Submitted URL: http://2plus2.ua/
Effective URL: https://2plus2.ua/
Submission: On April 26 via api from GB — Scanned from GB

Summary

This website contacted 57 IPs in 10 countries across 49 domains to perform 258 HTTP transactions. The main IP is 195.137.240.102, located in Ukraine and belongs to ASN-UNIAN, UA. The main domain is 2plus2.ua.
TLS certificate: Issued by R3 on March 21st 2022. Valid for: 3 months.
This is the only time 2plus2.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 13 195.137.240.102 29389 (ASN-UNIAN)
54 195.137.240.20 29389 (ASN-UNIAN)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a06:98c1:312... 13335 (CLOUDFLAR...)
7 142.250.186.66 15169 (GOOGLE)
2 195.137.240.12 29389 (ASN-UNIAN)
4 2a00:1450:400... 15169 (GOOGLE)
1 9 54.37.238.28 16276 (OVH)
7 195.137.240.108 29389 (ASN-UNIAN)
7 2a00:1450:400... 15169 (GOOGLE)
4 195.137.240.88 29389 (ASN-UNIAN)
2 21 54.38.197.123 16276 (OVH)
2 45.133.44.3 7018 (ATT-INTER...)
2 146.59.30.104 16276 (OVH)
5 209.205.201.34 55081 (24SHELLS)
8 2a00:1450:400... 15169 (GOOGLE)
1 2 23.111.9.38 33438 (STACKPATH)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a03:2880:f02... 32934 (FACEBOOK)
1 2620:1ec:27::... 8075 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
4 40.76.174.66 8075 (MICROSOFT...)
3 8 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f12... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 146.0.227.109 29066 (VELIANET-...)
1 178.250.0.165 44788 (ASN-CRITE...)
1 51.38.120.206 16276 (OVH)
1 185.184.8.90 204995 (RTB-HOUSE...)
1 2 46.249.52.249 50673 (SERVERIUS-AS)
1 193.200.65.5 6681 (GIVEME-CLOUD)
1 31.220.27.134 39572 (ADVANCEDH...)
1 136.243.84.74 24940 (HETZNER-AS)
1 34.120.139.69 396982 (GOOGLE-CL...)
1 2 193.232.150.61 48061 (UMA-TECH-AS)
1 37.18.103.21 205675 (HYBRID-AS)
1 217.65.2.150 3175 (CITYTELEC...)
6 6 46.4.121.26 24940 (HETZNER-AS)
2 2 168.119.145.118 24940 (HETZNER-AS)
4 4 96.46.186.57 7979 (SERVERS-COM)
2 2 144.76.118.200 24940 (HETZNER-AS)
1 45.133.44.36 39572 (ADVANCEDH...)
1 2a00:1450:400... 15169 (GOOGLE)
1 23.227.139.243 55081 (24SHELLS)
1 3.223.60.98 14618 (AMAZON-AES)
9 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a02:2638:1::3 44788 (ASN-CRITE...)
10 2a00:1450:400... 15169 (GOOGLE)
21 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 52.142.114.2 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
2 4 2a02:2638::1c 44788 (ASN-CRITE...)
3 178.250.0.157 44788 (ASN-CRITE...)
1 51.89.42.88 16276 (OVH)
258 57
Apex Domain
Subdomains
Transfer
65 1plus1.video
images.1plus1.video — Cisco Umbrella Rank: 430498
api.1plus1.video — Cisco Umbrella Rank: 245932
1plus1.video — Cisco Umbrella Rank: 203054
4 MB
31 googlesyndication.com
f0009bcbdfe4baf56000cd1b0d8d600f.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 127
pagead2.googlesyndication.com — Cisco Umbrella Rank: 96
247 KB
21 adpartner.pro
a4p.adpartner.pro — Cisco Umbrella Rank: 6240
32 KB
13 2plus2.ua
2plus2.ua
142 KB
12 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 174
stats.g.doubleclick.net — Cisco Umbrella Rank: 80
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
208 KB
11 gemius.pl
gaua.hit.gemius.pl — Cisco Umbrella Rank: 52625
ls.hit.gemius.pl — Cisco Umbrella Rank: 13716
48 KB
10 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 384
222 KB
10 google.com
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 64
2 KB
10 gstatic.com
fonts.gstatic.com
www.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn0.gstatic.com
382 KB
8 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 746
gum.criteo.com — Cisco Umbrella Rank: 381
mug.criteo.com — Cisco Umbrella Rank: 3086
8 KB
8 adtelligent.com
player.adtelligent.com — Cisco Umbrella Rank: 4493
ghb.adtelligent.com — Cisco Umbrella Rank: 4856
ghb1.adtelligent.com Failed
sync.adtelligent.com — Cisco Umbrella Rank: 3368
35 KB
7 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 1220
d.clarity.ms — Cisco Umbrella Rank: 1920
c.clarity.ms — Cisco Umbrella Rank: 626
25 KB
7 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 35
59 KB
6 acint.net
www.acint.net — Cisco Umbrella Rank: 36864
acint.net — Cisco Umbrella Rank: 27345
2 KB
6 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 39
imasdk.googleapis.com — Cisco Umbrella Rank: 411
334 KB
4 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1831
3 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 58
208 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 628
59 KB
2 buzzoola.com
exchange.buzzoola.com — Cisco Umbrella Rank: 20704
380 B
2 sape.ru
ssp-rtb.sape.ru — Cisco Umbrella Rank: 37854
1 KB
2 adhigh.net
px.adhigh.net — Cisco Umbrella Rank: 11544
730 B
2 e-planning.net
pbjs.e-planning.net — Cisco Umbrella Rank: 5531
1 KB
2 admixer.net
inv-nets.admixer.net — Cisco Umbrella Rank: 2408
962 B
2 google.de
www.google.de — Cisco Umbrella Rank: 6544
adservice.google.de — Cisco Umbrella Rank: 9242
1 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 102
315 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 137
114 KB
2 mouseflow.com
cdn.mouseflow.com — Cisco Umbrella Rank: 6120
17 KB
2 1plus1.ua
assay.1plus1.ua
23 KB
2 adtcdn.com
player.adtcdn.com — Cisco Umbrella Rank: 22438
112 KB
1 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 639
527 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 209
555 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 252
17 KB
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 163
37 KB
1 cdnkimg.com
i.cdnkimg.com — Cisco Umbrella Rank: 9577
96 KB
1 new-programmatic.com
match.new-programmatic.com — Cisco Umbrella Rank: 41604
110 B
1 hybrid.ai
dm-eu.hybrid.ai — Cisco Umbrella Rank: 25429
239 B
1 eskimi.com
dsp-trk.eskimi.com — Cisco Umbrella Rank: 40002
256 B
1 rcvlink.com
go.rcvlink.com — Cisco Umbrella Rank: 62718
110 B
1 uuidksinc.net
s.uuidksinc.net — Cisco Umbrella Rank: 3122
242 B
1 trafmag.com
t.trafmag.com — Cisco Umbrella Rank: 6868
351 B
1 creativecdn.com
prebid-eu.creativecdn.com — Cisco Umbrella Rank: 6092
171 B
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 778
356 B
1 adnuntius.delivery
ads.adnuntius.delivery — Cisco Umbrella Rank: 87692
2 KB
1 a-mo.net
prebid.a-mo.net Failed
1x1.a-mo.net — Cisco Umbrella Rank: 3612
89 B
1 crazyegg.com
script.crazyegg.com — Cisco Umbrella Rank: 1712
0 adnxs.com Failed
ib.adnxs.com Failed
0 pubmatic.com Failed
hbopenbid.pubmatic.com Failed
0 openx.net Failed
adtelligent-d.openx.net Failed
0 rubiconproject.com Failed
fastlane.rubiconproject.com Failed
258 49
Domain Requested by
54 images.1plus1.video 2plus2.ua
1plus1.video
21 tpc.googlesyndication.com 2plus2.ua
tpc.googlesyndication.com
securepubads.g.doubleclick.net
21 a4p.adpartner.pro 2 redirects 2plus2.ua
a4p.adpartner.pro
player.adtcdn.com
13 2plus2.ua 1 redirects 2plus2.ua
10 cdn.ampproject.org securepubads.g.doubleclick.net
9 gaua.hit.gemius.pl 1 redirects 2plus2.ua
gaua.hit.gemius.pl
api.1plus1.video
1plus1.video
8 pagead2.googlesyndication.com srcdoc
tpc.googlesyndication.com
www.googletagservices.com
2plus2.ua
securepubads.g.doubleclick.net
8 www.google.com 3 redirects api.1plus1.video
2plus2.ua
tpc.googlesyndication.com
7 www.google-analytics.com www.googletagmanager.com
a4p.adpartner.pro
www.google-analytics.com
2plus2.ua
7 fonts.gstatic.com fonts.googleapis.com
7 api.1plus1.video 2plus2.ua
1plus1.video
api.1plus1.video
client
imasdk.googleapis.com
7 securepubads.g.doubleclick.net 2plus2.ua
securepubads.g.doubleclick.net
5 ghb.adtelligent.com player.adtelligent.com
player.adtcdn.com
4 gum.criteo.com 2 redirects static.criteo.net
4 googleads.g.doubleclick.net 2plus2.ua
f0009bcbdfe4baf56000cd1b0d8d600f.safeframe.googlesyndication.com
4 ads.betweendigital.com 4 redirects
4 www.acint.net 4 redirects
4 d.clarity.ms www.clarity.ms
d.clarity.ms
4 1plus1.video 2plus2.ua
1plus1.video
4 www.googletagmanager.com 2plus2.ua
1plus1.video
www.googletagmanager.com
4 fonts.googleapis.com 2plus2.ua
api.1plus1.video
securepubads.g.doubleclick.net
3 mug.criteo.com
2 c.clarity.ms 1 redirects
2 imasdk.googleapis.com 1plus1.video
imasdk.googleapis.com
2 static.criteo.net player.adtcdn.com
static.criteo.net
2 f0009bcbdfe4baf56000cd1b0d8d600f.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 adservice.google.com securepubads.g.doubleclick.net
imasdk.googleapis.com
2 exchange.buzzoola.com 2 redirects
2 acint.net 2 redirects
2 ssp-rtb.sape.ru 2 redirects
2 px.adhigh.net 1 redirects 2plus2.ua
2 pbjs.e-planning.net 1 redirects 2plus2.ua
2 inv-nets.admixer.net player.adtcdn.com
2plus2.ua
2 www.facebook.com 2plus2.ua
2 connect.facebook.net 2plus2.ua
connect.facebook.net
2 cdn.mouseflow.com 1 redirects 2plus2.ua
2 ls.hit.gemius.pl gaua.hit.gemius.pl
2 player.adtelligent.com player.adtcdn.com
2 assay.1plus1.ua 2plus2.ua
2 player.adtcdn.com 2plus2.ua
1 id5-sync.com player.adtcdn.com
1 c.bing.com 1 redirects
1 s0.2mdn.net imasdk.googleapis.com
1 www.googletagservices.com 2plus2.ua
1 encrypted-tbn0.gstatic.com 2plus2.ua
1 encrypted-tbn1.gstatic.com 2plus2.ua
1 adservice.google.de securepubads.g.doubleclick.net
1 1x1.a-mo.net 2plus2.ua
1 sync.adtelligent.com 2plus2.ua
1 www.gstatic.com www.google.com
1 i.cdnkimg.com 2plus2.ua
1 match.new-programmatic.com 2plus2.ua
1 dm-eu.hybrid.ai 2plus2.ua
1 dsp-trk.eskimi.com 2plus2.ua
1 go.rcvlink.com 2plus2.ua
1 s.uuidksinc.net 2plus2.ua
1 t.trafmag.com 2plus2.ua
1 prebid-eu.creativecdn.com player.adtcdn.com
1 onetag-sys.com player.adtcdn.com
1 bidder.criteo.com player.adtcdn.com
1 ads.adnuntius.delivery player.adtcdn.com
1 www.google.de 2plus2.ua
1 stats.g.doubleclick.net www.google-analytics.com
1 www.clarity.ms 2plus2.ua
1 script.crazyegg.com www.googletagmanager.com
0 ib.adnxs.com Failed player.adtcdn.com
0 ghb1.adtelligent.com Failed player.adtcdn.com
0 hbopenbid.pubmatic.com Failed player.adtcdn.com
0 adtelligent-d.openx.net Failed player.adtcdn.com
0 prebid.a-mo.net Failed player.adtcdn.com
0 fastlane.rubiconproject.com Failed player.adtcdn.com
258 71
Subject Issuer Validity Valid
2plus2.ua
R3
2022-03-21 -
2022-06-19
3 months crt.sh
*.1plus1.video
Go Daddy Secure Certificate Authority - G2
2021-10-22 -
2022-08-14
10 months crt.sh
upload.video.google.com
GTS CA 1C3
2022-04-11 -
2022-07-04
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-07-17 -
2022-07-16
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-04-11 -
2022-07-04
3 months crt.sh
assay.1plus1.ua
R3
2022-03-10 -
2022-06-08
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2022-04-11 -
2022-07-04
3 months crt.sh
*.hit.gemius.pl
Sectigo ECC Domain Validation Secure Server CA
2021-09-08 -
2022-09-25
a year crt.sh
*.gstatic.com
GTS CA 1C3
2022-04-11 -
2022-07-04
3 months crt.sh
adpartner.pro
R3
2022-03-31 -
2022-06-29
3 months crt.sh
player.adtelligent.com
R3
2022-03-21 -
2022-06-19
3 months crt.sh
ghb.adtelligent.com
ZeroSSL ECC Domain Secure Site CA
2022-04-07 -
2022-07-06
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2022-02-01 -
2022-05-02
3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1
2022-02-27 -
2023-02-27
a year crt.sh
a.clarity.ms
Microsoft RSA TLS CA 01
2021-07-27 -
2022-07-27
a year crt.sh
www.google.com
GTS CA 1C3
2022-04-11 -
2022-07-04
3 months crt.sh
www.google.de
GTS CA 1C3
2022-04-11 -
2022-07-04
3 months crt.sh
*.admixer.net
Sectigo ECC Domain Validation Secure Server CA
2021-11-16 -
2022-12-17
a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-04-11 -
2022-07-07
3 months crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-01-10 -
2023-01-03
a year crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1
2022-03-17 -
2023-04-12
a year crt.sh
*.trafmag.com
Sectigo RSA Domain Validation Secure Server CA
2021-06-10 -
2022-06-22
a year crt.sh
uuidksinc.net
R3
2022-03-21 -
2022-06-19
3 months crt.sh
*.rcvlink.com
Thawte RSA CA 2018
2021-10-01 -
2022-10-01
a year crt.sh
*.eskimi.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1
2022-04-14 -
2023-05-15
a year crt.sh
*.hybrid.ai
Sectigo RSA Domain Validation Secure Server CA
2020-07-07 -
2022-10-05
2 years crt.sh
new-programmatic.com
R3
2022-04-20 -
2022-07-19
3 months crt.sh
i.cdnkimg.com
R3
2022-04-02 -
2022-07-01
3 months crt.sh
*.a-mo.net
Amazon
2021-08-10 -
2022-09-08
a year crt.sh
*.google.de
GTS CA 1C3
2022-04-11 -
2022-07-04
3 months crt.sh
*.google.com
GTS CA 1C3
2022-04-11 -
2022-07-04
3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-04-11 -
2022-07-13
3 months crt.sh
misc-sni.google.com
GTS CA 1C3
2022-04-11 -
2022-07-04
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2022-04-11 -
2022-07-04
3 months crt.sh
*.doubleclick.net
GTS CA 1C3
2022-04-11 -
2022-07-04
3 months crt.sh
*.id5-sync.com
R3
2022-03-08 -
2022-06-06
3 months crt.sh

This page contains 25 frames:

Primary Page: https://2plus2.ua/
Frame ID: D0161131B53681E3F1C04E5F90DA3755
Requests: 137 HTTP requests in this frame

Frame: https://1plus1.video/video/embed/12XPPTDu?autoplay=0&l=ua&logo=plus2
Frame ID: 997D1DB0FABF00F373B58C72A5E396EE
Requests: 44 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tt?time=0&apuid=undefined&session_pageview=1&session_id=53cebb5e-8ad2-40b7-93eb-04119e24b261&site_visited=1&location=https%3A%2F%2F2plus2.ua%2F&referer=
Frame ID: C7CB6E6547D8913AECFA81118D04F92E
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/vunit/ls?vunit=1412&bannerNum=51871773489982840&apuid=0bd1f457-d36b-4630-87bc-e02d7106f2e1&session_pageview=1&session_id=53cebb5e-8ad2-40b7-93eb-04119e24b261&site_visited=1&location=https%3A%2F%2F2plus2.ua%2F
Frame ID: 1E9D1F5D698DCB0A25DAE0B20E0FCB93
Requests: 3 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: DCB08856FB9E1B32F5A91967D57F1A8A
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%25220bd1f457-d36b-4630-87bc-e02d7106f2e1%2522%252C%2522event%2522%253A%2522load%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2067646%252C%2522rule_id%2522%253A184166%252C%2522show_id%2522%253A%2522ea7106e6-030e-424a-b76f-4c16b2c21c42%2522%257D%255D%252C%2522unit_id%2522%253A1412%252C%2522region_id%2522%253A86%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522ea7106e6-030e-424a-b76f-4c16b2c21c42%2522%252C%2522url%2522%253A%2522https%25253A%25252F%25252F2plus2.ua%25252F%2522%257D
Frame ID: C08A97C10636F40C3658B195A53C4BE9
Requests: 1 HTTP requests in this frame

Frame: https://i.cdnkimg.com/image/banner/2537/537/625044d428d11t1649427668r812.jpg
Frame ID: C08737FA88601D2E3D81A0E167C529CC
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%220bd1f457-d36b-4630-87bc-e02d7106f2e1%22%2C%22event%22%3A%22load%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A0%2C%22cost%22%3A0.0021380956177334%2C%22dsp_id%22%3A51%2C%22rule_id%22%3A0%2C%22show_id%22%3A%229cbf18a5-ee0d-4d56-a436-103d73d0fe43%22%7D%5D%2C%22unit_id%22%3A7803%2C%22region_id%22%3A86%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252F2plus2.ua%252F%22%7D
Frame ID: 858B4E57C1B671A079C8649CFA1C6648
Requests: 1 HTTP requests in this frame

Frame: https://f0009bcbdfe4baf56000cd1b0d8d600f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E95203C85E52ED118C108254DC20A96A
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: F5B55A579ED8070B711E5DCFDBDBB2FC
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs
Frame ID: B45C896D8D10CA32F0B256F93F189921
Requests: 12 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs
Frame ID: 18EDE00325DF3288E8941BDF1E311F77
Requests: 18 HTTP requests in this frame

Frame: https://f0009bcbdfe4baf56000cd1b0d8d600f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: AE12E7A4F86EE39CFC46674C0FDBBC93
Requests: 1 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: C369F964DA74F655FD93D23885994E7A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14495005349147051939/index.html
Frame ID: DFCB30085832F04804116D65CAE5B3F6
Requests: 11 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pagead/adview?ai=CvcT7FrxnYsLmIIfO3gOFnpnIBczb0-hpwpivrKoOrgIQASD9_4UjYJWikoKgB6AB0Maj4QPIAQmpAqjT39Urs3s-4AIAqAMByANIqgSYAk_Q6TPPNZHkWVlv-3bzjvxEKj4tt5nEECmyALw6GAiXT0tLPbsBBtpYLT8se8QUYXcdwWOo_1J04VaBjMMoNzObmnAWX_tQsQY0g5JfS2wvyw-LEgzP4FOMNNHKtFj7RGL7gZIICWv0KkusEY7uXCvDCLa5XjkNAbvVv5k6x-GBiavGHktZJNBQ0oZcUmPgwPDyELE3zpQeYOekLFlHfzhKtoav7Dd7nNQ1Grkh8xavSuo8krsOK-RAzpKYZOqqxBHkznpG-I0mVXwAb1WTcG7g5XF7AH4mFEtMuejsP_ZF4C6brOsL-RZ7KybOkZ7DYMCdcvxbSLb3AV-mnYwDcOgM3mPpEYNB6Xz6mnmbayL9CLNARR6n51TABN-X4NCZAuAEAZIFBAgEGAGSBQQIBRgEoAYugAeYudweqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwUQkvaUAdIICQiI4YAQEAEYHYAKA8gLAdgTCogUAdAVAZgWAYAXAbIXHgocCAASFHB1Yi05MTM4MjQ3NjUzNzU0NTMzGNXbFg&sigh=a8EO7sPIsNI&uach_m=[UACH]&template_id=419
Frame ID: 2DD56ADEBF950F411845DFCB5CD5FC8D
Requests: 8 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.512.0_uk.html
Frame ID: CBFC106760D9072A1394E9410AA72C2A
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 03F6C552F83C8D5099ED18D9AAFA84F5
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 161D69F0A7071B5523FCADFB61D272D6
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%220bd1f457-d36b-4630-87bc-e02d7106f2e1%22%2C%22event%22%3A%22unit_iab_show%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A0%2C%22cost%22%3A0.0021380956177334%2C%22dsp_id%22%3A51%2C%22rule_id%22%3A0%2C%22show_id%22%3A%229cbf18a5-ee0d-4d56-a436-103d73d0fe43%22%7D%5D%2C%22unit_id%22%3A7803%2C%22region_id%22%3A86%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252F2plus2.ua%252F%22%7D
Frame ID: 0472D0E62FD16B7E5CC04D23133DF6AB
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%220bd1f457-d36b-4630-87bc-e02d7106f2e1%22%2C%22event%22%3A%22ad_iab_show%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A0%2C%22cost%22%3A0.0021380956177334%2C%22dsp_id%22%3A51%2C%22rule_id%22%3A0%2C%22show_id%22%3A%229cbf18a5-ee0d-4d56-a436-103d73d0fe43%22%7D%5D%2C%22unit_id%22%3A7803%2C%22region_id%22%3A86%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252F2plus2.ua%252F%22%7D
Frame ID: ECF1CC9C7378ABD6EBA4BE6FB5A9025F
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=2plus2.ua
Frame ID: DBE35919948A3CAD0F52FDB5AA342C9D
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5FC9D6FAE33D9DA9E4158927DCA4D7FB
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E92A4B84DCA4564A3C54CF2E8920DA3A
Requests: 2 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tt?time=10&apuid=0bd1f457-d36b-4630-87bc-e02d7106f2e1&session_pageview=1&session_id=53cebb5e-8ad2-40b7-93eb-04119e24b261&site_visited=1&location=https%3A%2F%2F2plus2.ua%2F&referer=
Frame ID: 8DC4479844F6E98C4DAC65A2897456A7
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

2+2 - Офіційний сайт каналу онлайнKyivstar

Page URL History Show full URLs

  1. http://2plus2.ua/ HTTP 301
    https://2plus2.ua/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script\.crazyegg\.com/pages/scripts/\d+/\d+\.js

Overall confidence: 100%
Detected patterns
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • hit\.gemius\.pl/xgemius\.js
  • hit\.gemius\.pl
  • xgemius\.js

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • piwik\.js|piwik\.php

Overall confidence: 100%
Detected patterns
  • cdn\.mouseflow\.com


Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

258
Requests

88 %
HTTPS

43 %
IPv6

49
Domains

71
Subdomains

57
IPs

10
Countries

6386 kB
Transfer

11051 kB
Size

59
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://2plus2.ua/ HTTP 301
    https://2plus2.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 74
  • https://cdn.mouseflow.com/projects/960ccfd6-74cb-4236-9230-f2f5d1c9d1c7.js HTTP 301
  • https://cdn.mouseflow.com/projects/960ccfd6-74cb-4236-9230-f2f5d1c9d1c7_eu.js
Request Chain 90
  • https://gaua.hit.gemius.pl/_1650965525921/rexdot.js?l=100&id=nGhLmYBVmH9lDxK8n6qDIKPertEG4oNkPFAhnpWOfo3.H7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2F2plus2.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=455&lsdata=JcUn.umjW3lOnsQ0s916SP_1nXVPRKVXIBa98E7c2WP.S7BM8kAg8MjrodPsG30sYZNCdiwnQP6Ei4HhJGAhdqW.0oCj/OqmQrabDcTrlk/&fpdata=9ArXRDrJC2ldCePhAgTIOQaFlzrggWyRq3VyJyYgIsr.P7&vis=1&fpcap= HTTP 301
  • https://gaua.hit.gemius.pl/__/_1650965525921/rexdot.js?l=100&id=nGhLmYBVmH9lDxK8n6qDIKPertEG4oNkPFAhnpWOfo3.H7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2F2plus2.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=455&lsdata=JcUn.umjW3lOnsQ0s916SP_1nXVPRKVXIBa98E7c2WP.S7BM8kAg8MjrodPsG30sYZNCdiwnQP6Ei4HhJGAhdqW.0oCj/OqmQrabDcTrlk/&fpdata=9ArXRDrJC2ldCePhAgTIOQaFlzrggWyRq3VyJyYgIsr.P7&vis=1&fpcap=
Request Chain 118
  • https://pbjs.e-planning.net/pbjs/1/2e43c/1/2plus2.ua/ROS?rnd=0.7605878515659497&e=2000x1300_0%3A2000x1300%2B300x250_0%3A300x250%2B300x600_0%3A300x600%2B1440x180_0%3A1440x180&ur=https%3A%2F%2F2plus2.ua%2F&pbv=6.7.0-pre&ncb=1&vs=FFFF&crs=UTF-8&fr=https%3A%2F%2F2plus2.ua%2F&e_pubcid=9f8094a4-5736-442d-bc2e-7aaa4ce2af91 HTTP 302
  • https://pbjs.e-planning.net/hb/1/2e43c/1/2plus2.ua/ROS?ct=1&r=pbjs&rnd=0.7605878515659497&e=2000x1300_0%3A2000x1300%2B300x250_0%3A300x250%2B300x600_0%3A300x600%2B1440x180_0%3A1440x180&ur=https%3A%2F%2F2plus2.ua%2F&pbv=6.7.0-pre&ncb=1&vs=FFFF&crs=UTF-8&fr=https%3A%2F%2F2plus2.ua%2F&e_pubcid=9f8094a4-5736-442d-bc2e-7aaa4ce2af91
Request Chain 124
  • https://px.adhigh.net/p/cm/adpdigital HTTP 302
  • https://px.adhigh.net/p/cm/adpdigital?bounced=1
Request Chain 127
  • https://www.acint.net/rmatch?dp=152&r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D53%26user_id%3D%24%7BUSER_ID%7D HTTP 302
  • https://www.acint.net/rmatch?r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D53%26user_id%3D$%7BUSER_ID%7D&dp=152&tc=1 HTTP 302
  • https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fssp%252Fmatch%253Fdsp_id%253D53%2526user_id%253D$%257BUSER_ID%257D&dp=14 HTTP 302
  • https://acint.net/rmatch?dp=14&euid=0100007F18BC67624000572602A347B5&r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D53%26user_id%3D$%7BUSER_ID%7D HTTP 302
  • https://a4p.adpartner.pro/ssp/match?dsp_id=53&user_id=0100007F18BC6762770AA80302182506
Request Chain 128
  • https://www.acint.net/rmatch?dp=152&r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D55%26user_id%3D%24%7BUSER_ID%7D HTTP 302
  • https://www.acint.net/rmatch?r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D55%26user_id%3D$%7BUSER_ID%7D&dp=152&tc=1 HTTP 302
  • https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fssp%252Fmatch%253Fdsp_id%253D55%2526user_id%253D$%257BUSER_ID%257D&dp=14 HTTP 302
  • https://acint.net/rmatch?dp=14&euid=0100007F18BC67623D002E2602523694&r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D55%26user_id%3D$%7BUSER_ID%7D HTTP 302
  • https://a4p.adpartner.pro/ssp/match?dsp_id=55&user_id=0100007F18BC6762770AA80302182506
Request Chain 129
  • https://ads.betweendigital.com/match?bidder_id=44025&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D47%26user_id%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=44025&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D47%26user_id%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://a4p.adpartner.pro/ssp/match?dsp_id=47&user_id=ba589e51-2265-5374-aeeb-e029cc8c5c3f
Request Chain 130
  • https://ads.betweendigital.com/match?bidder_id=44053&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D57%26user_id%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=44053&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D57%26user_id%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://a4p.adpartner.pro/ssp/match?dsp_id=57&user_id=ba589e51-2265-5374-aeeb-e029cc8c5c3f
Request Chain 131
  • https://exchange.buzzoola.com/cookiesync/redirect/adpartner?redirect_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D63%26user_id%3D%24%7BUUID%7D HTTP 301
  • https://a4p.adpartner.pro/ssp/match?dsp_id=63&user_id=bfeed611-ec73-4470-734b-1b0e95fdb0cf
Request Chain 132
  • https://exchange.buzzoola.com/cookiesync/redirect/adpartner?redirect_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D64%26user_id%3D%24%7BUUID%7D HTTP 301
  • https://a4p.adpartner.pro/ssp/match?dsp_id=64&user_id=0ef52fa8-e2d0-4907-6fa5-fe53e29fefa1
Request Chain 133
  • https://a4p.adpartner.pro/ssp/match?redirect=https://inv-nets.admixer.net/adxcm.aspx?ssp=5942A2DB-845D-4521-B8C1-8F2E4FE4D122&id={user_id} HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=5942A2DB-845D-4521-B8C1-8F2E4FE4D122
Request Chain 137
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=0bd1f457-d36b-4630-87bc-e02d7106f2e1
Request Chain 215
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 216
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 232
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 241
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?CtsSyncId=26FB80642D3E4FE7BC7D8081F48BCF0F&RedC=c.clarity.ms&MXFR=09785F38D0386A0837E04EAAD4386415 HTTP 302
  • https://c.clarity.ms/c.gif?CtsSyncId=26FB80642D3E4FE7BC7D8081F48BCF0F&MUID=3287A780370E6F730134B61236856E6E
Request Chain 247
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=2plus2.ua&sn=ChromeSyncframe&so=0&topUrl=2plus2.ua&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=kXwXnnxrUjRKUzUxU0xSQ1BRa0NEekxpUmFQVENPMENGbitoVU9kYVJoU2xSVExPV3p6d0xQd2szN21QbG1INUsySGIxUWxGTFgvUFJFNDdlRFl5NCtJS2tmNDZPQ0tKUXAzK3E0ZEpwNkxhUEtwajF6K1c0MzBIVlB2WnpvMHg1RXJnSkFhNEFFRTJiS3Jmb0VOZ0djakNZNG9Nb0phckpmamJvL1ZHbmtqSTdySG9KaXF5TUF2TWVWMWtidXBvL21nbUJncWUxSmd1VzdYUjNydmVHRHE0SFdJNGZxUnZpdHRjbkJsZFRmUXZ5Y1BxOFZkMlMvTHpWcENaR1Z4TnArYUFWWVd5dDhsc1VXMlZ5MnlZUlZZMzRndz09fA&cppv=2
Request Chain 252
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2F2plus2.ua%2F&domain=2plus2.ua&cw=1&pbt=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=bQcObHxENXB2cUpoM1ZaNTYwTDdoSzBCdVdLR1g3ZG5iQlE0dTBsMnAzclB3QWZWS2J0T09pN0gxQ2JhUzMwdFBrd2M2UGZCc0cyYmJCSXA2WHN0SHBjQ0NOakhqUU5VbjFPUkdCYU42cDNISGU3R0dxLzNXUnNDc1dDSFdkeVI5Y2hLTlcwZWtPK3REbElmTFR5VU5sSXBzMDRqSldYNXAwOUFhNHJkdHF6aVhIR3pZQTBYTXZReDZIT0NFbU1Ud0ptZHZkaUxIL0xSc1Y2Y0xXUHdZREMrWG0xOVMwV3p1ZVJVUFFCdnFveWhnVk1ranYxdXgxV3VHb3NHYk1nZjQ3VUJydDVmdGNWeGR4c1lBcGh6ayt6cmx6UT09fA&cppv=2

258 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
2plus2.ua/
Redirect Chain
  • http://2plus2.ua/
  • https://2plus2.ua/
127 KB
31 KB
Document
General
Full URL
https://2plus2.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
195.137.240.102 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
front03.1plus1.ua
Software
nginx /
Resource Hash
bf0d8eaae1c5d97a327ea3bb90659b207bf15d403249634b604181fd82ecc427

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Cache-Control
no-cache, private
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Tue, 26 Apr 2022 09:32:04 GMT
Keep-Alive
timeout=15
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding

Redirect headers

Connection
keep-alive
Content-Length
178
Content-Type
text/html
Date
Tue, 26 Apr 2022 09:32:03 GMT
Keep-Alive
timeout=15
Location
https://2plus2.ua/
Server
nginx
app.css
2plus2.ua/css/
163 KB
34 KB
Stylesheet
General
Full URL
https://2plus2.ua/css/app.css?id=0d35840da3ccf68354bf
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
195.137.240.102 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
front03.1plus1.ua
Software
nginx /
Resource Hash
c8c9282bac0c52f3cb2d49215efe8727bb99da2e83220c8c7d40ddac223a39f3

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 26 Apr 2022 09:32:04 GMT
Content-Encoding
gzip
Last-Modified
Mon, 25 Apr 2022 12:23:46 GMT
Server
nginx
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=1209600
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=15
Expires
Tue, 10 May 2022 09:32:04 GMT
codes-initialization.js
2plus2.ua/js/
2 KB
1 KB
Script
General
Full URL
https://2plus2.ua/js/codes-initialization.js?id=6995a6db18672037bb0c
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
195.137.240.102 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
front03.1plus1.ua
Software
nginx /
Resource Hash
0504d9f9a134a9acc6d5ffefacd131df9ed5ac7023d3c2aeecd48a4d0419a3e8

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 26 Apr 2022 09:32:04 GMT
Content-Encoding
gzip
Last-Modified
Mon, 25 Oct 2021 08:57:18 GMT
Server
nginx
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=1209600
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=15
Expires
Tue, 10 May 2022 09:32:04 GMT
logo.svg
2plus2.ua/img/icons/
574 B
883 B
Image
General
Full URL
https://2plus2.ua/img/icons/logo.svg
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
195.137.240.102 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
front03.1plus1.ua
Software
nginx /
Resource Hash
d3fd91ee62256b439f81a02c678e02a4ac665a52642a475e1cec17e5959db19b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 26 Apr 2022 09:32:04 GMT
Last-Modified
Wed, 19 Sep 2018 09:53:34 GMT
Server
nginx
Content-Type
image/svg+xml
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
574
Expires
Tue, 10 May 2022 09:32:04 GMT
e2861f1619973d76f56ed0df427c3c2d.jpg
images.1plus1.video/other-1/
92 KB
93 KB
Image
General
Full URL
https://images.1plus1.video/other-1/e2861f1619973d76f56ed0df427c3c2d.jpg
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
images.1plus1.ua
Software
nginx /
Resource Hash
08c321615bfe65e41e8aef06d659058d5bbcf35c9d6e539962337833d7178b8a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 09:32:05 GMT
last-modified
Mon, 14 Mar 2022 09:09:43 GMT
server
nginx
etag
"e2861f1619973d76f56ed0df427c3c2d"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
content-length
94507
accept-ranges
bytes
x-1p1-cdn
BYPASS; Tue, 26 Apr 2022 09:32:05 GMT
expires
Tue, 03 May 2022 09:32:05 GMT
98c2160bfdac3da90abbe0f808ea0a72.jpg
images.1plus1.video/other-1/
144 KB
145 KB
Image
General
Full URL
https://images.1plus1.video/other-1/98c2160bfdac3da90abbe0f808ea0a72.jpg
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
images.1plus1.ua
Software
nginx /
Resource Hash
da9cef05bb3578a7a64b84c5c60ffd0c825548b4dfb0096955cfc1ccc408205d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 09:32:05 GMT
last-modified
Mon, 21 Mar 2022 10:55:48 GMT
server
nginx
etag
"98c2160bfdac3da90abbe0f808ea0a72"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
content-length
147595
accept-ranges
bytes
x-1p1-cdn
BYPASS; Tue, 26 Apr 2022 09:32:05 GMT
expires
Tue, 03 May 2022 09:32:05 GMT
ceb56f0f3f537ac55cc52a60f7f0e7e7.jpg
images.1plus1.video/other-1/
149 KB
150 KB
Image
General
Full URL
https://images.1plus1.video/other-1/ceb56f0f3f537ac55cc52a60f7f0e7e7.jpg
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
images.1plus1.ua
Software
nginx /
Resource Hash
84832082edd30098694a82d30d83fea657ab39289a655e26a9a080d6c73ce6fb

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 09:32:05 GMT
last-modified
Thu, 10 Mar 2022 13:29:18 GMT
server
nginx
etag
"ceb56f0f3f537ac55cc52a60f7f0e7e7"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
content-length
152959
accept-ranges
bytes
x-1p1-cdn
BYPASS; Tue, 26 Apr 2022 09:32:05 GMT
expires
Tue, 03 May 2022 09:32:05 GMT
2248efa20ef583a3c94154fe1b7f7e44.jpg
images.1plus1.video/other-1/
100 KB
100 KB
Image
General
Full URL
https://images.1plus1.video/other-1/2248efa20ef583a3c94154fe1b7f7e44.jpg
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
images.1plus1.ua
Software
nginx /
Resource Hash
e8bd6044578f524a466c53fa6636fe598ff060f30bb0f62999bbfd217de1d574

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 09:32:05 GMT
last-modified
Mon, 14 Mar 2022 09:07:27 GMT
server
nginx
etag
"2248efa20ef583a3c94154fe1b7f7e44"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
content-length
101989
accept-ranges
bytes
x-1p1-cdn
BYPASS; Tue, 26 Apr 2022 09:32:05 GMT
expires
Tue, 03 May 2022 09:32:05 GMT
09a2b84853a3d266541bc71bb29ffbf5.jpg
images.1plus1.video/other-1/
41 KB
42 KB
Image
General
Full URL
https://images.1plus1.video/other-1/09a2b84853a3d266541bc71bb29ffbf5.jpg
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
images.1plus1.ua
Software
nginx /
Resource Hash
9d7667843315003196c81adfcd081e8b7bcc59babfff2b503e00cf0bf4f9629d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 09:32:05 GMT
last-modified
Mon, 25 Apr 2022 16:40:22 GMT
server
nginx
etag
"4d2e052b4015056c118eab4c3a785482"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
content-length
42264
accept-ranges
bytes
x-1p1-cdn
BYPASS; Tue, 26 Apr 2022 09:32:05 GMT
expires
Tue, 03 May 2022 09:32:05 GMT
6de8cd46fafe694d82523077b82fb064.jpg
images.1plus1.video/other-1/
22 KB
22 KB
Image
General
Full URL
https://images.1plus1.video/other-1/6de8cd46fafe694d82523077b82fb064.jpg
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
images.1plus1.ua
Software
nginx /
Resource Hash
162494aa6881face214d38b96351f874a65216201f50e94761ca21808c0aa93f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 09:32:05 GMT
last-modified
Wed, 13 Apr 2022 17:04:07 GMT
server
nginx
etag
"d4e63aed867ec770d35150e553ced06c"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
content-length
22460
accept-ranges
bytes
x-1p1-cdn
BYPASS; Tue, 26 Apr 2022 09:32:05 GMT
expires
Tue, 03 May 2022 09:32:05 GMT
d60a60f745b324b51d9c38bf3c6188d1.315x280.jpg
images.1plus1.video/news-1/42957/
24 KB
25 KB
Image
General
Full URL
https://images.1plus1.video/news-1/42957/d60a60f745b324b51d9c38bf3c6188d1.315x280.jpg
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
images.1plus1.ua
Software
nginx /
Resource Hash
f8853600f75988f9c7eadff8c841791ed037d018027ab20bf39ff4aa5bafcd97

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 09:32:05 GMT
last-modified
Tue, 26 Apr 2022 09:09:20 GMT
server
nginx
etag
"843d86f76a4fa9da451f882354e9c9cb"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
content-length
25035
accept-ranges
bytes
x-1p1-cdn
BYPASS; Tue, 26 Apr 2022 09:32:05 GMT
expires
Tue, 03 May 2022 09:32:05 GMT
96b750ed95525f6af6216423c6d8a03e.315x280.jpg
images.1plus1.video/news-1/42945/
16 KB
17 KB
Image
General
Full URL
https://images.1plus1.video/news-1/42945/96b750ed95525f6af6216423c6d8a03e.315x280.jpg
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
images.1plus1.ua
Software
nginx /
Resource Hash
8abec3cbedab47bb75f8d39609d43909430614b0988625729409118f3ba6e6b8

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 09:32:05 GMT
last-modified
Tue, 26 Apr 2022 09:04:15 GMT
server
nginx
etag
"f833c5c0acffcbdfb2993db7a7148e47"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
content-length
16709
accept-ranges
bytes
x-1p1-cdn
BYPASS; Tue, 26 Apr 2022 09:32:05 GMT
expires
Tue, 03 May 2022 09:32:05 GMT
c27c5490017f5090cabbd07ee53a0a95.315x280.jpg
images.1plus1.video/news-1/42942/
38 KB
38 KB
Image
General
Full URL
https://images.1plus1.video/news-1/42942/c27c5490017f5090cabbd07ee53a0a95.315x280.jpg
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
images.1plus1.ua
Software
nginx /
Resource Hash
93bbf507c6856f0455811573b7fe0161419e7691d52ccc1759eb89177b184061

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 09:32:05 GMT
last-modified
Mon, 25 Apr 2022 16:23:11 GMT
server
nginx
etag
"97e129852c72a5a1133bc5e3e68d6c53"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
content-length
38502
accept-ranges
bytes
x-1p1-cdn
BYPASS; Tue, 26 Apr 2022 09:32:05 GMT
expires
Tue, 03 May 2022 09:32:05 GMT
f4946a9acf3296d718bf3ea346654549.315x280.jpg
images.1plus1.video/news-1/42954/
44 KB
45 KB
Image
General
Full URL
https://images.1plus1.video/news-1/42954/f4946a9acf3296d718bf3ea346654549.315x280.jpg
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
images.1plus1.ua
Software
nginx /
Resource Hash
52594576579dee9defc0f23f35b99dc85f670032a4eb011486033b4da95841cf

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 09:32:05 GMT
last-modified
Tue, 26 Apr 2022 07:56:28 GMT
server
nginx
etag
"5ea21798986d701e765f32452124e344"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
content-length
45433
accept-ranges
bytes
x-1p1-cdn
BYPASS; Tue, 26 Apr 2022 09:32:05 GMT
expires
Tue, 03 May 2022 09:32:05 GMT
293ab1f00ed12303e29f3ae18076246c.315x280.jpg
images.1plus1.video/news-1/42930/
43 KB
43 KB
Image
General
Full URL
https://images.1plus1.video/news-1/42930/293ab1f00ed12303e29f3ae18076246c.315x280.jpg
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
images.1plus1.ua
Software
nginx /
Resource Hash
c1a812779f6809a6d1ae9a59824d3c629ac28da52b79b7c5d2a8494ca73e6313

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 09:32:05 GMT
last-modified
Mon, 25 Apr 2022 15:05:09 GMT
server
nginx
etag
"7ad71d40d2cf2bea069764fbb9fac664"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
content-length
44036
accept-ranges
bytes
x-1p1-cdn
BYPASS; Tue, 26 Apr 2022 09:32:05 GMT
expires
Tue, 03 May 2022 09:32:05 GMT
ed62e7e17c4c9996f5379b0e59891cb0.315x280.jpg
images.1plus1.video/news-1/42948/
23 KB
23 KB
Image
General
Full URL
https://images.1plus1.video/news-1/42948/ed62e7e17c4c9996f5379b0e59891cb0.315x280.jpg
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
images.1plus1.ua
Software
nginx /
Resource Hash
ef7915cf753934066d9f4218ee3eb174d1942572fd93443425e7ac952cba3d34

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 09:32:05 GMT
last-modified
Mon, 25 Apr 2022 21:19:40 GMT
server
nginx
etag
"b8445988cdf4e5ab866ff77ea0ae35c7"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
content-length
23761
accept-ranges
bytes
x-1p1-cdn
BYPASS; Tue, 26 Apr 2022 09:32:05 GMT
expires
Tue, 03 May 2022 09:32:05 GMT
88582ed6831bf6fd6f6ba9863f786dee.315x280.jpg
images.1plus1.video/news-1/42939/
36 KB
37 KB
Image
General
Full URL
https://images.1plus1.video/news-1/42939/88582ed6831bf6fd6f6ba9863f786dee.315x280.jpg
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
images.1plus1.ua
Software
nginx /
Resource Hash
57b96a2c6ebb815ad47defc14076c1edf72ff3dc1b50e04911c0458630d8ccaf

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 09:32:05 GMT
last-modified
Mon, 25 Apr 2022 16:37:20 GMT
server
nginx
etag
"2e6b9ba389175244fe8edf051870ed99"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
content-length
37118
accept-ranges
bytes
x-1p1-cdn
BYPASS; Tue, 26 Apr 2022 09:32:05 GMT
expires
Tue, 03 May 2022 09:32:05 GMT
52cc397b6db761676b665b7b6461e3f1.315x280.jpg
images.1plus1.video/news-1/42933/
17 KB
17 KB
Image
General
Full URL
https://images.1plus1.video/news-1/42933/52cc397b6db761676b665b7b6461e3f1.315x280.jpg
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
images.1plus1.ua
Software
nginx /
Resource Hash
e36f39713469bd849c4e48f1b99cf3070003cd0613e5cfce4900c082427bf770

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 09:32:05 GMT
last-modified
Mon, 25 Apr 2022 15:21:22 GMT
server
nginx
etag
"29569126fbb2414ee7a41cc0ec8a5597"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
content-length
17505
accept-ranges
bytes
x-1p1-cdn
BYPASS; Tue, 26 Apr 2022 09:32:05 GMT
expires
Tue, 03 May 2022 09:32:05 GMT
a4d08bd4994e14c9955313db91f9a5d4.jpg
images.1plus1.video/other-1/
134 KB
135 KB
Image
General
Full URL
https://images.1plus1.video/other-1/a4d08bd4994e14c9955313db91f9a5d4.jpg
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
images.1plus1.ua
Software
nginx /
Resource Hash
344eccc5f3ea7ebac658c1b57b9b4a21b83405d1065a480bf2bb3d01628e5e20

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 09:32:05 GMT
last-modified
Thu, 14 Apr 2022 11:33:41 GMT
server
nginx
etag
"847844816f7853a633ce073538d91224"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
content-length
137706
accept-ranges
bytes
x-1p1-cdn
BYPASS; Tue, 26 Apr 2022 09:32:05 GMT
expires
Tue, 03 May 2022 09:32:05 GMT
248fb5ca74d280ee0a3a0d1167d6de42.315x280.jpg
images.1plus1.video/news-1/42927/
22 KB
22 KB
Image
General
Full URL
https://images.1plus1.video/news-1/42927/248fb5ca74d280ee0a3a0d1167d6de42.315x280.jpg
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
images.1plus1.ua
Software
nginx /
Resource Hash
791e612349aed62a9516d58dd78dd4b6d4ff989934bc99075adb9c10287da2ee

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 09:32:05 GMT
last-modified
Mon, 25 Apr 2022 14:22:03 GMT
server
nginx
etag
"e665b4016c34423929dc4ab483ce48fa"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
content-length
22154
accept-ranges
bytes
x-1p1-cdn
BYPASS; Tue, 26 Apr 2022 09:32:05 GMT
expires
Tue, 03 May 2022 09:32:05 GMT
7e9f07a24d1d60112d66352a88c511b1.315x280.jpg
images.1plus1.video/news-1/42924/
32 KB
33 KB
Image
General
Full URL
https://images.1plus1.video/news-1/42924/7e9f07a24d1d60112d66352a88c511b1.315x280.jpg
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
images.1plus1.ua
Software
nginx /
Resource Hash
1532bcc72c38d2a840ec42e83b35d53515146a8401f7424bcc666c982cefe93e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 09:32:05 GMT
last-modified
Mon, 25 Apr 2022 13:41:24 GMT
server
nginx
etag
"5f8754920894098525eef0cd3a55a6b1"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
content-length
33262
accept-ranges
bytes
x-1p1-cdn
BYPASS; Tue, 26 Apr 2022 09:32:05 GMT
expires
Tue, 03 May 2022 09:32:05 GMT
2c39a19ea49fb9158dce1ba1e011b854.315x280.jpg
images.1plus1.video/news-1/42918/
28 KB
29 KB
Image
General
Full URL
https://images.1plus1.video/news-1/42918/2c39a19ea49fb9158dce1ba1e011b854.315x280.jpg
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
images.1plus1.ua
Software
nginx /
Resource Hash
f01c0bb056018ce4ff8b87be39cfe730a10f4988667a0d3e559c145e493a8f83

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 09:32:05 GMT
last-modified
Mon, 25 Apr 2022 12:17:21 GMT
server
nginx
etag
"29740a91af3c1d003cf069927be8dbdd"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
content-length
29017
accept-ranges
bytes
x-1p1-cdn
BYPASS; Tue, 26 Apr 2022 09:32:05 GMT
expires
Tue, 03 May 2022 09:32:05 GMT
3c5c29a352791c18019bdcc02ee5fbc7.285x285.jpg
images.1plus1.video/card-5/GRsFFLJ2/
18 KB
18 KB
Image
General
Full URL
https://images.1plus1.video/card-5/GRsFFLJ2/3c5c29a352791c18019bdcc02ee5fbc7.285x285.jpg
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
images.1plus1.ua
Software
nginx /
Resource Hash
a8cebc2cb04ac75776e861a533e41ea0bd3b69d06f461cb78e086602dac603aa

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 09:32:05 GMT
last-modified
Tue, 22 Feb 2022 17:53:08 GMT
server
nginx
etag
"1fff169ec8591ae472ce69439a5f36a9"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
content-length
18118
accept-ranges
bytes
x-1p1-cdn
BYPASS; Tue, 26 Apr 2022 09:32:05 GMT
expires
Tue, 03 May 2022 09:32:05 GMT
9a5058bd954e39305ea3ca42fdcd186a.285x285.jpg
images.1plus1.video/card-5/ktBGOYx2/
21 KB
21 KB
Image
General
Full URL
https://images.1plus1.video/card-5/ktBGOYx2/9a5058bd954e39305ea3ca42fdcd186a.285x285.jpg
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
images.1plus1.ua
Software
nginx /
Resource Hash
64018c36747d449e570f24cab8b3c9d1e9ea794cf06a288e5adafff3da652ab3

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 09:32:05 GMT
last-modified
Fri, 18 Feb 2022 17:38:19 GMT
server
nginx
etag
"e087103a4d5306b33b4a26ca74f46a95"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
content-length
21081
accept-ranges
bytes
x-1p1-cdn
BYPASS; Tue, 26 Apr 2022 09:32:05 GMT
expires
Tue, 03 May 2022 09:32:05 GMT
f90d7f24621086ba471318342646e06b.285x285.jpg
images.1plus1.video/card-5/DagrnyGt/
27 KB
27 KB
Image
General
Full URL
https://images.1plus1.video/card-5/DagrnyGt/f90d7f24621086ba471318342646e06b.285x285.jpg
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
images.1plus1.ua
Software
nginx /
Resource Hash
ab913a87b721b324515eba65e3e6824a4eca503780e9deb7e4d375204c282e95

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 09:32:05 GMT
last-modified
Fri, 18 Feb 2022 17:27:39 GMT
server
nginx
etag
"ca4ef5c2e2792b2dfb7e7787c80e99f6"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
content-length
27722
accept-ranges
bytes
x-1p1-cdn
BYPASS; Tue, 26 Apr 2022 09:32:05 GMT
expires
Tue, 03 May 2022 09:32:05 GMT
8e8cb6e0f36b0d85cd8c6981e4eb4b31.285x285.jpg
images.1plus1.video/card-5/nRAVUWV2/
30 KB
31 KB
Image
General
Full URL
https://images.1plus1.video/card-5/nRAVUWV2/8e8cb6e0f36b0d85cd8c6981e4eb4b31.285x285.jpg
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
images.1plus1.ua
Software
nginx /
Resource Hash
9fc647aa2ef1f6aa26e64231a4f860b77f8e5ca45ddb241de99581e1235df68d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 09:32:05 GMT
last-modified
Wed, 16 Feb 2022 16:37:24 GMT
server
nginx
etag
"da80bf2f888498741dc109276ffe8f47"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
content-length
31038
accept-ranges
bytes
x-1p1-cdn
BYPASS; Tue, 26 Apr 2022 09:32:05 GMT
expires
Tue, 03 May 2022 09:32:05 GMT
68536a5f7c4f28c824ac18907f67e6c0.285x285.jpg
images.1plus1.video/card-5/9CmkgJyR/
25 KB
25 KB
Image
General
Full URL
https://images.1plus1.video/card-5/9CmkgJyR/68536a5f7c4f28c824ac18907f67e6c0.285x285.jpg
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
images.1plus1.ua
Software
nginx /
Resource Hash
bc963544c7b58831207820ca1f6aa75f0265843be105cab7b7c3744155616f3a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 09:32:05 GMT
last-modified
Wed, 16 Feb 2022 16:24:36 GMT
server
nginx
etag
"5bfc6a30c49959728c337dce58dda0a3"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
content-length
25395
accept-ranges
bytes
x-1p1-cdn
BYPASS; Tue, 26 Apr 2022 09:32:05 GMT
expires
Tue, 03 May 2022 09:32:05 GMT
cdce52f6d8885ef25314a4977eb592c8.490x300.jpg
images.1plus1.video/playlist-1/140731/
98 KB
98 KB
Image
General
Full URL
https://images.1plus1.video/playlist-1/140731/cdce52f6d8885ef25314a4977eb592c8.490x300.jpg
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
images.1plus1.ua
Software
nginx /
Resource Hash
cb33386457609ed59866c61e2d9b0d4f4c3c5c6e2c7401c0a0a9fd8f5ff0c951

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 09:32:05 GMT
last-modified
Tue, 18 Jan 2022 14:42:46 GMT
server
nginx
etag
"8bbc0a9d2074e0f2861716372d19b7a8"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
content-length
100315
accept-ranges
bytes
x-1p1-cdn
BYPASS; Tue, 26 Apr 2022 09:32:05 GMT
expires
Tue, 03 May 2022 09:32:05 GMT
8789930c322a5a2de04ad202edee81be.490x300.jpg
images.1plus1.video/playlist-1/145042/
72 KB
72 KB
Image
General
Full URL
https://images.1plus1.video/playlist-1/145042/8789930c322a5a2de04ad202edee81be.490x300.jpg
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
images.1plus1.ua
Software
nginx /
Resource Hash
6da76e0407ac20e5be7f38f73d9eae1ffc3bd492aa79769c9d900613db9b5dd5

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 09:32:05 GMT
last-modified
Tue, 18 Jan 2022 14:41:33 GMT
server
nginx
etag
"6fe6cd0165380ba7809f27a4e2029504"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
content-length
73347
accept-ranges
bytes
x-1p1-cdn
BYPASS; Tue, 26 Apr 2022 09:32:05 GMT
expires
Tue, 03 May 2022 09:32:05 GMT
5dc777c6a08b8536906fff608805f4ad.490x300.jpg
images.1plus1.video/playlist-1/70286/
100 KB
100 KB
Image
General
Full URL
https://images.1plus1.video/playlist-1/70286/5dc777c6a08b8536906fff608805f4ad.490x300.jpg
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
images.1plus1.ua
Software
nginx /
Resource Hash
e0f2bfbabb9841847f2a5b6e1a90ea85ed2cda2648ac0ced424a8e9769e38514

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 09:32:05 GMT
last-modified
Wed, 16 Jun 2021 15:26:13 GMT
server
nginx
etag
"61a7a9a574200a699aba40246cff75f8"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
content-length
101953
accept-ranges
bytes
x-1p1-cdn
BYPASS; Tue, 26 Apr 2022 09:32:05 GMT
expires
Tue, 03 May 2022 09:32:05 GMT
73f64084c4b6012843a0ad4a723ab950.490x300.jpg
images.1plus1.video/playlist-1/93757/
84 KB
84 KB
Image
General
Full URL
https://images.1plus1.video/playlist-1/93757/73f64084c4b6012843a0ad4a723ab950.490x300.jpg
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
images.1plus1.ua
Software
nginx /
Resource Hash
f375aaa522232e786256e11ddb093a95c35026397d3967ba0b66dd427d833a2e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 09:32:05 GMT
last-modified
Tue, 22 Jun 2021 07:50:02 GMT
server
nginx
etag
"3fcbb749663669f24ae1bf6426c6776a"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
content-length
85576
accept-ranges
bytes
x-1p1-cdn
BYPASS; Tue, 26 Apr 2022 09:32:05 GMT
expires
Tue, 03 May 2022 09:32:05 GMT
d3374a1b77fa3b8ce94d5845e061d8f0.490x300.jpg
images.1plus1.video/playlist-1/4844/
97 KB
97 KB
Image
General
Full URL
https://images.1plus1.video/playlist-1/4844/d3374a1b77fa3b8ce94d5845e061d8f0.490x300.jpg
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
images.1plus1.ua
Software
nginx /
Resource Hash
373deb961a720e1e159bdafc2ab4e9ad0478f910034025f667c92e21dbd0a044

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 09:32:05 GMT
last-modified
Tue, 18 Jan 2022 14:44:06 GMT
server
nginx
etag
"a8a6b117d153ff197675175afd73848d"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
content-length
99044
accept-ranges
bytes
x-1p1-cdn
BYPASS; Tue, 26 Apr 2022 09:32:05 GMT
expires
Tue, 03 May 2022 09:32:05 GMT
512ac948dba8c0ed8ed754631bb4084f.490x300.jpg
images.1plus1.video/playlist-1/5252/
161 KB
161 KB
Image
General
Full URL
https://images.1plus1.video/playlist-1/5252/512ac948dba8c0ed8ed754631bb4084f.490x300.jpg
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
images.1plus1.ua
Software
nginx /
Resource Hash
10066841bfc9534e75adc9de3c5b8f027a6d4cf60e8cc53debef50491928e60d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 09:32:05 GMT
last-modified
Fri, 18 Jun 2021 07:37:16 GMT
server
nginx
etag
"f3aeeec15e404524760bdf792fd61b50"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
content-length
164699
accept-ranges
bytes
x-1p1-cdn
BYPASS; Tue, 26 Apr 2022 09:32:05 GMT
expires
Tue, 03 May 2022 09:32:05 GMT
7685b7308bb44288c4f399496048c4df.220x330.jpg
images.1plus1.video/playlist-1/945/
59 KB
60 KB
Image
General
Full URL
https://images.1plus1.video/playlist-1/945/7685b7308bb44288c4f399496048c4df.220x330.jpg
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
images.1plus1.ua
Software
nginx /
Resource Hash
143f50225190e7a587d8e43d7504c7645b29f1dfb957eae82f59977a6cc35c98

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 09:32:05 GMT
last-modified
Thu, 20 Jan 2022 12:33:22 GMT
server
nginx
etag
"8bae3cce1b9ac9a8d0dc652c45b532de"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
content-length
60741
accept-ranges
bytes
x-1p1-cdn
BYPASS; Tue, 26 Apr 2022 09:32:05 GMT
expires
Tue, 03 May 2022 09:32:05 GMT
74a4f00b1034d1e5de44c52c5afaf1fd.220x330.jpg
images.1plus1.video/playlist-1/5312/
32 KB
32 KB
Image
General
Full URL
https://images.1plus1.video/playlist-1/5312/74a4f00b1034d1e5de44c52c5afaf1fd.220x330.jpg
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
images.1plus1.ua
Software
nginx /
Resource Hash
564790a34f4bb222b6812e6c32b124320b3ccd5db9a922fcff71f72a4bd02673

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 09:32:05 GMT
last-modified
Wed, 19 Jan 2022 15:44:36 GMT
server
nginx
etag
"051dae29b6412985e0d02f1883f31c84"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
content-length
32599
accept-ranges
bytes
x-1p1-cdn
BYPASS; Tue, 26 Apr 2022 09:32:05 GMT
expires
Tue, 03 May 2022 09:32:05 GMT
d3374a1b77fa3b8ce94d5845e061d8f0.220x330.jpg
images.1plus1.video/playlist-1/4844/
68 KB
68 KB
Image
General
Full URL
https://images.1plus1.video/playlist-1/4844/d3374a1b77fa3b8ce94d5845e061d8f0.220x330.jpg
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
images.1plus1.ua
Software
nginx /
Resource Hash
1ec70c7fb22a0abb4cf77eab8f2b4b3a5c674107b30f1bdf7f4d118a9c61e7da

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 09:32:05 GMT
last-modified
Tue, 18 Jan 2022 14:44:06 GMT
server
nginx
etag
"af334573b8e9890738512cd9a210350e"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
content-length
69740
accept-ranges
bytes
x-1p1-cdn
BYPASS; Tue, 26 Apr 2022 09:32:05 GMT
expires
Tue, 03 May 2022 09:32:05 GMT
5ee354d25b6e1328f52453b530bd859f.220x330.jpg
images.1plus1.video/playlist-1/46546/
18 KB
19 KB
Image
General
Full URL
https://images.1plus1.video/playlist-1/46546/5ee354d25b6e1328f52453b530bd859f.220x330.jpg
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
images.1plus1.ua
Software
nginx /
Resource Hash
e24ce462b090fdbb38af89384909309483db1a66bc0d1ce4a5141c4864467868

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 09:32:05 GMT
last-modified
Wed, 23 Feb 2022 11:06:28 GMT
server
nginx
etag
"7037a4d516fbc5445a7d1a251f1a5c6f"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
content-length
18756
accept-ranges
bytes
x-1p1-cdn
BYPASS; Tue, 26 Apr 2022 09:32:05 GMT
expires
Tue, 03 May 2022 09:32:05 GMT
c9b0c9a776f78f3b56b9024ff259bf6d.220x330.jpg
images.1plus1.video/playlist-1/5252/
86 KB
87 KB
Image
General
Full URL
https://images.1plus1.video/playlist-1/5252/c9b0c9a776f78f3b56b9024ff259bf6d.220x330.jpg
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
images.1plus1.ua
Software
nginx /
Resource Hash
ded40bc9b131ce8d897e8319b65b204d44da586ca44e661f3acc33cb6438b1f4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 09:32:05 GMT
last-modified
Wed, 19 Jan 2022 15:43:20 GMT
server
nginx
etag
"90f688b5780469424dc2f50e497a080f"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
content-length
88537
accept-ranges
bytes
x-1p1-cdn
BYPASS; Tue, 26 Apr 2022 09:32:05 GMT
expires
Tue, 03 May 2022 09:32:05 GMT
footer-email.png
2plus2.ua/img/
774 B
1 KB
Image
General
Full URL
https://2plus2.ua/img/footer-email.png
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
195.137.240.102 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
front03.1plus1.ua
Software
nginx /
Resource Hash
c7571d58fa40f74107002e9991f3b84ca5da3aef2f9f366a7ddc27afb9a90dc0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 26 Apr 2022 09:32:05 GMT
Last-Modified
Tue, 29 Jan 2019 14:06:43 GMT
Server
nginx
Content-Type
image/png
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
774
Expires
Tue, 10 May 2022 09:32:04 GMT
ads.js
2plus2.ua/js/
19 B
351 B
Script
General
Full URL
https://2plus2.ua/js/ads.js?id=fb4f4a7ed8a8020a4ad9
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
195.137.240.102 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
front03.1plus1.ua
Software
nginx /
Resource Hash
e029f52d3ee7b5d529e43509e78c8aad836f222e32a308e61360e3fddcec6320

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 26 Apr 2022 09:32:04 GMT
Last-Modified
Tue, 29 Jan 2019 14:06:43 GMT
Server
nginx
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
19
Expires
Tue, 10 May 2022 09:32:04 GMT
jquery-3.2.1.min.js
2plus2.ua/js/vendor/
85 KB
35 KB
Script
General
Full URL
https://2plus2.ua/js/vendor/jquery-3.2.1.min.js?id=c9f5aeeca3ad37bf2aa0
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
195.137.240.102 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
front03.1plus1.ua
Software
nginx /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 26 Apr 2022 09:32:04 GMT
Content-Encoding
gzip
Last-Modified
Tue, 27 Nov 2018 12:17:34 GMT
Server
nginx
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=1209600
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=15
Expires
Tue, 10 May 2022 09:32:04 GMT
owl.carousel.min.js
2plus2.ua/js/vendor/
42 KB
13 KB
Script
General
Full URL
https://2plus2.ua/js/vendor/owl.carousel.min.js?id=b7b9c97cd68ec336d01a
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
195.137.240.102 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
front03.1plus1.ua
Software
nginx /
Resource Hash
b394d33b2a7ec654a6b037ebfda6618341b3f897a362be624c923c2711b54a43

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 26 Apr 2022 09:32:04 GMT
Content-Encoding
gzip
Last-Modified
Tue, 27 Nov 2018 12:17:34 GMT
Server
nginx
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=1209600
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=15
Expires
Tue, 10 May 2022 09:32:04 GMT
jquery.mousewheel.min.js
2plus2.ua/js/vendor/
3 KB
2 KB
Script
General
Full URL
https://2plus2.ua/js/vendor/jquery.mousewheel.min.js?id=d5843dbdc71ff8014a5e
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
195.137.240.102 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
front03.1plus1.ua
Software
nginx /
Resource Hash
8e73a30d35c83ea6a597c3343324d2b7df097ad26e67b62efb5266ee12d317b5

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 26 Apr 2022 09:32:04 GMT
Content-Encoding
gzip
Last-Modified
Tue, 27 Nov 2018 12:17:34 GMT
Server
nginx
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=1209600
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=15
Expires
Tue, 10 May 2022 09:32:04 GMT
jquery.mCustomScrollbar.concat.min.js
2plus2.ua/js/vendor/
44 KB
15 KB
Script
General
Full URL
https://2plus2.ua/js/vendor/jquery.mCustomScrollbar.concat.min.js?id=42a368e95b4a38989c89
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
195.137.240.102 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
front03.1plus1.ua
Software
nginx /
Resource Hash
fd8027b53a97cbd5782e85c5908e563c39776703ff9279f50658e630927b4167

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 26 Apr 2022 09:32:04 GMT
Content-Encoding
gzip
Last-Modified
Tue, 27 Nov 2018 12:17:34 GMT
Server
nginx
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=1209600
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=15
Expires
Tue, 10 May 2022 09:32:04 GMT
app.js
2plus2.ua/js/
20 KB
8 KB
Script
General
Full URL
https://2plus2.ua/js/app.js?id=8e88380a7f509a69a305
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
195.137.240.102 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
front03.1plus1.ua
Software
nginx /
Resource Hash
672ace95a9ff08fd4323923191fafd7b76c9ede3ae21cc62724afb4dff985b24

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 26 Apr 2022 09:32:04 GMT
Content-Encoding
gzip
Last-Modified
Mon, 25 Apr 2022 12:23:46 GMT
Server
nginx
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=1209600
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=15
Expires
Tue, 10 May 2022 09:32:04 GMT
css2
fonts.googleapis.com/
28 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;0,800;1,300;1,400;1,600;1,700;1,800&display=swap
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/css/app.css?id=0d35840da3ccf68354bf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a72ee3b483fdcb212b243a4e684c497f598916becbe02e14b48fae84ff65504c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 08:20:40 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 26 Apr 2022 09:32:04 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 26 Apr 2022 09:32:04 GMT
hb_298309_11708.js
player.adtcdn.com/prebidlink/458601/
374 KB
111 KB
Script
General
Full URL
https://player.adtcdn.com/prebidlink/458601/hb_298309_11708.js
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e83fe9975d2dd72d4a583fa4b72114cd7f17941a949a037fb961a11b12713e4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 09:32:05 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Tue, 26 Apr 2022 08:58:07 GMT
server
cloudflare
etag
W/"6267b41f-5d9c4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Si0X8OkbFcNoEd%2BEUSMTgpdvVxqhpBqUcNNAeOR1YOhsuH%2BCvNhTUNyYIOVVTsKMU5t27k4kEDV6Pc1wkpJevPwgmM3St8rpAFv1WtAqNZArq2L2DX59e%2FXl5DWZ7r5gGlkcAywKO%2F80DljrNT7oZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=345600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
701e4f23afd28e1e-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 26 Apr 2022 09:47:05 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/
84 KB
29 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
76554d6b4c1fab49466d2fcbb7b3a5c9186964de360b2cac5be97f307ce4aa18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 09:32:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28657
x-xss-protection
0
server
sffe
etag
"1197 / 660 of 1000 / last-modified: 1650962599"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 26 Apr 2022 09:32:05 GMT
wrapper_hb_298309_11708.js
player.adtcdn.com/prebidlink/458601/
787 B
1 KB
Script
General
Full URL
https://player.adtcdn.com/prebidlink/458601/wrapper_hb_298309_11708.js
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42d66f023bb368180a0b3fe8fb92af402514a0c335f3c16279c020398e6b9308

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 09:32:05 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
656
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 26 Apr 2022 08:58:07 GMT
server
cloudflare
etag
W/"6267b41f-313"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5eMQim9a4pMUVlxSL8kDoZXwJ1y9tnxUE7c50HVQLuCOiUcdL6nl%2Fui1GWny9XN6I8uXwDz1XV68PKL%2FYNqh4ddPP%2B3jKAKVmu9CU%2BuVrZwH8XKz55hSTPQz4f9yAF1o7bGWncFE%2B%2F267%2Fzl5%2BXqOw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=345600
cf-ray
701e4f23afd48e1e-LHR
expires
Tue, 26 Apr 2022 09:36:09 GMT
piwik.js
assay.1plus1.ua/
57 KB
23 KB
Script
General
Full URL
https://assay.1plus1.ua/piwik.js
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/js/codes-initialization.js?id=6995a6db18672037bb0c
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
195.137.240.12 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
assay.1plus1.ua
Software
nginx /
Resource Hash
714576ef1d7b58980b7658ae9b8b4d74a223fba87934dc442db4098873e179a3
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 09:32:05 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Mon, 03 Jul 2017 15:36:13 GMT
server
nginx
etag
W/"595a646d-e3b1"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
gtm.js
www.googletagmanager.com/
171 KB
60 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-W2BBRKX
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/js/codes-initialization.js?id=6995a6db18672037bb0c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d1cc38116e095a9f6be2ae98a439d78dae4ce2b3022905e8de4efb68b8276a97
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 09:32:05 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61065
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 26 Apr 2022 09:32:05 GMT
xgemius.js
gaua.hit.gemius.pl/
43 KB
12 KB
Script
General
Full URL
https://gaua.hit.gemius.pl/xgemius.js
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/js/codes-initialization.js?id=6995a6db18672037bb0c
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.37.238.28 , France, ASN16276 (OVH, FR),
Reverse DNS
ip28.ip-54-37-238.eu
Software
GHC /
Resource Hash
e084c8a87da9ce64e34972a1718ce788ea46bb7898330c73e1a7f2b6c9936d98

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 09:32:05 GMT
content-encoding
gzip
last-modified
Thu, 21 Apr 2022 06:09:03 GMT
server
GHC
vary
Accept-Encoding,Origin
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
max-age=43200
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-type
application/x-javascript
content-length
11715
expires
Tue, 26 Apr 2022 21:32:05 GMT
api.gpt.js
api.1plus1.video/static/js/
12 KB
5 KB
Script
General
Full URL
https://api.1plus1.video/static/js/api.gpt.js
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
front03.1plus1.ua
Software
nginx /
Resource Hash
f336a6da2e57a1dd5bcd42f29f901d5252438a16952e4577ebdb6e0871e812a0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 26 Apr 2022 09:32:05 GMT
Content-Encoding
gzip
Last-Modified
Mon, 26 Jul 2021 13:10:52 GMT
Server
nginx
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=15
Expires
Thu, 26 May 2022 09:31:52 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
fonts.gstatic.com/s/opensans/v28/
24 KB
24 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v28/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;0,800;1,300;1,400;1,600;1,700;1,800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fcbd587432f5e88fc926d1cde0d375084b7f3e711f9ff34571dec52f70fb27cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://2plus2.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 22:47:37 GMT
x-content-type-options
nosniff
age
557067
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24756
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 22:00:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 19 Apr 2023 22:47:37 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v28/
44 KB
44 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v28/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;0,800;1,300;1,400;1,600;1,700;1,800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://2plus2.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 22:45:07 GMT
x-content-type-options
nosniff
age
557217
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44656
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 22:03:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 19 Apr 2023 22:45:07 GMT
12XPPTDu
1plus1.video/video/embed/ Frame 997D
10 KB
5 KB
Document
General
Full URL
https://1plus1.video/video/embed/12XPPTDu?autoplay=0&l=ua&logo=plus2
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
195.137.240.88 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
front02.1plus1.ua
Software
nginx /
Resource Hash
d743cdeee5728b718b26ceffe8d06a4c8ff466355472b8596d087d53faca9476

Request headers

Referer
https://2plus2.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Tue, 26 Apr 2022 09:32:05 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=15
Pragma
no-cache
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
vunit
a4p.adpartner.pro/
12 KB
3 KB
Script
General
Full URL
https://a4p.adpartner.pro/vunit?id=1412&0.21908007694621845
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash
d64597e0f7fbfca465f7c2c3c9353a29d4746301632781083f45faed2dcc0b51

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 09:32:05 GMT
cache-control
no-store no-transform
server
nginx
content-encoding
br
content-type
text/html; charset=utf-8
pattern.jpg
2plus2.ua/img/
1 KB
2 KB
Image
General
Full URL
https://2plus2.ua/img/pattern.jpg
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/css/app.css?id=0d35840da3ccf68354bf
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
195.137.240.102 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
front03.1plus1.ua
Software
nginx /
Resource Hash
db1e8ca32d9160e5a98ebab86225e05e9b7557e38d27b0e30d994d4242aae414

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/css/app.css?id=0d35840da3ccf68354bf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 26 Apr 2022 09:32:05 GMT
Last-Modified
Wed, 10 Oct 2018 15:20:08 GMT
Server
nginx
Content-Type
image/jpeg
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
1355
Expires
Tue, 10 May 2022 09:32:05 GMT
c7cdf394dc8482759f9077a41e4abf22.custom.jpg
images.1plus1.video/card-5/12XPPTDu/
512 KB
512 KB
Image
General
Full URL
https://images.1plus1.video/card-5/12XPPTDu/c7cdf394dc8482759f9077a41e4abf22.custom.jpg
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
images.1plus1.ua
Software
nginx /
Resource Hash
0479c803e597c9eacc35328c18e47b75104c9c67359da67d31fa807de6309663

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 09:32:05 GMT
last-modified
Wed, 23 Feb 2022 17:22:14 GMT
server
nginx
etag
"8cdf6bac6c3c122e283456481462d852"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
content-length
523866
accept-ranges
bytes
x-1p1-cdn
BYPASS; Tue, 26 Apr 2022 09:32:05 GMT
expires
Tue, 03 May 2022 09:32:05 GMT
hbw_master_298309_11708.js
player.adtelligent.com/prebidlink/458601/
138 KB
30 KB
Script
General
Full URL
https://player.adtelligent.com/prebidlink/458601/hbw_master_298309_11708.js
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/458601/wrapper_hb_298309_11708.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx /
Resource Hash
7a5314559b244ee1d149577a0cd38e949afd8c05891ac9ff066c05916ce7699f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 09:32:05 GMT
content-encoding
gzip
last-modified
Tue, 26 Apr 2022 08:58:07 GMT
server
nginx
etag
W/"6267b41f-227a1"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Thu, 28 Apr 2022 09:32:05 GMT
cache-control
max-age=172800
x-proxy-cache
HIT
pubads_impl_2022042101.js
securepubads.g.doubleclick.net/gpt/
362 KB
123 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042101.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
baa7346a51ac22b01b0f63ef8be8a7b0946a67fbe68ccf2c8a783a769bad8870
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 09:09:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1344
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126124
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 08:41:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 26 Apr 2023 09:09:41 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
87 B
108 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=2plus2.ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
12dce315d1b30fafff70b92232490b5b1996e8bebc262cb96da11399f5101707
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 26 Apr 2022 09:32:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
83
x-xss-protection
0
expires
Tue, 26 Apr 2022 09:32:05 GMT
ovva.0.3.0.css
1plus1.video/static/player/css/ Frame 997D
171 KB
26 KB
Stylesheet
General
Full URL
https://1plus1.video/static/player/css/ovva.0.3.0.css?v=e5d7a0e0edee2e1241fd9b3cb5108a742a385aed
Requested by
Host: 1plus1.video
URL: https://1plus1.video/video/embed/12XPPTDu?autoplay=0&l=ua&logo=plus2
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
195.137.240.88 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
front02.1plus1.ua
Software
nginx /
Resource Hash
3dac64a94fcc4eae3c54f1f12824e9b82bebbec1acb3cb8b908f4ecc1f90e578

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.video/video/embed/12XPPTDu?autoplay=0&l=ua&logo=plus2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 26 Apr 2022 09:32:05 GMT
Content-Encoding
gzip
Last-Modified
Mon, 29 Nov 2021 13:05:56 GMT
Server
nginx
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=15
Expires
Thu, 26 May 2022 09:31:09 GMT
ovva.0.3.0.js
1plus1.video/static/player/js/ Frame 997D
198 KB
69 KB
Script
General
Full URL
https://1plus1.video/static/player/js/ovva.0.3.0.js?v=e5d7a0e0edee2e1241fd9b3cb5108a742a385aed
Requested by
Host: 1plus1.video
URL: https://1plus1.video/video/embed/12XPPTDu?autoplay=0&l=ua&logo=plus2
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
195.137.240.88 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
front02.1plus1.ua
Software
nginx /
Resource Hash
517d4417f1918881abb8b87e7be918ca95b9eb50de3a5ef4a46e2e39626aba7b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.video/video/embed/12XPPTDu?autoplay=0&l=ua&logo=plus2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 26 Apr 2022 09:32:05 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Jan 2022 10:03:07 GMT
Server
nginx
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=15
Expires
Thu, 26 May 2022 09:31:10 GMT
js
www.googletagmanager.com/gtag/ Frame 997D
98 KB
38 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-104502981-1
Requested by
Host: 1plus1.video
URL: https://1plus1.video/video/embed/12XPPTDu?autoplay=0&l=ua&logo=plus2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
17c04cf3cf749a7a7ba318bac9fc00761437f300c6ebbb51c04592f594519c08
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 09:32:05 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38770
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 26 Apr 2022 09:32:05 GMT
vunit.min.js
a4p.adpartner.pro/apstc/
48 KB
12 KB
Script
General
Full URL
https://a4p.adpartner.pro/apstc/vunit.min.js?v=1.1.423
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/vunit?id=1412&0.21908007694621845
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash
dc41a2546e6b5e28ddf2602393ecf0337cf32b46eefecea182a5e3a08f1edaff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 09:32:05 GMT
cache-control
no-store no-transform
last-modified
Tue, 15 Mar 2022 16:47:24 GMT
server
nginx
content-encoding
br
etag
W/"6230c31c-c158"
content-type
application/javascript
tt
a4p.adpartner.pro/ Frame C7CB
0
0
Document
General
Full URL
https://a4p.adpartner.pro/tt?time=0&apuid=undefined&session_pageview=1&session_id=53cebb5e-8ad2-40b7-93eb-04119e24b261&site_visited=1&location=https%3A%2F%2F2plus2.ua%2F&referer=
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/vunit?id=1412&0.21908007694621845
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash

Request headers

Referer
https://2plus2.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store no-transform
date
Tue, 26 Apr 2022 09:32:05 GMT
server
nginx
ls
a4p.adpartner.pro/vunit/ Frame 1E9D
5 KB
2 KB
Document
General
Full URL
https://a4p.adpartner.pro/vunit/ls?vunit=1412&bannerNum=51871773489982840&apuid=0bd1f457-d36b-4630-87bc-e02d7106f2e1&session_pageview=1&session_id=53cebb5e-8ad2-40b7-93eb-04119e24b261&site_visited=1&location=https%3A%2F%2F2plus2.ua%2F
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/vunit?id=1412&0.21908007694621845
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash
baaffe9baa5494d0e6b005406165365e99725133e7a1ea1d0292f57dc5be3179

Request headers

Referer
https://2plus2.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store no-transform
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 26 Apr 2022 09:32:05 GMT
server
nginx
fpdata.js
gaua.hit.gemius.pl/
278 B
392 B
Script
General
Full URL
https://gaua.hit.gemius.pl/fpdata.js?href=2plus2.ua
Requested by
Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.37.238.28 , France, ASN16276 (OVH, FR),
Reverse DNS
ip28.ip-54-37-238.eu
Software
GHC /
Resource Hash
e09d7953d3c71ea19fce955fe5303047363350fb29f62d247a4fb2537dbc941d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 09:32:05 GMT
last-modified
Mon, 16 Jul 2012 10:03:40 GMT
server
GHC
etag
PRIVATE7520710249
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
private, max-age=2592000
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-type
application/x-javascript
content-length
278
expires
Thu, 26 May 2022 09:32:05 GMT
lsget.html
ls.hit.gemius.pl/ Frame DCB0
5 KB
3 KB
Document
General
Full URL
https://ls.hit.gemius.pl/lsget.html
Requested by
Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
146.59.30.104 , France, ASN16276 (OVH, FR),
Reverse DNS
ip104.ip-146-59-30.eu
Software
GHC /
Resource Hash
c47d7a35c17ba5d48070458f909e0da78f86f76ae8a6039a0ebdc4c22318b6eb

Request headers

Referer
https://2plus2.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
none
cache-control
private, max-age=2592000
content-encoding
gzip
content-length
2721
content-type
text/html;charset=utf-8
cross-origin-resource-policy
cross-origin
date
Tue, 26 Apr 2022 09:32:05 GMT
etag
PRIVATE7520710249
expires
Thu, 26 May 2022 09:32:05 GMT
last-modified
Mon, 16 Jul 2012 10:03:40 GMT
p3p
CP="NOI DSP COR NID PSAo OUR IND"
server
GHC
vary
Accept-Encoding,Origin,User-Agent
config.json
player.adtelligent.com/exchange_rates/298308/
4 KB
2 KB
XHR
General
Full URL
https://player.adtelligent.com/exchange_rates/298308/config.json?cb=https%3A%2F%2F2plus2.ua%2F
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/458601/hb_298309_11708.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx /
Resource Hash
71490518b000d62ca2e2d64cce8707a7fb90776da874eb02eed12e40f3350cc3

Request headers

Referer
https://2plus2.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 26 Apr 2022 09:32:05 GMT
content-encoding
gzip
last-modified
Sun, 24 Apr 2022 00:03:03 GMT
server
nginx
etag
W/"626493b7-114e"
content-type
application/json
access-control-allow-origin
https://2plus2.ua
expires
Thu, 28 Apr 2022 09:32:05 GMT
cache-control
max-age=172800
x-proxy-cache
HIT
/
ghb.adtelligent.com/geo/
119 B
361 B
XHR
General
Full URL
https://ghb.adtelligent.com/geo/
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/458601/hbw_master_298309_11708.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.205.201.34 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
static-34-201-205-209.24shells.net
Software
Adtelligent /
Resource Hash
65433b0e22ec641f96ad08e8d70ceec34168321e0994762914d110ce913718f7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://2plus2.ua
Date
Tue, 26 Apr 2022 09:32:05 GMT
Access-Control-Allow-Credentials
true
Server
Adtelligent
Connection
Keep-Alive
Content-Length
119
Content-Type
application/json
tracking
ghb.adtelligent.com/adunit/
43 B
403 B
XHR
General
Full URL
https://ghb.adtelligent.com/adunit/tracking?event=11&type=0&client_id=298309&site_id=11708&full_page_url=https%3A%2F%2F2plus2.ua%2F&adid=fy8we4.1d&features=16416&vpbv=N058&lifecycle_tte=1955
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/458601/hbw_master_298309_11708.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.205.201.34 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
static-34-201-205-209.24shells.net
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://2plus2.ua
Date
Tue, 26 Apr 2022 09:32:05 GMT
Access-Control-Allow-Credentials
true
Server
Adtelligent
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif
js
www.googletagmanager.com/gtag/
180 KB
66 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-KRRGZR24WG&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W2BBRKX
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
38226ef4c4f4558c9b3f34d86b4325786d4d27ab4ac9d95616e628ab0e52521d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 09:32:05 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
67811
x-xss-protection
0
expires
Tue, 26 Apr 2022 09:32:05 GMT
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W2BBRKX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
4494
date
Tue, 26 Apr 2022 08:17:11 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 26 Apr 2022 10:17:11 GMT
960ccfd6-74cb-4236-9230-f2f5d1c9d1c7_eu.js
cdn.mouseflow.com/projects/
Redirect Chain
  • https://cdn.mouseflow.com/projects/960ccfd6-74cb-4236-9230-f2f5d1c9d1c7.js
  • https://cdn.mouseflow.com/projects/960ccfd6-74cb-4236-9230-f2f5d1c9d1c7_eu.js
53 KB
17 KB
Script
General
Full URL
https://cdn.mouseflow.com/projects/960ccfd6-74cb-4236-9230-f2f5d1c9d1c7_eu.js
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
H2
Server
23.111.9.38 , United States, ASN33438 (STACKPATH, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
33a45a5a9868fae393389cde23193e59ecadb3a257550ceb3d7499b15d985d10

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 09:32:05 GMT
content-encoding
gzip
last-modified
Wed, 13 Apr 2022 09:09:45 GMT
server
NetDNA-cache/2.2
etag
W/"65602a38164fd81:0"
x-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400

Redirect headers

location
https://cdn.mouseflow.com/projects/960ccfd6-74cb-4236-9230-f2f5d1c9d1c7_eu.js
date
Tue, 26 Apr 2022 09:32:05 GMT
server
NetDNA-cache/2.2
access-control-allow-origin
*
content-length
178
content-type
text/html
3674.js
script.crazyegg.com/pages/scripts/0068/
0
0
Script
General
Full URL
https://script.crazyegg.com/pages/scripts/0068/3674.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W2BBRKX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 09:32:05 GMT
cf-cache-status
HIT
last-modified
Mon, 25 Apr 2022 13:36:34 GMT
server
cloudflare
age
71731
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86400, s-maxage=86400
cf-ray
701e4f278bd7752d-LHR
content-length
0
fbevents.js
connect.facebook.net/en_US/
99 KB
27 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26311
x-xss-protection
0
pragma
public
x-fb-debug
HF5mDPz30ZuxM0O+lSMiY13mD05dzBKCdG1GCHl9RDXhVn7R/zjxSwNJM8T5PzpXNroQZfFgUDla/W1dFaPCHQ==
x-fb-trip-id
917726464
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Tue, 26 Apr 2022 09:32:05 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
al26fychxj
www.clarity.ms/tag/
1 KB
1 KB
Script
General
Full URL
https://www.clarity.ms/tag/al26fychxj
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:27::cafe:1734 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
e22f124c889c38ab588d30d0c68d32a4c65cb8e0bddaa81ce011e7c53ac411bd

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 09:32:05 GMT
x-powered-by
ASP.NET
x-azure-ref
0FbxnYgAAAAAZB7qe8yu+QK34taw+hkInQVRIMDFFREdFMDQyMQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
expires
-1
cache-control
no-cache, no-store
request-context
appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
piwik.php
assay.1plus1.ua/
43 B
145 B
Image
General
Full URL
https://assay.1plus1.ua/piwik.php?action_name=2%2B2%20-%20%D0%9E%D1%84%D1%96%D1%86%D1%96%D0%B9%D0%BD%D0%B8%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%D1%83%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&idsite=6&rec=1&r=590947&h=9&m=32&s=5&url=https%3A%2F%2F2plus2.ua%2F&_id=05650d03634247ce&_idts=1650965526&_idvc=1&_idn=0&_refts=0&_viewts=1650965526&send_image=1&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&gt_ms=327
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
195.137.240.12 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
assay.1plus1.ua
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 09:32:05 GMT
content-encoding
none
server
nginx
content-length
43
x-frame-options
SAMEORIGIN
content-type
image/gif
analytics.js
www.google-analytics.com/ Frame 1E9D
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/vunit/ls?vunit=1412&bannerNum=51871773489982840&apuid=0bd1f457-d36b-4630-87bc-e02d7106f2e1&session_pageview=1&session_id=53cebb5e-8ad2-40b7-93eb-04119e24b261&site_visited=1&location=https%3A%2F%2F2plus2.ua%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://a4p.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
4494
date
Tue, 26 Apr 2022 08:17:11 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 26 Apr 2022 10:17:11 GMT
vunit
a4p.adpartner.pro/ Frame 1E9D
3 KB
1 KB
XHR
General
Full URL
https://a4p.adpartner.pro/vunit?id=1412&session_id=53cebb5e-8ad2-40b7-93eb-04119e24b261&session_pageview=1&site_visited=1
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/vunit/ls?vunit=1412&bannerNum=51871773489982840&apuid=0bd1f457-d36b-4630-87bc-e02d7106f2e1&session_pageview=1&session_id=53cebb5e-8ad2-40b7-93eb-04119e24b261&site_visited=1&location=https%3A%2F%2F2plus2.ua%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash
1513d4318a1dd86dc18b04a7c79d4881f71be210132625d7dbff1ebad0ea5b5c

Request headers

Referer
https://a4p.adpartner.pro/vunit/ls?vunit=1412&bannerNum=51871773489982840&apuid=0bd1f457-d36b-4630-87bc-e02d7106f2e1&session_pageview=1&session_id=53cebb5e-8ad2-40b7-93eb-04119e24b261&site_visited=1&location=https%3A%2F%2F2plus2.ua%2F
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type
text/plain

Response headers

date
Tue, 26 Apr 2022 09:32:05 GMT
cache-control
no-store no-transform
server
nginx
content-encoding
br
content-type
text/html; charset=utf-8
450887889857312
connect.facebook.net/signals/config/
305 KB
87 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/450887889857312?v=2.9.57&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
265564711b8fd136d368efb9154e8b2758c252140b92d442bf497e60ceffd01b
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
IFq1NqkVQLZAOiSsUR5XUm+76ZOCHGaD4ZtJJKJA+m0pE9RpmYDe/iCeeZy9SFXlV+3s73CaVHLihU0L2i2KmA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 26 Apr 2022 09:32:05 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts
1650965525984
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
www.google-analytics.com/j/
2 B
22 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=751794705&t=pageview&_s=1&dl=https%3A%2F%2F2plus2.ua%2F&ul=en-us&de=UTF-8&dt=2%2B2%20-%20%D0%9E%D1%84%D1%96%D1%86%D1%96%D0%B9%D0%BD%D0%B8%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%D1%83%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=1410361638&gjid=1393738071&cid=1097530106.1650965526&tid=UA-3838466-26&_gid=1694986559.1650965526&_r=1&gtm=2wg4k0W2BBRKX&z=1998725557
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://2plus2.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 26 Apr 2022 09:32:05 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://2plus2.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/
1 B
21 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=751794705&t=pageview&_s=1&dl=https%3A%2F%2F2plus2.ua%2F&ul=en-us&de=UTF-8&dt=2%2B2%20-%20%D0%9E%D1%84%D1%96%D1%86%D1%96%D0%B9%D0%BD%D0%B8%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%D1%83%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAEABAAAAAC~&jid=506893001&gjid=955144146&cid=1097530106.1650965526&tid=UA-113262294-1&_gid=1694986559.1650965526&_r=1&gtm=2wg4k0W2BBRKX&z=1163221689
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://2plus2.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 26 Apr 2022 09:32:05 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://2plus2.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
l.js
api.1plus1.video/u/ Frame 997D
898 B
2 KB
Script
General
Full URL
https://api.1plus1.video/u/l.js?p=4844&l=ua&f=0&auth=1&login_profile=1&_t=1650965525814
Requested by
Host: 1plus1.video
URL: https://1plus1.video/video/embed/12XPPTDu?autoplay=0&l=ua&logo=plus2
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
front03.1plus1.ua
Software
nginx /
Resource Hash
973d6e263b708df291263bd059652e4716d9ad4bf51da9a87f26c3e4a5d7e4a0

Request headers

Referer
https://1plus1.video/
Origin
https://1plus1.video
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Apr 2022 09:32:05 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
https://1plus1.video
Cache-Control
no-cache, no-store, must-revalidate
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Credentials
true
Keep-Alive
timeout=15
Expires
Thu, 19 Nov 1981 08:52:00 GMT
gtm.js
www.googletagmanager.com/ Frame 997D
118 KB
44 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WPC3Q76
Requested by
Host: 1plus1.video
URL: https://1plus1.video/video/embed/12XPPTDu?autoplay=0&l=ua&logo=plus2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
972488e1cac62fa8e5f2fbdd3714a2fbdfee7a5f8a817331be2ba3a95e4bb0f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 09:32:05 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44668
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 26 Apr 2022 09:32:05 GMT
analytics.js
www.google-analytics.com/ Frame 997D
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-104502981-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
4494
date
Tue, 26 Apr 2022 08:17:11 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 26 Apr 2022 10:17:11 GMT
collect
www.google-analytics.com/g/
0
17 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-KRRGZR24WG&gtm=2oe4k0&_p=751794705&_z=ccd.NbB&cid=1097530106.1650965526&ul=en-us&sr=1600x1200&_s=1&sid=1650965525&sct=1&seg=0&dl=https%3A%2F%2F2plus2.ua%2F&dt=2%2B2%20-%20%D0%9E%D1%84%D1%96%D1%86%D1%96%D0%B9%D0%BD%D0%B8%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%D1%83%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KRRGZR24WG&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Apr 2022 09:32:05 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://2plus2.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
jsunit
a4p.adpartner.pro/
12 KB
3 KB
Script
General
Full URL
https://a4p.adpartner.pro/jsunit?id=7803&ref=&0.3794824932799512
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash
b27bc4768c4299babb24e9953b06abb109dd75b5ee23d8aec2ae96d821363aa7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 09:32:05 GMT
cache-control
no-store no-transform
server
nginx
content-encoding
br
content-type
application/javascript; charset=utf-8
if
a4p.adpartner.pro/tracker/ Frame C08A
0
139 B
Document
General
Full URL
https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%25220bd1f457-d36b-4630-87bc-e02d7106f2e1%2522%252C%2522event%2522%253A%2522load%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2067646%252C%2522rule_id%2522%253A184166%252C%2522show_id%2522%253A%2522ea7106e6-030e-424a-b76f-4c16b2c21c42%2522%257D%255D%252C%2522unit_id%2522%253A1412%252C%2522region_id%2522%253A86%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522ea7106e6-030e-424a-b76f-4c16b2c21c42%2522%252C%2522url%2522%253A%2522https%25253A%25252F%25252F2plus2.ua%25252F%2522%257D
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate no-store no-transform
content-length
0
content-type
image/gif
date
Tue, 26 Apr 2022 09:32:05 GMT
expires
0
pragma
no-cache
server
nginx
rexdot.js
gaua.hit.gemius.pl/__/_1650965525921/
Redirect Chain
  • https://gaua.hit.gemius.pl/_1650965525921/rexdot.js?l=100&id=nGhLmYBVmH9lDxK8n6qDIKPertEG4oNkPFAhnpWOfo3.H7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2F2plus2.ua%2...
  • https://gaua.hit.gemius.pl/__/_1650965525921/rexdot.js?l=100&id=nGhLmYBVmH9lDxK8n6qDIKPertEG4oNkPFAhnpWOfo3.H7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2F2plus2.u...
169 B
470 B
Script
General
Full URL
https://gaua.hit.gemius.pl/__/_1650965525921/rexdot.js?l=100&id=nGhLmYBVmH9lDxK8n6qDIKPertEG4oNkPFAhnpWOfo3.H7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2F2plus2.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=455&lsdata=JcUn.umjW3lOnsQ0s916SP_1nXVPRKVXIBa98E7c2WP.S7BM8kAg8MjrodPsG30sYZNCdiwnQP6Ei4HhJGAhdqW.0oCj/OqmQrabDcTrlk/&fpdata=9ArXRDrJC2ldCePhAgTIOQaFlzrggWyRq3VyJyYgIsr.P7&vis=1&fpcap=
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
H2
Server
54.37.238.28 , France, ASN16276 (OVH, FR),
Reverse DNS
ip28.ip-54-37-238.eu
Software
GHC /
Resource Hash
74629f7d3f6367a7fcec7e541f25fbec57fba2552fa7d41ed7f6b7af9e0849e3

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Apr 2022 09:32:06 GMT
server
GHC
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-type
application/x-javascript
content-length
169
expires
Mon, 25 Apr 2022 09:32:06 GMT

Redirect headers

pragma
no-cache
date
Tue, 26 Apr 2022 09:32:05 GMT
server
GHC
p3p
CP="NOI DSP COR NID PSAo OUR IND"
location
/__/_1650965525921/rexdot.js?l=100&id=nGhLmYBVmH9lDxK8n6qDIKPertEG4oNkPFAhnpWOfo3.H7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2F2plus2.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=455&lsdata=JcUn.umjW3lOnsQ0s916SP_1nXVPRKVXIBa98E7c2WP.S7BM8kAg8MjrodPsG30sYZNCdiwnQP6Ei4HhJGAhdqW.0oCj/OqmQrabDcTrlk/&fpdata=9ArXRDrJC2ldCePhAgTIOQaFlzrggWyRq3VyJyYgIsr.P7&vis=1&fpcap=
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
0
expires
Mon, 25 Apr 2022 09:32:05 GMT
api.auth.0.0.5.js
api.1plus1.video/static/js/ Frame 997D
108 KB
33 KB
Script
General
Full URL
https://api.1plus1.video/static/js/api.auth.0.0.5.js?v=e5d7a0e0edee2e1241fd9b3cb5108a742a385aed
Requested by
Host: api.1plus1.video
URL: https://api.1plus1.video/u/l.js?p=4844&l=ua&f=0&auth=1&login_profile=1&_t=1650965525814
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
front03.1plus1.ua
Software
nginx /
Resource Hash
792972a6b7f330144c0cf22b9c63f8efaff4665dfb2b43868d0cbbaff721d100

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 26 Apr 2022 09:32:05 GMT
Content-Encoding
gzip
Last-Modified
Wed, 13 Apr 2022 11:58:30 GMT
Server
nginx
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=15
Expires
Thu, 26 May 2022 09:30:28 GMT
collect
stats.g.doubleclick.net/j/
4 B
437 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-3838466-26&cid=1097530106.1650965526&jid=1410361638&gjid=1393738071&_gid=1694986559.1650965526&_u=YEBAAAAAAAAAAC~&z=898602853
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://2plus2.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 26 Apr 2022 09:32:06 GMT
content-type
text/plain
access-control-allow-origin
https://2plus2.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
jsunit
a4p.adpartner.pro/
23 KB
6 KB
XHR
General
Full URL
https://a4p.adpartner.pro/jsunit?id=7803&unit_id=7803&shown=&session_pageview=1&session_id=53cebb5e-8ad2-40b7-93eb-04119e24b261&site_visited=1&ref=&reload_count=0&banner_num=1650965525936096232&is_in_viewport=1&location=https%3A%2F%2F2plus2.ua%2F
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/jsunit?id=7803&ref=&0.3794824932799512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash
2cec75957c7622402fd8427afd02bd2249b749678a35f052774fbee3842795a5

Request headers

Referer
https://2plus2.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://2plus2.ua
date
Tue, 26 Apr 2022 09:32:06 GMT
cache-control
no-store no-transform
access-control-allow-credentials
true
server
nginx
content-encoding
br
content-type
application/javascript; charset=utf-8
clarity.js
d.clarity.ms/s/0.6.34/
53 KB
23 KB
Script
General
Full URL
https://d.clarity.ms/s/0.6.34/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/al26fychxj
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.76.174.66 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ca63193ce799e4e00c9106349365981dc6e26cb77632ebf5df23dffba2aaccfa

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 09:32:06 GMT
content-encoding
br
etag
"1d855ec0f04ce54"
last-modified
Fri, 22 Apr 2022 01:55:36 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
public,max-age=86400
accept-ranges
bytes
request-context
appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
api.auth.css
api.1plus1.video/static/css/ Frame 997D
56 KB
9 KB
Stylesheet
General
Full URL
https://api.1plus1.video/static/css/api.auth.css?_t1033400193566
Requested by
Host: client
URL: about:client
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
front03.1plus1.ua
Software
nginx /
Resource Hash
a691ce0fb054d5f2128394b9ad9c5961d7c0cdc1804bc83d6760df78ee304d7f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 26 Apr 2022 09:32:06 GMT
Content-Encoding
gzip
Last-Modified
Mon, 03 Aug 2020 07:12:56 GMT
Server
nginx
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=15
Expires
Thu, 26 May 2022 09:32:06 GMT
api.js
www.google.com/recaptcha/ Frame 997D
925 B
998 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js?onload=__api_auth_recaptcha_on_load__&render=explicit&hl=uk
Requested by
Host: api.1plus1.video
URL: https://api.1plus1.video/static/js/api.auth.0.0.5.js?v=e5d7a0e0edee2e1241fd9b3cb5108a742a385aed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
7cd7030765ac761d2d9f1a71728e5801860a4d91c36e74051ceb121237743136
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 09:32:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
585
x-xss-protection
1; mode=block
expires
Tue, 26 Apr 2022 09:32:06 GMT
/
www.facebook.com/tr/
44 B
297 B
Image
General
Full URL
https://www.facebook.com/tr/?id=450887889857312&ev=PageView&dl=https%3A%2F%2F2plus2.ua%2F&rl=&if=false&ts=1650965526154&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&fbp=fb.1.1650965526153.668903437&it=1650965525773&coo=false&exp=p1&rqm=GET
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 09:32:06 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Tue, 26 Apr 2022 09:32:06 GMT
ga-audiences
www.google.com/ads/
42 B
296 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-3838466-26&cid=1097530106.1650965526&jid=1410361638&_u=YEBAAAAAAAAAAC~&z=1339365714
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Apr 2022 09:32:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
501 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-3838466-26&cid=1097530106.1650965526&jid=1410361638&_u=YEBAAAAAAAAAAC~&z=1339365714
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Apr 2022 09:32:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ Frame 997D
5 KB
665 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,700&amp;subset=cyrillic-ext,latin-ext
Requested by
Host: api.1plus1.video
URL: https://api.1plus1.video/static/css/api.auth.css?_t1033400193566
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fa3bcc93d1be83ac7d82cd6182d25741cdef5d016e40436266df12a50abbebc3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://api.1plus1.video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 08:16:44 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 26 Apr 2022 09:32:06 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 26 Apr 2022 09:32:06 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
0
0

fastlane.json
fastlane.rubiconproject.com/a/api/
0
0

c
prebid.a-mo.net/a/
0
0

i
ads.adnuntius.delivery/
4 KB
2 KB
XHR
General
Full URL
https://ads.adnuntius.delivery/i?tzo=0&format=json
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/458601/hb_298309_11708.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:5525 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04beacc279624ccef5244d9419e8733b4b3e44357844d7bf4a0cb58c795e5f7e

Request headers

Referer
https://2plus2.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 26 Apr 2022 09:32:06 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-adn-diagnostic-request-id
a205164bc30f6e1026e9023bf0b9f0dd
x-adn-backend-server-id
fcb8edb3
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1181
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Db88ZMEG%2FA4tVZj3pxsQZ5T9eTstD%2F5SD1Yg6HFZs5o6TK04yJ8K5uao3r7%2BMKIr2SrJF1Lh%2Bi9b1Had02390MXXNds9Hn4Dyrl5ob91Evzk%2FxDNGKjd%2FN06MRRAguzgzowrTkDOqBWOmOdoxDjmQ%2Fubu8hP"}],"group":"cf-nel","max_age":604800}
content-type
application/json;charset=utf-8
access-control-allow-origin
https://2plus2.ua
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
701e4f2bcdd65476-LHR
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid.1.2.aspx
inv-nets.admixer.net/
42 B
499 B
XHR
General
Full URL
https://inv-nets.admixer.net/prebid.1.2.aspx
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/458601/hb_298309_11708.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://2plus2.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 26 Apr 2022 09:32:06 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
https://2plus2.ua
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/javascript; charset=utf-8
Keep-Alive
timeout=25
Content-Length
42
X-Xss-Protection
0
arj
adtelligent-d.openx.net/w/1.0/
0
0

cdb
bidder.criteo.com/
0
211 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.7.0-pre&cb=65916327169
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/458601/hb_298309_11708.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://2plus2.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 26 Apr 2022 09:32:06 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://2plus2.ua
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
translator
hbopenbid.pubmatic.com/
0
0

prebid-request
onetag-sys.com/
15 B
356 B
XHR
General
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/458601/hb_298309_11708.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://2plus2.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://2plus2.ua
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
/
ghb.adtelligent.com/v2/auction/
3 KB
661 B
XHR
General
Full URL
https://ghb.adtelligent.com/v2/auction/
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/458601/hb_298309_11708.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.205.201.34 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
static-34-201-205-209.24shells.net
Software
Adtelligent /
Resource Hash
86bd644fe7df3d8a25c96f0390d85fcbbe612c1a5c9d12165b3bdf6991ec47a4

Request headers

Referer
https://2plus2.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 26 Apr 2022 09:32:06 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://2plus2.ua
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Length
380
/
ghb1.adtelligent.com/v2/auction/
0
0

bids
prebid-eu.creativecdn.com/bidder/prebid/
0
171 B
XHR
General
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/458601/hb_298309_11708.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://2plus2.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://2plus2.ua
date
Tue, 26 Apr 2022 09:32:06 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
prebid
ib.adnxs.com/ut/v3/
0
0

prebid
ib.adnxs.com/ut/v3/
0
0

fastlane.json
fastlane.rubiconproject.com/a/api/
0
0

fastlane.json
fastlane.rubiconproject.com/a/api/
0
0

bid
a4p.adpartner.pro/hb/
3 B
250 B
XHR
General
Full URL
https://a4p.adpartner.pro/hb/bid?tag=8047&sizes=1440x180&referer=https%3A%2F%2F2plus2.ua%2F
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/458601/hb_298309_11708.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer
https://2plus2.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://2plus2.ua
date
Tue, 26 Apr 2022 09:32:06 GMT
cache-control
no-store no-transform
access-control-allow-credentials
true
server
nginx
content-length
3
content-type
application/json
ROS
pbjs.e-planning.net/hb/1/2e43c/1/2plus2.ua/
Redirect Chain
  • https://pbjs.e-planning.net/pbjs/1/2e43c/1/2plus2.ua/ROS?rnd=0.7605878515659497&e=2000x1300_0%3A2000x1300%2B300x250_0%3A300x250%2B300x600_0%3A300x600%2B1440x180_0%3A1440x180&ur=https%3A%2F%2F2plus2...
  • https://pbjs.e-planning.net/hb/1/2e43c/1/2plus2.ua/ROS?ct=1&r=pbjs&rnd=0.7605878515659497&e=2000x1300_0%3A2000x1300%2B300x250_0%3A300x250%2B300x600_0%3A300x600%2B1440x180_0%3A1440x180&ur=https%3A%2...
433 B
844 B
XHR
General
Full URL
https://pbjs.e-planning.net/hb/1/2e43c/1/2plus2.ua/ROS?ct=1&r=pbjs&rnd=0.7605878515659497&e=2000x1300_0%3A2000x1300%2B300x250_0%3A300x250%2B300x600_0%3A300x600%2B1440x180_0%3A1440x180&ur=https%3A%2F%2F2plus2.ua%2F&pbv=6.7.0-pre&ncb=1&vs=FFFF&crs=UTF-8&fr=https%3A%2F%2F2plus2.ua%2F&e_pubcid=9f8094a4-5736-442d-bc2e-7aaa4ce2af91
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
H2
Server
46.249.52.249 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ab57099a74901db82b48617000c501bfcbad9d03dc660be639b3fb124ae374f2

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 09:32:06 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://2plus2.ua
expires
Tue, 26 Apr 2022 09:32:06 GMT
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
433
x-sid
AMS-744

Redirect headers

date
Tue, 26 Apr 2022 09:32:06 GMT
server
openresty
access-control-allow-origin
https://2plus2.ua
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location
/hb/1/2e43c/1/2plus2.ua/ROS?ct=1&r=pbjs&rnd=0.7605878515659497&e=2000x1300_0%3A2000x1300%2B300x250_0%3A300x250%2B300x600_0%3A300x600%2B1440x180_0%3A1440x180&ur=https%3A%2F%2F2plus2.ua%2F&pbv=6.7.0-pre&ncb=1&vs=FFFF&crs=UTF-8&fr=https%3A%2F%2F2plus2.ua%2F&e_pubcid=9f8094a4-5736-442d-bc2e-7aaa4ce2af91
access-control-allow-credentials
true
content-type
text/html; charset=iso-8859-1
x-sid
AMS-744
csyncs
ghb.adtelligent.com/
302 B
504 B
XHR
General
Full URL
https://ghb.adtelligent.com/csyncs?aid1=648466&aid2=648467&aid3=undefined
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/458601/hbw_master_298309_11708.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.205.201.34 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
static-34-201-205-209.24shells.net
Software
Adtelligent /
Resource Hash
e8bc4e2d593bea6f6640df74d4c2be4a6a8a74047c0cfb437f1eb97fe7f48afc

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 26 Apr 2022 09:32:06 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://2plus2.ua
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Length
223
1px-matching-adpartner.gif
t.trafmag.com/images/
35 B
351 B
Image
General
Full URL
https://t.trafmag.com/images/1px-matching-adpartner.gif?id=0bd1f457-d36b-4630-87bc-e02d7106f2e1
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.200.65.5 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
t.trafmag.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 26 Apr 2022 09:32:06 GMT
Server
nginx
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
P3P
CP="NON DSP COR CURa TIA"
uid=0bd1f457-d36b-4630-87bc-e02d7106f2e1
s.uuidksinc.net/match/798/
74 B
242 B
Image
General
Full URL
https://s.uuidksinc.net/match/798/uid=0bd1f457-d36b-4630-87bc-e02d7106f2e1
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.220.27.134 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.0 /
Resource Hash
01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 09:32:06 GMT
server
nginx/1.19.0
content-length
74
content-type
image/png
0bd1f457-d36b-4630-87bc-e02d7106f2e1
go.rcvlink.com/mtch/31/
43 B
110 B
Image
General
Full URL
https://go.rcvlink.com/mtch/31/0bd1f457-d36b-4630-87bc-e02d7106f2e1
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.74.84.243.136.clients.your-server.de
Software
nginx /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

hn
b25
date
Tue, 26 Apr 2022 09:32:06 GMT
server
nginx
content-type
image/gif
pix
dsp-trk.eskimi.com/
43 B
256 B
Image
General
Full URL
https://dsp-trk.eskimi.com/pix?e=24&exuid=0bd1f457-d36b-4630-87bc-e02d7106f2e1
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.139.69 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
69.139.120.34.bc.googleusercontent.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 09:32:06 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
content-type
image/gif
adpdigital
px.adhigh.net/p/cm/
Redirect Chain
  • https://px.adhigh.net/p/cm/adpdigital
  • https://px.adhigh.net/p/cm/adpdigital?bounced=1
49 B
326 B
Image
General
Full URL
https://px.adhigh.net/p/cm/adpdigital?bounced=1
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
H2
Server
193.232.150.61 , Russian Federation, ASN48061 (UMA-TECH-AS, RU),
Reverse DNS
smtp21.sender.ltmse.com
Software
nginx /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Apr 2022 09:32:06 GMT
server
nginx
x-backend-id
f21-ru
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
*
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-type
image/gif
content-length
49
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 26 Apr 2022 09:32:06 GMT
server
nginx
access-control-allow-origin
*
x-backend-id
f21-ru
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://px.adhigh.net/p/cm/adpdigital?bounced=1
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
match
dm-eu.hybrid.ai/
0
239 B
Image
General
Full URL
https://dm-eu.hybrid.ai/match?id=177&vid=0bd1f457-d36b-4630-87bc-e02d7106f2e1
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.18.103.21 , Netherlands, ASN205675 (HYBRID-AS, DE),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Apr 2022 09:32:06 GMT
server
Hybrid Web Server
p3p
CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin
*
cache-control
no-cache, no-store
x-mode
526
x-xss-protection
1; mode=block
expires
-1
userbind
match.new-programmatic.com/
0
110 B
Image
General
Full URL
https://match.new-programmatic.com/userbind?src=adpartner&id=0bd1f457-d36b-4630-87bc-e02d7106f2e1
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
217.65.2.150 Moscow, Russian Federation, ASN3175 (CITYTELECOM-MSK, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Connection
keep-alive
Date
Tue, 26 Apr 2022 09:32:06 GMT
Server
nginx/1.18.0
match
a4p.adpartner.pro/ssp/
Redirect Chain
  • https://www.acint.net/rmatch?dp=152&r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D53%26user_id%3D%24%7BUSER_ID%7D
  • https://www.acint.net/rmatch?r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D53%26user_id%3D$%7BUSER_ID%7D&dp=152&tc=1
  • https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fssp%252Fmatch%253Fdsp_id%253D53%2526user_id%253D$...
  • https://acint.net/rmatch?dp=14&euid=0100007F18BC67624000572602A347B5&r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D53%26user_id%3D$%7BUSER_ID%7D
  • https://a4p.adpartner.pro/ssp/match?dsp_id=53&user_id=0100007F18BC6762770AA80302182506
43 B
454 B
Image
General
Full URL
https://a4p.adpartner.pro/ssp/match?dsp_id=53&user_id=0100007F18BC6762770AA80302182506
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
H2
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Apr 2022 09:32:08 GMT
last-modified
Tue, 26 Apr 2022 09:32:08 GMT
server
nginx
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

date
Tue, 26 Apr 2022 09:32:08 GMT
server
openresty
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
location
https://a4p.adpartner.pro/ssp/match?dsp_id=53&user_id=0100007F18BC6762770AA80302182506
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-type
text/html
content-length
154
expires
Wed, 19 Apr 2000 11:43:00 GMT
match
a4p.adpartner.pro/ssp/
Redirect Chain
  • https://www.acint.net/rmatch?dp=152&r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D55%26user_id%3D%24%7BUSER_ID%7D
  • https://www.acint.net/rmatch?r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D55%26user_id%3D$%7BUSER_ID%7D&dp=152&tc=1
  • https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fssp%252Fmatch%253Fdsp_id%253D55%2526user_id%253D$...
  • https://acint.net/rmatch?dp=14&euid=0100007F18BC67623D002E2602523694&r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D55%26user_id%3D$%7BUSER_ID%7D
  • https://a4p.adpartner.pro/ssp/match?dsp_id=55&user_id=0100007F18BC6762770AA80302182506
43 B
454 B
Image
General
Full URL
https://a4p.adpartner.pro/ssp/match?dsp_id=55&user_id=0100007F18BC6762770AA80302182506
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
H2
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Apr 2022 09:32:08 GMT
last-modified
Tue, 26 Apr 2022 09:32:08 GMT
server
nginx
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

date
Tue, 26 Apr 2022 09:32:08 GMT
server
openresty
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
location
https://a4p.adpartner.pro/ssp/match?dsp_id=55&user_id=0100007F18BC6762770AA80302182506
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-type
text/html
content-length
154
expires
Wed, 19 Apr 2000 11:43:00 GMT
match
a4p.adpartner.pro/ssp/
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=44025&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D47%26user_id%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=44025&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D47%26user_id%3D%24%7BUSER_ID%7D&crf=1
  • https://a4p.adpartner.pro/ssp/match?dsp_id=47&user_id=ba589e51-2265-5374-aeeb-e029cc8c5c3f
43 B
457 B
Image
General
Full URL
https://a4p.adpartner.pro/ssp/match?dsp_id=47&user_id=ba589e51-2265-5374-aeeb-e029cc8c5c3f
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
H2
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Apr 2022 09:32:07 GMT
last-modified
Tue, 26 Apr 2022 09:32:07 GMT
server
nginx
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

location
https://a4p.adpartner.pro/ssp/match?dsp_id=47&user_id=ba589e51-2265-5374-aeeb-e029cc8c5c3f
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
match
a4p.adpartner.pro/ssp/
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=44053&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D57%26user_id%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=44053&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D57%26user_id%3D%24%7BUSER_ID%7D&crf=1
  • https://a4p.adpartner.pro/ssp/match?dsp_id=57&user_id=ba589e51-2265-5374-aeeb-e029cc8c5c3f
43 B
457 B
Image
General
Full URL
https://a4p.adpartner.pro/ssp/match?dsp_id=57&user_id=ba589e51-2265-5374-aeeb-e029cc8c5c3f
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
H2
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Apr 2022 09:32:07 GMT
last-modified
Tue, 26 Apr 2022 09:32:07 GMT
server
nginx
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

location
https://a4p.adpartner.pro/ssp/match?dsp_id=57&user_id=ba589e51-2265-5374-aeeb-e029cc8c5c3f
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
match
a4p.adpartner.pro/ssp/
Redirect Chain
  • https://exchange.buzzoola.com/cookiesync/redirect/adpartner?redirect_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D63%26user_id%3D%24%7BUUID%7D
  • https://a4p.adpartner.pro/ssp/match?dsp_id=63&user_id=bfeed611-ec73-4470-734b-1b0e95fdb0cf
43 B
457 B
Image
General
Full URL
https://a4p.adpartner.pro/ssp/match?dsp_id=63&user_id=bfeed611-ec73-4470-734b-1b0e95fdb0cf
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
H2
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Apr 2022 09:32:06 GMT
last-modified
Tue, 26 Apr 2022 09:32:06 GMT
server
nginx
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

location
https://a4p.adpartner.pro/ssp/match?dsp_id=63&user_id=bfeed611-ec73-4470-734b-1b0e95fdb0cf
date
Tue, 26 Apr 2022 09:32:06 GMT
server
nginx
content-length
129
serverid
TODO
content-type
text/html; charset=utf-8
match
a4p.adpartner.pro/ssp/
Redirect Chain
  • https://exchange.buzzoola.com/cookiesync/redirect/adpartner?redirect_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D64%26user_id%3D%24%7BUUID%7D
  • https://a4p.adpartner.pro/ssp/match?dsp_id=64&user_id=0ef52fa8-e2d0-4907-6fa5-fe53e29fefa1
43 B
457 B
Image
General
Full URL
https://a4p.adpartner.pro/ssp/match?dsp_id=64&user_id=0ef52fa8-e2d0-4907-6fa5-fe53e29fefa1
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
H2
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Apr 2022 09:32:06 GMT
last-modified
Tue, 26 Apr 2022 09:32:06 GMT
server
nginx
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

location
https://a4p.adpartner.pro/ssp/match?dsp_id=64&user_id=0ef52fa8-e2d0-4907-6fa5-fe53e29fefa1
date
Tue, 26 Apr 2022 09:32:06 GMT
server
nginx
content-length
129
serverid
TODO
content-type
text/html; charset=utf-8
adxcm.aspx
inv-nets.admixer.net/
Redirect Chain
  • https://a4p.adpartner.pro/ssp/match?redirect=https://inv-nets.admixer.net/adxcm.aspx?ssp=5942A2DB-845D-4521-B8C1-8F2E4FE4D122&id={user_id}
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=5942A2DB-845D-4521-B8C1-8F2E4FE4D122
43 B
463 B
Image
General
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=5942A2DB-845D-4521-B8C1-8F2E4FE4D122
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
HTTP/1.1
Server
146.0.227.109 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 26 Apr 2022 09:32:06 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0

Redirect headers

location
https://inv-nets.admixer.net/adxcm.aspx?ssp=5942A2DB-845D-4521-B8C1-8F2E4FE4D122
date
Tue, 26 Apr 2022 09:32:06 GMT
cache-control
no-store no-transform
server
nginx
content-length
146
content-type
text/html; charset=utf-8
625044d428d11t1649427668r812.jpg
i.cdnkimg.com/image/banner/2537/537/ Frame C087
96 KB
96 KB
Image
General
Full URL
https://i.cdnkimg.com/image/banner/2537/537/625044d428d11t1649427668r812.jpg
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.36 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.0 /
Resource Hash
cc200db20b472f3fbff4925ed24a4bc198ba443ae2be35db1b15d69bde5a400f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 09:32:06 GMT
last-modified
Fri, 08 Apr 2022 14:21:08 GMT
server
nginx/1.19.0
etag
"625044d4-17eef"
content-type
image/jpeg
access-control-allow-origin
*
expires
Tue, 10 May 2022 09:32:06 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
98031
x-proxy-cache
HIT
if
a4p.adpartner.pro/tracker/ Frame 858B
0
139 B
Document
General
Full URL
https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%220bd1f457-d36b-4630-87bc-e02d7106f2e1%22%2C%22event%22%3A%22load%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A0%2C%22cost%22%3A0.0021380956177334%2C%22dsp_id%22%3A51%2C%22rule_id%22%3A0%2C%22show_id%22%3A%229cbf18a5-ee0d-4d56-a436-103d73d0fe43%22%7D%5D%2C%22unit_id%22%3A7803%2C%22region_id%22%3A86%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252F2plus2.ua%252F%22%7D
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate no-store no-transform
content-length
0
content-type
image/gif
date
Tue, 26 Apr 2022 09:32:06 GMT
expires
0
pragma
no-cache
server
nginx
recaptcha__uk.js
www.gstatic.com/recaptcha/releases/QENb_qRrX0-mQMyENQjD6Fuj/ Frame 997D
395 KB
147 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/QENb_qRrX0-mQMyENQjD6Fuj/recaptcha__uk.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=__api_auth_recaptcha_on_load__&render=explicit&hl=uk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e0bd93b8f04e67673a3398c9ded686d08e1dc1ad79a96b958ca573ae3d4ab0d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1plus1.video/
Origin
https://1plus1.video
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:42:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
56973
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
150075
x-xss-protection
0
last-modified
Mon, 18 Apr 2022 04:06:57 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 25 Apr 2023 17:42:33 GMT
csync
sync.adtelligent.com/
Redirect Chain
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D
  • https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=0bd1f457-d36b-4630-87bc-e02d7106f2e1
0
407 B
Image
General
Full URL
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=0bd1f457-d36b-4630-87bc-e02d7106f2e1
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 26 Apr 2022 09:32:06 GMT
Server
VertaMedia 1.0
Etag
1196309b3e816481
Content-Length
0

Redirect headers

location
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=0bd1f457-d36b-4630-87bc-e02d7106f2e1
date
Tue, 26 Apr 2022 09:32:06 GMT
cache-control
no-store no-transform
server
nginx
content-length
166
content-type
text/html; charset=utf-8
g_pbto
1x1.a-mo.net/hbx/
0
89 B
Image
General
Full URL
https://1x1.a-mo.net/hbx/g_pbto?A=undefined&bid=undefined&a=undefined&cn=undefined&aud=undefined&ts=1650965526429&eid=767afd1ab9f4202
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.223.60.98 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-223-60-98.compute-1.amazonaws.com
Software
MonetEngine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 09:32:06 GMT
cache-control
max-age=0, private, must-revalidate
server
MonetEngine
integrator.js
adservice.google.de/adsid/
107 B
792 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=2plus2.ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 26 Apr 2022 09:32:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
549 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=2plus2.ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 26 Apr 2022 09:32:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
233 KB
56 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2493387618843531&correlator=1434928771658312&eid=31067241%2C31064225%2C31065401&output=ldjh&gdfp_req=1&vrg=2022042101&ptt=17&impl=fifs&iu_parts=82479101%2C2plus2.ua%2CBranding%2C2plus2_300x250%2C2plus2_300x600_2%2Ccatfish&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F5&prev_iu_szs=2000x1300%2C300x250%2C300x600%2C1440x180&ifi=1&adks=3753537382%2C3937908213%2C3276604062%2C2435792799&sfv=1-0-38&ecs=20220426&fsapi=false&prev_scp=Project_2plus2%3DMain%26hb_rfBid%3D0%26excl_cat%3DPREPOST%7CProject_2plus2%3DOther%26hb_rfBid%3D0%26excl_cat%3DPREPOST%7CProject_2plus2%3DMain%26hb_rfBid%3D0%26excl_cat%3DPREPOST%7CProject_2plus2%3DMain%26hb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1650965526446&lmt=1650965526&dlt=1650965524356&idt=1032&biw=1600&bih=1200&adxs=-200%2C992%2C1015%2C-12245933&adys=50%2C645%2C1025%2C-12245933&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2F2plus2.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=2000x-1%7C300x250%7C300x600%7C1600x-1&msz=2000x-1%7C300x0%7C300x0%7C0x-1&fws=516%2C4%2C4%2C644&ohw=1600%2C300%2C300%2C1600&ga_vid=1097530106.1650965526&ga_sid=1650965526&ga_hid=751794705&ga_fc=true&btvi=0%7C0%7C0%7C-1&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
4ad75e03b778cdde0407c388fd4606a531c03d8a7115ba26c36ddfaa0b80a2c5
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14495005349147051939/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14495005349147051939/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMLJ--21sfcCFQendwodBU8GWQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/14495005349147051939/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14495005349147051939/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14495005349147051939/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMLJ--21sfcCFQendwodBU8GWQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/14495005349147051939/index.html
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
google-creative-id
-2,-1,-1,-1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56907
x-xss-protection
0
google-lineitem-id
-2,-1,-1,-1
pragma
no-cache
server
cafe
google-mediationtag-id
-2
date
Tue, 26 Apr 2022 09:32:06 GMT
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://2plus2.ua
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
f0009bcbdfe4baf56000cd1b0d8d600f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E952
6 KB
4 KB
Document
General
Full URL
https://f0009bcbdfe4baf56000cd1b0d8d600f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2plus2.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 26 Apr 2022 09:32:06 GMT
expires
Wed, 26 Apr 2023 09:32:06 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
publishertag.prebid.117.js
static.criteo.net/js/ld/
87 KB
28 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/458601/hb_298309_11708.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 09:32:06 GMT
content-encoding
gzip
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 27 Apr 2022 09:32:06 GMT
xgemius.js
gaua.hit.gemius.pl/
43 KB
12 KB
Script
General
Full URL
https://gaua.hit.gemius.pl/xgemius.js
Requested by
Host: api.1plus1.video
URL: https://api.1plus1.video/static/js/api.gpt.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.37.238.28 , France, ASN16276 (OVH, FR),
Reverse DNS
ip28.ip-54-37-238.eu
Software
GHC /
Resource Hash
e084c8a87da9ce64e34972a1718ce788ea46bb7898330c73e1a7f2b6c9936d98

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 09:32:06 GMT
content-encoding
gzip
last-modified
Thu, 21 Apr 2022 06:09:03 GMT
server
GHC
vary
Accept-Encoding,Origin
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
max-age=43200
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-type
application/x-javascript
content-length
11715
expires
Tue, 26 Apr 2022 21:32:06 GMT
/
www.facebook.com/tr/ Frame F5B5
0
18 B
Document
General
Full URL
https://www.facebook.com/tr/
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://2plus2.ua
Referer
https://2plus2.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://2plus2.ua
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Tue, 26 Apr 2022 09:32:06 GMT
priority
u=0
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
collect
d.clarity.ms/
0
65 B
XHR
General
Full URL
https://d.clarity.ms/collect
Requested by
Host: d.clarity.ms
URL: https://d.clarity.ms/s/0.6.34/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.76.174.66 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://2plus2.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
https://2plus2.ua
date
Tue, 26 Apr 2022 09:32:06 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
hls.light.min.js
1plus1.video/static/player/js/ Frame 997D
153 KB
53 KB
Script
General
Full URL
https://1plus1.video/static/player/js/hls.light.min.js
Requested by
Host: 1plus1.video
URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=e5d7a0e0edee2e1241fd9b3cb5108a742a385aed
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
195.137.240.88 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
front02.1plus1.ua
Software
nginx /
Resource Hash
bd9072da49e87b2c3688527532eb51a54a6886366915be497e4e2de0c83e5859

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.video/video/embed/12XPPTDu?autoplay=0&l=ua&logo=plus2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 26 Apr 2022 09:32:06 GMT
Content-Encoding
gzip
Last-Modified
Tue, 05 Mar 2019 13:06:09 GMT
Server
nginx
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=15
Expires
Thu, 26 May 2022 09:31:53 GMT
publishertag.prebid.js
static.criteo.net/js/ld/
95 KB
31 KB
XHR
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8fb8fc201a6f570ebfce0b3504f6da40f0976cd36c20e2983b6e5b172ebf56a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 09:32:07 GMT
content-encoding
gzip
last-modified
Tue, 05 Apr 2022 12:58:03 GMT
server
nginx
etag
W/"624c3cdb-17cf9"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 27 Apr 2022 09:32:07 GMT
c7cdf394dc8482759f9077a41e4abf22.custom.jpg
images.1plus1.video/card-5/12XPPTDu/ Frame 997D
512 KB
512 KB
Image
General
Full URL
https://images.1plus1.video/card-5/12XPPTDu/c7cdf394dc8482759f9077a41e4abf22.custom.jpg
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
images.1plus1.ua
Software
nginx /
Resource Hash
0479c803e597c9eacc35328c18e47b75104c9c67359da67d31fa807de6309663

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 09:32:07 GMT
last-modified
Wed, 23 Feb 2022 17:22:14 GMT
server
nginx
etag
"8cdf6bac6c3c122e283456481462d852"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
content-length
523866
accept-ranges
bytes
x-1p1-cdn
BYPASS; Tue, 26 Apr 2022 09:32:07 GMT
expires
Tue, 03 May 2022 09:32:07 GMT
truncated
/ Frame 997D
369 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5f9ecc527406b9b72bc3a9f4527892dcf842584b7e6aeb7ce816a4c7c8803954

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
fonts.gstatic.com/s/opensans/v28/ Frame 997D
24 KB
24 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v28/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700&amp;subset=cyrillic-ext,latin-ext
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fcbd587432f5e88fc926d1cde0d375084b7f3e711f9ff34571dec52f70fb27cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://1plus1.video
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 22:47:37 GMT
x-content-type-options
nosniff
age
557070
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24756
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 22:00:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 19 Apr 2023 22:47:37 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v28/ Frame 997D
44 KB
44 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v28/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700&amp;subset=cyrillic-ext,latin-ext
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://1plus1.video
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 22:45:07 GMT
x-content-type-options
nosniff
age
557220
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44656
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 22:03:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 19 Apr 2023 22:45:07 GMT
gplayer.js
gaua.hit.gemius.pl/ Frame 997D
22 KB
6 KB
Script
General
Full URL
https://gaua.hit.gemius.pl/gplayer.js
Requested by
Host: 1plus1.video
URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=e5d7a0e0edee2e1241fd9b3cb5108a742a385aed
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.37.238.28 , France, ASN16276 (OVH, FR),
Reverse DNS
ip28.ip-54-37-238.eu
Software
GHC /
Resource Hash
8ea36d679c5c9dd3d5582d5f55c70ef4d7e3cf8d5360f8c45a637587483f6ee1

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 09:32:06 GMT
content-encoding
gzip
last-modified
Thu, 21 Apr 2022 06:09:03 GMT
server
GHC
vary
Accept-Encoding,Origin
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
max-age=43200
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-type
application/x-javascript
content-length
5978
expires
Tue, 26 Apr 2022 21:32:06 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012203150226000/ Frame B45C
222 KB
62 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b94ed570e00f5bba0eaed65da67bf6f2fc5e107446a682eb045f20dbd12ab0e8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
342049
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62084
x-xss-protection
0
server
sffe
date
Fri, 22 Apr 2022 10:31:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"fa1474a6dd6481f4"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 22 Apr 2023 10:31:18 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012203150226000/v0/ Frame B45C
16 KB
6 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aec5ee5147fdc283bcb601dc6231c234d9bec077d32756aef2a75eeedf78038f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
342049
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5728
x-xss-protection
0
server
sffe
date
Fri, 22 Apr 2022 10:31:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"d91e62368f79b48d"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 22 Apr 2023 10:31:18 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012203150226000/v0/ Frame B45C
96 KB
29 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012203150226000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
213738a8de7a1e55874dcbc92825c84599256579b64f60f19c2514e61844e6bb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
342049
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29618
x-xss-protection
0
server
sffe
date
Fri, 22 Apr 2022 10:31:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"9a9baa9802fa29d2"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 22 Apr 2023 10:31:18 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012203150226000/v0/ Frame B45C
5 KB
2 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012203150226000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2eb2a641ec9143273f4f5ba4f1526364fd4b1a040b628b4be54b77dbe362690f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
342049
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1900
x-xss-protection
0
server
sffe
date
Fri, 22 Apr 2022 10:31:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"3393210d007db9ca"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 22 Apr 2023 10:31:18 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012203150226000/v0/ Frame B45C
42 KB
13 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012203150226000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0b43999f77e447254a78e068f55a6cc9075071b252277337b901e095e607e474
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
342049
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13669
x-xss-protection
0
server
sffe
date
Fri, 22 Apr 2022 10:31:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"565eca32a909292d"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 22 Apr 2023 10:31:18 GMT
truncated
/ Frame B45C
210 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c9fd8cf5de47bf7b6f2160006e2a30f43a2a6437ff93444e6ca9c732f544a6ff

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012203150226000/ Frame 18ED
222 KB
61 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b94ed570e00f5bba0eaed65da67bf6f2fc5e107446a682eb045f20dbd12ab0e8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
342049
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62084
x-xss-protection
0
server
sffe
date
Fri, 22 Apr 2022 10:31:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"fa1474a6dd6481f4"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 22 Apr 2023 10:31:18 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 18ED
16 KB
6 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aec5ee5147fdc283bcb601dc6231c234d9bec077d32756aef2a75eeedf78038f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
342049
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5728
x-xss-protection
0
server
sffe
date
Fri, 22 Apr 2022 10:31:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"d91e62368f79b48d"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 22 Apr 2023 10:31:18 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 18ED
96 KB
29 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012203150226000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
213738a8de7a1e55874dcbc92825c84599256579b64f60f19c2514e61844e6bb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
342049
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29618
x-xss-protection
0
server
sffe
date
Fri, 22 Apr 2022 10:31:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"9a9baa9802fa29d2"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 22 Apr 2023 10:31:18 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 18ED
5 KB
2 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012203150226000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2eb2a641ec9143273f4f5ba4f1526364fd4b1a040b628b4be54b77dbe362690f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
342049
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1900
x-xss-protection
0
server
sffe
date
Fri, 22 Apr 2022 10:31:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"3393210d007db9ca"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 22 Apr 2023 10:31:18 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 18ED
42 KB
13 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012203150226000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0b43999f77e447254a78e068f55a6cc9075071b252277337b901e095e607e474
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
342049
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13669
x-xss-protection
0
server
sffe
date
Fri, 22 Apr 2022 10:31:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"565eca32a909292d"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 22 Apr 2023 10:31:18 GMT
css
fonts.googleapis.com/ Frame 18ED
6 KB
669 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:300|Roboto:400,500&lang=de
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2ddefcdc9f260c5ffeb93fed110fe9d929028226f9a2d8a4934ea52b546e9640
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 08:53:52 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 26 Apr 2022 09:32:07 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 26 Apr 2022 09:32:07 GMT
css
fonts.googleapis.com/ Frame 18ED
4 KB
618 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,500&text=
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2e8fa2037c41372ddc72ea1e08a477ba37998b54b5416b8cff0554fa5b865e27
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 08:17:55 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 26 Apr 2022 09:32:07 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 26 Apr 2022 09:32:07 GMT
shopping
encrypted-tbn1.gstatic.com/ Frame B45C
37 KB
37 KB
Image
General
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcTlghUfl_cRx7LXnmevCn225HG20nXNP_Y8AnTjrZDOoC_7Uu8lhMNcwg05ug&usqp=CAI
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
612999f15d4c68749d64849c8fde74ed475f57a9696bb8de13a537af5c7b3527
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 05:24:07 GMT
x-content-type-options
nosniff
age
14880
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37724
x-xss-protection
0
last-modified
Wed, 06 Oct 2021 23:20:38 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Wed, 26 Apr 2023 05:24:07 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame B45C
0
0
Image
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CdoO_FrxnYsDmIIfO3gOFnpnIBZei_N5p9pOz_O8O0-D1p8EqEAEg_f-FI2CVopKCoAegAfG1uKECyAEGqQIvPeS4UgGyPuACAKgDAcgDCqoElgJP0MDrfj_08Ut5VLaeclw_BE8JxR5UzaX1eYllHt9G7yZxd5LowZ9m0kQVBUkWN2NqUeG3Ii6cly4UBX62ykXL5yDqM84k3rMauxCH8EC3rz_lZbY0hzWLuMZegkEA_wJI5131qxyr2iDnpWpYQHqtyRwVXbi5e6q_P4_qUoyjAQoAbcY6VE7vNfVtUmwPXMD20DuFOJ_1v2dZdYnnsBzaREBp61LYoAywkCWAJkTKo-pNFuysO8Wr4jjyjeWKm9cYgGqGa0Ql51P5KYWc4p2h4ZNWREx_BuTQDtAxkhMPIgKY8DiEnDpqb73_9hZDVEaLMGm-Wk-8tVhT8X19O_5n3iyPrnaF1FjoLzJGM7kXCeM_NJsRGMAE7ffVw-ID4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBjeAB_fJx94BqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcB8gcEEOXjDdIICQiI4YAQEAEYHYAKA8gLAdgTDtAVAYAXAbIXHgocCAASFHB1Yi05MTM4MjQ3NjUzNzU0NTMzGNXbFg&sigh=HfGUKOMlPu4&uach_m=[UACH]&template_id=493
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

uk.png
tpc.googlesyndication.com/pagead/images/abg/ Frame B45C
3 KB
3 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/uk.png
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3877a009c29d6544113f27118f4d44385da6d6703ff8d53ed031e6da71825888
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 11:05:03 GMT
x-content-type-options
nosniff
server
cafe
age
80824
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
14587847488922671356
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3073
x-xss-protection
0
expires
Tue, 26 Apr 2022 11:05:03 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame B45C
344 B
806 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 06:46:14 GMT
x-content-type-options
nosniff
server
cafe
age
9953
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
6766994032117382215
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Wed, 27 Apr 2022 06:46:14 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame 18ED
20 KB
21 KB
Image
General
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcQq2iCR0qZ-KciQ2PuUcHJaW9OJoPSnUtD7gWtvIqFf7XeJorFDx-VI3-pNng&usqp=CAI
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8ce00474eccffb0b1082392a553aebc5279bafc53137b9affe3be3a507e7197c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 23 Apr 2022 09:45:38 GMT
x-content-type-options
nosniff
age
258389
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20382
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 11:28:53 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sun, 23 Apr 2023 09:45:38 GMT
40933678460698624
tpc.googlesyndication.com/simgad/ Frame 18ED
1 KB
1 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/40933678460698624
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
09fba596f1ba572cf4b3ceb9c1f3962d1b75bbb4a6d6d7707f1f93e2fe889aee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 22 Apr 2022 09:36:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
345346
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
728
x-xss-protection
0
last-modified
Thu, 26 Oct 2017 18:18:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 22 Apr 2023 09:36:21 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 18ED
0
0
Image
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CTendFrxnYsHmIIfO3gOFnpnIBarW6-NpxozdidgPnMXI0IMwEAEg_f-FI2CVopKCoAegAYyhifECyAEGqQId1IFuCCtyPuACAKgDAcgDCqoEhAJP0JNenYcwS5o3lAPL4_gBkVJrS6Lo4A7wT7BV0tJ6492PzJ3CnmsipGAM8QWeCQwmc1ynAcM9U1CUfJ72SLxfNisdAX5dXSvx-fVbRKIVZ53k9YAVE5jLRFx5SRETv4wgIlMWlJdHm_MgtHJSKMmLgsOvMc6CiXaQQS0N4xQbzszaAoQZVm9vEuirerhrC0rMVqiF52XQ2HzkdLja3N7B7C-oSMudS1xlmEW3HeR1fV0J0kC08_V2oyekYHt8sNFijf40orF6ACpYGS0PVTCmx_t84lKMLD7mLGl0OMp2IgxN_uEfWhN_XFuzKRDrjw-hvnh9VWpHEy1sZDgn-dFcQ140fMAEx_-T6YcE4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBjeAB6uU4aUCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcB8gcEEI6nG9IICQiI4YAQEAEYHYAKA8gLAdgTC9AVAYAXAbIXHgocCAASFHB1Yi05MTM4MjQ3NjUzNzU0NTMzGNXbFg&sigh=moFH5oocQ5w&uach_m=[UACH]&template_id=493
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

l
www.google.com/ads/measurement/ Frame 18ED
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRO2uLh61M-EUVJYlQ3k-RhoWt8CZk8Z5bwM0H3KnGuijdEA3i_Gr6Sb5NrCu3FQgR_0K5lkdAAdC-I8T9jP_0QnYGgGQ
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

uk.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 18ED
3 KB
3 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/uk.png
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3877a009c29d6544113f27118f4d44385da6d6703ff8d53ed031e6da71825888
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 11:05:03 GMT
x-content-type-options
nosniff
server
cafe
age
80824
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
14587847488922671356
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3073
x-xss-protection
0
expires
Tue, 26 Apr 2022 11:05:03 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 18ED
344 B
402 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 06:46:14 GMT
x-content-type-options
nosniff
server
cafe
age
9953
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
6766994032117382215
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Wed, 27 Apr 2022 06:46:14 GMT
4844
api.1plus1.video/v2/ua/recommendation_projects/ Frame 997D
5 KB
2 KB
XHR
General
Full URL
https://api.1plus1.video/v2/ua/recommendation_projects/4844?cid=12XPPTDu&vct=3&_t666237147123
Requested by
Host: 1plus1.video
URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=e5d7a0e0edee2e1241fd9b3cb5108a742a385aed
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
front03.1plus1.ua
Software
nginx /
Resource Hash
26b24e45de221324896ebf42fc5982d8387c8672aace4eee6ac923b21fb2cac7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Apr 2022 09:32:07 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
https://1plus1.video
Cache-Control
no-store, no-cache, must-revalidate
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Credentials
true
Keep-Alive
timeout=15
Expires
Thu, 19 Nov 1981 08:52:00 GMT
container.html
f0009bcbdfe4baf56000cd1b0d8d600f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame AE12
6 KB
3 KB
Document
General
Full URL
https://f0009bcbdfe4baf56000cd1b0d8d600f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2plus2.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 26 Apr 2022 09:32:06 GMT
expires
Wed, 26 Apr 2023 09:32:06 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gemiuslib.js
gaua.hit.gemius.pl/ Frame 997D
41 KB
11 KB
Script
General
Full URL
https://gaua.hit.gemius.pl/gemiuslib.js
Requested by
Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/gplayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.37.238.28 , France, ASN16276 (OVH, FR),
Reverse DNS
ip28.ip-54-37-238.eu
Software
GHC /
Resource Hash
c4a648b90b933da069c2324f7919ea7e313922f846864276c5f33bcc95506103

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 09:32:07 GMT
content-encoding
gzip
last-modified
Thu, 21 Apr 2022 06:09:03 GMT
server
GHC
vary
Accept-Encoding,Origin
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
max-age=43200
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-type
application/x-javascript
content-length
11182
expires
Tue, 26 Apr 2022 21:32:07 GMT
api.chat.0.0.1.js
api.1plus1.video/static/js/ Frame 997D
33 KB
13 KB
Script
General
Full URL
https://api.1plus1.video/static/js/api.chat.0.0.1.js
Requested by
Host: 1plus1.video
URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=e5d7a0e0edee2e1241fd9b3cb5108a742a385aed
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
front03.1plus1.ua
Software
nginx /
Resource Hash
e2b2134adf52398755a5e6428ee95f6a6f99db6b82530f2b3e964c5be470cfe0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 26 Apr 2022 09:32:07 GMT
Content-Encoding
gzip
Last-Modified
Wed, 23 Feb 2022 14:15:45 GMT
Server
nginx
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=15
Expires
Thu, 26 May 2022 09:30:37 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 997D
376 KB
126 KB
Script
General
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: 1plus1.video
URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=e5d7a0e0edee2e1241fd9b3cb5108a742a385aed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61b2100a8748346132ab227b5cbb6710c66aa8ed5c6caf241e1d85e7bcc049bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 09:32:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128368
x-xss-protection
0
expires
Tue, 26 Apr 2022 09:32:07 GMT
truncated
/ Frame 18ED
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f820412f4f7f54413ebc4709e5cf4794d068d45004692771fb7b8823cc117a3c

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 18ED
9 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300|Roboto:400,500&lang=de
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8dd3b91ca60e6a0486326c5c275590dd1d753240c2efa9f94730815813997fee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://2plus2.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 22 Apr 2022 07:29:47 GMT
x-content-type-options
nosniff
age
352940
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 22 Apr 2023 07:29:47 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 18ED
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300|Roboto:400,500&lang=de
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://2plus2.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 14:02:01 GMT
x-content-type-options
nosniff
age
588606
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 19 Apr 2023 14:02:01 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 18ED
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300|Roboto:400,500&lang=de
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://2plus2.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 22 Apr 2022 01:46:21 GMT
x-content-type-options
nosniff
age
373546
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 22 Apr 2023 01:46:21 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=751794705&t=event&ni=1&_s=2&dl=https%3A%2F%2F2plus2.ua%2F&ul=en-us&de=UTF-8&dt=2%2B2%20-%20%D0%9E%D1%84%D1%96%D1%86%D1%96%D0%B9%D0%BD%D0%B8%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%D1%83%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Clarity&ea=1tr9yiw&_u=aHDAAEABAAAAAC~&jid=&gjid=&cid=1097530106.1650965526&tid=UA-3838466-26&_gid=1694986559.1650965526&gtm=2wg4k0W2BBRKX&cd1=https%3A%2F%2Fclarity.microsoft.com%2Fga%2Fal26fychxj%2Fzpa4yx%2F1tr9yiw&z=1554127011
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 15:30:30 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
64897
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
c9b0c9a776f78f3b56b9024ff259bf6d.220x330.jpg
images.1plus1.video/playlist-1/5252/ Frame 997D
86 KB
87 KB
Image
General
Full URL
https://images.1plus1.video/playlist-1/5252/c9b0c9a776f78f3b56b9024ff259bf6d.220x330.jpg
Requested by
Host: 1plus1.video
URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=e5d7a0e0edee2e1241fd9b3cb5108a742a385aed
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
images.1plus1.ua
Software
nginx /
Resource Hash
ded40bc9b131ce8d897e8319b65b204d44da586ca44e661f3acc33cb6438b1f4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 09:32:07 GMT
last-modified
Wed, 19 Jan 2022 15:43:20 GMT
server
nginx
etag
"90f688b5780469424dc2f50e497a080f"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
content-length
88537
accept-ranges
bytes
x-1p1-cdn
BYPASS; Tue, 26 Apr 2022 09:32:07 GMT
expires
Tue, 03 May 2022 09:32:07 GMT
7685b7308bb44288c4f399496048c4df.220x330.jpg
images.1plus1.video/playlist-1/945/ Frame 997D
59 KB
60 KB
Image
General
Full URL
https://images.1plus1.video/playlist-1/945/7685b7308bb44288c4f399496048c4df.220x330.jpg
Requested by
Host: 1plus1.video
URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=e5d7a0e0edee2e1241fd9b3cb5108a742a385aed
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
images.1plus1.ua
Software
nginx /
Resource Hash
143f50225190e7a587d8e43d7504c7645b29f1dfb957eae82f59977a6cc35c98

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 09:32:07 GMT
last-modified
Thu, 20 Jan 2022 12:33:22 GMT
server
nginx
etag
"8bae3cce1b9ac9a8d0dc652c45b532de"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
content-length
60741
accept-ranges
bytes
x-1p1-cdn
BYPASS; Tue, 26 Apr 2022 09:32:07 GMT
expires
Tue, 03 May 2022 09:32:07 GMT
74a4f00b1034d1e5de44c52c5afaf1fd.220x330.jpg
images.1plus1.video/playlist-1/5312/ Frame 997D
32 KB
32 KB
Image
General
Full URL
https://images.1plus1.video/playlist-1/5312/74a4f00b1034d1e5de44c52c5afaf1fd.220x330.jpg
Requested by
Host: 1plus1.video
URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=e5d7a0e0edee2e1241fd9b3cb5108a742a385aed
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
images.1plus1.ua
Software
nginx /
Resource Hash
564790a34f4bb222b6812e6c32b124320b3ccd5db9a922fcff71f72a4bd02673

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 09:32:07 GMT
last-modified
Wed, 19 Jan 2022 15:44:36 GMT
server
nginx
etag
"051dae29b6412985e0d02f1883f31c84"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
content-length
32599
accept-ranges
bytes
x-1p1-cdn
BYPASS; Tue, 26 Apr 2022 09:32:07 GMT
expires
Tue, 03 May 2022 09:32:07 GMT
200x335.jpg
images.1plus1.video/playlist-1/41551/ Frame 997D
9 KB
9 KB
Image
General
Full URL
https://images.1plus1.video/playlist-1/41551/200x335.jpg
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
images.1plus1.ua
Software
nginx /
Resource Hash
aff66da2e24f7833ec3ac1e7136c44b55c3ed0118957894c77eca728bd5fac50

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 09:32:07 GMT
last-modified
Fri, 27 Oct 2017 07:17:24 GMT
server
nginx
etag
"c6748e2cfd7e4055f74da8f1ff19ffa4"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
content-length
8833
accept-ranges
bytes
x-1p1-cdn
BYPASS; Tue, 26 Apr 2022 09:32:07 GMT
expires
Tue, 03 May 2022 09:32:07 GMT
200x335.jpg
images.1plus1.video/playlist-1/9960/ Frame 997D
14 KB
14 KB
Image
General
Full URL
https://images.1plus1.video/playlist-1/9960/200x335.jpg
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
images.1plus1.ua
Software
nginx /
Resource Hash
5767504edc32715193265cf5d3b599a76184ee3dc0856d90915fff2474ee1b24

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 09:32:07 GMT
last-modified
Fri, 27 Oct 2017 07:02:02 GMT
server
nginx
etag
"d341bae25e9d8c82ed89d493016581f7"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
content-length
14487
accept-ranges
bytes
x-1p1-cdn
BYPASS; Tue, 26 Apr 2022 09:32:07 GMT
expires
Tue, 03 May 2022 09:32:07 GMT
220x330.jpg
images.1plus1.video/playlist-1/44376/ Frame 997D
14 KB
14 KB
Image
General
Full URL
https://images.1plus1.video/playlist-1/44376/220x330.jpg
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
images.1plus1.ua
Software
nginx /
Resource Hash
e907d3f2e9ab46e2d2959431618413d3cbe722b9761e406bf765d156b154f90b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 09:32:07 GMT
last-modified
Fri, 27 Oct 2017 07:18:50 GMT
server
nginx
etag
"396db528b829a5251e8fc08d8ff63368"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
content-length
14386
accept-ranges
bytes
x-1p1-cdn
BYPASS; Tue, 26 Apr 2022 09:32:07 GMT
expires
Tue, 03 May 2022 09:32:07 GMT
200x335.jpg
images.1plus1.video/playlist-1/48/ Frame 997D
12 KB
12 KB
Image
General
Full URL
https://images.1plus1.video/playlist-1/48/200x335.jpg
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
images.1plus1.ua
Software
nginx /
Resource Hash
0a79e4b9555c24441d9c72f0c51a7793442ecb15b2b801a802fefca592b91c65

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 09:32:07 GMT
last-modified
Fri, 27 Oct 2017 06:54:58 GMT
server
nginx
etag
"2fc219c3f164ac38c04373b9337a23ee"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
content-length
11853
accept-ranges
bytes
x-1p1-cdn
BYPASS; Tue, 26 Apr 2022 09:32:07 GMT
expires
Tue, 03 May 2022 09:32:07 GMT
6377a284bdacb578df4878bc8331958f.220x330.jpg
images.1plus1.video/playlist-1/7444/ Frame 997D
42 KB
43 KB
Image
General
Full URL
https://images.1plus1.video/playlist-1/7444/6377a284bdacb578df4878bc8331958f.220x330.jpg
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
images.1plus1.ua
Software
nginx /
Resource Hash
1494d2b38bdef6a3475b947ca1d5f10a402a0005b5ac0e1f052e689219dfd703

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 09:32:07 GMT
last-modified
Wed, 26 Aug 2020 15:52:34 GMT
server
nginx
etag
"ffb806c41dc466bdf688de555519a6ee"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
content-length
43433
accept-ranges
bytes
x-1p1-cdn
BYPASS; Tue, 26 Apr 2022 09:32:07 GMT
expires
Tue, 03 May 2022 09:32:07 GMT
55f1bedc694d3cc5486c48c37f4c37cc.220x330.jpg
images.1plus1.video/playlist-1/103957/ Frame 997D
74 KB
74 KB
Image
General
Full URL
https://images.1plus1.video/playlist-1/103957/55f1bedc694d3cc5486c48c37f4c37cc.220x330.jpg
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
images.1plus1.ua
Software
nginx /
Resource Hash
d6a2db3e79fe9b07cd3d639778ab7a14c6b84fb1b8adb4bb7c4148a0ab070de0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 09:32:07 GMT
last-modified
Wed, 03 Feb 2021 13:04:39 GMT
server
nginx
etag
"f6b24d693a392d33eccdd561badd41d4"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
content-length
75576
accept-ranges
bytes
x-1p1-cdn
BYPASS; Tue, 26 Apr 2022 09:32:07 GMT
expires
Tue, 03 May 2022 09:32:07 GMT
220x330.jpg
images.1plus1.video/playlist-1/46079/ Frame 997D
16 KB
17 KB
Image
General
Full URL
https://images.1plus1.video/playlist-1/46079/220x330.jpg
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
images.1plus1.ua
Software
nginx /
Resource Hash
ce43847a09e5b32264fd405cadb39468fa323414fb98a57cf90ca100ecc3f365

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 09:32:07 GMT
last-modified
Fri, 27 Oct 2017 07:19:12 GMT
server
nginx
etag
"49f87d8676cf58992125d43f8dfe90bd"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
content-length
16618
accept-ranges
bytes
x-1p1-cdn
BYPASS; Tue, 26 Apr 2022 09:32:07 GMT
expires
Tue, 03 May 2022 09:32:07 GMT
200x335.jpg
images.1plus1.video/playlist-1/41106/ Frame 997D
13 KB
14 KB
Image
General
Full URL
https://images.1plus1.video/playlist-1/41106/200x335.jpg
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
images.1plus1.ua
Software
nginx /
Resource Hash
6aa5844ad135353e46dc232fe26175ca0b49c9b5ae0fca001f03c06496c05c1a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 09:32:07 GMT
last-modified
Fri, 27 Oct 2017 07:17:14 GMT
server
nginx
etag
"0320d58c71f341a6792beac800431198"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
content-length
13823
accept-ranges
bytes
x-1p1-cdn
BYPASS; Tue, 26 Apr 2022 09:32:07 GMT
expires
Tue, 03 May 2022 09:32:07 GMT
c86c98626e6650b7cc45b9399ba831a7.220x330.jpg
images.1plus1.video/playlist-1/7442/ Frame 997D
53 KB
53 KB
Image
General
Full URL
https://images.1plus1.video/playlist-1/7442/c86c98626e6650b7cc45b9399ba831a7.220x330.jpg
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
images.1plus1.ua
Software
nginx /
Resource Hash
79bfb57ae767aa4d6ff454d85780b53b8b3c9c3c5407efa9a423e1d4b3a57603

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 09:32:07 GMT
last-modified
Wed, 23 Oct 2019 08:24:22 GMT
server
nginx
etag
"05c80966c5cb92f8fc27ec548a7ea448"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
content-length
54238
accept-ranges
bytes
x-1p1-cdn
BYPASS; Tue, 26 Apr 2022 09:32:07 GMT
expires
Tue, 03 May 2022 09:32:07 GMT
56bed3dbc2477b78fa6cf738a9952f4e.220x330.jpg
images.1plus1.video/playlist-1/126226/ Frame 997D
47 KB
47 KB
Image
General
Full URL
https://images.1plus1.video/playlist-1/126226/56bed3dbc2477b78fa6cf738a9952f4e.220x330.jpg
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
images.1plus1.ua
Software
nginx /
Resource Hash
47e0d362a8eaa14f412baa47e2e6be04c9c65e479e6de1281fdb511611ac917e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 09:32:07 GMT
last-modified
Tue, 09 Mar 2021 11:43:06 GMT
server
nginx
etag
"63d497ab8c8f34bcf71c318a6f3101bb"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
content-length
48068
accept-ranges
bytes
x-1p1-cdn
BYPASS; Tue, 26 Apr 2022 09:32:07 GMT
expires
Tue, 03 May 2022 09:32:07 GMT
1757fcb6a34daa11f893254fee0138b4.220x330.jpg
images.1plus1.video/playlist-1/7446/ Frame 997D
42 KB
43 KB
Image
General
Full URL
https://images.1plus1.video/playlist-1/7446/1757fcb6a34daa11f893254fee0138b4.220x330.jpg
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
images.1plus1.ua
Software
nginx /
Resource Hash
7f573b2edce0b3073451c72bda43d4ae913c43a4ce64d90e69ae2897aa89c1b1

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 09:32:07 GMT
last-modified
Wed, 26 Aug 2020 15:50:23 GMT
server
nginx
etag
"f2333e2ee23e5c2e678d7020c404c167"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
content-length
43372
accept-ranges
bytes
x-1p1-cdn
BYPASS; Tue, 26 Apr 2022 09:32:07 GMT
expires
Tue, 03 May 2022 09:32:07 GMT
59c27a9e093f1ea64707f67133bcd71f.220x330.jpg
images.1plus1.video/playlist-1/7441/ Frame 997D
43 KB
43 KB
Image
General
Full URL
https://images.1plus1.video/playlist-1/7441/59c27a9e093f1ea64707f67133bcd71f.220x330.jpg
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
images.1plus1.ua
Software
nginx /
Resource Hash
7aaa78bc1b01f0a951224964358a71ff90abc02b7492f64c88980a13f73dbf95

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 09:32:07 GMT
last-modified
Wed, 26 Aug 2020 15:55:10 GMT
server
nginx
etag
"2a81b5e2906718ff87f0cab7caa5818e"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
content-length
44174
accept-ranges
bytes
x-1p1-cdn
BYPASS; Tue, 26 Apr 2022 09:32:07 GMT
expires
Tue, 03 May 2022 09:32:07 GMT
200x335.jpg
images.1plus1.video/playlist-1/10772/ Frame 997D
14 KB
14 KB
Image
General
Full URL
https://images.1plus1.video/playlist-1/10772/200x335.jpg
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
images.1plus1.ua
Software
nginx /
Resource Hash
3e50ec9bf9cd0bd36e6893758780613e45003ce16354ba6d3efff6e51edb6ef6

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 09:32:07 GMT
last-modified
Fri, 27 Oct 2017 07:02:21 GMT
server
nginx
etag
"26ad09546b4e87969d932db4f3ddc063"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
content-length
13879
accept-ranges
bytes
x-1p1-cdn
BYPASS; Tue, 26 Apr 2022 09:32:07 GMT
expires
Tue, 03 May 2022 09:32:07 GMT
228b454045e09c310f5527498a6a5ce1.220x330.jpg
images.1plus1.video/playlist-1/120214/ Frame 997D
81 KB
82 KB
Image
General
Full URL
https://images.1plus1.video/playlist-1/120214/228b454045e09c310f5527498a6a5ce1.220x330.jpg
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
images.1plus1.ua
Software
nginx /
Resource Hash
bf4b80d75d372b22fefb1daed5d5d5113b8895af5d6f876a67dfaa07b6593c30

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 09:32:07 GMT
last-modified
Mon, 08 Nov 2021 14:27:00 GMT
server
nginx
etag
"71bf4a961435d1e5ba11acad363e4916"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
content-length
83351
accept-ranges
bytes
x-1p1-cdn
BYPASS; Tue, 26 Apr 2022 09:32:07 GMT
expires
Tue, 03 May 2022 09:32:07 GMT
12b3926bb861a8b9a74c7c08aa0b50c5.220x330.jpg
images.1plus1.video/playlist-1/659/ Frame 997D
37 KB
38 KB
Image
General
Full URL
https://images.1plus1.video/playlist-1/659/12b3926bb861a8b9a74c7c08aa0b50c5.220x330.jpg
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
images.1plus1.ua
Software
nginx /
Resource Hash
b2e6c00a45288868369ef6ac73eebb20af2b8a404f13a7a6d2ad2f3854282116

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 09:32:07 GMT
last-modified
Fri, 26 Jun 2020 10:56:32 GMT
server
nginx
etag
"e245ad3d562db3f3947df4042e215baa"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
content-length
38340
accept-ranges
bytes
x-1p1-cdn
BYPASS; Tue, 26 Apr 2022 09:32:07 GMT
expires
Tue, 03 May 2022 09:32:07 GMT
fpdata.js
gaua.hit.gemius.pl/ Frame 997D
281 B
353 B
Script
General
Full URL
https://gaua.hit.gemius.pl/fpdata.js?href=1plus1.video
Requested by
Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/gemiuslib.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.37.238.28 , France, ASN16276 (OVH, FR),
Reverse DNS
ip28.ip-54-37-238.eu
Software
GHC /
Resource Hash
59b6c9f2c6971abbcad2e331ab235df6fd62693258bad4c25d5b5396c6c7cd9f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 09:32:07 GMT
last-modified
Mon, 16 Jul 2012 10:03:40 GMT
server
GHC
etag
PRIVATE7520710249
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
private, max-age=2592000
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-type
application/x-javascript
content-length
281
expires
Thu, 26 May 2022 09:32:07 GMT
lsget.html
ls.hit.gemius.pl/ Frame C369
5 KB
3 KB
Document
General
Full URL
https://ls.hit.gemius.pl/lsget.html
Requested by
Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/gemiuslib.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
146.59.30.104 , France, ASN16276 (OVH, FR),
Reverse DNS
ip104.ip-146-59-30.eu
Software
GHC /
Resource Hash
0b016144dd49628a11a5593d42bd4e909e6151a940fb035474dcac20557e1a90

Request headers

Referer
https://1plus1.video/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
none
cache-control
private, max-age=2592000
content-encoding
gzip
content-length
2721
content-type
text/html;charset=utf-8
cross-origin-resource-policy
cross-origin
date
Tue, 26 Apr 2022 09:32:07 GMT
etag
PRIVATE7520710249
expires
Thu, 26 May 2022 09:32:07 GMT
last-modified
Mon, 16 Jul 2012 10:03:40 GMT
p3p
CP="NOI DSP COR NID PSAo OUR IND"
server
GHC
vary
Accept-Encoding,Origin,User-Agent
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14495005349147051939/ Frame DFCB
12 KB
3 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14495005349147051939/index.html
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c0117e5b51a0f56d9da8a8677faa0cef607b306784f3334e9a4e003f3171a076
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f0009bcbdfe4baf56000cd1b0d8d600f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
170481
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
3315
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Sun, 24 Apr 2022 10:10:46 GMT
expires
Mon, 24 Apr 2023 10:10:46 GMT
last-modified
Wed, 30 Jun 2021 18:10:14 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 2DD5
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CvcT7FrxnYsLmIIfO3gOFnpnIBczb0-hpwpivrKoOrgIQASD9_4UjYJWikoKgB6AB0Maj4QPIAQmpAqjT39Urs3s-4AIAqAMByANIqgSYAk_Q6TPPNZHkWVlv-3bzjvxEKj4tt5nEECmyALw6GAiXT0tLPbsBBtpYLT8se8QUYXcdwWOo_1J04VaBjMMoNzObmnAWX_tQsQY0g5JfS2wvyw-LEgzP4FOMNNHKtFj7RGL7gZIICWv0KkusEY7uXCvDCLa5XjkNAbvVv5k6x-GBiavGHktZJNBQ0oZcUmPgwPDyELE3zpQeYOekLFlHfzhKtoav7Dd7nNQ1Grkh8xavSuo8krsOK-RAzpKYZOqqxBHkznpG-I0mVXwAb1WTcG7g5XF7AH4mFEtMuejsP_ZF4C6brOsL-RZ7KybOkZ7DYMCdcvxbSLb3AV-mnYwDcOgM3mPpEYNB6Xz6mnmbayL9CLNARR6n51TABN-X4NCZAuAEAZIFBAgEGAGSBQQIBRgEoAYugAeYudweqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwUQkvaUAdIICQiI4YAQEAEYHYAKA8gLAdgTCogUAdAVAZgWAYAXAbIXHgocCAASFHB1Yi05MTM4MjQ3NjUzNzU0NTMzGNXbFg&sigh=a8EO7sPIsNI&uach_m=[UACH]&template_id=419
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
/
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://f0009bcbdfe4baf56000cd1b0d8d600f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220421/r20110914/ Frame 2DD5
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220421/r20110914/abg_lite_fy2019.js
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a7d5c1bfe43c8beefab2fa059f4fcaa029fcbbace9a672aae1dfe1ffb7d6976c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://f0009bcbdfe4baf56000cd1b0d8d600f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 09:21:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
643
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8002
x-xss-protection
0
server
cafe
etag
5332015062585099865
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 10 May 2022 09:21:24 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220421/r20110914/client/ Frame 2DD5
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220421/r20110914/client/window_focus_fy2019.js
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://f0009bcbdfe4baf56000cd1b0d8d600f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 09:29:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
181
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 10 May 2022 09:29:06 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2DD5
119 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef2e3293c1558e5b49e30e1e094cfc3412ec386a68067aee04a92fc913f2c2ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://f0009bcbdfe4baf56000cd1b0d8d600f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 09:32:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36950
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1650454428054601"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 26 Apr 2022 09:32:07 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220421/r20110914/client/ Frame 2DD5
15 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220421/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://f0009bcbdfe4baf56000cd1b0d8d600f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 09:26:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
322
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6409
x-xss-protection
0
server
cafe
etag
15284592792851369840
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 10 May 2022 09:26:45 GMT
l
www.google.com/ads/measurement/ Frame 2DD5
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRAC7-EeAIPczGVneB2icrOGpy51n2BkkezZpVo5R-t-9yibMlaM_t0eOMmctiidbXOM6HSas_K3jDI6_1URf6RUCqGqQ
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://f0009bcbdfe4baf56000cd1b0d8d600f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

redot.js
gaua.hit.gemius.pl/_1650965527368/ Frame 997D
2 B
200 B
Script
General
Full URL
https://gaua.hit.gemius.pl/_1650965527368/redot.js?l=107&id=ByA1NmOpnbt8LmYqyjQkWrd8.l0YgocyqLXiHjiJayv.h7&et=data&hsrc=3&extra=_EC%3Dstreamcontent%7C_SPI%3D1650965527507%7C_SP%3D12XPPTDu%7C_SPD%3D2plus2.ua%7C_SPV%3D100%7C_SPR%3D655x370%7C_SC%3D12XPPTDu%7CcurrentDomain%3D2plus2.ua%7CcurrentNetwork%3Dhome%7CprojectID%3D4844%7C_SCV%3D100%7Cmute%3Dfalse%7C_SCR%3D655x370%7C_SCT%3DChomu%20ne%20varto%20vikladati%20fotografiyi%20ukrayinskoyi%20tehniki%20ta%20vijskovih%20v%20internet%7CvideoType%3D3%7CUserType%3DNotAuthorized%7CCategory%3DNWS_2P2%7C_SCD%3D210%7C_SCTE%3DVideo%7C_SCPD%3D20220223%7C_SCTY%3D12%2F00%7CcontentType%3Dnegative%7C_SCTT%3D1&eventid=0&fr=3&tz=0&fv=-&href=https%3A%2F%2F1plus1.video%2Fvideo%2Fembed%2F12XPPTDu%3Fautoplay%3D0%26l%3Dua%26logo%3Dplus2&ref=https%3A%2F%2F2plus2.ua%2F&screen=1600x1200r1000&col=24&window=655x370&ltime=129&lsdata=Loew1hxEeGH_n4yAnjCZLrQ1MIqjR48Inn5_SdtmqOT.S7eBTYs1x7Fi1ycQATB0xJMHFgTFX.hv3Lo.GGic7Ek8KpF8/BaATO3Oc1DcpJ/&fpdata=-TURNEDOFF&vis=1
Requested by
Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/gemiuslib.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.37.238.28 , France, ASN16276 (OVH, FR),
Reverse DNS
ip28.ip-54-37-238.eu
Software
GHC /
Resource Hash
75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Apr 2022 09:32:07 GMT
server
GHC
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-type
application/x-javascript
content-length
2
expires
Mon, 25 Apr 2022 09:32:07 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame B45C
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
H2
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

date
Tue, 26 Apr 2022 09:32:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 18ED
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
H2
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

date
Tue, 26 Apr 2022 09:32:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame DFCB
9 KB
3 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14495005349147051939/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 09:36:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
86153
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3271
x-xss-protection
0
server
cafe
etag
7483759447172721109
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Tue, 26 Apr 2022 09:36:14 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame DFCB
26 KB
10 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14495005349147051939/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 16:13:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
62308
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10382
x-xss-protection
0
server
cafe
etag
12806417668659483808
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Tue, 26 Apr 2022 16:13:39 GMT
efd5af212b790b949ef103480dddb5e7.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14495005349147051939/ Frame DFCB
69 KB
18 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14495005349147051939/efd5af212b790b949ef103480dddb5e7.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14495005349147051939/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8994af594d5b44a2244155d9e567be672557846242b3c65ce86eaaeb652c3744
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
407565
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18481
x-xss-protection
0
last-modified
Wed, 30 Jun 2021 18:10:14 GMT
server
sffe
date
Thu, 21 Apr 2022 16:19:22 GMT
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 21 Apr 2023 16:19:22 GMT
multitracking
ghb.adtelligent.com/adunit/
0
197 B
XHR
General
Full URL
https://ghb.adtelligent.com/adunit/multitracking
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/458601/hbw_master_298309_11708.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.205.201.34 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
static-34-201-205-209.24shells.net
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://2plus2.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://2plus2.ua
Date
Tue, 26 Apr 2022 09:32:07 GMT
Access-Control-Allow-Credentials
true
Server
Adtelligent
Connection
Keep-Alive
bridge3.512.0_uk.html
imasdk.googleapis.com/js/core/ Frame CBFC
631 KB
205 KB
Document
General
Full URL
https://imasdk.googleapis.com/js/core/bridge3.512.0_uk.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
155044da3bf9c8ad13a0788720b187d7d78971f4acc628e695c5c52aa31469c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1plus1.video/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
480777
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
209646
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Wed, 20 Apr 2022 19:59:10 GMT
expires
Thu, 20 Apr 2023 19:59:10 GMT
last-modified
Wed, 20 Apr 2022 19:54:57 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame 997D
44 KB
17 KB
Script
General
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:801::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 09:32:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 26 Apr 2022 09:32:07 GMT
integrator.js
adservice.google.com/adsid/ Frame 997D
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=1plus1.video
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 26 Apr 2022 09:32:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame 03F6
143 B
245 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: f0009bcbdfe4baf56000cd1b0d8d600f.safeframe.googlesyndication.com
URL: https://f0009bcbdfe4baf56000cd1b0d8d600f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f0009bcbdfe4baf56000cd1b0d8d600f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
1528
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Tue, 26 Apr 2022 09:06:39 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 161D
37 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://1plus1.video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 08:34:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3464
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 26 Apr 2022 09:34:23 GMT
truncated
/ Frame 2DD5
215 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8ff010926c781963aa59329983e6b4a7d4108151db014b34539fdc7e95434b44

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
93e3ffb0e5b6fdce462eba20f114fad0.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14495005349147051939/media/ Frame DFCB
56 KB
56 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14495005349147051939/media/93e3ffb0e5b6fdce462eba20f114fad0.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14495005349147051939/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
73bf56ea6f8351f43256926aca4e9fde6c2b6611d2d0a2e8b502333e9675529f
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
568305
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57070
x-xss-protection
0
last-modified
Wed, 30 Jun 2021 18:10:14 GMT
server
sffe
date
Tue, 19 Apr 2022 19:40:22 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 19 Apr 2023 19:40:22 GMT
eadbb2c04084f27a632db891e2f0bb52.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14495005349147051939/media/ Frame DFCB
49 KB
49 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14495005349147051939/media/eadbb2c04084f27a632db891e2f0bb52.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14495005349147051939/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cbcf722da0e822fa4b7af6e0f9f5abd5b5027c8a7ce366fee906eb84a6ec8bfb
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
568305
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49883
x-xss-protection
0
last-modified
Wed, 30 Jun 2021 18:10:14 GMT
server
sffe
date
Tue, 19 Apr 2022 19:40:22 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 19 Apr 2023 19:40:22 GMT
e81dd9b29adfa0844421d6261616836d.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14495005349147051939/media/ Frame DFCB
3 KB
3 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14495005349147051939/media/e81dd9b29adfa0844421d6261616836d.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14495005349147051939/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
353a5e4a7611107a43e8489d208bbb4866ffa68d95da0928af78a3dd7cf1bf93
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
430452
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3108
x-xss-protection
0
last-modified
Wed, 30 Jun 2021 18:10:14 GMT
server
sffe
date
Thu, 21 Apr 2022 09:57:55 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 21 Apr 2023 09:57:55 GMT
c40e2a405217449e27199d726bf1d54f.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14495005349147051939/media/ Frame DFCB
9 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14495005349147051939/media/c40e2a405217449e27199d726bf1d54f.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14495005349147051939/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fdb2789e08860f01c985cc2d7d6133bcb5820c437bf76f5a82e88b121479b86
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
594676
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2016
x-xss-protection
0
last-modified
Wed, 30 Jun 2021 18:10:14 GMT
server
sffe
date
Tue, 19 Apr 2022 12:20:51 GMT
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 19 Apr 2023 12:20:51 GMT
a5ccecbe3fe07ecc3047dbbe39877127.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14495005349147051939/media/ Frame DFCB
9 KB
9 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14495005349147051939/media/a5ccecbe3fe07ecc3047dbbe39877127.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14495005349147051939/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1548772caa46793e03847e6238ecb26258270f399d6103f80ad3d14ebf266d03
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
407565
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9036
x-xss-protection
0
last-modified
Wed, 30 Jun 2021 18:10:14 GMT
server
sffe
date
Thu, 21 Apr 2022 16:19:22 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 21 Apr 2023 16:19:22 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 03F6
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
167 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: f0009bcbdfe4baf56000cd1b0d8d600f.safeframe.googlesyndication.com
URL: https://f0009bcbdfe4baf56000cd1b0d8d600f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 26 Apr 2022 09:32:08 GMT
expires
Tue, 26 Apr 2022 09:32:08 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 26 Apr 2022 09:32:07 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
collect
d.clarity.ms/
0
48 B
XHR
General
Full URL
https://d.clarity.ms/collect
Requested by
Host: d.clarity.ms
URL: https://d.clarity.ms/s/0.6.34/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.76.174.66 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://2plus2.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
https://2plus2.ua
date
Tue, 26 Apr 2022 09:32:07 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
a9dcaf2678123761a5f1cdf22850746c.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14495005349147051939/media/ Frame DFCB
4 KB
1 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14495005349147051939/media/a9dcaf2678123761a5f1cdf22850746c.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14495005349147051939/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b530fdd5766c37515bb33566d4674ae5c5567ed8973d48fd366004c5c212dc70
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
407565
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1238
x-xss-protection
0
last-modified
Wed, 30 Jun 2021 18:10:14 GMT
server
sffe
date
Thu, 21 Apr 2022 16:19:22 GMT
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 21 Apr 2023 16:19:22 GMT
if
a4p.adpartner.pro/tracker/ Frame 0472
0
139 B
Document
General
Full URL
https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%220bd1f457-d36b-4630-87bc-e02d7106f2e1%22%2C%22event%22%3A%22unit_iab_show%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A0%2C%22cost%22%3A0.0021380956177334%2C%22dsp_id%22%3A51%2C%22rule_id%22%3A0%2C%22show_id%22%3A%229cbf18a5-ee0d-4d56-a436-103d73d0fe43%22%7D%5D%2C%22unit_id%22%3A7803%2C%22region_id%22%3A86%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252F2plus2.ua%252F%22%7D
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate no-store no-transform
content-length
0
content-type
image/gif
date
Tue, 26 Apr 2022 09:32:08 GMT
expires
0
pragma
no-cache
server
nginx
if
a4p.adpartner.pro/tracker/ Frame ECF1
0
139 B
Document
General
Full URL
https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%220bd1f457-d36b-4630-87bc-e02d7106f2e1%22%2C%22event%22%3A%22ad_iab_show%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A0%2C%22cost%22%3A0.0021380956177334%2C%22dsp_id%22%3A51%2C%22rule_id%22%3A0%2C%22show_id%22%3A%229cbf18a5-ee0d-4d56-a436-103d73d0fe43%22%7D%5D%2C%22unit_id%22%3A7803%2C%22region_id%22%3A86%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252F2plus2.ua%252F%22%7D
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate no-store no-transform
content-length
0
content-type
image/gif
date
Tue, 26 Apr 2022 09:32:08 GMT
expires
0
pragma
no-cache
server
nginx
/
api.1plus1.video/home/vmap/ Frame CBFC
753 B
1 KB
XHR
General
Full URL
https://api.1plus1.video/home/vmap/?s=2plus2.ua&r=YUhSMGNITTZMeTh5Y0d4MWN6SXVkV0V2&w=655&h=370&c=12XPPTDu&d=web&p1v=0&pid=4844
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.512.0_uk.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
front03.1plus1.ua
Software
nginx /
Resource Hash
dbc5a24f3b39d3bcf13a725f7b352f8ecc7f23672ff9b4832d2dbf4976bf04b2

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Apr 2022 09:32:08 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Content-Type
application/xml
Access-Control-Allow-Origin
https://imasdk.googleapis.com
Cache-Control
no-store, no-cache, must-revalidate
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Credentials
true
Keep-Alive
timeout=15
Expires
Thu, 19 Nov 1981 08:52:00 GMT
d_XgMe7_8DX3JscHlpumBxzOcHqlAtWKp75Cu0r3_I4.js
pagead2.googlesyndication.com/bg/ Frame DFCB
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/d_XgMe7_8DX3JscHlpumBxzOcHqlAtWKp75Cu0r3_I4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
77f5e031eefff035f726c707969ba6071cce707aa502d58aa7be42bb4af7fc8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 08:07:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
5092
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13694
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 26 Apr 2023 08:07:16 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 2DD5
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv0LzwD3WOFf0joifZSClvcWOVNeZRrIkReB50vNuao3baKQUVBJ5b1K3n3L8kY3VI1JoraDeJNN3QNTAI9HH_F8KBm_p7mgW8RJUnO8xljQg24br6AKTEq1wvZKbyelx0mCQmoaG3iRFrE&sai=AMfl-YTBjXm1wLAQufWlFO4RgjcxugBK5kMCIq1uxMldbyKRplxHtHIL4mvcX4qvmrR4mR5DppZd38AuYO8_3fauv36cHlWkLLoXzhp9vQ96Jz2A3ejszkkc4L1nf31Fbow&sig=Cg0ArKJSzASTWiNyroPuEAE&id=lidar2&mcvt=1000&p=1020,80,1140,1060&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220420&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=2435792799&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1650965527209&rpt=392&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://f0009bcbdfe4baf56000cd1b0d8d600f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Apr 2022 09:32:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame B45C
42 B
64 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvQmhfAgPbtkVEnDSlY_NSe_DHkNxGn-s1yItlDRoKwGHYplopzmPJaqkLncXlFnvwzeAdcS2Me0I7YoOwQBxMyIiZeNukr4IEYEbZwg23ZYdCBuqUEeQ&sai=AMfl-YTL9eHjWWWC0J6JVTMQBHXUJh1gQHpiTlUJNk9r8tW0dAItndroyzNVrZYQjLlqK3iL7jKTnHm-UPBiSoZGG6vKHTv0GaZUyBe4wgzeovCeD7j1CBYchg4KZ6xrnR0&sig=Cg0ArKJSzMyHHxShZsrmEAE&id=ampim&o=992,645&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=674&tls=1674&g=99.95833039283752&h=99.95833039283752&tt=1674&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=3937908213
Requested by
Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Apr 2022 09:32:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?CtsSyncId=26FB80642D3E4FE7BC7D8081F48BCF0F&RedC=c.clarity.ms&MXFR=09785F38D0386A0837E04EAAD4386415
  • https://c.clarity.ms/c.gif?CtsSyncId=26FB80642D3E4FE7BC7D8081F48BCF0F&MUID=3287A780370E6F730134B61236856E6E
42 B
368 B
Image
General
Full URL
https://c.clarity.ms/c.gif?CtsSyncId=26FB80642D3E4FE7BC7D8081F48BCF0F&MUID=3287A780370E6F730134B61236856E6E
Protocol
H2
Server
52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Apr 2022 09:32:08 GMT
last-modified
Fri, 18 Mar 2022 19:39:54 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"8120eaf0ff3ad81:0"
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42

Redirect headers

pragma
no-cache
date
Tue, 26 Apr 2022 09:32:08 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 8556F6916CC34505A8157C0A20E1FA79 Ref B: FRA31EDGE0617 Ref C: 2022-04-26T09:32:09Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?CtsSyncId=26FB80642D3E4FE7BC7D8081F48BCF0F&MUID=3287A780370E6F730134B61236856E6E
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
sodar
pagead2.googlesyndication.com/getconfig/
14 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022042101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7f5f2e26f64f54c9515ff82a2b3958ac46c438ebb3f53459a5fcb89cd03d49b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 26 Apr 2022 09:32:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10780
x-xss-protection
0
syncframe
gum.criteo.com/ Frame DBE3
13 KB
5 KB
Document
General
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=2plus2.ua
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
2d97ecc3fc54beb500cfdfaab6e611f49e22c5dbaf368ede1c612e50bfd5099f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://2plus2.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-length
5136
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 26 Apr 2022 09:32:08 GMT
server-processing-duration-in-ticks
2796
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 09:32:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 26 Apr 2022 09:32:08 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5FC9
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2plus2.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
1402
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 26 Apr 2022 09:08:46 GMT
expires
Wed, 26 Apr 2023 09:08:46 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame E92A
783 B
536 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
4bb408a78beb4f02b5289339069a7d8ea6353d26834b5e0259509c8f8d8d75f9
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-5yLWRIuMEBGuHLd5pvDVJQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://2plus2.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-5yLWRIuMEBGuHLd5pvDVJQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 26 Apr 2022 09:32:08 GMT
expires
Tue, 26 Apr 2022 09:32:08 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sid
mug.criteo.com/ Frame DBE3
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=2plus2.ua&sn=ChromeSyncframe&so=0&topUrl=2plus2.ua&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=kXwXnnxrUjRKUzUxU0xSQ1BRa0NEekxpUmFQVENPMENGbitoVU9kYVJoU2xSVExPV3p6d0xQd2szN21QbG1INUsySGIxUWxGTFgvUFJFNDdlRFl5NCtJS2tmNDZPQ0tKUXAzK3E0ZEpwNkxhUEtwajF6K1c0MzBIVlB2Wn...
417 B
628 B
Fetch
General
Full URL
https://mug.criteo.com/sid?cpp=kXwXnnxrUjRKUzUxU0xSQ1BRa0NEekxpUmFQVENPMENGbitoVU9kYVJoU2xSVExPV3p6d0xQd2szN21QbG1INUsySGIxUWxGTFgvUFJFNDdlRFl5NCtJS2tmNDZPQ0tKUXAzK3E0ZEpwNkxhUEtwajF6K1c0MzBIVlB2WnpvMHg1RXJnSkFhNEFFRTJiS3Jmb0VOZ0djakNZNG9Nb0phckpmamJvL1ZHbmtqSTdySG9KaXF5TUF2TWVWMWtidXBvL21nbUJncWUxSmd1VzdYUjNydmVHRHE0SFdJNGZxUnZpdHRjbkJsZFRmUXZ5Y1BxOFZkMlMvTHpWcENaR1Z4TnArYUFWWVd5dDhsc1VXMlZ5MnlZUlZZMzRndz09fA&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
6bc87dfab52f0ec81f96fc75f58e5d357898701e94fde529c10de11db7625ef7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Apr 2022 09:32:08 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
4899
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Tue, 26 Apr 2022 09:32:08 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=kXwXnnxrUjRKUzUxU0xSQ1BRa0NEekxpUmFQVENPMENGbitoVU9kYVJoU2xSVExPV3p6d0xQd2szN21QbG1INUsySGIxUWxGTFgvUFJFNDdlRFl5NCtJS2tmNDZPQ0tKUXAzK3E0ZEpwNkxhUEtwajF6K1c0MzBIVlB2WnpvMHg1RXJnSkFhNEFFRTJiS3Jmb0VOZ0djakNZNG9Nb0phckpmamJvL1ZHbmtqSTdySG9KaXF5TUF2TWVWMWtidXBvL21nbUJncWUxSmd1VzdYUjNydmVHRHE0SFdJNGZxUnZpdHRjbkJsZFRmUXZ5Y1BxOFZkMlMvTHpWcENaR1Z4TnArYUFWWVd5dDhsc1VXMlZ5MnlZUlZZMzRndz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1971
content-length
541
expires
0
LE6A1jkwhzHIveaC2PWdXlafu4EKGxRoxiYl273qJjE.js
pagead2.googlesyndication.com/bg/ Frame 5FC9
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/LE6A1jkwhzHIveaC2PWdXlafu4EKGxRoxiYl273qJjE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2c4e80d639308731c8bde682d8f59d5e569fbb810a1b1468c62625dbbdea2631
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 20:02:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
480579
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13647
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 20 Apr 2023 20:02:30 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame E92A
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022042101&jk=2493387618843531&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

generate_204
tpc.googlesyndication.com/ Frame 5FC9
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?XIX_Zg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 09:32:09 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
json
gum.criteo.com/sid/ Frame
0
0
Preflight
General
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2F2plus2.ua%2F&domain=2plus2.ua&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://2plus2.ua
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://2plus2.ua
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 26 Apr 2022 09:32:08 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1409
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2F2plus2.ua%2F&domain=2plus2.ua&cw=1&pbt=1&lsw=1
  • https://mug.criteo.com/sid?cpp=bQcObHxENXB2cUpoM1ZaNTYwTDdoSzBCdVdLR1g3ZG5iQlE0dTBsMnAzclB3QWZWS2J0T09pN0gxQ2JhUzMwdFBrd2M2UGZCc0cyYmJCSXA2WHN0SHBjQ0NOakhqUU5VbjFPUkdCYU42cDNISGU3R0dxLzNXUnNDc1dDSF...
400 B
652 B
XHR
General
Full URL
https://mug.criteo.com/sid?cpp=bQcObHxENXB2cUpoM1ZaNTYwTDdoSzBCdVdLR1g3ZG5iQlE0dTBsMnAzclB3QWZWS2J0T09pN0gxQ2JhUzMwdFBrd2M2UGZCc0cyYmJCSXA2WHN0SHBjQ0NOakhqUU5VbjFPUkdCYU42cDNISGU3R0dxLzNXUnNDc1dDSFdkeVI5Y2hLTlcwZWtPK3REbElmTFR5VU5sSXBzMDRqSldYNXAwOUFhNHJkdHF6aVhIR3pZQTBYTXZReDZIT0NFbU1Ud0ptZHZkaUxIL0xSc1Y2Y0xXUHdZREMrWG0xOVMwV3p1ZVJVUFFCdnFveWhnVk1ranYxdXgxV3VHb3NHYk1nZjQ3VUJydDVmdGNWeGR4c1lBcGh6ayt6cmx6UT09fA&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
773ebb63199b0a3f8eb61439688b29b50516a745d17cb9227ba6b6afa36cdca7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Apr 2022 09:32:09 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3799
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Tue, 26 Apr 2022 09:32:09 GMT
location
https://mug.criteo.com/sid?cpp=bQcObHxENXB2cUpoM1ZaNTYwTDdoSzBCdVdLR1g3ZG5iQlE0dTBsMnAzclB3QWZWS2J0T09pN0gxQ2JhUzMwdFBrd2M2UGZCc0cyYmJCSXA2WHN0SHBjQ0NOakhqUU5VbjFPUkdCYU42cDNISGU3R0dxLzNXUnNDc1dDSFdkeVI5Y2hLTlcwZWtPK3REbElmTFR5VU5sSXBzMDRqSldYNXAwOUFhNHJkdHF6aVhIR3pZQTBYTXZReDZIT0NFbU1Ud0ptZHZkaUxIL0xSc1Y2Y0xXUHdZREMrWG0xOVMwV3p1ZVJVUFFCdnFveWhnVk1ranYxdXgxV3VHb3NHYk1nZjQ3VUJydDVmdGNWeGR4c1lBcGh6ayt6cmx6UT09fA&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://2plus2.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1939
content-length
541
expires
0
692.json
id5-sync.com/g/v2/
213 B
527 B
XHR
General
Full URL
https://id5-sync.com/g/v2/692.json
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/458601/hb_298309_11708.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.89.42.88 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
p27.id5-sync.com
Software
/
Resource Hash
3125c1ea83824995865371165e5021548dab498db363ada63d5b174d09c990d8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://2plus2.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://2plus2.ua
Date
Tue, 26 Apr 2022 09:32:08 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
sid
mug.criteo.com/ Frame
0
0
Preflight
General
Full URL
https://mug.criteo.com/sid?cpp=bQcObHxENXB2cUpoM1ZaNTYwTDdoSzBCdVdLR1g3ZG5iQlE0dTBsMnAzclB3QWZWS2J0T09pN0gxQ2JhUzMwdFBrd2M2UGZCc0cyYmJCSXA2WHN0SHBjQ0NOakhqUU5VbjFPUkdCYU42cDNISGU3R0dxLzNXUnNDc1dDSFdkeVI5Y2hLTlcwZWtPK3REbElmTFR5VU5sSXBzMDRqSldYNXAwOUFhNHJkdHF6aVhIR3pZQTBYTXZReDZIT0NFbU1Ud0ptZHZkaUxIL0xSc1Y2Y0xXUHdZREMrWG0xOVMwV3p1ZVJVUFFCdnFveWhnVk1ranYxdXgxV3VHb3NHYk1nZjQ3VUJydDVmdGNWeGR4c1lBcGh6ayt6cmx6UT09fA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 26 Apr 2022 09:32:08 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1286
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022042101&jk=2493387618843531&bg=!v7ylvPjNAAYXWUUuN1k7ACkAdvg8WjXE76jO6rjo_XRnUnt5WeDOirQRylpunN0wBV_VqesnH62CnwIAAABxUgAAAANoAQcKAAY3hBgA6J2ZAqezuaWh5x88VYwtdo3vVszCYVmxVUESuqaazvRGOOpdmFnSF0RItUN064VELyz0X-Nk2DKU-cpmhwHLgKBOKE14-_ZfcWjxly2u4KcjWwPy60UuIwqck0-yv2q2YVcyHapGlcsf3cXghkNy7TTpWmh4zddOQVjofzU1QcZlTiCqZwT2jY5395Hi0vAhPmF4-m0s_IBVFhfZIu4IkTmD_3hyuOoXynxp5tfMA_lB0dnlmsElWjRi_jtgWeBQ0zUVRdBmii9YiaXC9hAd1SioXlDeaw-jiGVoWmX-GFrN2y7AJBpaElBHE40WUb3i1dzOhedneJeRTrLMLiwX8DQjE_6uwI6nAxKO3Csb8fzN9YAnBjOG6vTehdzklnNMZsjgi0buj_bxt9xmr3eKebPBdtMYPkGnhBQb7r_H-Z-tEaDS1zByfzH0iEUdV9MTaGBBtKK3GeksoSfaNDJJ651tMPrZ5VsA0UCOuA1-DZnoKxZZRKnznWOpQklEGz_HY90hu-X2W4NvIi8jh6D5nyniHwP7j0FcQDNBeCPoD7WZTkkx1HLmZPDySxDpZzoCQYS4ejU1y0BK9YbQ5Wm366yr9tgexqTBWqFWi4WW0oVsTnwfGx5OeBxhjDTC5q266B0Tv0hQqmDXx09qcn2m7GP7GlLi7ouK383cwu3yy6pRpuHFbjHUj15KnANeuOnEsvrYZ-wWfre4846Scpg38WdKjUWXCaI1FoK6n9bvzJicVYoMBBMCxR9l5lBjI5QPxG8jqTC0r4brAP2Q2NyiBZ1t-saacERXnbU4l39xFJDvZPiBxQrqFRjauY5QcX_9Q2D2qutanAi_G_L3tZxy96TYJDmxpi4JI5_IQvdpQtQ0ObUS7sMnvPp6cnOS1IV1quU2VCYUTAHcma6V
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2plus2.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

collect
d.clarity.ms/
0
48 B
XHR
General
Full URL
https://d.clarity.ms/collect
Requested by
Host: d.clarity.ms
URL: https://d.clarity.ms/s/0.6.34/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.76.174.66 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://2plus2.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
https://2plus2.ua
date
Tue, 26 Apr 2022 09:32:10 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
tt
a4p.adpartner.pro/ Frame 8DC4
0
0
Document
General
Full URL
https://a4p.adpartner.pro/tt?time=10&apuid=0bd1f457-d36b-4630-87bc-e02d7106f2e1&session_pageview=1&session_id=53cebb5e-8ad2-40b7-93eb-04119e24b261&site_visited=1&location=https%3A%2F%2F2plus2.ua%2F&referer=
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/vunit?id=1412&0.21908007694621845
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash

Request headers

Referer
https://2plus2.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store no-transform
date
Tue, 26 Apr 2022 09:32:16 GMT
server
nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
fastlane.rubiconproject.com
URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2126352&size_id=15&eid_pubcid.org=9f8094a4-5736-442d-bc2e-7aaa4ce2af91%5E1&rf=https%3A%2F%2F2plus2.ua%2F&tg_i.pbadslot=%2F82479101%2F2plus2.ua%2F2plus2_300x250%23ad-slot-1&tk_flint=pbjs_lite_v6.7.0-pre&x_source.tid=0aab71cf-ac55-4c2b-92ee-05e529e59a84&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F82479101%2F2plus2.ua%2F2plus2_300x250%23ad-slot-1&slots=1&rand=0.3212162122518394
Domain
fastlane.rubiconproject.com
URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2126352&size_id=10&eid_pubcid.org=9f8094a4-5736-442d-bc2e-7aaa4ce2af91%5E1&rf=https%3A%2F%2F2plus2.ua%2F&tg_i.pbadslot=%2F82479101%2F2plus2.ua%2F2plus2_300x600_2%23ad-slot-2&tk_flint=pbjs_lite_v6.7.0-pre&x_source.tid=4fc49c15-a98c-44e9-9ef6-ac1392e56a3c&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F82479101%2F2plus2.ua%2F2plus2_300x600_2%23ad-slot-2&slots=1&rand=0.6947840756792001
Domain
prebid.a-mo.net
URL
https://prebid.a-mo.net/a/c
Domain
adtelligent-d.openx.net
URL
https://adtelligent-d.openx.net/w/1.0/arj?ju=https%3A%2F%2F2plus2.ua%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=0c9cd2fc-b9eb-4677-b488-4b57f410cbc8%2C0aab71cf-ac55-4c2b-92ee-05e529e59a84%2C4fc49c15-a98c-44e9-9ef6-ac1392e56a3c%2Ccb202a04-3569-4169-9567-75331e150449&nocache=1650965526233&pubcid=9f8094a4-5736-442d-bc2e-7aaa4ce2af91&schain=1.0%2C1!adtelligent.com%2C298309%2C1%2C%2C%2C&aus=2000x1300%7C300x250%7C300x600%7C1440x180&divids=div-gpt-ad-1563887551234-0%2Cad-slot-1%2Cad-slot-2%2Cgpt-12470d54-a869-4446-90ea-5952de213ab5&aucs=%252F82479101%252F2plus2.ua%252FBranding%2523div-gpt-ad-1563887551234-0%2C%252F82479101%252F2plus2.ua%252F2plus2_300x250%2523ad-slot-1%2C%252F82479101%252F2plus2.ua%252F2plus2_300x600_2%2523ad-slot-2%2C%252F82479101%252F2plus2.ua%252Fcatfish%2523gpt-12470d54-a869-4446-90ea-5952de213ab5&auid=541177132%2C541177132%2C541177132%2C541177132
Domain
hbopenbid.pubmatic.com
URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Domain
ghb1.adtelligent.com
URL
https://ghb1.adtelligent.com/v2/auction/
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/ut/v3/prebid
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/ut/v3/prebid
Domain
fastlane.rubiconproject.com
URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48106&zone_id=2153570&size_id=15&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=9f8094a4-5736-442d-bc2e-7aaa4ce2af91%5E1&rf=https%3A%2F%2F2plus2.ua%2F&tg_i.pbadslot=%2F82479101%2F2plus2.ua%2F2plus2_300x250%23ad-slot-1&tk_flint=pbjs_lite_v6.7.0-pre&x_source.tid=0aab71cf-ac55-4c2b-92ee-05e529e59a84&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F82479101%2F2plus2.ua%2F2plus2_300x250%23ad-slot-1&slots=1&rand=0.007694851890766463
Domain
fastlane.rubiconproject.com
URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48106&zone_id=2153570&size_id=10&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=9f8094a4-5736-442d-bc2e-7aaa4ce2af91%5E1&rf=https%3A%2F%2F2plus2.ua%2F&tg_i.pbadslot=%2F82479101%2F2plus2.ua%2F2plus2_300x600_2%23ad-slot-2&tk_flint=pbjs_lite_v6.7.0-pre&x_source.tid=4fc49c15-a98c-44e9-9ef6-ac1392e56a3c&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F82479101%2F2plus2.ua%2F2plus2_300x600_2%23ad-slot-2&slots=1&rand=0.7563736927245857

Verdicts & Comments Add Verdict or Comment

108 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails object| googletag object| vmpbjs object| vpb object| _paq object| dataLayer function| gemius_hit function| gemius_event function| pp_gemius_hit function| pp_gemius_event string| pp_gemius_identifier object| _opov object| head object| script boolean| canRunAds function| $ function| jQuery boolean| mCustomScrollbar number| dx object| ggeac object| google_tag_data object| google_js_reporting_queue function| vmpbjsChunk object| _pbjsGlobals undefined| google_measure_js_timing number| bannerNum string| scr object| div object| x number| len undefined| newScript object| adexOpt object| APC object| functionCallbacks boolean| functionLock boolean| apuidExists function| waitForApuID boolean| initVisitTime object| logVisitTime number| sessionPageview object| result string| key string| apuid object| sessionData object| loadedBanners object| onMainScriptLoad object| loadAdpartnerVUnit object| timeout object| gemius_cmpclient object| gemius_hcconn function| gemius_init function| pp_gemius_init number| pp_gemius_cnt object| google_tag_manager string| GoogleAnalyticsObject function| ga function| fbq function| _fbq function| clarity object| JSON2 object| Piwik object| AnalyticsTracker function| piwik_log function| adpartnerVUnit object| gaplugins object| gaGlobal object| gaData function| onYouTubeIframeAPIReady object| banner1412_51871773489982840 boolean| mouseflowDisableKeyLogging object| mouseflowHeatmap object| mouseflow undefined| getApuID object| shownAds7803 object| initRtb1650965525936096232 object| Criteo object| banner7803_1650965525936096232 object| banner1650965525936096232 object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| criteo_pubtag object| criteo_pubtag_prebid_117 object| Criteo_prebid_117 object| ampInaboxIframes object| ampInaboxPendingMessages object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| GoogleGcLKhOms object| google_image_requests

59 Cookies

Domain/Path Name / Value
2plus2.ua/ Name: XSRF-TOKEN
Value: eyJpdiI6IlNLM0VHR2lrRTl2Q1liWUNqY2ZObVE9PSIsInZhbHVlIjoiQzhBODhqTmtNbFRmSWViQ3p3OEk4djV4UHhuOVlBSkRvZDZpZkZkbzhNRGJybjZJT0FueElHb2NJQVhycHhEKyIsIm1hYyI6IjI4NTVlNjdmOTZlNTA3YjBlM2U2MzE3YzkwZWRlNmNmYmYzMjA3NDQwYTdjMThmOTAzZWQxMmRkNTlmZTA2MTQifQ%3D%3D
2plus2.ua/ Name: 2plus2_session
Value: eyJpdiI6ImJBRkJERVFjclwvUzRzYVkxZDFjYnB3PT0iLCJ2YWx1ZSI6Ikt1ZHdlRmx5SUt6eHBuYTJcL05OYlMxUWlTcWh4RUhrNXk1NE1xWHRSSDFqRlZVUlhCYVUxcENGMGVWQSt4WHB1IiwibWFjIjoiYjQ5YjVmNjhiNDA2NDU2N2ZhNGQyNzZhNjJkOTRkNjA5ODVjNzBlYWYyYzliYWI2YzhlMmZjYmQ2MjkyNjk2MCJ9
.1plus1.video/ Name: _opov_sid_
Value: 736d07967vrj6369g8193a9off
2plus2.ua/ Name: session_id
Value: 53cebb5e-8ad2-40b7-93eb-04119e24b261
2plus2.ua/ Name: session_pageview
Value: 1650965525.1
2plus2.ua/ Name: site_visited
Value: 1651051925.1
2plus2.ua/ Name: lapuid
Value: 0bd1f457-d36b-4630-87bc-e02d7106f2e1
2plus2.ua/ Name: _pk_id.6.87d8
Value: 05650d03634247ce.1650965526.1.1650965526.1650965526.
2plus2.ua/ Name: _pk_ses.6.87d8
Value: *
.2plus2.ua/ Name: __gfp_64b
Value: 9ArXRDrJC2ldCePhAgTIOQaFlzrggWyRq3VyJyYgIsr.P7|1650965525
a4p.adpartner.pro/ Name: apuid
Value: 0bd1f457-d36b-4630-87bc-e02d7106f2e1
a4p.adpartner.pro/ Name: apudmg
Value: 1
.2plus2.ua/ Name: _gid
Value: GA1.2.1694986559.1650965526
.2plus2.ua/ Name: _gat_UA-3838466-26
Value: 1
.2plus2.ua/ Name: _gat_UA-113262294-1
Value: 1
.2plus2.ua/ Name: _ga_KRRGZR24WG
Value: GS1.1.1650965525.1.0.1650965525.0
.2plus2.ua/ Name: _ga
Value: GA1.1.1097530106.1650965526
1plus1.video/ Name: _opov_hid_l
Value: 5201373b-fd9d-597c-8479-1de057355ea7
www.clarity.ms/ Name: CLID
Value: a3b6f13f04cb45389f183a08db7486c4.20220426.20230426
.2plus2.ua/ Name: _fbp
Value: fb.1.1650965526153.668903437
2plus2.ua/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.2plus2.ua/ Name: _pubcid
Value: 9f8094a4-5736-442d-bc2e-7aaa4ce2af91
.admixer.net/ Name: am-uid
Value: b763b7135ed2431285cde6d593c24017
pbjs.e-planning.net/ Name: CT
Value: 1
.ads.adnuntius.delivery/ Name: usi
Value: lws1!c5a5c438258e6f883ecd3cfcbade806a
.ads.adnuntius.delivery/ Name: sessionId
Value: 481a1488a41f36c7e0c164f375966cd2
.e-planning.net/ Name: E
Value: AOb19V45HEUANZGF
.2plus2.ua/ Name: _clck
Value: zpa4yx|1|f0y|0
.uuidksinc.net/ Name: jcsuuid
Value: 60qPSNzyK9kDLy8PpLe5
.eskimi.com/ Name: __eConsent
Value: 1
.adhigh.net/ Name: gi_u
Value: 5AykLz2UP17.AikABlGAZTa46Q
a4p.adpartner.pro/ Name: buyeruid_63
Value: bfeed611-ec73-4470-734b-1b0e95fdb0cf
a4p.adpartner.pro/ Name: buyeruid_64
Value: 0ef52fa8-e2d0-4907-6fa5-fe53e29fefa1
.2plus2.ua/ Name: __gads
Value: ID=7a215126f9b6f046-22d5b64883cd00c4:T=1650965526:S=ALNI_MZZQ2gXMJgNKJjFEheJ-_MnI9deuQ
.betweendigital.com/ Name: dc
Value: was1
.betweendigital.com/ Name: ss
Value: 1
.betweendigital.com/ Name: tuuid
Value: ba589e51-2265-5374-aeeb-e029cc8c5c3f
.doubleclick.net/ Name: IDE
Value: AHWqTUlsqpduzK0Nk9ZQRXv5szwhRABwZwUGKLCLTyq_B45aJAnPhNxpqCdEsnrD6Ss
.2plus2.ua/ Name: _clsk
Value: 1tr9yiw|1650965527117|1|1|d.clarity.ms/collect
.adtelligent.com/ Name: vmuid
Value: 1196309b3e816481
.adtelligent.com/ Name: a307558
Value: 0bd1f457-d36b-4630-87bc-e02d7106f2e1
.betweendigital.com/ Name: ut
Value: Yme8FwABsZgztLjNdejBnclGPMeuweZmjIQbmQ==
a4p.adpartner.pro/ Name: buyeruid_47
Value: ba589e51-2265-5374-aeeb-e029cc8c5c3f
a4p.adpartner.pro/ Name: buyeruid_57
Value: ba589e51-2265-5374-aeeb-e029cc8c5c3f
.hit.gemius.pl/ Name: Gdyn
Value: KlSVwMaGQMQGC2TRFvhGpclissGMW1soL6nxmG712QnIwvaiGsRP5eSiGKGGqeBRgGlsle82syRPgSVgRMSG
.doubleclick.net/ Name: DSID
Value: NO_DATA
.acint.net/ Name: test_cookie
Value: CheckForPermission
.acint.net/ Name: aid
Value: fwAAAWJnvBgDqAp3BiUYAmJeOGoscrd2t6ANPpLn+mxn85u8
.acint.net/ Name: cSyncDp14v3
Value: 1650965528
.ssp-rtb.sape.ru/ Name: sspuid
Value: fwAAAWJnvBgmLgA9lDZSAoEMTy3Vf6ttGWiOGuz06RagonG+
a4p.adpartner.pro/ Name: buyeruid_53
Value: 0100007F18BC6762770AA80302182506
a4p.adpartner.pro/ Name: buyeruid_55
Value: 0100007F18BC6762770AA80302182506
.criteo.com/ Name: uid
Value: a4838966-fae9-45e7-ab95-eda32c527bd0
.c.bing.com/ Name: SRM_B
Value: 3287A780370E6F730134B61236856E6E
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 3287A780370E6F730134B61236856E6E
.c.clarity.ms/ Name: ANONCHK
Value: 0
.2plus2.ua/ Name: cto_bundle
Value: mHPXF19kWHpFcE5HbnVNdndtUzdNMHhpeFN2cjlqV093WG11bVRKY1hFNFltbk53R0duOG1mdUxWa1IzYXYlMkJ6RyUyQmdrZGZrM0tUSTZncUtJYUJ1YVU4NUxqVFd2RlNGM0JNODcxYTRibUlFazVSdkZreWNGWm1ZaEI3cXBSOE90OW5na1REM3pmbmFTYU9rcmhWUUhyNUZqd29RJTNEJTNE
.2plus2.ua/ Name: cto_bidid
Value: kHqJiF9MYThGJTJCRjBZczZueHM2RkFldjBYbFJuNHZtU1Uwa2FrMURQZVVlc2J6Vkp4NXZtQXJxOE1teXhWMGNMV3hBUk9JRUw0TDdWMDRtbFpHNG01M3pnWWQ0dzBQcVRrMmZEMGJ3TmRFbFNva0xFJTNE

3 Console Messages

Source Level URL
Text
network error URL: https://script.crazyegg.com/pages/scripts/0068/3674.js
Message:
Failed to load resource: the server responded with a status of 410 ()
other warning URL: https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1plus1.video
1x1.a-mo.net
2plus2.ua
a4p.adpartner.pro
acint.net
ads.adnuntius.delivery
ads.betweendigital.com
adservice.google.com
adservice.google.de
adtelligent-d.openx.net
api.1plus1.video
assay.1plus1.ua
bidder.criteo.com
c.bing.com
c.clarity.ms
cdn.ampproject.org
cdn.mouseflow.com
connect.facebook.net
d.clarity.ms
dm-eu.hybrid.ai
dsp-trk.eskimi.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
exchange.buzzoola.com
f0009bcbdfe4baf56000cd1b0d8d600f.safeframe.googlesyndication.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
gaua.hit.gemius.pl
ghb.adtelligent.com
ghb1.adtelligent.com
go.rcvlink.com
googleads.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
i.cdnkimg.com
ib.adnxs.com
id5-sync.com
images.1plus1.video
imasdk.googleapis.com
inv-nets.admixer.net
ls.hit.gemius.pl
match.new-programmatic.com
mug.criteo.com
onetag-sys.com
pagead2.googlesyndication.com
pbjs.e-planning.net
player.adtcdn.com
player.adtelligent.com
prebid-eu.creativecdn.com
prebid.a-mo.net
px.adhigh.net
s.uuidksinc.net
s0.2mdn.net
script.crazyegg.com
securepubads.g.doubleclick.net
ssp-rtb.sape.ru
static.criteo.net
stats.g.doubleclick.net
sync.adtelligent.com
t.trafmag.com
tpc.googlesyndication.com
www.acint.net
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
adtelligent-d.openx.net
fastlane.rubiconproject.com
ghb1.adtelligent.com
hbopenbid.pubmatic.com
ib.adnxs.com
prebid.a-mo.net
136.243.84.74
142.250.186.66
144.76.118.200
146.0.227.109
146.59.30.104
168.119.145.118
178.250.0.157
178.250.0.165
185.184.8.90
193.200.65.5
193.232.150.61
195.137.240.102
195.137.240.108
195.137.240.12
195.137.240.20
195.137.240.88
209.205.201.34
217.65.2.150
23.111.9.38
23.227.139.243
2606:4700:3030::6815:5525
2606:4700::6813:9408
2620:1ec:27::cafe:1734
2620:1ec:c11::200
2a00:1450:4001:801::2002
2a00:1450:4001:801::200a
2a00:1450:4001:808::2002
2a00:1450:4001:808::200a
2a00:1450:4001:809::2003
2a00:1450:4001:813::200e
2a00:1450:4001:827::2004
2a00:1450:4001:828::200e
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2008
2a00:1450:400c:c00::9d
2a00:1450:400e:801::2006
2a02:2638:1::3
2a02:2638::1c
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
2a06:98c1:3121::7
3.223.60.98
31.220.27.134
34.120.139.69
37.18.103.21
40.76.174.66
45.133.44.3
45.133.44.36
46.249.52.249
46.4.121.26
51.38.120.206
51.89.42.88
52.142.114.2
54.37.238.28
54.38.197.123
96.46.186.57
01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb
0479c803e597c9eacc35328c18e47b75104c9c67359da67d31fa807de6309663
04beacc279624ccef5244d9419e8733b4b3e44357844d7bf4a0cb58c795e5f7e
0504d9f9a134a9acc6d5ffefacd131df9ed5ac7023d3c2aeecd48a4d0419a3e8
086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e
08c321615bfe65e41e8aef06d659058d5bbcf35c9d6e539962337833d7178b8a
09fba596f1ba572cf4b3ceb9c1f3962d1b75bbb4a6d6d7707f1f93e2fe889aee
0a79e4b9555c24441d9c72f0c51a7793442ecb15b2b801a802fefca592b91c65
0b016144dd49628a11a5593d42bd4e909e6151a940fb035474dcac20557e1a90
0b43999f77e447254a78e068f55a6cc9075071b252277337b901e095e607e474
10066841bfc9534e75adc9de3c5b8f027a6d4cf60e8cc53debef50491928e60d
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12dce315d1b30fafff70b92232490b5b1996e8bebc262cb96da11399f5101707
143f50225190e7a587d8e43d7504c7645b29f1dfb957eae82f59977a6cc35c98
1494d2b38bdef6a3475b947ca1d5f10a402a0005b5ac0e1f052e689219dfd703
1513d4318a1dd86dc18b04a7c79d4881f71be210132625d7dbff1ebad0ea5b5c
1532bcc72c38d2a840ec42e83b35d53515146a8401f7424bcc666c982cefe93e
1548772caa46793e03847e6238ecb26258270f399d6103f80ad3d14ebf266d03
155044da3bf9c8ad13a0788720b187d7d78971f4acc628e695c5c52aa31469c0
162494aa6881face214d38b96351f874a65216201f50e94761ca21808c0aa93f
17c04cf3cf749a7a7ba318bac9fc00761437f300c6ebbb51c04592f594519c08
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1ec70c7fb22a0abb4cf77eab8f2b4b3a5c674107b30f1bdf7f4d118a9c61e7da
213738a8de7a1e55874dcbc92825c84599256579b64f60f19c2514e61844e6bb
265564711b8fd136d368efb9154e8b2758c252140b92d442bf497e60ceffd01b
26b24e45de221324896ebf42fc5982d8387c8672aace4eee6ac923b21fb2cac7
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
2c4e80d639308731c8bde682d8f59d5e569fbb810a1b1468c62625dbbdea2631
2cec75957c7622402fd8427afd02bd2249b749678a35f052774fbee3842795a5
2d97ecc3fc54beb500cfdfaab6e611f49e22c5dbaf368ede1c612e50bfd5099f
2ddefcdc9f260c5ffeb93fed110fe9d929028226f9a2d8a4934ea52b546e9640
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e8fa2037c41372ddc72ea1e08a477ba37998b54b5416b8cff0554fa5b865e27
2eb2a641ec9143273f4f5ba4f1526364fd4b1a040b628b4be54b77dbe362690f
3125c1ea83824995865371165e5021548dab498db363ada63d5b174d09c990d8
33a45a5a9868fae393389cde23193e59ecadb3a257550ceb3d7499b15d985d10
344eccc5f3ea7ebac658c1b57b9b4a21b83405d1065a480bf2bb3d01628e5e20
353a5e4a7611107a43e8489d208bbb4866ffa68d95da0928af78a3dd7cf1bf93
373deb961a720e1e159bdafc2ab4e9ad0478f910034025f667c92e21dbd0a044
38226ef4c4f4558c9b3f34d86b4325786d4d27ab4ac9d95616e628ab0e52521d
3877a009c29d6544113f27118f4d44385da6d6703ff8d53ed031e6da71825888
3dac64a94fcc4eae3c54f1f12824e9b82bebbec1acb3cb8b908f4ecc1f90e578
3e50ec9bf9cd0bd36e6893758780613e45003ce16354ba6d3efff6e51edb6ef6
42d66f023bb368180a0b3fe8fb92af402514a0c335f3c16279c020398e6b9308
47e0d362a8eaa14f412baa47e2e6be04c9c65e479e6de1281fdb511611ac917e
4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98
4ad75e03b778cdde0407c388fd4606a531c03d8a7115ba26c36ddfaa0b80a2c5
4bb408a78beb4f02b5289339069a7d8ea6353d26834b5e0259509c8f8d8d75f9
4fdb2789e08860f01c985cc2d7d6133bcb5820c437bf76f5a82e88b121479b86
517d4417f1918881abb8b87e7be918ca95b9eb50de3a5ef4a46e2e39626aba7b
52594576579dee9defc0f23f35b99dc85f670032a4eb011486033b4da95841cf
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
564790a34f4bb222b6812e6c32b124320b3ccd5db9a922fcff71f72a4bd02673
5767504edc32715193265cf5d3b599a76184ee3dc0856d90915fff2474ee1b24
57b96a2c6ebb815ad47defc14076c1edf72ff3dc1b50e04911c0458630d8ccaf
59b6c9f2c6971abbcad2e331ab235df6fd62693258bad4c25d5b5396c6c7cd9f
5f9ecc527406b9b72bc3a9f4527892dcf842584b7e6aeb7ce816a4c7c8803954
612999f15d4c68749d64849c8fde74ed475f57a9696bb8de13a537af5c7b3527
61b2100a8748346132ab227b5cbb6710c66aa8ed5c6caf241e1d85e7bcc049bf
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64018c36747d449e570f24cab8b3c9d1e9ea794cf06a288e5adafff3da652ab3
65433b0e22ec641f96ad08e8d70ceec34168321e0994762914d110ce913718f7
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
672ace95a9ff08fd4323923191fafd7b76c9ede3ae21cc62724afb4dff985b24
6aa5844ad135353e46dc232fe26175ca0b49c9b5ae0fca001f03c06496c05c1a
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bc87dfab52f0ec81f96fc75f58e5d357898701e94fde529c10de11db7625ef7
6da76e0407ac20e5be7f38f73d9eae1ffc3bd492aa79769c9d900613db9b5dd5
714576ef1d7b58980b7658ae9b8b4d74a223fba87934dc442db4098873e179a3
71490518b000d62ca2e2d64cce8707a7fb90776da874eb02eed12e40f3350cc3
73bf56ea6f8351f43256926aca4e9fde6c2b6611d2d0a2e8b502333e9675529f
74629f7d3f6367a7fcec7e541f25fbec57fba2552fa7d41ed7f6b7af9e0849e3
75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070
76554d6b4c1fab49466d2fcbb7b3a5c9186964de360b2cac5be97f307ce4aa18
773ebb63199b0a3f8eb61439688b29b50516a745d17cb9227ba6b6afa36cdca7
77f5e031eefff035f726c707969ba6071cce707aa502d58aa7be42bb4af7fc8e
791e612349aed62a9516d58dd78dd4b6d4ff989934bc99075adb9c10287da2ee
792972a6b7f330144c0cf22b9c63f8efaff4665dfb2b43868d0cbbaff721d100
79bfb57ae767aa4d6ff454d85780b53b8b3c9c3c5407efa9a423e1d4b3a57603
7a5314559b244ee1d149577a0cd38e949afd8c05891ac9ff066c05916ce7699f
7aaa78bc1b01f0a951224964358a71ff90abc02b7492f64c88980a13f73dbf95
7cd7030765ac761d2d9f1a71728e5801860a4d91c36e74051ceb121237743136
7e83fe9975d2dd72d4a583fa4b72114cd7f17941a949a037fb961a11b12713e4
7f573b2edce0b3073451c72bda43d4ae913c43a4ce64d90e69ae2897aa89c1b1
7f5f2e26f64f54c9515ff82a2b3958ac46c438ebb3f53459a5fcb89cd03d49b9
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84832082edd30098694a82d30d83fea657ab39289a655e26a9a080d6c73ce6fb
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86bd644fe7df3d8a25c96f0390d85fcbbe612c1a5c9d12165b3bdf6991ec47a4
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
8994af594d5b44a2244155d9e567be672557846242b3c65ce86eaaeb652c3744
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8abec3cbedab47bb75f8d39609d43909430614b0988625729409118f3ba6e6b8
8ce00474eccffb0b1082392a553aebc5279bafc53137b9affe3be3a507e7197c
8dd3b91ca60e6a0486326c5c275590dd1d753240c2efa9f94730815813997fee
8e73a30d35c83ea6a597c3343324d2b7df097ad26e67b62efb5266ee12d317b5
8ea36d679c5c9dd3d5582d5f55c70ef4d7e3cf8d5360f8c45a637587483f6ee1
8fb8fc201a6f570ebfce0b3504f6da40f0976cd36c20e2983b6e5b172ebf56a0
8ff010926c781963aa59329983e6b4a7d4108151db014b34539fdc7e95434b44
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
93bbf507c6856f0455811573b7fe0161419e7691d52ccc1759eb89177b184061
972488e1cac62fa8e5f2fbdd3714a2fbdfee7a5f8a817331be2ba3a95e4bb0f4
973d6e263b708df291263bd059652e4716d9ad4bf51da9a87f26c3e4a5d7e4a0
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9d7667843315003196c81adfcd081e8b7bcc59babfff2b503e00cf0bf4f9629d
9fc647aa2ef1f6aa26e64231a4f860b77f8e5ca45ddb241de99581e1235df68d
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a691ce0fb054d5f2128394b9ad9c5961d7c0cdc1804bc83d6760df78ee304d7f
a72ee3b483fdcb212b243a4e684c497f598916becbe02e14b48fae84ff65504c
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7d5c1bfe43c8beefab2fa059f4fcaa029fcbbace9a672aae1dfe1ffb7d6976c
a8cebc2cb04ac75776e861a533e41ea0bd3b69d06f461cb78e086602dac603aa
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ab57099a74901db82b48617000c501bfcbad9d03dc660be639b3fb124ae374f2
ab913a87b721b324515eba65e3e6824a4eca503780e9deb7e4d375204c282e95
aec5ee5147fdc283bcb601dc6231c234d9bec077d32756aef2a75eeedf78038f
aff66da2e24f7833ec3ac1e7136c44b55c3ed0118957894c77eca728bd5fac50
b27bc4768c4299babb24e9953b06abb109dd75b5ee23d8aec2ae96d821363aa7
b2e6c00a45288868369ef6ac73eebb20af2b8a404f13a7a6d2ad2f3854282116
b394d33b2a7ec654a6b037ebfda6618341b3f897a362be624c923c2711b54a43
b530fdd5766c37515bb33566d4674ae5c5567ed8973d48fd366004c5c212dc70
b94ed570e00f5bba0eaed65da67bf6f2fc5e107446a682eb045f20dbd12ab0e8
baa7346a51ac22b01b0f63ef8be8a7b0946a67fbe68ccf2c8a783a769bad8870
baaffe9baa5494d0e6b005406165365e99725133e7a1ea1d0292f57dc5be3179
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bc963544c7b58831207820ca1f6aa75f0265843be105cab7b7c3744155616f3a
bd9072da49e87b2c3688527532eb51a54a6886366915be497e4e2de0c83e5859
bf0d8eaae1c5d97a327ea3bb90659b207bf15d403249634b604181fd82ecc427
bf4b80d75d372b22fefb1daed5d5d5113b8895af5d6f876a67dfaa07b6593c30
c0117e5b51a0f56d9da8a8677faa0cef607b306784f3334e9a4e003f3171a076
c1a812779f6809a6d1ae9a59824d3c629ac28da52b79b7c5d2a8494ca73e6313
c47d7a35c17ba5d48070458f909e0da78f86f76ae8a6039a0ebdc4c22318b6eb
c4a648b90b933da069c2324f7919ea7e313922f846864276c5f33bcc95506103
c7571d58fa40f74107002e9991f3b84ca5da3aef2f9f366a7ddc27afb9a90dc0
c8c9282bac0c52f3cb2d49215efe8727bb99da2e83220c8c7d40ddac223a39f3
c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6
c9fd8cf5de47bf7b6f2160006e2a30f43a2a6437ff93444e6ca9c732f544a6ff
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca63193ce799e4e00c9106349365981dc6e26cb77632ebf5df23dffba2aaccfa
cb33386457609ed59866c61e2d9b0d4f4c3c5c6e2c7401c0a0a9fd8f5ff0c951
cbcf722da0e822fa4b7af6e0f9f5abd5b5027c8a7ce366fee906eb84a6ec8bfb
cc200db20b472f3fbff4925ed24a4bc198ba443ae2be35db1b15d69bde5a400f
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ce43847a09e5b32264fd405cadb39468fa323414fb98a57cf90ca100ecc3f365
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d1cc38116e095a9f6be2ae98a439d78dae4ce2b3022905e8de4efb68b8276a97
d3fd91ee62256b439f81a02c678e02a4ac665a52642a475e1cec17e5959db19b
d64597e0f7fbfca465f7c2c3c9353a29d4746301632781083f45faed2dcc0b51
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d6a2db3e79fe9b07cd3d639778ab7a14c6b84fb1b8adb4bb7c4148a0ab070de0
d743cdeee5728b718b26ceffe8d06a4c8ff466355472b8596d087d53faca9476
da9cef05bb3578a7a64b84c5c60ffd0c825548b4dfb0096955cfc1ccc408205d
db1e8ca32d9160e5a98ebab86225e05e9b7557e38d27b0e30d994d4242aae414
dbc5a24f3b39d3bcf13a725f7b352f8ecc7f23672ff9b4832d2dbf4976bf04b2
dc41a2546e6b5e28ddf2602393ecf0337cf32b46eefecea182a5e3a08f1edaff
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
ded40bc9b131ce8d897e8319b65b204d44da586ca44e661f3acc33cb6438b1f4
e029f52d3ee7b5d529e43509e78c8aad836f222e32a308e61360e3fddcec6320
e084c8a87da9ce64e34972a1718ce788ea46bb7898330c73e1a7f2b6c9936d98
e09d7953d3c71ea19fce955fe5303047363350fb29f62d247a4fb2537dbc941d
e0bd93b8f04e67673a3398c9ded686d08e1dc1ad79a96b958ca573ae3d4ab0d6
e0f2bfbabb9841847f2a5b6e1a90ea85ed2cda2648ac0ced424a8e9769e38514
e22f124c889c38ab588d30d0c68d32a4c65cb8e0bddaa81ce011e7c53ac411bd
e24ce462b090fdbb38af89384909309483db1a66bc0d1ce4a5141c4864467868
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e2b2134adf52398755a5e6428ee95f6a6f99db6b82530f2b3e964c5be470cfe0
e36f39713469bd849c4e48f1b99cf3070003cd0613e5cfce4900c082427bf770
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8bc4e2d593bea6f6640df74d4c2be4a6a8a74047c0cfb437f1eb97fe7f48afc
e8bd6044578f524a466c53fa6636fe598ff060f30bb0f62999bbfd217de1d574
e907d3f2e9ab46e2d2959431618413d3cbe722b9761e406bf765d156b154f90b
e9b0da92167e3cff47f3d8c3747f1a34ce548757dadd75139a8aecd7ebc7a408
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2e3293c1558e5b49e30e1e094cfc3412ec386a68067aee04a92fc913f2c2ce
ef7915cf753934066d9f4218ee3eb174d1942572fd93443425e7ac952cba3d34
f01c0bb056018ce4ff8b87be39cfe730a10f4988667a0d3e559c145e493a8f83
f336a6da2e57a1dd5bcd42f29f901d5252438a16952e4577ebdb6e0871e812a0
f375aaa522232e786256e11ddb093a95c35026397d3967ba0b66dd427d833a2e
f820412f4f7f54413ebc4709e5cf4794d068d45004692771fb7b8823cc117a3c
f8853600f75988f9c7eadff8c841791ed037d018027ab20bf39ff4aa5bafcd97
fa3bcc93d1be83ac7d82cd6182d25741cdef5d016e40436266df12a50abbebc3
fcbd587432f5e88fc926d1cde0d375084b7f3e711f9ff34571dec52f70fb27cf
fd8027b53a97cbd5782e85c5908e563c39776703ff9279f50658e630927b4167