID-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dm-eu.hybrid.ai/match?id=177&vid=0bd1f457-d36b-4630-87bc-e02d7106f2e1

Requested by

Host: 2plus2.ua
URL: https://2plus2.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.103.21 , Netherlands, ASN205675 (HYBRID-AS, DE),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Apr 2022 09:32:06 GMT
server: Hybrid Web Server
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin: *
cache-control: no-cache, no-store
x-mode: 526
x-xss-protection: 1; mode=block
expires: -1

GET
H/1.1 204
No Content userbind
match.new-programmatic.com/ 0
110 B 299ms
99ms Image
text/plain 217.65.2.150
CITYTELECOM-MSK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.new-programmatic.com/userbind?src=adpartner&id=0bd1f457-d36b-4630-87bc-e02d7106f2e1
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 217.65.2.150 Moscow, Russian Federation, ASN3175 (CITYTELECOM-MSK, RU),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Connection: keep-alive
Date: Tue, 26 Apr 2022 09:32:06 GMT
Server: nginx/1.18.0

GET
H2

200

match
a4p.adpartner.pro/ssp/
Redirect Chain

https://www.acint.net/rmatch?dp=152&r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D53%26user_id%3D%24%7BUSER_ID%7D
https://www.acint.net/rmatch?r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D53%26user_id%3D$%7BUSER_ID%7D&dp=152&tc=1
https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fssp%252Fmatch%253Fdsp_id%253D53%2526user_id%253D$...
https://acint.net/rmatch?dp=14&euid=0100007F18BC67624000572602A347B5&r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D53%26user_id%3D$%7BUSER_ID%7D
https://a4p.adpartner.pro/ssp/match?dsp_id=53&user_id=0100007F18BC6762770AA80302182506

43 B
454 B

72ms
72ms

Image
image/gif

54.38.197.123
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a4p.adpartner.pro/ssp/match?dsp_id=53&user_id=0100007F18BC6762770AA80302182506
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Server: 54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-01.adpartner.pro
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Apr 2022 09:32:08 GMT
last-modified: Tue, 26 Apr 2022 09:32:08 GMT
server: nginx
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length: 43
expires: Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

date: Tue, 26 Apr 2022 09:32:08 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
location: https://a4p.adpartner.pro/ssp/match?dsp_id=53&user_id=0100007F18BC6762770AA80302182506
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: text/html
content-length: 154
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2

200

match
a4p.adpartner.pro/ssp/
Redirect Chain

https://www.acint.net/rmatch?dp=152&r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D55%26user_id%3D%24%7BUSER_ID%7D
https://www.acint.net/rmatch?r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D55%26user_id%3D$%7BUSER_ID%7D&dp=152&tc=1
https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fssp%252Fmatch%253Fdsp_id%253D55%2526user_id%253D$...
https://acint.net/rmatch?dp=14&euid=0100007F18BC67623D002E2602523694&r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D55%26user_id%3D$%7BUSER_ID%7D
https://a4p.adpartner.pro/ssp/match?dsp_id=55&user_id=0100007F18BC6762770AA80302182506

43 B
454 B

73ms
72ms

Image
image/gif

54.38.197.123
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a4p.adpartner.pro/ssp/match?dsp_id=55&user_id=0100007F18BC6762770AA80302182506
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Server: 54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-01.adpartner.pro
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Apr 2022 09:32:08 GMT
last-modified: Tue, 26 Apr 2022 09:32:08 GMT
server: nginx
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length: 43
expires: Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

date: Tue, 26 Apr 2022 09:32:08 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
location: https://a4p.adpartner.pro/ssp/match?dsp_id=55&user_id=0100007F18BC6762770AA80302182506
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: text/html
content-length: 154
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2

200

match
a4p.adpartner.pro/ssp/
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=44025&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D47%26user_id%3D%24%7BUSER_ID%7D
https://ads.betweendigital.com/match?bidder_id=44025&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D47%26user_id%3D%24%7BUSER_ID%7D&crf=1
https://a4p.adpartner.pro/ssp/match?dsp_id=47&user_id=ba589e51-2265-5374-aeeb-e029cc8c5c3f

43 B
457 B

71ms
71ms

Image
image/gif

54.38.197.123
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a4p.adpartner.pro/ssp/match?dsp_id=47&user_id=ba589e51-2265-5374-aeeb-e029cc8c5c3f
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Server: 54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-01.adpartner.pro
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Apr 2022 09:32:07 GMT
last-modified: Tue, 26 Apr 2022 09:32:07 GMT
server: nginx
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length: 43
expires: Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

location: https://a4p.adpartner.pro/ssp/match?dsp_id=47&user_id=ba589e51-2265-5374-aeeb-e029cc8c5c3f
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2

200

match
a4p.adpartner.pro/ssp/
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=44053&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D57%26user_id%3D%24%7BUSER_ID%7D
https://ads.betweendigital.com/match?bidder_id=44053&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D57%26user_id%3D%24%7BUSER_ID%7D&crf=1
https://a4p.adpartner.pro/ssp/match?dsp_id=57&user_id=ba589e51-2265-5374-aeeb-e029cc8c5c3f

43 B
457 B

72ms
72ms

Image
image/gif

54.38.197.123
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a4p.adpartner.pro/ssp/match?dsp_id=57&user_id=ba589e51-2265-5374-aeeb-e029cc8c5c3f
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Server: 54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-01.adpartner.pro
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Apr 2022 09:32:07 GMT
last-modified: Tue, 26 Apr 2022 09:32:07 GMT
server: nginx
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length: 43
expires: Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

location: https://a4p.adpartner.pro/ssp/match?dsp_id=57&user_id=ba589e51-2265-5374-aeeb-e029cc8c5c3f
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2

200

match
a4p.adpartner.pro/ssp/
Redirect Chain

https://exchange.buzzoola.com/cookiesync/redirect/adpartner?redirect_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D63%26user_id%3D%24%7BUUID%7D
https://a4p.adpartner.pro/ssp/match?dsp_id=63&user_id=bfeed611-ec73-4470-734b-1b0e95fdb0cf

43 B
457 B

72ms
72ms

Image
image/gif

54.38.197.123
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a4p.adpartner.pro/ssp/match?dsp_id=63&user_id=bfeed611-ec73-4470-734b-1b0e95fdb0cf
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Server: 54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-01.adpartner.pro
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Apr 2022 09:32:06 GMT
last-modified: Tue, 26 Apr 2022 09:32:06 GMT
server: nginx
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length: 43
expires: Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

location: https://a4p.adpartner.pro/ssp/match?dsp_id=63&user_id=bfeed611-ec73-4470-734b-1b0e95fdb0cf
date: Tue, 26 Apr 2022 09:32:06 GMT
server: nginx
content-length: 129
serverid: TODO
content-type: text/html; charset=utf-8

GET
H2

200

match
a4p.adpartner.pro/ssp/
Redirect Chain

https://exchange.buzzoola.com/cookiesync/redirect/adpartner?redirect_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D64%26user_id%3D%24%7BUUID%7D
https://a4p.adpartner.pro/ssp/match?dsp_id=64&user_id=0ef52fa8-e2d0-4907-6fa5-fe53e29fefa1

43 B
457 B

76ms
75ms

Image
image/gif

54.38.197.123
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a4p.adpartner.pro/ssp/match?dsp_id=64&user_id=0ef52fa8-e2d0-4907-6fa5-fe53e29fefa1
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Server: 54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-01.adpartner.pro
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Apr 2022 09:32:06 GMT
last-modified: Tue, 26 Apr 2022 09:32:06 GMT
server: nginx
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length: 43
expires: Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

location: https://a4p.adpartner.pro/ssp/match?dsp_id=64&user_id=0ef52fa8-e2d0-4907-6fa5-fe53e29fefa1
date: Tue, 26 Apr 2022 09:32:06 GMT
server: nginx
content-length: 129
serverid: TODO
content-type: text/html; charset=utf-8

GET
H/1.1

200
OK

adxcm.aspx
inv-nets.admixer.net/
Redirect Chain

https://a4p.adpartner.pro/ssp/match?redirect=https://inv-nets.admixer.net/adxcm.aspx?ssp=5942A2DB-845D-4521-B8C1-8F2E4FE4D122&id={user_id}
https://inv-nets.admixer.net/adxcm.aspx?ssp=5942A2DB-845D-4521-B8C1-8F2E4FE4D122

43 B
463 B

57ms
55ms

Image
image/gif

146.0.227.109
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/adxcm.aspx?ssp=5942A2DB-845D-4521-B8C1-8F2E4FE4D122

Requested by

Host: 2plus2.ua
URL: https://2plus2.ua/

Protocol

HTTP/1.1

Server

146.0.227.109 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 26 Apr 2022 09:32:06 GMT
Server: nginx
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

Redirect headers

location: https://inv-nets.admixer.net/adxcm.aspx?ssp=5942A2DB-845D-4521-B8C1-8F2E4FE4D122
date: Tue, 26 Apr 2022 09:32:06 GMT
cache-control: no-store no-transform
server: nginx
content-length: 146
content-type: text/html; charset=utf-8

GET
H2 200 625044d428d11t1649427668r812.jpg
i.cdnkimg.com/image/banner/2537/537/ Frame C087 96 KB
96 KB 258ms
56ms Image
image/jpeg 45.133.44.36
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.cdnkimg.com/image/banner/2537/537/625044d428d11t1649427668r812.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.36 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.19.0 /
Resource Hash: cc200db20b472f3fbff4925ed24a4bc198ba443ae2be35db1b15d69bde5a400f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 09:32:06 GMT
last-modified: Fri, 08 Apr 2022 14:21:08 GMT
server: nginx/1.19.0
etag: "625044d4-17eef"
content-type: image/jpeg
access-control-allow-origin: *
expires: Tue, 10 May 2022 09:32:06 GMT
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 98031
x-proxy-cache: HIT

GET
H2 200 if Show response
a4p.adpartner.pro/tracker/ Frame 858B 0
139 B 72ms
72ms Document
image/gif 54.38.197.123
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%220bd1f457-d36b-4630-87bc-e02d7106f2e1%22%2C%22event%22%3A%22load%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A0%2C%22cost%22%3A0.0021380956177334%2C%22dsp_id%22%3A51%2C%22rule_id%22%3A0%2C%22show_id%22%3A%229cbf18a5-ee0d-4d56-a436-103d73d0fe43%22%7D%5D%2C%22unit_id%22%3A7803%2C%22region_id%22%3A86%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252F2plus2.ua%252F%22%7D
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-01.adpartner.pro
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate no-store no-transform
content-length: 0
content-type: image/gif
date: Tue, 26 Apr 2022 09:32:06 GMT
expires: 0
pragma: no-cache
server: nginx

GET
H2 200 recaptcha__uk.js Show response
www.gstatic.com/recaptcha/releases/QENb_qRrX0-mQMyENQjD6Fuj/ Frame 997D 395 KB
147 KB 245ms
56ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/QENb_qRrX0-mQMyENQjD6Fuj/recaptcha__uk.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=__api_auth_recaptcha_on_load__&render=explicit&hl=uk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e0bd93b8f04e67673a3398c9ded686d08e1dc1ad79a96b958ca573ae3d4ab0d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1plus1.video/
Origin: https://1plus1.video
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 17:42:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 56973
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 150075
x-xss-protection: 0
last-modified: Mon, 18 Apr 2022 04:06:57 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 25 Apr 2023 17:42:33 GMT

GET
H/1.1

200
OK

csync
sync.adtelligent.com/
Redirect Chain

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=0bd1f457-d36b-4630-87bc-e02d7106f2e1

0
407 B

686ms
113ms

Image
text/plain

23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=0bd1f457-d36b-4630-87bc-e02d7106f2e1
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: HTTP/1.1
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 26 Apr 2022 09:32:06 GMT
Server: VertaMedia 1.0
Etag: 1196309b3e816481
Content-Length: 0

Redirect headers

location: https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=0bd1f457-d36b-4630-87bc-e02d7106f2e1
date: Tue, 26 Apr 2022 09:32:06 GMT
cache-control: no-store no-transform
server: nginx
content-length: 166
content-type: text/html; charset=utf-8

GET
H2 204 g_pbto
1x1.a-mo.net/hbx/ 0
89 B 402ms
131ms Image
text/plain 3.223.60.98
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1x1.a-mo.net/hbx/g_pbto?A=undefined&bid=undefined&a=undefined&cn=undefined&aud=undefined&ts=1650965526429&eid=767afd1ab9f4202
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.223.60.98 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-223-60-98.compute-1.amazonaws.com
Software: MonetEngine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 09:32:06 GMT
cache-control: max-age=0, private, must-revalidate
server: MonetEngine

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 223ms
62ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=2plus2.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 26 Apr 2022 09:32:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 224ms
63ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=2plus2.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 26 Apr 2022 09:32:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 233 KB
56 KB 489ms
488ms XHR
text/plain 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2493387618843531&correlator=1434928771658312&eid=31067241%2C31064225%2C31065401&output=ldjh&gdfp_req=1&vrg=2022042101&ptt=17&impl=fifs&iu_parts=82479101%2C2plus2.ua%2CBranding%2C2plus2_300x250%2C2plus2_300x600_2%2Ccatfish&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F5&prev_iu_szs=2000x1300%2C300x250%2C300x600%2C1440x180&ifi=1&adks=3753537382%2C3937908213%2C3276604062%2C2435792799&sfv=1-0-38&ecs=20220426&fsapi=false&prev_scp=Project_2plus2%3DMain%26hb_rfBid%3D0%26excl_cat%3DPREPOST%7CProject_2plus2%3DOther%26hb_rfBid%3D0%26excl_cat%3DPREPOST%7CProject_2plus2%3DMain%26hb_rfBid%3D0%26excl_cat%3DPREPOST%7CProject_2plus2%3DMain%26hb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1650965526446&lmt=1650965526&dlt=1650965524356&idt=1032&biw=1600&bih=1200&adxs=-200%2C992%2C1015%2C-12245933&adys=50%2C645%2C1025%2C-12245933&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2F2plus2.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=2000x-1%7C300x250%7C300x600%7C1600x-1&msz=2000x-1%7C300x0%7C300x0%7C0x-1&fws=516%2C4%2C4%2C644&ohw=1600%2C300%2C300%2C1600&ga_vid=1097530106.1650965526&ga_sid=1650965526&ga_hid=751794705&ga_fc=true&btvi=0%7C0%7C0%7C-1&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

4ad75e03b778cdde0407c388fd4606a531c03d8a7115ba26c36ddfaa0b80a2c5

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14495005349147051939/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14495005349147051939/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMLJ--21sfcCFQendwodBU8GWQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/14495005349147051939/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14495005349147051939/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14495005349147051939/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMLJ--21sfcCFQendwodBU8GWQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/14495005349147051939/index.html
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
google-creative-id: -2,-1,-1,-1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56907
x-xss-protection: 0
google-lineitem-id: -2,-1,-1,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
date: Tue, 26 Apr 2022 09:32:06 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://2plus2.ua
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
f0009bcbdfe4baf56000cd1b0d8d600f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E952 6 KB
4 KB 223ms
64ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f0009bcbdfe4baf56000cd1b0d8d600f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2plus2.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 26 Apr 2022 09:32:06 GMT
expires: Wed, 26 Apr 2023 09:32:06 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ 87 KB
28 KB 166ms
56ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/458601/hb_298309_11708.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 09:32:06 GMT
content-encoding: gzip
last-modified: Wed, 29 Dec 2021 12:30:46 GMT
server: nginx
etag: W/"61cc54f6-15c19"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 27 Apr 2022 09:32:06 GMT

GET
H2 200 xgemius.js Show response
gaua.hit.gemius.pl/ 43 KB
12 KB 80ms
79ms Script
application/x-javascript 54.37.238.28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/xgemius.js
Requested by: Host: api.1plus1.video
URL: https://api.1plus1.video/static/js/api.gpt.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.37.238.28 , France, ASN16276 (OVH, FR),
Reverse DNS: ip28.ip-54-37-238.eu
Software: GHC /
Resource Hash: e084c8a87da9ce64e34972a1718ce788ea46bb7898330c73e1a7f2b6c9936d98

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 09:32:06 GMT
content-encoding: gzip
last-modified: Thu, 21 Apr 2022 06:09:03 GMT
server: GHC
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: max-age=43200
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 11715
expires: Tue, 26 Apr 2022 21:32:06 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame F5B5 0
18 B 117ms
57ms Document
text/plain 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: 2plus2.ua
URL: https://2plus2.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://2plus2.ua
Referer: https://2plus2.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://2plus2.ua
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Tue, 26 Apr 2022 09:32:06 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 204 collect Show response
d.clarity.ms/ 0
65 B 389ms
388ms XHR
text/plain 40.76.174.66
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.clarity.ms/collect
Requested by: Host: d.clarity.ms
URL: https://d.clarity.ms/s/0.6.34/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.76.174.66 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://2plus2.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: https://2plus2.ua
date: Tue, 26 Apr 2022 09:32:06 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

GET
H/1.1 200
OK hls.light.min.js Show response
1plus1.video/static/player/js/ Frame 997D 153 KB
53 KB 83ms
83ms Script
application/javascript 195.137.240.88
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://1plus1.video/static/player/js/hls.light.min.js
Requested by: Host: 1plus1.video
URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=e5d7a0e0edee2e1241fd9b3cb5108a742a385aed
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.88 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front02.1plus1.ua
Software: nginx /
Resource Hash: bd9072da49e87b2c3688527532eb51a54a6886366915be497e4e2de0c83e5859

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/video/embed/12XPPTDu?autoplay=0&l=ua&logo=plus2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 26 Apr 2022 09:32:06 GMT
Content-Encoding: gzip
Last-Modified: Tue, 05 Mar 2019 13:06:09 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Thu, 26 May 2022 09:31:53 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 95 KB
31 KB 185ms
64ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8fb8fc201a6f570ebfce0b3504f6da40f0976cd36c20e2983b6e5b172ebf56a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 09:32:07 GMT
content-encoding: gzip
last-modified: Tue, 05 Apr 2022 12:58:03 GMT
server: nginx
etag: W/"624c3cdb-17cf9"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 27 Apr 2022 09:32:07 GMT

GET
H2 200 c7cdf394dc8482759f9077a41e4abf22.custom.jpg
images.1plus1.video/card-5/12XPPTDu/ Frame 997D 512 KB
512 KB 214ms
214ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/card-5/12XPPTDu/c7cdf394dc8482759f9077a41e4abf22.custom.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 0479c803e597c9eacc35328c18e47b75104c9c67359da67d31fa807de6309663

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 09:32:07 GMT
last-modified: Wed, 23 Feb 2022 17:22:14 GMT
server: nginx
etag: "8cdf6bac6c3c122e283456481462d852"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 523866
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 26 Apr 2022 09:32:07 GMT
expires: Tue, 03 May 2022 09:32:07 GMT

GET
DATA 200
OK truncated
/ Frame 997D 369 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5f9ecc527406b9b72bc3a9f4527892dcf842584b7e6aeb7ce816a4c7c8803954

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
fonts.gstatic.com/s/opensans/v28/ Frame 997D 24 KB
24 KB 206ms
94ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v28/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700&subset=cyrillic-ext,latin-ext

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fcbd587432f5e88fc926d1cde0d375084b7f3e711f9ff34571dec52f70fb27cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://1plus1.video
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 22:47:37 GMT
x-content-type-options: nosniff
age: 557070
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24756
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 22:00:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Apr 2023 22:47:37 GMT

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v28/ Frame 997D 44 KB
44 KB 225ms
115ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v28/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700&subset=cyrillic-ext,latin-ext

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://1plus1.video
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 22:45:07 GMT
x-content-type-options: nosniff
age: 557220
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 22:03:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Apr 2023 22:45:07 GMT

GET
H2 200 gplayer.js Show response
gaua.hit.gemius.pl/ Frame 997D 22 KB
6 KB 80ms
79ms Script
application/x-javascript 54.37.238.28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/gplayer.js
Requested by: Host: 1plus1.video
URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=e5d7a0e0edee2e1241fd9b3cb5108a742a385aed
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.37.238.28 , France, ASN16276 (OVH, FR),
Reverse DNS: ip28.ip-54-37-238.eu
Software: GHC /
Resource Hash: 8ea36d679c5c9dd3d5582d5f55c70ef4d7e3cf8d5360f8c45a637587483f6ee1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 09:32:06 GMT
content-encoding: gzip
last-modified: Thu, 21 Apr 2022 06:09:03 GMT
server: GHC
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: max-age=43200
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 5978
expires: Tue, 26 Apr 2022 21:32:06 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012203150226000/ Frame B45C 222 KB
62 KB 233ms
54ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b94ed570e00f5bba0eaed65da67bf6f2fc5e107446a682eb045f20dbd12ab0e8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 342049
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62084
x-xss-protection: 0
server: sffe
date: Fri, 22 Apr 2022 10:31:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "fa1474a6dd6481f4"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 22 Apr 2023 10:31:18 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame B45C 16 KB
6 KB 381ms
203ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aec5ee5147fdc283bcb601dc6231c234d9bec077d32756aef2a75eeedf78038f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 342049
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5728
x-xss-protection: 0
server: sffe
date: Fri, 22 Apr 2022 10:31:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "d91e62368f79b48d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 22 Apr 2023 10:31:18 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame B45C 96 KB
29 KB 382ms
204ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

213738a8de7a1e55874dcbc92825c84599256579b64f60f19c2514e61844e6bb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 342049
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29618
x-xss-protection: 0
server: sffe
date: Fri, 22 Apr 2022 10:31:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9a9baa9802fa29d2"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 22 Apr 2023 10:31:18 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame B45C 5 KB
2 KB 397ms
219ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2eb2a641ec9143273f4f5ba4f1526364fd4b1a040b628b4be54b77dbe362690f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 342049
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1900
x-xss-protection: 0
server: sffe
date: Fri, 22 Apr 2022 10:31:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "3393210d007db9ca"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 22 Apr 2023 10:31:18 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame B45C 42 KB
13 KB 397ms
220ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b43999f77e447254a78e068f55a6cc9075071b252277337b901e095e607e474

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 342049
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13669
x-xss-protection: 0
server: sffe
date: Fri, 22 Apr 2022 10:31:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "565eca32a909292d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 22 Apr 2023 10:31:18 GMT

GET
DATA 200
OK truncated
/ Frame B45C 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c9fd8cf5de47bf7b6f2160006e2a30f43a2a6437ff93444e6ca9c732f544a6ff

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012203150226000/ Frame 18ED 222 KB
61 KB 285ms
116ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b94ed570e00f5bba0eaed65da67bf6f2fc5e107446a682eb045f20dbd12ab0e8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 342049
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62084
x-xss-protection: 0
server: sffe
date: Fri, 22 Apr 2022 10:31:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "fa1474a6dd6481f4"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 22 Apr 2023 10:31:18 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 18ED 16 KB
6 KB 221ms
220ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aec5ee5147fdc283bcb601dc6231c234d9bec077d32756aef2a75eeedf78038f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 342049
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5728
x-xss-protection: 0
server: sffe
date: Fri, 22 Apr 2022 10:31:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "d91e62368f79b48d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 22 Apr 2023 10:31:18 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 18ED 96 KB
29 KB 223ms
222ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

213738a8de7a1e55874dcbc92825c84599256579b64f60f19c2514e61844e6bb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 342049
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29618
x-xss-protection: 0
server: sffe
date: Fri, 22 Apr 2022 10:31:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9a9baa9802fa29d2"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 22 Apr 2023 10:31:18 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 18ED 5 KB
2 KB 234ms
233ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2eb2a641ec9143273f4f5ba4f1526364fd4b1a040b628b4be54b77dbe362690f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 342049
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1900
x-xss-protection: 0
server: sffe
date: Fri, 22 Apr 2022 10:31:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "3393210d007db9ca"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 22 Apr 2023 10:31:18 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 18ED 42 KB
13 KB 235ms
234ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b43999f77e447254a78e068f55a6cc9075071b252277337b901e095e607e474

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 342049
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13669
x-xss-protection: 0
server: sffe
date: Fri, 22 Apr 2022 10:31:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "565eca32a909292d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 22 Apr 2023 10:31:18 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 18ED 6 KB
669 B 63ms
63ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300|Roboto:400,500&lang=de

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2ddefcdc9f260c5ffeb93fed110fe9d929028226f9a2d8a4934ea52b546e9640

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 08:53:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 26 Apr 2022 09:32:07 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 26 Apr 2022 09:32:07 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 18ED 4 KB
618 B 65ms
65ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500&text=

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2e8fa2037c41372ddc72ea1e08a477ba37998b54b5416b8cff0554fa5b865e27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 08:17:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 26 Apr 2022 09:32:07 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 26 Apr 2022 09:32:07 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame B45C 37 KB
37 KB 185ms
55ms Image
image/jpeg 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcTlghUfl_cRx7LXnmevCn225HG20nXNP_Y8AnTjrZDOoC_7Uu8lhMNcwg05ug&usqp=CAI

Requested by

Host: 2plus2.ua
URL: https://2plus2.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

612999f15d4c68749d64849c8fde74ed475f57a9696bb8de13a537af5c7b3527

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 05:24:07 GMT
x-content-type-options: nosniff
age: 14880
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37724
x-xss-protection: 0
last-modified: Wed, 06 Oct 2021 23:20:38 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 26 Apr 2023 05:24:07 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame B45C 0
0 101ms
100ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CdoO_FrxnYsDmIIfO3gOFnpnIBZei_N5p9pOz_O8O0-D1p8EqEAEg_f-FI2CVopKCoAegAfG1uKECyAEGqQIvPeS4UgGyPuACAKgDAcgDCqoElgJP0MDrfj_08Ut5VLaeclw_BE8JxR5UzaX1eYllHt9G7yZxd5LowZ9m0kQVBUkWN2NqUeG3Ii6cly4UBX62ykXL5yDqM84k3rMauxCH8EC3rz_lZbY0hzWLuMZegkEA_wJI5131qxyr2iDnpWpYQHqtyRwVXbi5e6q_P4_qUoyjAQoAbcY6VE7vNfVtUmwPXMD20DuFOJ_1v2dZdYnnsBzaREBp61LYoAywkCWAJkTKo-pNFuysO8Wr4jjyjeWKm9cYgGqGa0Ql51P5KYWc4p2h4ZNWREx_BuTQDtAxkhMPIgKY8DiEnDpqb73_9hZDVEaLMGm-Wk-8tVhT8X19O_5n3iyPrnaF1FjoLzJGM7kXCeM_NJsRGMAE7ffVw-ID4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBjeAB_fJx94BqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcB8gcEEOXjDdIICQiI4YAQEAEYHYAKA8gLAdgTDtAVAYAXAbIXHgocCAASFHB1Yi05MTM4MjQ3NjUzNzU0NTMzGNXbFg&sigh=HfGUKOMlPu4&uach_m=[UACH]&template_id=493
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 uk.png
tpc.googlesyndication.com/pagead/images/abg/ Frame B45C 3 KB
3 KB 180ms
56ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/uk.png

Requested by

Host: 2plus2.ua
URL: https://2plus2.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3877a009c29d6544113f27118f4d44385da6d6703ff8d53ed031e6da71825888

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 11:05:03 GMT
x-content-type-options: nosniff
server: cafe
age: 80824
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14587847488922671356
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3073
x-xss-protection: 0
expires: Tue, 26 Apr 2022 11:05:03 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame B45C 344 B
806 B 178ms
54ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: 2plus2.ua
URL: https://2plus2.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 06:46:14 GMT
x-content-type-options: nosniff
server: cafe
age: 9953
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 6766994032117382215
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Wed, 27 Apr 2022 06:46:14 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 18ED 20 KB
21 KB 196ms
54ms Image
image/jpeg 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcQq2iCR0qZ-KciQ2PuUcHJaW9OJoPSnUtD7gWtvIqFf7XeJorFDx-VI3-pNng&usqp=CAI

Requested by

Host: 2plus2.ua
URL: https://2plus2.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ce00474eccffb0b1082392a553aebc5279bafc53137b9affe3be3a507e7197c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 09:45:38 GMT
x-content-type-options: nosniff
age: 258389
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20382
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 11:28:53 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 23 Apr 2023 09:45:38 GMT

GET
H2 200 40933678460698624
tpc.googlesyndication.com/simgad/ Frame 18ED 1 KB
1 KB 131ms
55ms Image
image/svg+xml 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/40933678460698624

Requested by

Host: 2plus2.ua
URL: https://2plus2.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09fba596f1ba572cf4b3ceb9c1f3962d1b75bbb4a6d6d7707f1f93e2fe889aee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 09:36:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 345346
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 728
x-xss-protection: 0
last-modified: Thu, 26 Oct 2017 18:18:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 22 Apr 2023 09:36:21 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 18ED 0
0 101ms
101ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CTendFrxnYsHmIIfO3gOFnpnIBarW6-NpxozdidgPnMXI0IMwEAEg_f-FI2CVopKCoAegAYyhifECyAEGqQId1IFuCCtyPuACAKgDAcgDCqoEhAJP0JNenYcwS5o3lAPL4_gBkVJrS6Lo4A7wT7BV0tJ6492PzJ3CnmsipGAM8QWeCQwmc1ynAcM9U1CUfJ72SLxfNisdAX5dXSvx-fVbRKIVZ53k9YAVE5jLRFx5SRETv4wgIlMWlJdHm_MgtHJSKMmLgsOvMc6CiXaQQS0N4xQbzszaAoQZVm9vEuirerhrC0rMVqiF52XQ2HzkdLja3N7B7C-oSMudS1xlmEW3HeR1fV0J0kC08_V2oyekYHt8sNFijf40orF6ACpYGS0PVTCmx_t84lKMLD7mLGl0OMp2IgxN_uEfWhN_XFuzKRDrjw-hvnh9VWpHEy1sZDgn-dFcQ140fMAEx_-T6YcE4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBjeAB6uU4aUCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcB8gcEEI6nG9IICQiI4YAQEAEYHYAKA8gLAdgTC9AVAYAXAbIXHgocCAASFHB1Yi05MTM4MjQ3NjUzNzU0NTMzGNXbFg&sigh=moFH5oocQ5w&uach_m=[UACH]&template_id=493
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 204 l
www.google.com/ads/measurement/ Frame 18ED 0
0 174ms
61ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRO2uLh61M-EUVJYlQ3k-RhoWt8CZk8Z5bwM0H3KnGuijdEA3i_Gr6Sb5NrCu3FQgR_0K5lkdAAdC-I8T9jP_0QnYGgGQ
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 uk.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 18ED 3 KB
3 KB 133ms
59ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/uk.png

Requested by

Host: 2plus2.ua
URL: https://2plus2.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3877a009c29d6544113f27118f4d44385da6d6703ff8d53ed031e6da71825888

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 11:05:03 GMT
x-content-type-options: nosniff
server: cafe
age: 80824
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14587847488922671356
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3073
x-xss-protection: 0
expires: Tue, 26 Apr 2022 11:05:03 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 18ED 344 B
402 B 128ms
54ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: 2plus2.ua
URL: https://2plus2.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 06:46:14 GMT
x-content-type-options: nosniff
server: cafe
age: 9953
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 6766994032117382215
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Wed, 27 Apr 2022 06:46:14 GMT

GET
H/1.1 200
OK 4844 Show response
api.1plus1.video/v2/ua/recommendation_projects/ Frame 997D 5 KB
2 KB 119ms
119ms XHR
application/json 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.1plus1.video/v2/ua/recommendation_projects/4844?cid=12XPPTDu&vct=3&_t666237147123
Requested by: Host: 1plus1.video
URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=e5d7a0e0edee2e1241fd9b3cb5108a742a385aed
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: 26b24e45de221324896ebf42fc5982d8387c8672aace4eee6ac923b21fb2cac7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 26 Apr 2022 09:32:07 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://1plus1.video
Cache-Control: no-store, no-cache, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Keep-Alive: timeout=15
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 container.html Show response
f0009bcbdfe4baf56000cd1b0d8d600f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame AE12 6 KB
3 KB 163ms
54ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f0009bcbdfe4baf56000cd1b0d8d600f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2plus2.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 26 Apr 2022 09:32:06 GMT
expires: Wed, 26 Apr 2023 09:32:06 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 gemiuslib.js Show response
gaua.hit.gemius.pl/ Frame 997D 41 KB
11 KB 78ms
78ms Script
application/x-javascript 54.37.238.28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/gemiuslib.js
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/gplayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.37.238.28 , France, ASN16276 (OVH, FR),
Reverse DNS: ip28.ip-54-37-238.eu
Software: GHC /
Resource Hash: c4a648b90b933da069c2324f7919ea7e313922f846864276c5f33bcc95506103

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 09:32:07 GMT
content-encoding: gzip
last-modified: Thu, 21 Apr 2022 06:09:03 GMT
server: GHC
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: max-age=43200
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 11182
expires: Tue, 26 Apr 2022 21:32:07 GMT

GET
H/1.1 200
OK api.chat.0.0.1.js Show response
api.1plus1.video/static/js/ Frame 997D 33 KB
13 KB 162ms
85ms Script
application/javascript 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.1plus1.video/static/js/api.chat.0.0.1.js
Requested by: Host: 1plus1.video
URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=e5d7a0e0edee2e1241fd9b3cb5108a742a385aed
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: e2b2134adf52398755a5e6428ee95f6a6f99db6b82530f2b3e964c5be470cfe0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 26 Apr 2022 09:32:07 GMT
Content-Encoding: gzip
Last-Modified: Wed, 23 Feb 2022 14:15:45 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Thu, 26 May 2022 09:30:37 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 997D 376 KB
126 KB 210ms
65ms Script
text/javascript 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: 1plus1.video
URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=e5d7a0e0edee2e1241fd9b3cb5108a742a385aed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61b2100a8748346132ab227b5cbb6710c66aa8ed5c6caf241e1d85e7bcc049bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 09:32:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 128368
x-xss-protection: 0
expires: Tue, 26 Apr 2022 09:32:07 GMT

GET
DATA 200
OK truncated
/ Frame 18ED 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f820412f4f7f54413ebc4709e5cf4794d068d45004692771fb7b8823cc117a3c

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 18ED 9 KB
9 KB 141ms
138ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300|Roboto:400,500&lang=de

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8dd3b91ca60e6a0486326c5c275590dd1d753240c2efa9f94730815813997fee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://2plus2.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 07:29:47 GMT
x-content-type-options: nosniff
age: 352940
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 22 Apr 2023 07:29:47 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 18ED 16 KB
16 KB 57ms
54ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300|Roboto:400,500&lang=de

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://2plus2.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 14:02:01 GMT
x-content-type-options: nosniff
age: 588606
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 19 Apr 2023 14:02:01 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 18ED 15 KB
15 KB 78ms
75ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300|Roboto:400,500&lang=de

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://2plus2.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 01:46:21 GMT
x-content-type-options: nosniff
age: 373546
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 22 Apr 2023 01:46:21 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 54ms
54ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=751794705&t=event&ni=1&_s=2&dl=https%3A%2F%2F2plus2.ua%2F&ul=en-us&de=UTF-8&dt=2%2B2%20-%20%D0%9E%D1%84%D1%96%D1%86%D1%96%D0%B9%D0%BD%D0%B8%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%D1%83%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Clarity&ea=1tr9yiw&_u=aHDAAEABAAAAAC~&jid=&gjid=&cid=1097530106.1650965526&tid=UA-3838466-26&_gid=1694986559.1650965526&gtm=2wg4k0W2BBRKX&cd1=https%3A%2F%2Fclarity.microsoft.com%2Fga%2Fal26fychxj%2Fzpa4yx%2F1tr9yiw&z=1554127011

Requested by

Host: 2plus2.ua
URL: https://2plus2.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Apr 2022 15:30:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 64897
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 c9b0c9a776f78f3b56b9024ff259bf6d.220x330.jpg
images.1plus1.video/playlist-1/5252/ Frame 997D 86 KB
87 KB 1534ms
1534ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/5252/c9b0c9a776f78f3b56b9024ff259bf6d.220x330.jpg
Requested by: Host: 1plus1.video
URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=e5d7a0e0edee2e1241fd9b3cb5108a742a385aed
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: ded40bc9b131ce8d897e8319b65b204d44da586ca44e661f3acc33cb6438b1f4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 09:32:07 GMT
last-modified: Wed, 19 Jan 2022 15:43:20 GMT
server: nginx
etag: "90f688b5780469424dc2f50e497a080f"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 88537
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 26 Apr 2022 09:32:07 GMT
expires: Tue, 03 May 2022 09:32:07 GMT

GET
H2 200 7685b7308bb44288c4f399496048c4df.220x330.jpg
images.1plus1.video/playlist-1/945/ Frame 997D 59 KB
60 KB 1080ms
1079ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/945/7685b7308bb44288c4f399496048c4df.220x330.jpg
Requested by: Host: 1plus1.video
URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=e5d7a0e0edee2e1241fd9b3cb5108a742a385aed
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 143f50225190e7a587d8e43d7504c7645b29f1dfb957eae82f59977a6cc35c98

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 09:32:07 GMT
last-modified: Thu, 20 Jan 2022 12:33:22 GMT
server: nginx
etag: "8bae3cce1b9ac9a8d0dc652c45b532de"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 60741
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 26 Apr 2022 09:32:07 GMT
expires: Tue, 03 May 2022 09:32:07 GMT

GET
H2 200 74a4f00b1034d1e5de44c52c5afaf1fd.220x330.jpg
images.1plus1.video/playlist-1/5312/ Frame 997D 32 KB
32 KB 1203ms
1203ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/5312/74a4f00b1034d1e5de44c52c5afaf1fd.220x330.jpg
Requested by: Host: 1plus1.video
URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=e5d7a0e0edee2e1241fd9b3cb5108a742a385aed
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 564790a34f4bb222b6812e6c32b124320b3ccd5db9a922fcff71f72a4bd02673

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 09:32:07 GMT
last-modified: Wed, 19 Jan 2022 15:44:36 GMT
server: nginx
etag: "051dae29b6412985e0d02f1883f31c84"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 32599
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 26 Apr 2022 09:32:07 GMT
expires: Tue, 03 May 2022 09:32:07 GMT

GET
H2 200 200x335.jpg
images.1plus1.video/playlist-1/41551/ Frame 997D 9 KB
9 KB 1036ms
1035ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/41551/200x335.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: aff66da2e24f7833ec3ac1e7136c44b55c3ed0118957894c77eca728bd5fac50

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 09:32:07 GMT
last-modified: Fri, 27 Oct 2017 07:17:24 GMT
server: nginx
etag: "c6748e2cfd7e4055f74da8f1ff19ffa4"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 8833
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 26 Apr 2022 09:32:07 GMT
expires: Tue, 03 May 2022 09:32:07 GMT

GET
H2 200 200x335.jpg
images.1plus1.video/playlist-1/9960/ Frame 997D 14 KB
14 KB 1368ms
1365ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/9960/200x335.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 5767504edc32715193265cf5d3b599a76184ee3dc0856d90915fff2474ee1b24

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 09:32:07 GMT
last-modified: Fri, 27 Oct 2017 07:02:02 GMT
server: nginx
etag: "d341bae25e9d8c82ed89d493016581f7"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 14487
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 26 Apr 2022 09:32:07 GMT
expires: Tue, 03 May 2022 09:32:07 GMT

GET
H2 200 220x330.jpg
images.1plus1.video/playlist-1/44376/ Frame 997D 14 KB
14 KB 1200ms
1196ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/44376/220x330.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: e907d3f2e9ab46e2d2959431618413d3cbe722b9761e406bf765d156b154f90b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 09:32:07 GMT
last-modified: Fri, 27 Oct 2017 07:18:50 GMT
server: nginx
etag: "396db528b829a5251e8fc08d8ff63368"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 14386
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 26 Apr 2022 09:32:07 GMT
expires: Tue, 03 May 2022 09:32:07 GMT

GET
H2 200 200x335.jpg
images.1plus1.video/playlist-1/48/ Frame 997D 12 KB
12 KB 1367ms
1363ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/48/200x335.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 0a79e4b9555c24441d9c72f0c51a7793442ecb15b2b801a802fefca592b91c65

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 09:32:07 GMT
last-modified: Fri, 27 Oct 2017 06:54:58 GMT
server: nginx
etag: "2fc219c3f164ac38c04373b9337a23ee"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 11853
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 26 Apr 2022 09:32:07 GMT
expires: Tue, 03 May 2022 09:32:07 GMT

GET
H2 200 6377a284bdacb578df4878bc8331958f.220x330.jpg
images.1plus1.video/playlist-1/7444/ Frame 997D 42 KB
43 KB 1410ms
1405ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/7444/6377a284bdacb578df4878bc8331958f.220x330.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 1494d2b38bdef6a3475b947ca1d5f10a402a0005b5ac0e1f052e689219dfd703

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 09:32:07 GMT
last-modified: Wed, 26 Aug 2020 15:52:34 GMT
server: nginx
etag: "ffb806c41dc466bdf688de555519a6ee"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 43433
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 26 Apr 2022 09:32:07 GMT
expires: Tue, 03 May 2022 09:32:07 GMT

GET
H2 200 55f1bedc694d3cc5486c48c37f4c37cc.220x330.jpg
images.1plus1.video/playlist-1/103957/ Frame 997D 74 KB
74 KB 1200ms
1196ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/103957/55f1bedc694d3cc5486c48c37f4c37cc.220x330.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: d6a2db3e79fe9b07cd3d639778ab7a14c6b84fb1b8adb4bb7c4148a0ab070de0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 09:32:07 GMT
last-modified: Wed, 03 Feb 2021 13:04:39 GMT
server: nginx
etag: "f6b24d693a392d33eccdd561badd41d4"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 75576
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 26 Apr 2022 09:32:07 GMT
expires: Tue, 03 May 2022 09:32:07 GMT

GET
H2 200 220x330.jpg
images.1plus1.video/playlist-1/46079/ Frame 997D 16 KB
17 KB 1367ms
1362ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/46079/220x330.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: ce43847a09e5b32264fd405cadb39468fa323414fb98a57cf90ca100ecc3f365

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 09:32:07 GMT
last-modified: Fri, 27 Oct 2017 07:19:12 GMT
server: nginx
etag: "49f87d8676cf58992125d43f8dfe90bd"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 16618
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 26 Apr 2022 09:32:07 GMT
expires: Tue, 03 May 2022 09:32:07 GMT

GET
H2 200 200x335.jpg
images.1plus1.video/playlist-1/41106/ Frame 997D 13 KB
14 KB 1975ms
1970ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/41106/200x335.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 6aa5844ad135353e46dc232fe26175ca0b49c9b5ae0fca001f03c06496c05c1a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 09:32:07 GMT
last-modified: Fri, 27 Oct 2017 07:17:14 GMT
server: nginx
etag: "0320d58c71f341a6792beac800431198"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 13823
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 26 Apr 2022 09:32:07 GMT
expires: Tue, 03 May 2022 09:32:07 GMT

GET
H2 200 c86c98626e6650b7cc45b9399ba831a7.220x330.jpg
images.1plus1.video/playlist-1/7442/ Frame 997D 53 KB
53 KB 1862ms
1858ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/7442/c86c98626e6650b7cc45b9399ba831a7.220x330.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 79bfb57ae767aa4d6ff454d85780b53b8b3c9c3c5407efa9a423e1d4b3a57603

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 09:32:07 GMT
last-modified: Wed, 23 Oct 2019 08:24:22 GMT
server: nginx
etag: "05c80966c5cb92f8fc27ec548a7ea448"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 54238
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 26 Apr 2022 09:32:07 GMT
expires: Tue, 03 May 2022 09:32:07 GMT

GET
H2 200 56bed3dbc2477b78fa6cf738a9952f4e.220x330.jpg
images.1plus1.video/playlist-1/126226/ Frame 997D 47 KB
47 KB 1779ms
1776ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/126226/56bed3dbc2477b78fa6cf738a9952f4e.220x330.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 47e0d362a8eaa14f412baa47e2e6be04c9c65e479e6de1281fdb511611ac917e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 09:32:07 GMT
last-modified: Tue, 09 Mar 2021 11:43:06 GMT
server: nginx
etag: "63d497ab8c8f34bcf71c318a6f3101bb"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 48068
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 26 Apr 2022 09:32:07 GMT
expires: Tue, 03 May 2022 09:32:07 GMT

GET
H2 200 1757fcb6a34daa11f893254fee0138b4.220x330.jpg
images.1plus1.video/playlist-1/7446/ Frame 997D 42 KB
43 KB 1614ms
1610ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/7446/1757fcb6a34daa11f893254fee0138b4.220x330.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 7f573b2edce0b3073451c72bda43d4ae913c43a4ce64d90e69ae2897aa89c1b1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 09:32:07 GMT
last-modified: Wed, 26 Aug 2020 15:50:23 GMT
server: nginx
etag: "f2333e2ee23e5c2e678d7020c404c167"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 43372
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 26 Apr 2022 09:32:07 GMT
expires: Tue, 03 May 2022 09:32:07 GMT

GET
H2 200 59c27a9e093f1ea64707f67133bcd71f.220x330.jpg
images.1plus1.video/playlist-1/7441/ Frame 997D 43 KB
43 KB 1944ms
1941ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/7441/59c27a9e093f1ea64707f67133bcd71f.220x330.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 7aaa78bc1b01f0a951224964358a71ff90abc02b7492f64c88980a13f73dbf95

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 09:32:07 GMT
last-modified: Wed, 26 Aug 2020 15:55:10 GMT
server: nginx
etag: "2a81b5e2906718ff87f0cab7caa5818e"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 44174
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 26 Apr 2022 09:32:07 GMT
expires: Tue, 03 May 2022 09:32:07 GMT

GET
H2 200 200x335.jpg
images.1plus1.video/playlist-1/10772/ Frame 997D 14 KB
14 KB 1777ms
1774ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/10772/200x335.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 3e50ec9bf9cd0bd36e6893758780613e45003ce16354ba6d3efff6e51edb6ef6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 09:32:07 GMT
last-modified: Fri, 27 Oct 2017 07:02:21 GMT
server: nginx
etag: "26ad09546b4e87969d932db4f3ddc063"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 13879
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 26 Apr 2022 09:32:07 GMT
expires: Tue, 03 May 2022 09:32:07 GMT

GET
H2 200 228b454045e09c310f5527498a6a5ce1.220x330.jpg
images.1plus1.video/playlist-1/120214/ Frame 997D 81 KB
82 KB 1986ms
1983ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/120214/228b454045e09c310f5527498a6a5ce1.220x330.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: bf4b80d75d372b22fefb1daed5d5d5113b8895af5d6f876a67dfaa07b6593c30

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 09:32:07 GMT
last-modified: Mon, 08 Nov 2021 14:27:00 GMT
server: nginx
etag: "71bf4a961435d1e5ba11acad363e4916"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 83351
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 26 Apr 2022 09:32:07 GMT
expires: Tue, 03 May 2022 09:32:07 GMT

GET
H2 200 12b3926bb861a8b9a74c7c08aa0b50c5.220x330.jpg
images.1plus1.video/playlist-1/659/ Frame 997D 37 KB
38 KB 1695ms
1692ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/659/12b3926bb861a8b9a74c7c08aa0b50c5.220x330.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: b2e6c00a45288868369ef6ac73eebb20af2b8a404f13a7a6d2ad2f3854282116

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 09:32:07 GMT
last-modified: Fri, 26 Jun 2020 10:56:32 GMT
server: nginx
etag: "e245ad3d562db3f3947df4042e215baa"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 38340
accept-ranges: bytes
x-1p1-cdn: BYPASS; Tue, 26 Apr 2022 09:32:07 GMT
expires: Tue, 03 May 2022 09:32:07 GMT

GET
H2 200 fpdata.js Show response
gaua.hit.gemius.pl/ Frame 997D 281 B
353 B 78ms
77ms Script
application/x-javascript 54.37.238.28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/fpdata.js?href=1plus1.video
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/gemiuslib.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.37.238.28 , France, ASN16276 (OVH, FR),
Reverse DNS: ip28.ip-54-37-238.eu
Software: GHC /
Resource Hash: 59b6c9f2c6971abbcad2e331ab235df6fd62693258bad4c25d5b5396c6c7cd9f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 09:32:07 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
server: GHC
etag: PRIVATE7520710249
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: private, max-age=2592000
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 281
expires: Thu, 26 May 2022 09:32:07 GMT

GET
H2 200 lsget.html Show response
ls.hit.gemius.pl/ Frame C369 5 KB
3 KB 77ms
77ms Document
text/html 146.59.30.104
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ls.hit.gemius.pl/lsget.html
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/gemiuslib.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.30.104 , France, ASN16276 (OVH, FR),
Reverse DNS: ip104.ip-146-59-30.eu
Software: GHC /
Resource Hash: 0b016144dd49628a11a5593d42bd4e909e6151a940fb035474dcac20557e1a90

Request headers

Referer: https://1plus1.video/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: none
cache-control: private, max-age=2592000
content-encoding: gzip
content-length: 2721
content-type: text/html;charset=utf-8
cross-origin-resource-policy: cross-origin
date: Tue, 26 Apr 2022 09:32:07 GMT
etag: PRIVATE7520710249
expires: Thu, 26 May 2022 09:32:07 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
p3p: CP="NOI DSP COR NID PSAo OUR IND"
server: GHC
vary: Accept-Encoding,Origin,User-Agent

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14495005349147051939/ Frame DFCB 12 KB
3 KB 169ms
58ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14495005349147051939/index.html

Requested by

Host: 2plus2.ua
URL: https://2plus2.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c0117e5b51a0f56d9da8a8677faa0cef607b306784f3334e9a4e003f3171a076

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f0009bcbdfe4baf56000cd1b0d8d600f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 170481
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 3315
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Sun, 24 Apr 2022 10:10:46 GMT
expires: Mon, 24 Apr 2023 10:10:46 GMT
last-modified: Wed, 30 Jun 2021 18:10:14 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 2DD5 0
0 97ms
96ms Fetch
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CvcT7FrxnYsLmIIfO3gOFnpnIBczb0-hpwpivrKoOrgIQASD9_4UjYJWikoKgB6AB0Maj4QPIAQmpAqjT39Urs3s-4AIAqAMByANIqgSYAk_Q6TPPNZHkWVlv-3bzjvxEKj4tt5nEECmyALw6GAiXT0tLPbsBBtpYLT8se8QUYXcdwWOo_1J04VaBjMMoNzObmnAWX_tQsQY0g5JfS2wvyw-LEgzP4FOMNNHKtFj7RGL7gZIICWv0KkusEY7uXCvDCLa5XjkNAbvVv5k6x-GBiavGHktZJNBQ0oZcUmPgwPDyELE3zpQeYOekLFlHfzhKtoav7Dd7nNQ1Grkh8xavSuo8krsOK-RAzpKYZOqqxBHkznpG-I0mVXwAb1WTcG7g5XF7AH4mFEtMuejsP_ZF4C6brOsL-RZ7KybOkZ7DYMCdcvxbSLb3AV-mnYwDcOgM3mPpEYNB6Xz6mnmbayL9CLNARR6n51TABN-X4NCZAuAEAZIFBAgEGAGSBQQIBRgEoAYugAeYudweqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwUQkvaUAdIICQiI4YAQEAEYHYAKA8gLAdgTCogUAdAVAZgWAYAXAbIXHgocCAASFHB1Yi05MTM4MjQ3NjUzNzU0NTMzGNXbFg&sigh=a8EO7sPIsNI&uach_m=[UACH]&template_id=419
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://f0009bcbdfe4baf56000cd1b0d8d600f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220421/r20110914/ Frame 2DD5 19 KB
8 KB 170ms
61ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220421/r20110914/abg_lite_fy2019.js

Requested by

Host: 2plus2.ua
URL: https://2plus2.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a7d5c1bfe43c8beefab2fa059f4fcaa029fcbbace9a672aae1dfe1ffb7d6976c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://f0009bcbdfe4baf56000cd1b0d8d600f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 09:21:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 643
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8002
x-xss-protection: 0
server: cafe
etag: 5332015062585099865
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 10 May 2022 09:21:24 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220421/r20110914/client/ Frame 2DD5 3 KB
1 KB 183ms
74ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220421/r20110914/client/window_focus_fy2019.js

Requested by

Host: 2plus2.ua
URL: https://2plus2.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://f0009bcbdfe4baf56000cd1b0d8d600f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 09:29:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 181
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 10 May 2022 09:29:06 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2DD5 119 KB
37 KB 201ms
72ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 2plus2.ua
URL: https://2plus2.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef2e3293c1558e5b49e30e1e094cfc3412ec386a68067aee04a92fc913f2c2ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://f0009bcbdfe4baf56000cd1b0d8d600f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 09:32:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36950
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1650454428054601"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 26 Apr 2022 09:32:07 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220421/r20110914/client/ Frame 2DD5 15 KB
6 KB 161ms
53ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220421/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 2plus2.ua
URL: https://2plus2.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://f0009bcbdfe4baf56000cd1b0d8d600f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 09:26:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 322
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6409
x-xss-protection: 0
server: cafe
etag: 15284592792851369840
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 10 May 2022 09:26:45 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 2DD5 0
0 62ms
62ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRAC7-EeAIPczGVneB2icrOGpy51n2BkkezZpVo5R-t-9yibMlaM_t0eOMmctiidbXOM6HSas_K3jDI6_1URf6RUCqGqQ
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://f0009bcbdfe4baf56000cd1b0d8d600f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 redot.js Show response
gaua.hit.gemius.pl/_1650965527368/ Frame 997D 2 B
200 B 79ms
77ms Script
application/x-javascript 54.37.238.28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/_1650965527368/redot.js?l=107&id=ByA1NmOpnbt8LmYqyjQkWrd8.l0YgocyqLXiHjiJayv.h7&et=data&hsrc=3&extra=_EC%3Dstreamcontent%7C_SPI%3D1650965527507%7C_SP%3D12XPPTDu%7C_SPD%3D2plus2.ua%7C_SPV%3D100%7C_SPR%3D655x370%7C_SC%3D12XPPTDu%7CcurrentDomain%3D2plus2.ua%7CcurrentNetwork%3Dhome%7CprojectID%3D4844%7C_SCV%3D100%7Cmute%3Dfalse%7C_SCR%3D655x370%7C_SCT%3DChomu%20ne%20varto%20vikladati%20fotografiyi%20ukrayinskoyi%20tehniki%20ta%20vijskovih%20v%20internet%7CvideoType%3D3%7CUserType%3DNotAuthorized%7CCategory%3DNWS_2P2%7C_SCD%3D210%7C_SCTE%3DVideo%7C_SCPD%3D20220223%7C_SCTY%3D12%2F00%7CcontentType%3Dnegative%7C_SCTT%3D1&eventid=0&fr=3&tz=0&fv=-&href=https%3A%2F%2F1plus1.video%2Fvideo%2Fembed%2F12XPPTDu%3Fautoplay%3D0%26l%3Dua%26logo%3Dplus2&ref=https%3A%2F%2F2plus2.ua%2F&screen=1600x1200r1000&col=24&window=655x370&ltime=129&lsdata=Loew1hxEeGH_n4yAnjCZLrQ1MIqjR48Inn5_SdtmqOT.S7eBTYs1x7Fi1ycQATB0xJMHFgTFX.hv3Lo.GGic7Ek8KpF8/BaATO3Oc1DcpJ/&fpdata=-TURNEDOFF&vis=1
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/gemiuslib.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.37.238.28 , France, ASN16276 (OVH, FR),
Reverse DNS: ip28.ip-54-37-238.eu
Software: GHC /
Resource Hash: 75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Apr 2022 09:32:07 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 2
expires: Mon, 25 Apr 2022 09:32:07 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame B45C
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

126ms
126ms

Image
text/html

2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

date: Tue, 26 Apr 2022 09:32:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 18ED
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

167ms
167ms

Image
text/html

2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

date: Tue, 26 Apr 2022 09:32:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame DFCB 9 KB
3 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14495005349147051939/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 09:36:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 86153
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 26 Apr 2022 09:36:14 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame DFCB 26 KB
10 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14495005349147051939/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 16:13:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62308
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 26 Apr 2022 16:13:39 GMT

GET
H3 200 efd5af212b790b949ef103480dddb5e7.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14495005349147051939/ Frame DFCB 69 KB
18 KB 58ms
58ms Script
application/x-javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14495005349147051939/efd5af212b790b949ef103480dddb5e7.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14495005349147051939/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8994af594d5b44a2244155d9e567be672557846242b3c65ce86eaaeb652c3744

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 407565
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18481
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 18:10:14 GMT
server: sffe
date: Thu, 21 Apr 2022 16:19:22 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 21 Apr 2023 16:19:22 GMT

POST
H/1.1 204
No Content multitracking Show response
ghb.adtelligent.com/adunit/ 0
197 B 225ms
224ms XHR
text/plain 209.205.201.34
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/adunit/multitracking
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/458601/hbw_master_298309_11708.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 209.205.201.34 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS: static-34-201-205-209.24shells.net
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://2plus2.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://2plus2.ua
Date: Tue, 26 Apr 2022 09:32:07 GMT
Access-Control-Allow-Credentials: true
Server: Adtelligent
Connection: Keep-Alive

GET
H3 200 bridge3.512.0_uk.html Show response
imasdk.googleapis.com/js/core/ Frame CBFC 631 KB
205 KB 164ms
55ms Document
text/html 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.512.0_uk.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

155044da3bf9c8ad13a0788720b187d7d78971f4acc628e695c5c52aa31469c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1plus1.video/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 480777
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 209646
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Wed, 20 Apr 2022 19:59:10 GMT
expires: Thu, 20 Apr 2023 19:59:10 GMT
last-modified: Wed, 20 Apr 2022 19:54:57 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 997D 44 KB
17 KB 205ms
77ms Script
text/javascript 2a00:1450:400e:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:801::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 09:32:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 26 Apr 2022 09:32:07 GMT

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 997D 107 B
122 B 176ms
65ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=1plus1.video

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 26 Apr 2022 09:32:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 03F6 143 B
245 B 54ms
53ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: f0009bcbdfe4baf56000cd1b0d8d600f.safeframe.googlesyndication.com
URL: https://f0009bcbdfe4baf56000cd1b0d8d600f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f0009bcbdfe4baf56000cd1b0d8d600f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 1528
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Tue, 26 Apr 2022 09:06:39 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 161D 37 KB
13 KB 184ms
56ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 08:34:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3464
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Tue, 26 Apr 2022 09:34:23 GMT

GET
DATA 200
OK truncated
/ Frame 2DD5 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8ff010926c781963aa59329983e6b4a7d4108151db014b34539fdc7e95434b44

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 93e3ffb0e5b6fdce462eba20f114fad0.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14495005349147051939/media/ Frame DFCB 56 KB
56 KB 69ms
68ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14495005349147051939/media/93e3ffb0e5b6fdce462eba20f114fad0.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14495005349147051939/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

73bf56ea6f8351f43256926aca4e9fde6c2b6611d2d0a2e8b502333e9675529f

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 568305
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57070
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 18:10:14 GMT
server: sffe
date: Tue, 19 Apr 2022 19:40:22 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 19 Apr 2023 19:40:22 GMT

GET
H3 200 eadbb2c04084f27a632db891e2f0bb52.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14495005349147051939/media/ Frame DFCB 49 KB
49 KB 72ms
70ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14495005349147051939/media/eadbb2c04084f27a632db891e2f0bb52.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14495005349147051939/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbcf722da0e822fa4b7af6e0f9f5abd5b5027c8a7ce366fee906eb84a6ec8bfb

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 568305
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49883
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 18:10:14 GMT
server: sffe
date: Tue, 19 Apr 2022 19:40:22 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 19 Apr 2023 19:40:22 GMT

GET
H3 200 e81dd9b29adfa0844421d6261616836d.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14495005349147051939/media/ Frame DFCB 3 KB
3 KB 109ms
107ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14495005349147051939/media/e81dd9b29adfa0844421d6261616836d.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14495005349147051939/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

353a5e4a7611107a43e8489d208bbb4866ffa68d95da0928af78a3dd7cf1bf93

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 430452
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3108
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 18:10:14 GMT
server: sffe
date: Thu, 21 Apr 2022 09:57:55 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 21 Apr 2023 09:57:55 GMT

GET
H3 200 c40e2a405217449e27199d726bf1d54f.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14495005349147051939/media/ Frame DFCB 9 KB
2 KB 91ms
90ms Image
image/svg+xml 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14495005349147051939/media/c40e2a405217449e27199d726bf1d54f.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14495005349147051939/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fdb2789e08860f01c985cc2d7d6133bcb5820c437bf76f5a82e88b121479b86

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 594676
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2016
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 18:10:14 GMT
server: sffe
date: Tue, 19 Apr 2022 12:20:51 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 19 Apr 2023 12:20:51 GMT

GET
H3 200 a5ccecbe3fe07ecc3047dbbe39877127.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14495005349147051939/media/ Frame DFCB 9 KB
9 KB 96ms
95ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14495005349147051939/media/a5ccecbe3fe07ecc3047dbbe39877127.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14495005349147051939/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1548772caa46793e03847e6238ecb26258270f399d6103f80ad3d14ebf266d03

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 407565
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9036
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 18:10:14 GMT
server: sffe
date: Thu, 21 Apr 2022 16:19:22 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 21 Apr 2023 16:19:22 GMT

GET
H2

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 03F6
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
167 B

405ms
103ms

Document
text/html

2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: f0009bcbdfe4baf56000cd1b0d8d600f.safeframe.googlesyndication.com
URL: https://f0009bcbdfe4baf56000cd1b0d8d600f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 26 Apr 2022 09:32:08 GMT
expires: Tue, 26 Apr 2022 09:32:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 26 Apr 2022 09:32:07 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect Show response
d.clarity.ms/ 0
48 B 395ms
394ms XHR
text/plain 40.76.174.66
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.clarity.ms/collect
Requested by: Host: d.clarity.ms
URL: https://d.clarity.ms/s/0.6.34/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.76.174.66 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://2plus2.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: https://2plus2.ua
date: Tue, 26 Apr 2022 09:32:07 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

GET
H3 200 a9dcaf2678123761a5f1cdf22850746c.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14495005349147051939/media/ Frame DFCB 4 KB
1 KB 56ms
55ms Image
image/svg+xml 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14495005349147051939/media/a9dcaf2678123761a5f1cdf22850746c.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14495005349147051939/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b530fdd5766c37515bb33566d4674ae5c5567ed8973d48fd366004c5c212dc70

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 407565
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 18:10:14 GMT
server: sffe
date: Thu, 21 Apr 2022 16:19:22 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 21 Apr 2023 16:19:22 GMT

GET
H2 200 if Show response
a4p.adpartner.pro/tracker/ Frame 0472 0
139 B 74ms
74ms Document
image/gif 54.38.197.123
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%220bd1f457-d36b-4630-87bc-e02d7106f2e1%22%2C%22event%22%3A%22unit_iab_show%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A0%2C%22cost%22%3A0.0021380956177334%2C%22dsp_id%22%3A51%2C%22rule_id%22%3A0%2C%22show_id%22%3A%229cbf18a5-ee0d-4d56-a436-103d73d0fe43%22%7D%5D%2C%22unit_id%22%3A7803%2C%22region_id%22%3A86%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252F2plus2.ua%252F%22%7D
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-01.adpartner.pro
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate no-store no-transform
content-length: 0
content-type: image/gif
date: Tue, 26 Apr 2022 09:32:08 GMT
expires: 0
pragma: no-cache
server: nginx

GET
H2 200 if Show response
a4p.adpartner.pro/tracker/ Frame ECF1 0
139 B 74ms
74ms Document
image/gif 54.38.197.123
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%220bd1f457-d36b-4630-87bc-e02d7106f2e1%22%2C%22event%22%3A%22ad_iab_show%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A0%2C%22cost%22%3A0.0021380956177334%2C%22dsp_id%22%3A51%2C%22rule_id%22%3A0%2C%22show_id%22%3A%229cbf18a5-ee0d-4d56-a436-103d73d0fe43%22%7D%5D%2C%22unit_id%22%3A7803%2C%22region_id%22%3A86%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252F2plus2.ua%252F%22%7D
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-01.adpartner.pro
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate no-store no-transform
content-length: 0
content-type: image/gif
date: Tue, 26 Apr 2022 09:32:08 GMT
expires: 0
pragma: no-cache
server: nginx

GET
H/1.1 200
OK / Show response
api.1plus1.video/home/vmap/ Frame CBFC 753 B
1 KB 113ms
113ms XHR
application/xml 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.1plus1.video/home/vmap/?s=2plus2.ua&r=YUhSMGNITTZMeTh5Y0d4MWN6SXVkV0V2&w=655&h=370&c=12XPPTDu&d=web&p1v=0&pid=4844
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.512.0_uk.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: dbc5a24f3b39d3bcf13a725f7b352f8ecc7f23672ff9b4832d2dbf4976bf04b2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 26 Apr 2022 09:32:08 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: application/xml
Access-Control-Allow-Origin: https://imasdk.googleapis.com
Cache-Control: no-store, no-cache, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Keep-Alive: timeout=15
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 d_XgMe7_8DX3JscHlpumBxzOcHqlAtWKp75Cu0r3_I4.js Show response
pagead2.googlesyndication.com/bg/ Frame DFCB 35 KB
13 KB 163ms
54ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/d_XgMe7_8DX3JscHlpumBxzOcHqlAtWKp75Cu0r3_I4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77f5e031eefff035f726c707969ba6071cce707aa502d58aa7be42bb4af7fc8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 08:07:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5092
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13694
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 26 Apr 2023 08:07:16 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2DD5 42 B
64 B 211ms
100ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv0LzwD3WOFf0joifZSClvcWOVNeZRrIkReB50vNuao3baKQUVBJ5b1K3n3L8kY3VI1JoraDeJNN3QNTAI9HH_F8KBm_p7mgW8RJUnO8xljQg24br6AKTEq1wvZKbyelx0mCQmoaG3iRFrE&sai=AMfl-YTBjXm1wLAQufWlFO4RgjcxugBK5kMCIq1uxMldbyKRplxHtHIL4mvcX4qvmrR4mR5DppZd38AuYO8_3fauv36cHlWkLLoXzhp9vQ96Jz2A3ejszkkc4L1nf31Fbow&sig=Cg0ArKJSzASTWiNyroPuEAE&id=lidar2&mcvt=1000&p=1020,80,1140,1060&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220420&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=2435792799&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1650965527209&rpt=392&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://f0009bcbdfe4baf56000cd1b0d8d600f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Apr 2022 09:32:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame B45C 42 B
64 B 89ms
89ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvQmhfAgPbtkVEnDSlY_NSe_DHkNxGn-s1yItlDRoKwGHYplopzmPJaqkLncXlFnvwzeAdcS2Me0I7YoOwQBxMyIiZeNukr4IEYEbZwg23ZYdCBuqUEeQ&sai=AMfl-YTL9eHjWWWC0J6JVTMQBHXUJh1gQHpiTlUJNk9r8tW0dAItndroyzNVrZYQjLlqK3iL7jKTnHm-UPBiSoZGG6vKHTv0GaZUyBe4wgzeovCeD7j1CBYchg4KZ6xrnR0&sig=Cg0ArKJSzMyHHxShZsrmEAE&id=ampim&o=992,645&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=674&tls=1674&g=99.95833039283752&h=99.95833039283752&tt=1674&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=3937908213

Requested by

Host: 2plus2.ua
URL: https://2plus2.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Apr 2022 09:32:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=26FB80642D3E4FE7BC7D8081F48BCF0F&RedC=c.clarity.ms&MXFR=09785F38D0386A0837E04EAAD4386415
https://c.clarity.ms/c.gif?CtsSyncId=26FB80642D3E4FE7BC7D8081F48BCF0F&MUID=3287A780370E6F730134B61236856E6E

42 B
368 B

63ms
63ms

Image
image/gif

52.142.114.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=26FB80642D3E4FE7BC7D8081F48BCF0F&MUID=3287A780370E6F730134B61236856E6E
Protocol: H2
Server: 52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Apr 2022 09:32:08 GMT
last-modified: Fri, 18 Mar 2022 19:39:54 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "8120eaf0ff3ad81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Tue, 26 Apr 2022 09:32:08 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8556F6916CC34505A8157C0A20E1FA79 Ref B: FRA31EDGE0617 Ref C: 2022-04-26T09:32:09Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=26FB80642D3E4FE7BC7D8081F48BCF0F&MUID=3287A780370E6F730134B61236856E6E
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 77ms
76ms XHR
application/json 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022042101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f5f2e26f64f54c9515ff82a2b3958ac46c438ebb3f53459a5fcb89cd03d49b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 26 Apr 2022 09:32:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10780
x-xss-protection: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame DBE3 13 KB
5 KB 176ms
60ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=2plus2.ua

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

2d97ecc3fc54beb500cfdfaab6e611f49e22c5dbaf368ede1c612e50bfd5099f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://2plus2.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-length: 5136
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 26 Apr 2022 09:32:08 GMT
server-processing-duration-in-ticks: 2796
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 85ms
85ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 09:32:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 26 Apr 2022 09:32:08 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5FC9 13 KB
5 KB 54ms
53ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2plus2.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 1402
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 26 Apr 2022 09:08:46 GMT
expires: Wed, 26 Apr 2023 09:08:46 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E92A 783 B
536 B 65ms
65ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4bb408a78beb4f02b5289339069a7d8ea6353d26834b5e0259509c8f8d8d75f9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-5yLWRIuMEBGuHLd5pvDVJQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://2plus2.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-5yLWRIuMEBGuHLd5pvDVJQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 26 Apr 2022 09:32:08 GMT
expires: Tue, 26 Apr 2022 09:32:08 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2

200

sid Show response
mug.criteo.com/ Frame DBE3
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=2plus2.ua&sn=ChromeSyncframe&so=0&topUrl=2plus2.ua&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=kXwXnnxrUjRKUzUxU0xSQ1BRa0NEekxpUmFQVENPMENGbitoVU9kYVJoU2xSVExPV3p6d0xQd2szN21QbG1INUsySGIxUWxGTFgvUFJFNDdlRFl5NCtJS2tmNDZPQ0tKUXAzK3E0ZEpwNkxhUEtwajF6K1c0MzBIVlB2Wn...

417 B
628 B

193ms
62ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=kXwXnnxrUjRKUzUxU0xSQ1BRa0NEekxpUmFQVENPMENGbitoVU9kYVJoU2xSVExPV3p6d0xQd2szN21QbG1INUsySGIxUWxGTFgvUFJFNDdlRFl5NCtJS2tmNDZPQ0tKUXAzK3E0ZEpwNkxhUEtwajF6K1c0MzBIVlB2WnpvMHg1RXJnSkFhNEFFRTJiS3Jmb0VOZ0djakNZNG9Nb0phckpmamJvL1ZHbmtqSTdySG9KaXF5TUF2TWVWMWtidXBvL21nbUJncWUxSmd1VzdYUjNydmVHRHE0SFdJNGZxUnZpdHRjbkJsZFRmUXZ5Y1BxOFZkMlMvTHpWcENaR1Z4TnArYUFWWVd5dDhsc1VXMlZ5MnlZUlZZMzRndz09fA&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

6bc87dfab52f0ec81f96fc75f58e5d357898701e94fde529c10de11db7625ef7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Apr 2022 09:32:08 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 4899
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 26 Apr 2022 09:32:08 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=kXwXnnxrUjRKUzUxU0xSQ1BRa0NEekxpUmFQVENPMENGbitoVU9kYVJoU2xSVExPV3p6d0xQd2szN21QbG1INUsySGIxUWxGTFgvUFJFNDdlRFl5NCtJS2tmNDZPQ0tKUXAzK3E0ZEpwNkxhUEtwajF6K1c0MzBIVlB2WnpvMHg1RXJnSkFhNEFFRTJiS3Jmb0VOZ0djakNZNG9Nb0phckpmamJvL1ZHbmtqSTdySG9KaXF5TUF2TWVWMWtidXBvL21nbUJncWUxSmd1VzdYUjNydmVHRHE0SFdJNGZxUnZpdHRjbkJsZFRmUXZ5Y1BxOFZkMlMvTHpWcENaR1Z4TnArYUFWWVd5dDhsc1VXMlZ5MnlZUlZZMzRndz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1971
content-length: 541
expires: 0

GET
H3 200 LE6A1jkwhzHIveaC2PWdXlafu4EKGxRoxiYl273qJjE.js Show response
pagead2.googlesyndication.com/bg/ Frame 5FC9 35 KB
13 KB 79ms
79ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/LE6A1jkwhzHIveaC2PWdXlafu4EKGxRoxiYl273qJjE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c4e80d639308731c8bde682d8f59d5e569fbb810a1b1468c62625dbbdea2631

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 20:02:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 480579
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13647
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 20 Apr 2023 20:02:30 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E92A 0
0 109ms
109ms Image
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022042101&jk=2493387618843531&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 5FC9 0
10 B 54ms
53ms Image
text/plain 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?XIX_Zg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 09:32:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 189ms
63ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2F2plus2.ua%2F&domain=2plus2.ua&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://2plus2.ua
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://2plus2.ua
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Tue, 26 Apr 2022 09:32:08 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 1409
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2F2plus2.ua%2F&domain=2plus2.ua&cw=1&pbt=1&lsw=1
https://mug.criteo.com/sid?cpp=bQcObHxENXB2cUpoM1ZaNTYwTDdoSzBCdVdLR1g3ZG5iQlE0dTBsMnAzclB3QWZWS2J0T09pN0gxQ2JhUzMwdFBrd2M2UGZCc0cyYmJCSXA2WHN0SHBjQ0NOakhqUU5VbjFPUkdCYU42cDNISGU3R0dxLzNXUnNDc1dDSF...

400 B
652 B

59ms
59ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=bQcObHxENXB2cUpoM1ZaNTYwTDdoSzBCdVdLR1g3ZG5iQlE0dTBsMnAzclB3QWZWS2J0T09pN0gxQ2JhUzMwdFBrd2M2UGZCc0cyYmJCSXA2WHN0SHBjQ0NOakhqUU5VbjFPUkdCYU42cDNISGU3R0dxLzNXUnNDc1dDSFdkeVI5Y2hLTlcwZWtPK3REbElmTFR5VU5sSXBzMDRqSldYNXAwOUFhNHJkdHF6aVhIR3pZQTBYTXZReDZIT0NFbU1Ud0ptZHZkaUxIL0xSc1Y2Y0xXUHdZREMrWG0xOVMwV3p1ZVJVUFFCdnFveWhnVk1ranYxdXgxV3VHb3NHYk1nZjQ3VUJydDVmdGNWeGR4c1lBcGh6ayt6cmx6UT09fA&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

773ebb63199b0a3f8eb61439688b29b50516a745d17cb9227ba6b6afa36cdca7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Apr 2022 09:32:09 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 3799
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 26 Apr 2022 09:32:09 GMT
location: https://mug.criteo.com/sid?cpp=bQcObHxENXB2cUpoM1ZaNTYwTDdoSzBCdVdLR1g3ZG5iQlE0dTBsMnAzclB3QWZWS2J0T09pN0gxQ2JhUzMwdFBrd2M2UGZCc0cyYmJCSXA2WHN0SHBjQ0NOakhqUU5VbjFPUkdCYU42cDNISGU3R0dxLzNXUnNDc1dDSFdkeVI5Y2hLTlcwZWtPK3REbElmTFR5VU5sSXBzMDRqSldYNXAwOUFhNHJkdHF6aVhIR3pZQTBYTXZReDZIT0NFbU1Ud0ptZHZkaUxIL0xSc1Y2Y0xXUHdZREMrWG0xOVMwV3p1ZVJVUFFCdnFveWhnVk1ranYxdXgxV3VHb3NHYk1nZjQ3VUJydDVmdGNWeGR4c1lBcGh6ayt6cmx6UT09fA&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://2plus2.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1939
content-length: 541
expires: 0

POST
H/1.1 200 692.json Show response
id5-sync.com/g/v2/ 213 B
527 B 250ms
63ms XHR
application/json 51.89.42.88
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/692.json

Requested by

Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/458601/hb_298309_11708.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.89.42.88 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

p27.id5-sync.com

Software

Resource Hash

3125c1ea83824995865371165e5021548dab498db363ada63d5b174d09c990d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://2plus2.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://2plus2.ua
Date: Tue, 26 Apr 2022 09:32:08 GMT
Access-Control-Allow-Credentials: true
Vary: Origin
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: application/json;charset=UTF-8

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 171ms
58ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Tue, 26 Apr 2022 09:32:08 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 1286
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 97ms
96ms Image
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022042101&jk=2493387618843531&bg=!v7ylvPjNAAYXWUUuN1k7ACkAdvg8WjXE76jO6rjo_XRnUnt5WeDOirQRylpunN0wBV_VqesnH62CnwIAAABxUgAAAANoAQcKAAY3hBgA6J2ZAqezuaWh5x88VYwtdo3vVszCYVmxVUESuqaazvRGOOpdmFnSF0RItUN064VELyz0X-Nk2DKU-cpmhwHLgKBOKE14-_ZfcWjxly2u4KcjWwPy60UuIwqck0-yv2q2YVcyHapGlcsf3cXghkNy7TTpWmh4zddOQVjofzU1QcZlTiCqZwT2jY5395Hi0vAhPmF4-m0s_IBVFhfZIu4IkTmD_3hyuOoXynxp5tfMA_lB0dnlmsElWjRi_jtgWeBQ0zUVRdBmii9YiaXC9hAd1SioXlDeaw-jiGVoWmX-GFrN2y7AJBpaElBHE40WUb3i1dzOhedneJeRTrLMLiwX8DQjE_6uwI6nAxKO3Csb8fzN9YAnBjOG6vTehdzklnNMZsjgi0buj_bxt9xmr3eKebPBdtMYPkGnhBQb7r_H-Z-tEaDS1zByfzH0iEUdV9MTaGBBtKK3GeksoSfaNDJJ651tMPrZ5VsA0UCOuA1-DZnoKxZZRKnznWOpQklEGz_HY90hu-X2W4NvIi8jh6D5nyniHwP7j0FcQDNBeCPoD7WZTkkx1HLmZPDySxDpZzoCQYS4ejU1y0BK9YbQ5Wm366yr9tgexqTBWqFWi4WW0oVsTnwfGx5OeBxhjDTC5q266B0Tv0hQqmDXx09qcn2m7GP7GlLi7ouK383cwu3yy6pRpuHFbjHUj15KnANeuOnEsvrYZ-wWfre4846Scpg38WdKjUWXCaI1FoK6n9bvzJicVYoMBBMCxR9l5lBjI5QPxG8jqTC0r4brAP2Q2NyiBZ1t-saacERXnbU4l39xFJDvZPiBxQrqFRjauY5QcX_9Q2D2qutanAi_G_L3tZxy96TYJDmxpi4JI5_IQvdpQtQ0ObUS7sMnvPp6cnOS1IV1quU2VCYUTAHcma6V
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

POST
H2 204 collect Show response
d.clarity.ms/ 0
48 B 409ms
408ms XHR
text/plain 40.76.174.66
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.clarity.ms/collect
Requested by: Host: d.clarity.ms
URL: https://d.clarity.ms/s/0.6.34/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.76.174.66 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://2plus2.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: https://2plus2.ua
date: Tue, 26 Apr 2022 09:32:10 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

GET
H2 204 tt
a4p.adpartner.pro/ Frame 8DC4 0
0 905ms
904ms Document
text/plain 54.38.197.123
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/tt?time=10&apuid=0bd1f457-d36b-4630-87bc-e02d7106f2e1&session_pageview=1&session_id=53cebb5e-8ad2-40b7-93eb-04119e24b261&site_visited=1&location=https%3A%2F%2F2plus2.ua%2F&referer=
Requested by: Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/vunit?id=1412&0.21908007694621845
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-01.adpartner.pro
Software: nginx /
Resource Hash

Request headers

Referer: https://2plus2.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store no-transform
date: Tue, 26 Apr 2022 09:32:16 GMT
server: nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fastlane.rubiconproject.com
URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2126352&size_id=15&eid_pubcid.org=9f8094a4-5736-442d-bc2e-7aaa4ce2af91%5E1&rf=https%3A%2F%2F2plus2.ua%2F&tg_i.pbadslot=%2F82479101%2F2plus2.ua%2F2plus2_300x250%23ad-slot-1&tk_flint=pbjs_lite_v6.7.0-pre&x_source.tid=0aab71cf-ac55-4c2b-92ee-05e529e59a84&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F82479101%2F2plus2.ua%2F2plus2_300x250%23ad-slot-1&slots=1&rand=0.3212162122518394

Domain: fastlane.rubiconproject.com
URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2126352&size_id=10&eid_pubcid.org=9f8094a4-5736-442d-bc2e-7aaa4ce2af91%5E1&rf=https%3A%2F%2F2plus2.ua%2F&tg_i.pbadslot=%2F82479101%2F2plus2.ua%2F2plus2_300x600_2%23ad-slot-2&tk_flint=pbjs_lite_v6.7.0-pre&x_source.tid=4fc49c15-a98c-44e9-9ef6-ac1392e56a3c&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F82479101%2F2plus2.ua%2F2plus2_300x600_2%23ad-slot-2&slots=1&rand=0.6947840756792001

Domain: prebid.a-mo.net
URL: https://prebid.a-mo.net/a/c

Domain: adtelligent-d.openx.net
URL: https://adtelligent-d.openx.net/w/1.0/arj?ju=https%3A%2F%2F2plus2.ua%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=0c9cd2fc-b9eb-4677-b488-4b57f410cbc8%2C0aab71cf-ac55-4c2b-92ee-05e529e59a84%2C4fc49c15-a98c-44e9-9ef6-ac1392e56a3c%2Ccb202a04-3569-4169-9567-75331e150449&nocache=1650965526233&pubcid=9f8094a4-5736-442d-bc2e-7aaa4ce2af91&schain=1.0%2C1!adtelligent.com%2C298309%2C1%2C%2C%2C&aus=2000x1300%7C300x250%7C300x600%7C1440x180&divids=div-gpt-ad-1563887551234-0%2Cad-slot-1%2Cad-slot-2%2Cgpt-12470d54-a869-4446-90ea-5952de213ab5&aucs=%252F82479101%252F2plus2.ua%252FBranding%2523div-gpt-ad-1563887551234-0%2C%252F82479101%252F2plus2.ua%252F2plus2_300x250%2523ad-slot-1%2C%252F82479101%252F2plus2.ua%252F2plus2_300x600_2%2523ad-slot-2%2C%252F82479101%252F2plus2.ua%252Fcatfish%2523gpt-12470d54-a869-4446-90ea-5952de213ab5&auid=541177132%2C541177132%2C541177132%2C541177132

Domain: hbopenbid.pubmatic.com
URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client

Domain: ghb1.adtelligent.com
URL: https://ghb1.adtelligent.com/v2/auction/

Domain: ib.adnxs.com
URL: https://ib.adnxs.com/ut/v3/prebid

Domain: ib.adnxs.com
URL: https://ib.adnxs.com/ut/v3/prebid

Domain: fastlane.rubiconproject.com
URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48106&zone_id=2153570&size_id=15&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=9f8094a4-5736-442d-bc2e-7aaa4ce2af91%5E1&rf=https%3A%2F%2F2plus2.ua%2F&tg_i.pbadslot=%2F82479101%2F2plus2.ua%2F2plus2_300x250%23ad-slot-1&tk_flint=pbjs_lite_v6.7.0-pre&x_source.tid=0aab71cf-ac55-4c2b-92ee-05e529e59a84&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F82479101%2F2plus2.ua%2F2plus2_300x250%23ad-slot-1&slots=1&rand=0.007694851890766463

Domain: fastlane.rubiconproject.com
URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48106&zone_id=2153570&size_id=10&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=9f8094a4-5736-442d-bc2e-7aaa4ce2af91%5E1&rf=https%3A%2F%2F2plus2.ua%2F&tg_i.pbadslot=%2F82479101%2F2plus2.ua%2F2plus2_300x600_2%23ad-slot-2&tk_flint=pbjs_lite_v6.7.0-pre&x_source.tid=4fc49c15-a98c-44e9-9ef6-ac1392e56a3c&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F82479101%2F2plus2.ua%2F2plus2_300x600_2%23ad-slot-2&slots=1&rand=0.7563736927245857

Verdicts & Comments Add Verdict or Comment

108 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

59 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
2plus2.ua/	1970-01-20 02:36:12	Name: XSRF-TOKEN Value: eyJpdiI6IlNLM0VHR2lrRTl2Q1liWUNqY2ZObVE9PSIsInZhbHVlIjoiQzhBODhqTmtNbFRmSWViQ3p3OEk4djV4UHhuOVlBSkRvZDZpZkZkbzhNRGJybjZJT0FueElHb2NJQVhycHhEKyIsIm1hYyI6IjI4NTVlNjdmOTZlNTA3YjBlM2U2MzE3YzkwZWRlNmNmYmYzMjA3NDQwYTdjMThmOTAzZWQxMmRkNTlmZTA2MTQifQ%3D%3D
2plus2.ua/	1970-01-20 02:36:12	Name: 2plus2_session Value: eyJpdiI6ImJBRkJERVFjclwvUzRzYVkxZDFjYnB3PT0iLCJ2YWx1ZSI6Ikt1ZHdlRmx5SUt6eHBuYTJcL05OYlMxUWlTcWh4RUhrNXk1NE1xWHRSSDFqRlZVUlhCYVUxcENGMGVWQSt4WHB1IiwibWFjIjoiYjQ5YjVmNjhiNDA2NDU2N2ZhNGQyNzZhNjJkOTRkNjA5ODVjNzBlYWYyYzliYWI2YzhlMmZjYmQ2MjkyNjk2MCJ9
.1plus1.video/	1970-01-20 20:07:17	Name: _opov_sid_ Value: 736d07967vrj6369g8193a9off
2plus2.ua/	1970-01-20 02:36:07	Name: session_id Value: 53cebb5e-8ad2-40b7-93eb-04119e24b261
2plus2.ua/	1970-01-20 02:36:07	Name: session_pageview Value: 1650965525.1
2plus2.ua/	1970-01-20 03:19:17	Name: site_visited Value: 1651051925.1
2plus2.ua/	1970-01-21 06:22:45	Name: lapuid Value: 0bd1f457-d36b-4630-87bc-e02d7106f2e1
2plus2.ua/	1970-01-20 12:02:00	Name: _pk_id.6.87d8 Value: 05650d03634247ce.1650965526.1.1650965526.1650965526.
2plus2.ua/	1970-01-20 02:36:07	Name: _pk_ses.6.87d8 Value: *
.2plus2.ua/	1970-01-20 12:04:53	Name: __gfp_64b Value: 9ArXRDrJC2ldCePhAgTIOQaFlzrggWyRq3VyJyYgIsr.P7\|1650965525
a4p.adpartner.pro/	1970-01-20 04:02:29	Name: apuid Value: 0bd1f457-d36b-4630-87bc-e02d7106f2e1
a4p.adpartner.pro/	1970-01-21 06:22:45	Name: apudmg Value: 1
.2plus2.ua/	1970-01-20 02:37:31	Name: _gid Value: GA1.2.1694986559.1650965526
.2plus2.ua/	1970-01-20 02:36:05	Name: _gat_UA-3838466-26 Value: 1
.2plus2.ua/	1970-01-20 02:36:05	Name: _gat_UA-113262294-1 Value: 1
.2plus2.ua/	1970-01-20 20:07:17	Name: _ga_KRRGZR24WG Value: GS1.1.1650965525.1.0.1650965525.0
.2plus2.ua/	1970-01-20 20:07:17	Name: _ga Value: GA1.1.1097530106.1650965526
1plus1.video/	1970-01-21 04:52:53	Name: _opov_hid_l Value: 5201373b-fd9d-597c-8479-1de057355ea7
www.clarity.ms/	1970-01-20 11:21:41	Name: CLID Value: a3b6f13f04cb45389f183a08db7486c4.20220426.20230426
.2plus2.ua/	1970-01-20 04:45:41	Name: _fbp Value: fb.1.1650965526153.668903437
2plus2.ua/	1970-01-20 03:19:17	Name: _pbjs_userid_consent_data Value: 3524755945110770
.2plus2.ua/	1970-01-20 11:21:41	Name: _pubcid Value: 9f8094a4-5736-442d-bc2e-7aaa4ce2af91
.admixer.net/	1970-01-20 04:45:41	Name: am-uid Value: b763b7135ed2431285cde6d593c24017
pbjs.e-planning.net/	1969-12-31 23:59:59	Name: CT Value: 1
.ads.adnuntius.delivery/	1970-01-20 03:19:17	Name: usi Value: lws1!c5a5c438258e6f883ecd3cfcbade806a
.ads.adnuntius.delivery/	1969-12-31 23:59:59	Name: sessionId Value: 481a1488a41f36c7e0c164f375966cd2
.e-planning.net/	1970-01-22 15:55:17	Name: E Value: AOb19V45HEUANZGF
.2plus2.ua/	1970-01-20 11:21:41	Name: _clck Value: zpa4yx\|1\|f0y\|0
.uuidksinc.net/	1970-01-20 11:21:41	Name: jcsuuid Value: 60qPSNzyK9kDLy8PpLe5
.eskimi.com/	1970-01-20 03:19:17	Name: __eConsent Value: 1
.adhigh.net/	1970-01-20 11:21:41	Name: gi_u Value: 5AykLz2UP17.AikABlGAZTa46Q
a4p.adpartner.pro/	1970-01-20 11:21:41	Name: buyeruid_63 Value: bfeed611-ec73-4470-734b-1b0e95fdb0cf
a4p.adpartner.pro/	1970-01-20 11:21:41	Name: buyeruid_64 Value: 0ef52fa8-e2d0-4907-6fa5-fe53e29fefa1
.2plus2.ua/	1970-01-20 11:57:41	Name: __gads Value: ID=7a215126f9b6f046-22d5b64883cd00c4:T=1650965526:S=ALNI_MZZQ2gXMJgNKJjFEheJ-_MnI9deuQ
.betweendigital.com/	1970-01-20 11:21:41	Name: dc Value: was1
.betweendigital.com/	1970-01-20 11:21:41	Name: ss Value: 1
.betweendigital.com/	1970-01-20 11:21:41	Name: tuuid Value: ba589e51-2265-5374-aeeb-e029cc8c5c3f
.doubleclick.net/	1970-01-20 11:57:41	Name: IDE Value: AHWqTUlsqpduzK0Nk9ZQRXv5szwhRABwZwUGKLCLTyq_B45aJAnPhNxpqCdEsnrD6Ss
.2plus2.ua/	1970-01-20 02:37:31	Name: _clsk Value: 1tr9yiw\|1650965527117\|1\|1\|d.clarity.ms/collect
.adtelligent.com/	1970-01-20 04:05:22	Name: vmuid Value: 1196309b3e816481
.adtelligent.com/	1970-01-20 04:05:22	Name: a307558 Value: 0bd1f457-d36b-4630-87bc-e02d7106f2e1
.betweendigital.com/	1970-01-20 11:21:41	Name: ut Value: Yme8FwABsZgztLjNdejBnclGPMeuweZmjIQbmQ==
a4p.adpartner.pro/	1970-01-20 11:21:41	Name: buyeruid_47 Value: ba589e51-2265-5374-aeeb-e029cc8c5c3f
a4p.adpartner.pro/	1970-01-20 11:21:41	Name: buyeruid_57 Value: ba589e51-2265-5374-aeeb-e029cc8c5c3f
.hit.gemius.pl/	1970-01-20 12:04:53	Name: Gdyn Value: KlSVwMaGQMQGC2TRFvhGpclissGMW1soL6nxmG712QnIwvaiGsRP5eSiGKGGqeBRgGlsle82syRPgSVgRMSG
.doubleclick.net/	1970-01-20 02:36:09	Name: DSID Value: NO_DATA
.acint.net/	1970-01-20 02:36:06	Name: test_cookie Value: CheckForPermission
.acint.net/	1970-01-25 20:05:16	Name: aid Value: fwAAAWJnvBgDqAp3BiUYAmJeOGoscrd2t6ANPpLn+mxn85u8
.acint.net/	1970-01-20 03:19:17	Name: cSyncDp14v3 Value: 1650965528
.ssp-rtb.sape.ru/	1970-01-25 20:05:16	Name: sspuid Value: fwAAAWJnvBgmLgA9lDZSAoEMTy3Vf6ttGWiOGuz06RagonG+
a4p.adpartner.pro/	1970-01-20 11:21:41	Name: buyeruid_53 Value: 0100007F18BC6762770AA80302182506
a4p.adpartner.pro/	1970-01-20 11:21:41	Name: buyeruid_55 Value: 0100007F18BC6762770AA80302182506
.criteo.com/	1970-01-20 11:57:41	Name: uid Value: a4838966-fae9-45e7-ab95-eda32c527bd0
.c.bing.com/	1970-01-20 11:57:41	Name: SRM_B Value: 3287A780370E6F730134B61236856E6E
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 11:57:41	Name: MUID Value: 3287A780370E6F730134B61236856E6E
.c.clarity.ms/	1970-01-20 02:36:06	Name: ANONCHK Value: 0
.2plus2.ua/	1970-01-20 11:57:41	Name: cto_bundle Value: mHPXF19kWHpFcE5HbnVNdndtUzdNMHhpeFN2cjlqV093WG11bVRKY1hFNFltbk53R0duOG1mdUxWa1IzYXYlMkJ6RyUyQmdrZGZrM0tUSTZncUtJYUJ1YVU4NUxqVFd2RlNGM0JNODcxYTRibUlFazVSdkZreWNGWm1ZaEI3cXBSOE90OW5na1REM3pmbmFTYU9rcmhWUUhyNUZqd29RJTNEJTNE
.2plus2.ua/	1970-01-20 11:57:41	Name: cto_bidid Value: kHqJiF9MYThGJTJCRjBZczZueHM2RkFldjBYbFJuNHZtU1Uwa2FrMURQZVVlc2J6Vkp4NXZtQXJxOE1teXhWMGNMV3hBUk9JRUw0TDdWMDRtbFpHNG01M3pnWWQ0dzBQcVRrMmZEMGJ3TmRFbFNva0xFJTNE

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://script.crazyegg.com/pages/scripts/0068/3674.js Message: Failed to load resource: the server responded with a status of 410 ()
other	warning	URL: https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1plus1.video
1x1.a-mo.net
2plus2.ua
a4p.adpartner.pro
acint.net
ads.adnuntius.delivery
ads.betweendigital.com
adservice.google.com
adservice.google.de
adtelligent-d.openx.net
api.1plus1.video
assay.1plus1.ua
bidder.criteo.com
c.bing.com
c.clarity.ms
cdn.ampproject.org
cdn.mouseflow.com
connect.facebook.net
d.clarity.ms
dm-eu.hybrid.ai
dsp-trk.eskimi.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
exchange.buzzoola.com
f0009bcbdfe4baf56000cd1b0d8d600f.safeframe.googlesyndication.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
gaua.hit.gemius.pl
ghb.adtelligent.com
ghb1.adtelligent.com
go.rcvlink.com
googleads.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
i.cdnkimg.com
ib.adnxs.com
id5-sync.com
images.1plus1.video
imasdk.googleapis.com
inv-nets.admixer.net
ls.hit.gemius.pl
match.new-programmatic.com
mug.criteo.com
onetag-sys.com
pagead2.googlesyndication.com
pbjs.e-planning.net
player.adtcdn.com
player.adtelligent.com
prebid-eu.creativecdn.com
prebid.a-mo.net
px.adhigh.net
s.uuidksinc.net
s0.2mdn.net
script.crazyegg.com
securepubads.g.doubleclick.net
ssp-rtb.sape.ru
static.criteo.net
stats.g.doubleclick.net
sync.adtelligent.com
t.trafmag.com
tpc.googlesyndication.com
www.acint.net
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
adtelligent-d.openx.net
fastlane.rubiconproject.com
ghb1.adtelligent.com
hbopenbid.pubmatic.com
ib.adnxs.com
prebid.a-mo.net
136.243.84.74
142.250.186.66
144.76.118.200
146.0.227.109
146.59.30.104
168.119.145.118
178.250.0.157
178.250.0.165
185.184.8.90
193.200.65.5
193.232.150.61
195.137.240.102
195.137.240.108
195.137.240.12
195.137.240.20
195.137.240.88
209.205.201.34
217.65.2.150
23.111.9.38
23.227.139.243
2606:4700:3030::6815:5525
2606:4700::6813:9408
2620:1ec:27::cafe:1734
2620:1ec:c11::200
2a00:1450:4001:801::2002
2a00:1450:4001:801::200a
2a00:1450:4001:808::2002
2a00:1450:4001:808::200a
2a00:1450:4001:809::2003
2a00:1450:4001:813::200e
2a00:1450:4001:827::2004
2a00:1450:4001:828::200e
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2008
2a00:1450:400c:c00::9d
2a00:1450:400e:801::2006
2a02:2638:1::3
2a02:2638::1c
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
2a06:98c1:3121::7
3.223.60.98
31.220.27.134
34.120.139.69
37.18.103.21
40.76.174.66
45.133.44.3
45.133.44.36
46.249.52.249
46.4.121.26
51.38.120.206
51.89.42.88
52.142.114.2
54.37.238.28
54.38.197.123
96.46.186.57
01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb
0479c803e597c9eacc35328c18e47b75104c9c67359da67d31fa807de6309663
04beacc279624ccef5244d9419e8733b4b3e44357844d7bf4a0cb58c795e5f7e
0504d9f9a134a9acc6d5ffefacd131df9ed5ac7023d3c2aeecd48a4d0419a3e8
086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e
08c321615bfe65e41e8aef06d659058d5bbcf35c9d6e539962337833d7178b8a
09fba596f1ba572cf4b3ceb9c1f3962d1b75bbb4a6d6d7707f1f93e2fe889aee
0a79e4b9555c24441d9c72f0c51a7793442ecb15b2b801a802fefca592b91c65
0b016144dd49628a11a5593d42bd4e909e6151a940fb035474dcac20557e1a90
0b43999f77e447254a78e068f55a6cc9075071b252277337b901e095e607e474
10066841bfc9534e75adc9de3c5b8f027a6d4cf60e8cc53debef50491928e60d
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12dce315d1b30fafff70b92232490b5b1996e8bebc262cb96da11399f5101707
143f50225190e7a587d8e43d7504c7645b29f1dfb957eae82f59977a6cc35c98
1494d2b38bdef6a3475b947ca1d5f10a402a0005b5ac0e1f052e689219dfd703
1513d4318a1dd86dc18b04a7c79d4881f71be210132625d7dbff1ebad0ea5b5c
1532bcc72c38d2a840ec42e83b35d53515146a8401f7424bcc666c982cefe93e
1548772caa46793e03847e6238ecb26258270f399d6103f80ad3d14ebf266d03
155044da3bf9c8ad13a0788720b187d7d78971f4acc628e695c5c52aa31469c0
162494aa6881face214d38b96351f874a65216201f50e94761ca21808c0aa93f
17c04cf3cf749a7a7ba318bac9fc00761437f300c6ebbb51c04592f594519c08
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1ec70c7fb22a0abb4cf77eab8f2b4b3a5c674107b30f1bdf7f4d118a9c61e7da
213738a8de7a1e55874dcbc92825c84599256579b64f60f19c2514e61844e6bb
265564711b8fd136d368efb9154e8b2758c252140b92d442bf497e60ceffd01b
26b24e45de221324896ebf42fc5982d8387c8672aace4eee6ac923b21fb2cac7
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
2c4e80d639308731c8bde682d8f59d5e569fbb810a1b1468c62625dbbdea2631
2cec75957c7622402fd8427afd02bd2249b749678a35f052774fbee3842795a5
2d97ecc3fc54beb500cfdfaab6e611f49e22c5dbaf368ede1c612e50bfd5099f
2ddefcdc9f260c5ffeb93fed110fe9d929028226f9a2d8a4934ea52b546e9640
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e8fa2037c41372ddc72ea1e08a477ba37998b54b5416b8cff0554fa5b865e27
2eb2a641ec9143273f4f5ba4f1526364fd4b1a040b628b4be54b77dbe362690f
3125c1ea83824995865371165e5021548dab498db363ada63d5b174d09c990d8
33a45a5a9868fae393389cde23193e59ecadb3a257550ceb3d7499b15d985d10
344eccc5f3ea7ebac658c1b57b9b4a21b83405d1065a480bf2bb3d01628e5e20
353a5e4a7611107a43e8489d208bbb4866ffa68d95da0928af78a3dd7cf1bf93
373deb961a720e1e159bdafc2ab4e9ad0478f910034025f667c92e21dbd0a044
38226ef4c4f4558c9b3f34d86b4325786d4d27ab4ac9d95616e628ab0e52521d
3877a009c29d6544113f27118f4d44385da6d6703ff8d53ed031e6da71825888
3dac64a94fcc4eae3c54f1f12824e9b82bebbec1acb3cb8b908f4ecc1f90e578
3e50ec9bf9cd0bd36e6893758780613e45003ce16354ba6d3efff6e51edb6ef6
42d66f023bb368180a0b3fe8fb92af402514a0c335f3c16279c020398e6b9308
47e0d362a8eaa14f412baa47e2e6be04c9c65e479e6de1281fdb511611ac917e
4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98
4ad75e03b778cdde0407c388fd4606a531c03d8a7115ba26c36ddfaa0b80a2c5
4bb408a78beb4f02b5289339069a7d8ea6353d26834b5e0259509c8f8d8d75f9
4fdb2789e08860f01c985cc2d7d6133bcb5820c437bf76f5a82e88b121479b86
517d4417f1918881abb8b87e7be918ca95b9eb50de3a5ef4a46e2e39626aba7b
52594576579dee9defc0f23f35b99dc85f670032a4eb011486033b4da95841cf
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
564790a34f4bb222b6812e6c32b124320b3ccd5db9a922fcff71f72a4bd02673
5767504edc32715193265cf5d3b599a76184ee3dc0856d90915fff2474ee1b24
57b96a2c6ebb815ad47defc14076c1edf72ff3dc1b50e04911c0458630d8ccaf
59b6c9f2c6971abbcad2e331ab235df6fd62693258bad4c25d5b5396c6c7cd9f
5f9ecc527406b9b72bc3a9f4527892dcf842584b7e6aeb7ce816a4c7c8803954
612999f15d4c68749d64849c8fde74ed475f57a9696bb8de13a537af5c7b3527
61b2100a8748346132ab227b5cbb6710c66aa8ed5c6caf241e1d85e7bcc049bf
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64018c36747d449e570f24cab8b3c9d1e9ea794cf06a288e5adafff3da652ab3
65433b0e22ec641f96ad08e8d70ceec34168321e0994762914d110ce913718f7
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
672ace95a9ff08fd4323923191fafd7b76c9ede3ae21cc62724afb4dff985b24
6aa5844ad135353e46dc232fe26175ca0b49c9b5ae0fca001f03c06496c05c1a
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bc87dfab52f0ec81f96fc75f58e5d357898701e94fde529c10de11db7625ef7
6da76e0407ac20e5be7f38f73d9eae1ffc3bd492aa79769c9d900613db9b5dd5
714576ef1d7b58980b7658ae9b8b4d74a223fba87934dc442db4098873e179a3
71490518b000d62ca2e2d64cce8707a7fb90776da874eb02eed12e40f3350cc3
73bf56ea6f8351f43256926aca4e9fde6c2b6611d2d0a2e8b502333e9675529f
74629f7d3f6367a7fcec7e541f25fbec57fba2552fa7d41ed7f6b7af9e0849e3
75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070
76554d6b4c1fab49466d2fcbb7b3a5c9186964de360b2cac5be97f307ce4aa18
773ebb63199b0a3f8eb61439688b29b50516a745d17cb9227ba6b6afa36cdca7
77f5e031eefff035f726c707969ba6071cce707aa502d58aa7be42bb4af7fc8e
791e612349aed62a9516d58dd78dd4b6d4ff989934bc99075adb9c10287da2ee
792972a6b7f330144c0cf22b9c63f8efaff4665dfb2b43868d0cbbaff721d100
79bfb57ae767aa4d6ff454d85780b53b8b3c9c3c5407efa9a423e1d4b3a57603
7a5314559b244ee1d149577a0cd38e949afd8c05891ac9ff066c05916ce7699f
7aaa78bc1b01f0a951224964358a71ff90abc02b7492f64c88980a13f73dbf95
7cd7030765ac761d2d9f1a71728e5801860a4d91c36e74051ceb121237743136
7e83fe9975d2dd72d4a583fa4b72114cd7f17941a949a037fb961a11b12713e4
7f573b2edce0b3073451c72bda43d4ae913c43a4ce64d90e69ae2897aa89c1b1
7f5f2e26f64f54c9515ff82a2b3958ac46c438ebb3f53459a5fcb89cd03d49b9
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84832082edd30098694a82d30d83fea657ab39289a655e26a9a080d6c73ce6fb
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86bd644fe7df3d8a25c96f0390d85fcbbe612c1a5c9d12165b3bdf6991ec47a4
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
8994af594d5b44a2244155d9e567be672557846242b3c65ce86eaaeb652c3744
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8abec3cbedab47bb75f8d39609d43909430614b0988625729409118f3ba6e6b8
8ce00474eccffb0b1082392a553aebc5279bafc53137b9affe3be3a507e7197c
8dd3b91ca60e6a0486326c5c275590dd1d753240c2efa9f94730815813997fee
8e73a30d35c83ea6a597c3343324d2b7df097ad26e67b62efb5266ee12d317b5
8ea36d679c5c9dd3d5582d5f55c70ef4d7e3cf8d5360f8c45a637587483f6ee1
8fb8fc201a6f570ebfce0b3504f6da40f0976cd36c20e2983b6e5b172ebf56a0
8ff010926c781963aa59329983e6b4a7d4108151db014b34539fdc7e95434b44
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
93bbf507c6856f0455811573b7fe0161419e7691d52ccc1759eb89177b184061
972488e1cac62fa8e5f2fbdd3714a2fbdfee7a5f8a817331be2ba3a95e4bb0f4
973d6e263b708df291263bd059652e4716d9ad4bf51da9a87f26c3e4a5d7e4a0
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9d7667843315003196c81adfcd081e8b7bcc59babfff2b503e00cf0bf4f9629d
9fc647aa2ef1f6aa26e64231a4f860b77f8e5ca45ddb241de99581e1235df68d
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a691ce0fb054d5f2128394b9ad9c5961d7c0cdc1804bc83d6760df78ee304d7f
a72ee3b483fdcb212b243a4e684c497f598916becbe02e14b48fae84ff65504c
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7d5c1bfe43c8beefab2fa059f4fcaa029fcbbace9a672aae1dfe1ffb7d6976c
a8cebc2cb04ac75776e861a533e41ea0bd3b69d06f461cb78e086602dac603aa
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ab57099a74901db82b48617000c501bfcbad9d03dc660be639b3fb124ae374f2
ab913a87b721b324515eba65e3e6824a4eca503780e9deb7e4d375204c282e95
aec5ee5147fdc283bcb601dc6231c234d9bec077d32756aef2a75eeedf78038f
aff66da2e24f7833ec3ac1e7136c44b55c3ed0118957894c77eca728bd5fac50
b27bc4768c4299babb24e9953b06abb109dd75b5ee23d8aec2ae96d821363aa7
b2e6c00a45288868369ef6ac73eebb20af2b8a404f13a7a6d2ad2f3854282116
b394d33b2a7ec654a6b037ebfda6618341b3f897a362be624c923c2711b54a43
b530fdd5766c37515bb33566d4674ae5c5567ed8973d48fd366004c5c212dc70
b94ed570e00f5bba0eaed65da67bf6f2fc5e107446a682eb045f20dbd12ab0e8
baa7346a51ac22b01b0f63ef8be8a7b0946a67fbe68ccf2c8a783a769bad8870
baaffe9baa5494d0e6b005406165365e99725133e7a1ea1d0292f57dc5be3179
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bc963544c7b58831207820ca1f6aa75f0265843be105cab7b7c3744155616f3a
bd9072da49e87b2c3688527532eb51a54a6886366915be497e4e2de0c83e5859
bf0d8eaae1c5d97a327ea3bb90659b207bf15d403249634b604181fd82ecc427
bf4b80d75d372b22fefb1daed5d5d5113b8895af5d6f876a67dfaa07b6593c30
c0117e5b51a0f56d9da8a8677faa0cef607b306784f3334e9a4e003f3171a076
c1a812779f6809a6d1ae9a59824d3c629ac28da52b79b7c5d2a8494ca73e6313
c47d7a35c17ba5d48070458f909e0da78f86f76ae8a6039a0ebdc4c22318b6eb
c4a648b90b933da069c2324f7919ea7e313922f846864276c5f33bcc95506103
c7571d58fa40f74107002e9991f3b84ca5da3aef2f9f366a7ddc27afb9a90dc0
c8c9282bac0c52f3cb2d49215efe8727bb99da2e83220c8c7d40ddac223a39f3
c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6
c9fd8cf5de47bf7b6f2160006e2a30f43a2a6437ff93444e6ca9c732f544a6ff
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca63193ce799e4e00c9106349365981dc6e26cb77632ebf5df23dffba2aaccfa
cb33386457609ed59866c61e2d9b0d4f4c3c5c6e2c7401c0a0a9fd8f5ff0c951
cbcf722da0e822fa4b7af6e0f9f5abd5b5027c8a7ce366fee906eb84a6ec8bfb
cc200db20b472f3fbff4925ed24a4bc198ba443ae2be35db1b15d69bde5a400f
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ce43847a09e5b32264fd405cadb39468fa323414fb98a57cf90ca100ecc3f365
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d1cc38116e095a9f6be2ae98a439d78dae4ce2b3022905e8de4efb68b8276a97
d3fd91ee62256b439f81a02c678e02a4ac665a52642a475e1cec17e5959db19b
d64597e0f7fbfca465f7c2c3c9353a29d4746301632781083f45faed2dcc0b51
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d6a2db3e79fe9b07cd3d639778ab7a14c6b84fb1b8adb4bb7c4148a0ab070de0
d743cdeee5728b718b26ceffe8d06a4c8ff466355472b8596d087d53faca9476
da9cef05bb3578a7a64b84c5c60ffd0c825548b4dfb0096955cfc1ccc408205d
db1e8ca32d9160e5a98ebab86225e05e9b7557e38d27b0e30d994d4242aae414
dbc5a24f3b39d3bcf13a725f7b352f8ecc7f23672ff9b4832d2dbf4976bf04b2
dc41a2546e6b5e28ddf2602393ecf0337cf32b46eefecea182a5e3a08f1edaff
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
ded40bc9b131ce8d897e8319b65b204d44da586ca44e661f3acc33cb6438b1f4
e029f52d3ee7b5d529e43509e78c8aad836f222e32a308e61360e3fddcec6320
e084c8a87da9ce64e34972a1718ce788ea46bb7898330c73e1a7f2b6c9936d98
e09d7953d3c71ea19fce955fe5303047363350fb29f62d247a4fb2537dbc941d
e0bd93b8f04e67673a3398c9ded686d08e1dc1ad79a96b958ca573ae3d4ab0d6
e0f2bfbabb9841847f2a5b6e1a90ea85ed2cda2648ac0ced424a8e9769e38514
e22f124c889c38ab588d30d0c68d32a4c65cb8e0bddaa81ce011e7c53ac411bd
e24ce462b090fdbb38af89384909309483db1a66bc0d1ce4a5141c4864467868
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e2b2134adf52398755a5e6428ee95f6a6f99db6b82530f2b3e964c5be470cfe0
e36f39713469bd849c4e48f1b99cf3070003cd0613e5cfce4900c082427bf770
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8bc4e2d593bea6f6640df74d4c2be4a6a8a74047c0cfb437f1eb97fe7f48afc
e8bd6044578f524a466c53fa6636fe598ff060f30bb0f62999bbfd217de1d574
e907d3f2e9ab46e2d2959431618413d3cbe722b9761e406bf765d156b154f90b
e9b0da92167e3cff47f3d8c3747f1a34ce548757dadd75139a8aecd7ebc7a408
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2e3293c1558e5b49e30e1e094cfc3412ec386a68067aee04a92fc913f2c2ce
ef7915cf753934066d9f4218ee3eb174d1942572fd93443425e7ac952cba3d34
f01c0bb056018ce4ff8b87be39cfe730a10f4988667a0d3e559c145e493a8f83
f336a6da2e57a1dd5bcd42f29f901d5252438a16952e4577ebdb6e0871e812a0
f375aaa522232e786256e11ddb093a95c35026397d3967ba0b66dd427d833a2e
f820412f4f7f54413ebc4709e5cf4794d068d45004692771fb7b8823cc117a3c
f8853600f75988f9c7eadff8c841791ed037d018027ab20bf39ff4aa5bafcd97
fa3bcc93d1be83ac7d82cd6182d25741cdef5d016e40436266df12a50abbebc3
fcbd587432f5e88fc926d1cde0d375084b7f3e711f9ff34571dec52f70fb27cf
fd8027b53a97cbd5782e85c5908e563c39776703ff9279f50658e630927b4167

2plus2.ua Open in urlscan Pro 195.137.240.102 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

258 Requests

88 %HTTPS

43 %IPv6

49 Domains

71 Subdomains

57 IPs

10 Countries

6386 kBTransfer

11051 kBSize

59 Cookies

24 Outgoing links

Page URL History

Redirected requests

258 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

2plus2.ua Open in urlscan Pro
195.137.240.102 Public Scan

Screenshot
Live screenshot

Full Image

258
Requests

88 %
HTTPS

43 %
IPv6

49
Domains

71
Subdomains

57
IPs

10
Countries

6386 kB
Transfer

11051 kB
Size

59
Cookies

258 HTTP transactions
1 data transactions