1plus1.ua Open in urlscan Pro
195.137.240.80 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://1plus1.ua/
Effective URL:
https://1plus1.ua/
Submission: On December 02 via api (December 2nd 2022, 12:25:12 am UTC) from GB — Scanned from GB

Summary HTTP 399 Redirects Links 32 Behaviour Indicators

Summary

This website contacted 100 IPs in 15 countries across 88 domains to perform 399 HTTP transactions. The main IP is 195.137.240.80, located in Ukraine and belongs to ASN-UNIAN, UA. The main domain is 1plus1.ua. The Cisco Umbrella rank of the primary domain is 933362.
TLS certificate: Issued by R3 on November 12th 2022. Valid for: 3 months.

This is the only time 1plus1.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	195.137.240.100 195.137.240.100	29389 (ASN-UNIAN) (ASN-UNIAN)
9	195.137.240.80 195.137.240.80	29389 (ASN-UNIAN) (ASN-UNIAN)
20	195.137.240.108 195.137.240.108	29389 (ASN-UNIAN) (ASN-UNIAN)
14	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
42	195.137.240.20 195.137.240.20	29389 (ASN-UNIAN) (ASN-UNIAN)
5	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
4	45.133.44.3 45.133.44.3	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
2	195.137.240.12 195.137.240.12	29389 (ASN-UNIAN) (ASN-UNIAN)
4	2a03:90c0:41:... 2a03:90c0:41:2801::62	199524 (GCORE) (GCORE)
1	13.225.78.14 13.225.78.14	16509 (AMAZON-02) (AMAZON-02)
16	195.137.240.21 195.137.240.21	29389 (ASN-UNIAN) (ASN-UNIAN)
1 8	54.37.238.28 54.37.238.28	16276 (OVH) (OVH)
1	194.247.175.38 194.247.175.38	196831 (BEMOBILE-AS) (BEMOBILE-AS)
4	194.247.175.19 194.247.175.19	196831 (BEMOBILE-AS) (BEMOBILE-AS)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
5	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	13.224.189.42 13.224.189.42	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
5	2001:4860:480... 2001:4860:4802:34::178	15169 (GOOGLE) (GOOGLE)
7	2a0c:5c81:514... 2a0c:5c81:5142::2	55081 (24SHELLS) (24SHELLS)
1	18.66.147.113 18.66.147.113	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	80.77.87.163 80.77.87.163	() ()
2 3	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1 2	51.83.220.94 51.83.220.94	16276 (OVH) (OVH)
1	62.149.1.122 62.149.1.122	15497 (COLOCALL ...) (COLOCALL Internet Data Center ColoCALL)
2 3	72.251.249.9 72.251.249.9	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
2	146.59.30.104 146.59.30.104	16276 (OVH) (OVH)
7	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
7	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
3	194.247.175.25 194.247.175.25	196831 (BEMOBILE-AS) (BEMOBILE-AS)
6	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
2	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	2a02:2638::24 2a02:2638::24	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	172.67.137.15 172.67.137.15	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	185.172.90.251 185.172.90.251	49981 (WORLDSTREAM) (WORLDSTREAM)
3	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	185.255.84.150 185.255.84.150	200271 (IGUANE-) (IGUANE-)
8	2602:803:c004... 2602:803:c004:200::140	26667 (RUBICONPR...) (RUBICONPROJECT)
2	51.75.86.98 51.75.86.98	16276 (OVH) (OVH)
1	147.75.85.234 147.75.85.234	54825 (PACKET) (PACKET)
1	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	146.0.227.110 146.0.227.110	20773 (GODADDY) (GODADDY)
2	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2006	15169 (GOOGLE) (GOOGLE)
3 3	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
6 23	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
6 8	37.157.4.29 37.157.4.29	198622 (ADFORM) (ADFORM)
2 2	104.18.33.19 104.18.33.19	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	185.86.137.122 185.86.137.122	201081 (SMARTADSE...) (SMARTADSERVER)
5 5	3.67.122.202 3.67.122.202	16509 (AMAZON-02) (AMAZON-02)
2	2a02:2638:1::2 2a02:2638:1::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638::b 2a02:2638::b	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 3	35.204.158.49 35.204.158.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
8	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
2	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
18	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.0.160 178.250.0.160	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a02:2638::c 2a02:2638::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a02:2638::21 2a02:2638::21	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 4	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	162.19.138.82 162.19.138.82	16276 (OVH) (OVH)
15	2606:4700:10:... 2606:4700:10::6816:1857	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	88.221.168.201 88.221.168.201	16625 (AKAMAI-AS) (AKAMAI-AS)
2	23.203.77.3 23.203.77.3	16625 (AKAMAI-AS) (AKAMAI-AS)
3 3	103.229.206.240 103.229.206.240	30419 (MEDIAMATH...) (MEDIAMATH-INC)
3	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	2620:116:800d... 2620:116:800d:21:b314:a0ef:ab7c:d546	16509 (AMAZON-02) (AMAZON-02)
1	162.19.138.119 162.19.138.119	16276 (OVH) (OVH)
2 3	185.89.211.12 185.89.211.12	29990 (ASN-APPNEX) (ASN-APPNEX)
3 4	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:400... 2a04:4e42:400::300	54113 (FASTLY) (FASTLY)
1	2600:1f18:659... 2600:1f18:6593:f601:611c:90e2:c181:1fe2	14618 (AMAZON-AES) (AMAZON-AES)
2 3	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	2a05:d018:24:... 2a05:d018:24:b001:f5c1:a58:c5c6:d8ee	16509 (AMAZON-02) (AMAZON-02)
2 2	3.248.125.109 3.248.125.109	16509 (AMAZON-02) (AMAZON-02)
2 3	54.78.254.47 54.78.254.47	16509 (AMAZON-02) (AMAZON-02)
2 2	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	34.111.131.239 34.111.131.239	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	185.86.137.110 185.86.137.110	201081 (SMARTADSE...) (SMARTADSERVER)
2	52.49.181.242 52.49.181.242	16509 (AMAZON-02) (AMAZON-02)
1 1	212.82.100.182 212.82.100.182	34010 (YAHOO-IRD) (YAHOO-IRD)
3 3	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
1 1	54.154.7.193 54.154.7.193	16509 (AMAZON-02) (AMAZON-02)
1	34.98.67.61 34.98.67.61	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	52.209.49.216 52.209.49.216	16509 (AMAZON-02) (AMAZON-02)
1	162.55.236.224 162.55.236.224	24940 (HETZNER-AS) (HETZNER-AS)
1	13.32.99.18 13.32.99.18	16509 (AMAZON-02) (AMAZON-02)
1 1	52.1.76.118 52.1.76.118	14618 (AMAZON-AES) (AMAZON-AES)
4 7	52.95.125.22 52.95.125.22	16509 (AMAZON-02) (AMAZON-02)
1	23.3.108.242 23.3.108.242	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	34.253.40.180 34.253.40.180	16509 (AMAZON-02) (AMAZON-02)
3 5	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
16	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	213.155.156.166 213.155.156.166	1299 (TWELVE99 ...) (TWELVE99 Arelion)
1	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	44.194.228.115 44.194.228.115	14618 (AMAZON-AES) (AMAZON-AES)
5 5	52.30.188.40 52.30.188.40	16509 (AMAZON-02) (AMAZON-02)
1 1	185.86.139.89 185.86.139.89	201081 (SMARTADSE...) (SMARTADSERVER)
1 1	198.148.27.139 198.148.27.139	19189 (PULSEPOINT) (PULSEPOINT)
1 1	35.214.223.115 35.214.223.115	15169 (GOOGLE) (GOOGLE)
1 2	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	195.5.165.20 195.5.165.20	44968 (IPROM-AS) (IPROM-AS)
2 2	213.19.147.44 213.19.147.44	3356 (LEVEL3) (LEVEL3)
1	5.161.54.172 5.161.54.172	213230 (HETZNER-C...) (HETZNER-CLOUD2-AS)
1 1	141.95.171.139 141.95.171.139	16276 (OVH) (OVH)
1 1	141.94.170.77 141.94.170.77	16276 (OVH) (OVH)
1	72.251.241.206 72.251.241.206	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
2	185.64.190.81 185.64.190.81	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	141.94.171.216 141.94.171.216	16276 (OVH) (OVH)
2 2	35.210.53.219 35.210.53.219	19527 (GOOGLE-2) (GOOGLE-2)
1 2	2a05:d018:d29... 2a05:d018:d29:3605:2eda:8ed6:2a73:2027	16509 (AMAZON-02) (AMAZON-02)
1	2a02:fa8:8806... 2a02:fa8:8806:20::2040	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1	66.155.71.150 66.155.71.150	13768 (COGECO-PEER1) (COGECO-PEER1)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1 1	159.65.194.197 159.65.194.197	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 1	34.102.253.54 34.102.253.54	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	185.89.210.46 185.89.210.46	29990 (ASN-APPNEX) (ASN-APPNEX)
2 3	52.46.128.147 52.46.128.147	16509 (AMAZON-02) (AMAZON-02)
4 4	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	198.47.127.20 198.47.127.20	() ()
399	100

1 195.137.240.100 (Ukraine) 1 redirects

ASN29389 (ASN-UNIAN, UA)
PTR: front03.1plus1.ua

1plus1.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 195.137.240.80 (Ukraine)

ASN29389 (ASN-UNIAN, UA)
PTR: front02.1plus1.ua

1plus1.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 195.137.240.108 (Ukraine)

ASN29389 (ASN-UNIAN, UA)
PTR: front03.1plus1.ua

1plus1.video	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.1plus1.video	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

42 195.137.240.20 (Ukraine)

ASN29389 (ASN-UNIAN, UA)
PTR: images.1plus1.ua

images.1plus1.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 45.133.44.3 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

player.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.137.240.12 (Ukraine)

ASN29389 (ASN-UNIAN, UA)
PTR: assay.1plus1.ua

assay.1plus1.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:90c0:41:2801::62 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)

cdn.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-14.fra2.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 195.137.240.21 (Ukraine)

ASN29389 (ASN-UNIAN, UA)
PTR: images.1plus1.ua

images.1plus1.video	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 54.37.238.28 (Poland) 1 redirects

ASN16276 (OVH, FR)
PTR: ip28.ip-54-37-238.eu

gaua.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 194.247.175.38 (Ukraine)

ASN196831 (BEMOBILE-AS, UA)

source.mmi.bemobile.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 194.247.175.19 (Ukraine)

ASN196831 (BEMOBILE-AS, UA)

pa.tns-ua.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.189.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-42.fra2.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2001:4860:4802:34::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a0c:5c81:5142::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)

ghb.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ghb1.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ghb2.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-113.fra60.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.77.87.163 (None, )

ASN- ()

cs.admanmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.248.245.213 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.83.220.94 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: app-ngx-pl-03.adpartner.pro

a4p.adpartner.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 62.149.1.122 (Vyshhorod, Ukraine)

ASN15497 (COLOCALL Internet Data Center ColoCALL, UA)

sync.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 72.251.249.9 (Amsterdam, Netherlands) 2 redirects

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 146.59.30.104 (France)

ASN16276 (OVH, FR)
PTR: ip104.ip-146-59-30.eu

ls.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 194.247.175.25 (Ukraine)

ASN196831 (BEMOBILE-AS, UA)

sslpagestat.mmi.bemobile.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::24 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.137.15 (United States)

ASN13335 (CLOUDFLARENET, US)

ads.adnuntius.delivery	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.172.90.251 (Naaldwijk, Netherlands) 1 redirects

ASN49981 (WORLDSTREAM, NL)
PTR: ads.us.e-plannning.net

pbjs.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

adtelligent-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.150 (France)

ASN200271 (IGUANE-, FR)

hb-api.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2602:803:c004:200::140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.75.86.98 (France)

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.85.234 (Schiphol, Netherlands)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.0.227.110 (Ascension Island)

ASN20773 (GODADDY, DE)

inv-nets.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.194.49 (United States) 3 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 142.250.185.66 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 37.157.4.29 (Denmark) 6 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.33.19 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.137.122 (France)

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.67.122.202 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-67-122-202.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::b (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.204.158.49 (Groningen, Netherlands) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.160 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:2638::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638::21 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638::1c (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.19.138.82 (France)

ASN16276 (OVH, FR)
PTR: ns31532337.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 88.221.168.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-168-201.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.203.77.3 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-77-3.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 103.229.206.240 (Singapore) 3 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:b314:a0ef:ab7c:d546 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.119 (France)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.211.12 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.227.248.159 (Kansas City, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::300 (United States)

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:6593:f601:611c:90e2:c181:1fe2 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dmp.v.fwmrm.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.190.78 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:24:b001:f5c1:a58:c5c6:d8ee (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

sync.tidaltv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.248.125.109 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-125-109.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.78.254.47 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com

loadeu.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
loada.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.114.159.93 (Tuttlingen, Germany) 2 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.131.239 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com

idsync.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.137.110 (France) 2 redirects

ASN201081 (SMARTADSERVER, FR)

sync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.49.181.242 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-181-242.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.182 (Dublin, Ireland) 1 redirects

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.156.0.31 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.154.7.193 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-7-193.eu-west-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.209.49.216 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-49-216.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.55.236.224 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.224.236.55.162.clients.your-server.de

sync.richaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-18.fra60.r.cloudfront.net

engine.widespace.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.1.76.118 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-1-76-118.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.95.125.22 (Dublin, Ireland) 4 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.3.108.242 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-3-108-242.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.253.40.180 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-40-180.eu-west-1.compute.amazonaws.com

obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 69.173.144.139 (Frankfurt am Main, Germany) 3 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.166 (Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-166.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.194.228.115 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-194-228-115.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.30.188.40 (Dublin, Ireland) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-188-40.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.89 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.139 (New York, United States) 1 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.214.223.115 (Groningen, Netherlands) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 115.223.214.35.bc.googleusercontent.com

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:19ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)

core.iprom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.19.147.44 (United Kingdom) 2 redirects

ASN3356 (LEVEL3, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.161.54.172 (Germany)

ASN213230 (HETZNER-CLOUD2-AS, DE)
PTR: static.172.54.161.5.clients.your-server.de

matching.truffle.bid	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.171.139 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: bixel-5.cloudy.ovh

green.erne.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.94.170.77 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: pikafka-eu-6.cloudy.ovh

pixel-eu.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.251.241.206 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.94.171.216 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: pikafka-eu-10.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.210.53.219 (Brussels, Belgium) 2 redirects

ASN19527 (GOOGLE-2, US)
PTR: 219.53.210.35.bc.googleusercontent.com

pool.admedo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:d29:3605:2eda:8ed6:2a73:2027 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:20::2040 (Singapore)

ASN41041 (VCLK-EU-SE, US)

pubmatic-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.155.71.150 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.65.194.197 (Amsterdam, Netherlands) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

match.adsby.bidtheatre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.253.54 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com

ads.playground.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.89.210.46 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.46.128.147 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.138 (Frankfurt am Main, Germany) 4 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.20 (None, )

ASN- ()

simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
54	1plus1.ua 1 redirects 1plus1.ua — Cisco Umbrella Rank: 933362 images.1plus1.ua assay.1plus1.ua	2 MB
36	1plus1.video 1plus1.video — Cisco Umbrella Rank: 253476 api.1plus1.video — Cisco Umbrella Rank: 301418 images.1plus1.video — Cisco Umbrella Rank: 759904	1 MB
33	doubleclick.net 6 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 189 stats.g.doubleclick.net — Cisco Umbrella Rank: 73 cm.g.doubleclick.net — Cisco Umbrella Rank: 194	214 KB
32	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 101 f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 139	336 KB
27	criteo.net static.criteo.net — Cisco Umbrella Rank: 626 pix.eu.criteo.net — Cisco Umbrella Rank: 7558 csm.eu.criteo.net — Cisco Umbrella Rank: 7664	269 KB
27	pubmatic.com 2 redirects hbopenbid.pubmatic.com — Cisco Umbrella Rank: 479 ads.pubmatic.com — Cisco Umbrella Rank: 474 image6.pubmatic.com — Cisco Umbrella Rank: 658 simage2.pubmatic.com — Cisco Umbrella Rank: 611 image2.pubmatic.com — Cisco Umbrella Rank: 815 image4.pubmatic.com — Cisco Umbrella Rank: 843 simage4.pubmatic.com	46 KB
19	rubiconproject.com 7 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 473 eus.rubiconproject.com — Cisco Umbrella Rank: 558 pixel.rubiconproject.com — Cisco Umbrella Rank: 292 token.rubiconproject.com — Cisco Umbrella Rank: 540	24 KB
16	criteo.com 2 redirects bidder.criteo.com — Cisco Umbrella Rank: 719 rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 11639 ads.eu.criteo.com — Cisco Umbrella Rank: 7505 cat.fr.eu.criteo.com — Cisco Umbrella Rank: 9402 gum.criteo.com — Cisco Umbrella Rank: 384 mug.criteo.com — Cisco Umbrella Rank: 2665 dis.criteo.com — Cisco Umbrella Rank: 628	101 KB
16	gstatic.com www.gstatic.com fonts.gstatic.com	789 KB
15	zeotap.com spl.zeotap.com — Cisco Umbrella Rank: 2662 mwzeom.zeotap.com — Cisco Umbrella Rank: 2291	4 KB
12	adtelligent.com player.adtelligent.com — Cisco Umbrella Rank: 6255 ghb.adtelligent.com — Cisco Umbrella Rank: 5787 sync.adtelligent.com — Cisco Umbrella Rank: 3965 ghb1.adtelligent.com — Cisco Umbrella Rank: 7211 ghb2.adtelligent.com — Cisco Umbrella Rank: 9480	149 KB
11	google.com adservice.google.com — Cisco Umbrella Rank: 70 www.google.com — Cisco Umbrella Rank: 2	4 KB
10	amazon-adsystem.com 6 redirects aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 874 s.amazon-adsystem.com — Cisco Umbrella Rank: 270	7 KB
10	gemius.pl 1 redirects gaua.hit.gemius.pl — Cisco Umbrella Rank: 66190 ls.hit.gemius.pl — Cisco Umbrella Rank: 12532	47 KB
9	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 37 imasdk.googleapis.com — Cisco Umbrella Rank: 437	351 KB
8	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 307	2 KB
8	adform.net 6 redirects c1.adform.net — Cisco Umbrella Rank: 596 dmp.adform.net — Cisco Umbrella Rank: 3654	4 KB
6	yahoo.com 5 redirects cms.analytics.yahoo.com — Cisco Umbrella Rank: 804 ups.analytics.yahoo.com — Cisco Umbrella Rank: 272 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 434	3 KB
6	openx.net adtelligent-d.openx.net — Cisco Umbrella Rank: 24650 eu-u.openx.net — Cisco Umbrella Rank: 1820 us-u.openx.net — Cisco Umbrella Rank: 399	2 KB
5	bidr.io 5 redirects match.prod.bidr.io — Cisco Umbrella Rank: 482	2 KB
5	bidswitch.net 5 redirects x.bidswitch.net — Cisco Umbrella Rank: 274	2 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	59 KB
5	admixer.net cdn.admixer.net — Cisco Umbrella Rank: 41283 inv-nets.admixer.net — Cisco Umbrella Rank: 2589	85 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 48	237 KB
4	tapad.com 3 redirects pixel.tapad.com — Cisco Umbrella Rank: 402	1 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 204 secure.adnxs.com — Cisco Umbrella Rank: 407	3 KB
4	smartadserver.com 3 redirects ssbsync.smartadserver.com — Cisco Umbrella Rank: 846 sync.smartadserver.com — Cisco Umbrella Rank: 1379 rtb-csync.smartadserver.com — Cisco Umbrella Rank: 539	2 KB
4	google.co.uk adservice.google.co.uk — Cisco Umbrella Rank: 5290 www.google.co.uk — Cisco Umbrella Rank: 3337	2 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 182	170 KB
4	tns-ua.com pa.tns-ua.com — Cisco Umbrella Rank: 104619	4 KB
4	bemobile.ua source.mmi.bemobile.ua — Cisco Umbrella Rank: 306057 sslpagestat.mmi.bemobile.ua — Cisco Umbrella Rank: 302484	20 KB
3	onaudience.com 3 redirects pixel-eu.onaudience.com — Cisco Umbrella Rank: 13034 pixel.onaudience.com — Cisco Umbrella Rank: 2615	2 KB
3	krxd.net 1 redirects beacon.krxd.net — Cisco Umbrella Rank: 536 usermatch.krxd.net — Cisco Umbrella Rank: 1240	942 B
3	exelator.com 2 redirects loadeu.exelator.com — Cisco Umbrella Rank: 7284 loada.exelator.com — Cisco Umbrella Rank: 26010	2 KB
3	mathtag.com 3 redirects sync.mathtag.com — Cisco Umbrella Rank: 442	2 KB
3	simpli.fi 2 redirects um.simpli.fi — Cisco Umbrella Rank: 749	2 KB
3	everesttech.net 3 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 547	1 KB
3	lijit.com 2 redirects ap.lijit.com — Cisco Umbrella Rank: 592	2 KB
3	3lift.com 2 redirects eb2.3lift.com — Cisco Umbrella Rank: 333	1 KB
3	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 638 script.hotjar.com — Cisco Umbrella Rank: 778 vars.hotjar.com — Cisco Umbrella Rank: 823	72 KB
2	admedo.com 2 redirects pool.admedo.com — Cisco Umbrella Rank: 4891	746 B
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 502	1 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 763 s.tribalfusion.com — Cisco Umbrella Rank: 1855	1 KB
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 4413	562 B
2	crwdcntrl.net bcp.crwdcntrl.net — Cisco Umbrella Rank: 853 sync.crwdcntrl.net — Cisco Umbrella Rank: 706	530 B
2	weborama.fr 2 redirects idsync.frontend.weborama.fr — Cisco Umbrella Rank: 25183	680 B
2	adition.com 2 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1387	1 KB
2	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 190	2 KB
2	tidaltv.com 2 redirects sync.tidaltv.com — Cisco Umbrella Rank: 1331	751 B
2	quantserve.com 2 redirects cms.quantserve.com — Cisco Umbrella Rank: 629	986 B
2	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 447	1 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 203	10 KB
2	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 1689	293 B
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 419	2 KB
2	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 739	356 B
2	e-planning.net 1 redirects pbjs.e-planning.net — Cisco Umbrella Rank: 7217	2 KB
2	adpartner.pro 1 redirects a4p.adpartner.pro — Cisco Umbrella Rank: 9294	509 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 134	89 KB
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 355	706 B
1	playground.xyz 1 redirects ads.playground.xyz — Cisco Umbrella Rank: 3013	463 B
1	bidtheatre.com 1 redirects match.adsby.bidtheatre.com — Cisco Umbrella Rank: 1800	555 B
1	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 707	518 B
1	sitescout.com pixel-sync.sitescout.com — Cisco Umbrella Rank: 581	191 B
1	dotomi.com pubmatic-match.dotomi.com — Cisco Umbrella Rank: 2384	104 B
1	adgrx.com cm.adgrx.com — Cisco Umbrella Rank: 1211	283 B
1	erne.co 1 redirects green.erne.co — Cisco Umbrella Rank: 15990	367 B
1	truffle.bid matching.truffle.bid — Cisco Umbrella Rank: 4906
1	iprom.net core.iprom.net — Cisco Umbrella Rank: 4665	277 B
1	loopme.me 1 redirects csync.loopme.me — Cisco Umbrella Rank: 738	245 B
1	contextweb.com 1 redirects bh.contextweb.com — Cisco Umbrella Rank: 523	552 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 668	621 B
1	imrworldwide.com 1 redirects obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com — Cisco Umbrella Rank: 44770	214 B
1	bluekai.com tags.bluekai.com — Cisco Umbrella Rank: 475	145 B
1	widespace.com engine.widespace.com — Cisco Umbrella Rank: 64557	208 B
1	richaudience.com sync.richaudience.com — Cisco Umbrella Rank: 1809	359 B
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 873	356 B
1	agkn.com 1 redirects aa.agkn.com — Cisco Umbrella Rank: 423	527 B
1	fwmrm.net dmp.v.fwmrm.net — Cisco Umbrella Rank: 9905	411 B
1	taboola.com trc.taboola.com — Cisco Umbrella Rank: 645	165 B
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1173	396 B
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 267	17 KB
1	creativecdn.com prebid-eu.creativecdn.com — Cisco Umbrella Rank: 6224	172 B
1	a-mo.net prebid.a-mo.net — Cisco Umbrella Rank: 889	270 B
1	omnitagjs.com hb-api.omnitagjs.com — Cisco Umbrella Rank: 3596	525 B
1	adnuntius.delivery ads.adnuntius.delivery — Cisco Umbrella Rank: 36829	2 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	185 B
1	admanmedia.com cs.admanmedia.com	189 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 859	696 B
399	88

	Domain	Requested by
42	images.1plus1.ua	1plus1.ua
23	cm.g.doubleclick.net	6 redirects 1plus1.ua f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com eu-u.openx.net spl.zeotap.com
18	static.criteo.net	ads.eu.criteo.com player.adtelligent.com static.criteo.net
16	images.1plus1.video	1plus1.ua
14	mwzeom.zeotap.com	spl.zeotap.com
14	tpc.googlesyndication.com	1plus1.ua f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com
14	pagead2.googlesyndication.com	1plus1.ua pagead2.googlesyndication.com f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com www.googletagservices.com tpc.googlesyndication.com
12	api.1plus1.video	1plus1.ua api.1plus1.video 1plus1.video client imasdk.googleapis.com
11	simage2.pubmatic.com	ads.pubmatic.com
10	fonts.gstatic.com	fonts.googleapis.com
10	1plus1.ua	1 redirects 1plus1.ua
8	match.adsrvr.org	f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com eu-u.openx.net spl.zeotap.com ads.pubmatic.com 1plus1.ua
8	fastlane.rubiconproject.com	player.adtelligent.com
8	gaua.hit.gemius.pl	1 redirects 1plus1.ua gaua.hit.gemius.pl 1plus1.video
8	1plus1.video	1plus1.ua 1plus1.video
7	aax-eu.amazon-adsystem.com	4 redirects spl.zeotap.com ads.pubmatic.com 1plus1.ua
7	c1.adform.net	6 redirects ads.pubmatic.com
7	fonts.googleapis.com	api.1plus1.video f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com 1plus1.ua cdnjs.cloudflare.com
7	www.google.com	api.1plus1.video 1plus1.ua f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com tpc.googlesyndication.com
7	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net 1plus1.ua
6	pix.eu.criteo.net	ads.eu.criteo.com
6	www.gstatic.com	www.google.com 1plus1.ua f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com
5	match.prod.bidr.io	5 redirects
5	image2.pubmatic.com	ads.pubmatic.com
5	pixel.rubiconproject.com	3 redirects 1plus1.ua
5	x.bidswitch.net	5 redirects
5	ghb.adtelligent.com	player.adtelligent.com
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
5	www.googletagmanager.com	1plus1.ua 1plus1.video
4	token.rubiconproject.com	4 redirects
4	pixel.tapad.com	3 redirects spl.zeotap.com
4	gum.criteo.com	2 redirects static.criteo.net
4	f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net imasdk.googleapis.com
4	www.googletagservices.com	1plus1.ua f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com
4	pa.tns-ua.com	1plus1.ua source.mmi.bemobile.ua pa.tns-ua.com
4	cdn.admixer.net	1plus1.ua cdn.admixer.net
4	player.adtelligent.com	1plus1.ua player.adtelligent.com
3	s.amazon-adsystem.com	2 redirects 1plus1.ua
3	ups.analytics.yahoo.com	3 redirects
3	image6.pubmatic.com	2 redirects ads.pubmatic.com
3	ib.adnxs.com	2 redirects spl.zeotap.com
3	sync.mathtag.com	3 redirects
3	eu-u.openx.net	player.adtelligent.com eu-u.openx.net
3	ads.pubmatic.com	player.adtelligent.com ads.pubmatic.com
3	mug.criteo.com	1plus1.ua
3	csm.eu.criteo.net	ads.eu.criteo.com
3	um.simpli.fi	2 redirects ads.pubmatic.com
3	sync-tm.everesttech.net	3 redirects
3	sslpagestat.mmi.bemobile.ua	source.mmi.bemobile.ua
3	ap.lijit.com	2 redirects 1plus1.ua
3	eb2.3lift.com	2 redirects player.adtelligent.com
3	adservice.google.co.uk	pagead2.googlesyndication.com securepubads.g.doubleclick.net
2	pr-bh.ybp.yahoo.com	1 redirects ads.pubmatic.com
2	pool.admedo.com	2 redirects
2	loada.exelator.com	2 redirects
2	pixel.onaudience.com	2 redirects
2	image4.pubmatic.com	ads.pubmatic.com
2	sync.1rx.io	2 redirects
2	d5p.de17a.com	2 redirects
2	beacon.krxd.net	spl.zeotap.com
2	sync.smartadserver.com	2 redirects
2	idsync.frontend.weborama.fr	2 redirects
2	dsp.adfarm1.adition.com	2 redirects
2	dpm.demdex.net	2 redirects
2	sync.tidaltv.com	2 redirects
2	us-u.openx.net	eu-u.openx.net
2	cms.quantserve.com	2 redirects
2	eus.rubiconproject.com	player.adtelligent.com eus.rubiconproject.com
2	id5-sync.com	player.adtelligent.com
2	cdnjs.cloudflare.com	ads.eu.criteo.com
2	cat.fr.eu.criteo.com	ads.eu.criteo.com
2	tr.blismedia.com	f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com
2	ads.eu.criteo.com	f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com
2	rtb.nl.eu.criteo.com	1plus1.ua
2	ssum-sec.casalemedia.com	2 redirects
2	imasdk.googleapis.com	1plus1.video imasdk.googleapis.com
2	onetag-sys.com	player.adtelligent.com
2	pbjs.e-planning.net	1 redirects 1plus1.ua
2	bidder.criteo.com	player.adtelligent.com
2	hbopenbid.pubmatic.com	player.adtelligent.com
2	ls.hit.gemius.pl	gaua.hit.gemius.pl
2	a4p.adpartner.pro	1 redirects player.adtelligent.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	connect.facebook.net	1plus1.ua connect.facebook.net
2	assay.1plus1.ua	1plus1.ua
1	simage4.pubmatic.com	ads.pubmatic.com
1	px.ads.linkedin.com	1plus1.ua
1	secure.adnxs.com	1 redirects
1	ads.playground.xyz	1 redirects
1	match.adsby.bidtheatre.com	1 redirects
1	ad.turn.com	1 redirects
1	pixel-sync.sitescout.com	ads.pubmatic.com
1	pubmatic-match.dotomi.com	ads.pubmatic.com
1	cm.adgrx.com	ads.pubmatic.com
1	sync.crwdcntrl.net	ads.pubmatic.com
1	pixel-eu.onaudience.com	1 redirects
1	green.erne.co	1 redirects
1	matching.truffle.bid	ads.pubmatic.com
1	core.iprom.net	ads.pubmatic.com
1	s.tribalfusion.com	ads.pubmatic.com
1	a.tribalfusion.com	1 redirects
1	csync.loopme.me	1 redirects
1	bh.contextweb.com	1 redirects
1	rtb-csync.smartadserver.com	1 redirects
1	sync.srv.stackadapt.com	1 redirects
1	dis.criteo.com	ads.pubmatic.com
1	obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com	1 redirects
1	tags.bluekai.com	spl.zeotap.com
1	usermatch.krxd.net	1 redirects
1	engine.widespace.com	spl.zeotap.com
1	sync.richaudience.com	spl.zeotap.com
1	odr.mookie1.com	spl.zeotap.com
1	aa.agkn.com	1 redirects
1	cms.analytics.yahoo.com	1 redirects
1	bcp.crwdcntrl.net	spl.zeotap.com
1	loadeu.exelator.com	spl.zeotap.com
1	dmp.v.fwmrm.net	spl.zeotap.com
1	trc.taboola.com	spl.zeotap.com
1	dmp.adform.net	spl.zeotap.com
1	lb.eu-1-id5-sync.com	player.adtelligent.com
1	spl.zeotap.com	player.adtelligent.com
1	ssbsync.smartadserver.com	f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com
1	s0.2mdn.net	imasdk.googleapis.com
1	ghb2.adtelligent.com	player.adtelligent.com
1	ghb1.adtelligent.com	player.adtelligent.com
1	inv-nets.admixer.net	player.adtelligent.com
1	prebid-eu.creativecdn.com	player.adtelligent.com
1	prebid.a-mo.net	player.adtelligent.com
1	hb-api.omnitagjs.com	player.adtelligent.com
1	adtelligent-d.openx.net	player.adtelligent.com
1	ads.adnuntius.delivery	player.adtelligent.com
1	www.google.co.uk	1plus1.ua
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.facebook.com	1plus1.ua
1	sync.adtelligent.com	1plus1.ua
1	cs.admanmedia.com	player.adtelligent.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	source.mmi.bemobile.ua	1plus1.ua
1	static.hotjar.com	1plus1.ua
399	142

This site contains links to these domains. Also see Links.

Domain
1plus1.video
www.facebook.com
t.me
instagram.com
poshuk.1plus1.ua
dovgadoba.1plus1.ua
images.1plus1.ua
tsn.ua
plus-plus.tv
2plus2.ua
tet.tv
1plus1.international
bigudi.tv
www.unian.net
paramountcomedy.com.ua
tv.kyivstar.ua
media.1plus1.ua
sales.1plus1.digital

Subject Issuer	Validity	Valid
1plus1.ua R3	`2022-11-12` - `2023-02-10`	3 months	crt.sh
*.1plus1.video Go Daddy Secure Certificate Authority - G2	`2022-07-13` - `2023-08-14`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
images.1plus1.ua R3	`2022-10-14` - `2023-01-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
player.adtelligent.com R3	`2022-11-18` - `2023-02-16`	3 months	crt.sh
assay.1plus1.ua R3	`2022-11-10` - `2023-02-08`	3 months	crt.sh
*.admixer.net Sectigo RSA Domain Validation Secure Server CA	`2022-06-08` - `2023-06-21`	a year	crt.sh
*.hotjar.com Amazon	`2022-10-25` - `2023-11-23`	a year	crt.sh
*.hit.gemius.pl Sectigo ECC Domain Validation Secure Server CA	`2022-09-13` - `2023-09-25`	a year	crt.sh
*.mmi.bemobile.ua Sectigo RSA Domain Validation Secure Server CA	`2022-01-14` - `2023-02-03`	a year	crt.sh
juke.mmi.tns-ua.com R3	`2022-10-03` - `2023-01-01`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-09-10` - `2022-12-09`	3 months	crt.sh
ghb.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2022-10-04` - `2023-01-02`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google.co.uk GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.admanmedia.com Go Daddy Secure Certificate Authority - G2	`2022-04-21` - `2023-05-23`	a year	crt.sh
*.3lift.com Amazon	`2022-05-13` - `2023-06-11`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2022-06-27` - `2023-06-05`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
www.google.co.uk GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-31` - `2023-01-26`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-30` - `2023-05-30`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-21` - `2023-07-21`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-10` - `2023-01-03`	a year	crt.sh
*.a-mo.net R3	`2022-09-05` - `2022-12-04`	3 months	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-17` - `2023-04-12`	a year	crt.sh
ghb1.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2022-10-07` - `2023-01-05`	3 months	crt.sh
adpartner.pro R3	`2022-11-29` - `2023-02-27`	3 months	crt.sh
ghb2.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2022-10-07` - `2023-01-05`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-10` - `2023-01-10`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-14` - `2023-01-13`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2022-10-16` - `2023-01-14`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-11-08` - `2023-02-04`	3 months	crt.sh
*.fr.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-27` - `2022-12-29`	3 months	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-11-01` - `2023-02-04`	3 months	crt.sh
*.id5-sync.com R3	`2022-11-09` - `2023-02-07`	3 months	crt.sh
*.eu-1-id5-sync.com R3	`2022-11-09` - `2023-02-07`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
*.v.fwmrm.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-09` - `2023-12-10`	a year	crt.sh
*.exelator.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-08` - `2023-06-10`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2022-05-01` - `2023-06-02`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-24` - `2023-03-27`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2022-10-20` - `2023-10-19`	a year	crt.sh
*.richaudience.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-11` - `2023-03-10`	a year	crt.sh
widespace.com Amazon	`2022-02-23` - `2023-03-24`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-26` - `2023-03-01`	a year	crt.sh
aax-eu.amazon-adsystem.com Amazon	`2022-07-20` - `2023-07-19`	a year	crt.sh
*.iprom.net R3	`2022-09-13` - `2022-12-12`	3 months	crt.sh
truffle.bid R3	`2022-10-03` - `2023-01-01`	3 months	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-01` - `2023-03-28`	a year	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2022-11-07` - `2023-12-08`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-11-08` - `2023-05-03`	6 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
*.sitescout.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-15` - `2023-01-15`	a year	crt.sh

This page contains 50 frames:

Primary Page: https://1plus1.ua/
Frame ID: 6B056713CF85326C5169094F07A9027B
Requests: 156 HTTP requests in this frame

Frame: https://1plus1.video/video/embed/E2fzXbha?autoplay=0&l=ua
Frame ID: 2C8F23C2ED30CC48B4F3669274493C53
Requests: 44 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
Frame ID: 1E198F9297002089942C25604DCCE663
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html
Frame ID: 1F6914A5E117BA6AFD475B706E23BC43
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7632246187727089&output=html&adk=1812271804&adf=3025194257&lmt=1669940705&plat=1%3A16777216%2C2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2F1plus1.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669940704850&bpp=3&bdt=599&idt=175&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8386076655232&frm=20&pv=2&ga_vid=717394687.1669940705&ga_sid=1669940705&ga_hid=145733559&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774648%2C42531705%2C44774652%2C44777506%2C44770881%2C31065825&oid=2&pvsid=819107935438855&tmod=1266487736&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=193
Frame ID: 86C118290AA1C639719F9F3892817D87
Requests: 1 HTTP requests in this frame

Frame: https://cs.admanmedia.com/981e2a0ec1c40493e59b139b8db4f728.gif?puid=[UID]&redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D737612%26extuid%3D%5BUID%5D
Frame ID: D9855A6A53F3D96C6E386E6222A3126F
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D738167%26extuid%3D%24UID
Frame ID: 05FEE90A48124926E14534969806416F
Requests: 1 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: AEE384E5F32709B52E7329D812095612
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/51428/c.html?b=51428
Frame ID: 180E9E28A938FC891CBAC22F729EE299
Requests: 1 HTTP requests in this frame

Frame: https://pa.tns-ua.com/viewability/cm.html
Frame ID: BC09FD1A47F312C7797855B2050D5847
Requests: 1 HTTP requests in this frame

Frame: https://f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 2851E4B15B571E60A8887DEDE4FA9C1B
Requests: 1 HTTP requests in this frame

Frame: https://f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: FD92B85A734B59062E9FA9CDD072A448
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Frame ID: DC51220CB9E4267904D90604E9DC0FD0
Requests: 8 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: F62B0FCB9692D4110CCCFA722E5D3C6A
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.547.0_uk.html
Frame ID: A54BA0DAA5B99DFECF5F7979349AE7C7
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 07AB003FD43E6D51C9D6B378E3DABD3D
Requests: 9 HTTP requests in this frame

Frame: https://f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4E3515C3EBEF922F82B5F4CFEF6A9BB4
Requests: 8 HTTP requests in this frame

Frame: https://f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F91B175CC2EE53F0E3B39462B9BF5B99
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
Frame ID: 60AE21C45607C346244809604DA9B828
Requests: 1 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y4lF4gAIax0K4BixAAXgYs15agP7qUE_69C7Xg&u=%7CWhVuv7W5oSbJabk%2F3mdjCh8NMVCxNexhcK%2FxnivcquQ%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ66URtX1gfQsB7PXt8PBrVICWZYsqhnD-SCGuuGj9HePzfqrp3FK16JgnSdNFhPFcrg-GnYlgAksr9Bl35yWIwaHVw2wy5KNDUZlHy1c5rivEMaBEMOdBuzcOAP3GWmuKprte1l2nkz9ynUu_bvjFx4tJcE_DfVh5_DeMe7AZg4GYRlhTX29QYpcum5QVjAizyMDhTfbsvcRHNVwj9XPpIppx4QBow1cCn0cGe2kJ21v-nYZQK7bYVbmjWx10fiIXnsQ5OkR6AlPKK40j6Zu0m25GtnvHwVletuuS62OALgpMrCVjXWfio9jWNBuWlCyU3N0cJaxV9XtgiMbFM5xQRbcdW0E1HEhEhqhd9Y3_C6q0Zi8jh_UaRC28Gq3WF6hmNvif0HjGPU2qZy3nNLJW1Pz6kX4XyXGCJWW49u_ZVFETbRdYEikxSBluSstDz0ZNNUhZ-m3DQjqhdxXsqkxD7qdzeQsn3Ep1XDoUvdrIuhG3eqRkZkoNRVVq-dfCxSf9VQRFdAgsd4Uf4F6AlYDlY2C5mpFrWZjmcspOE99U-QNuryhZxz5g77woGutTB69fdqJq25UbNJhSgRDIUE41BZ8OuLAcUYQgb&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeeua4kWJY53WIbGxgAfiwJfADeSP0rFcp5LhiIgBwI23ARABIABgu4aAgNAKggEXY2EtcHViLTkxMzgyNDc2NTM3NTQ1MzPIAQmpAl4u4D5Ai7Q-4AIAqAMBqgTsAU_QBTCudInmgJ2G7p9h-qcvISh8d1NUpl-Z-YE4EGgAzFyilQEvmZMvTd3xbUoWsltiDR4Ebstf0yvzgMT1d6wrbNGImguprhe1MOyU-sIvq3z_5rkivSThagNxRyOKIF5KitXyHfvcLEk0iGgOj7cPqUuxqv_OdINcLcL0zDA8pDOdFP51PWK74BN-EDtt8i0ubAlvXWm-aBFOPUGziveoEaWmfbzD8AmwgMI2JL0H6p954gobE66eSg9FO0O4OlvQpfJpSZG5lM2_d_IpoNcn2nBS60srmTKTLodwC4s0oK5n6bDZZtssirDS4AQBgAbNusrh_py5zEGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2ycWUc7hOyfPZtOhVsLi6hlcTCrw%26client%3Dca-pub-9138247653754533%26adurl%3D
Frame ID: CA6ADA4070404C87F4815EDDD2860484
Requests: 20 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6A102CFD2BC3E51B3597D56BDED681A6
Requests: 6 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y4lF4gAIaxwK4BixAAXgYnsqO8ayJvrYHmbKVA&u=%7CWhVuv7W5oSZFomS0aAAZSLJ7WZhJy8bmaCHi%2F%2F9bAfM%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ66URtX1gfQsB7PXt8PBrVICWZYsqhnD-SCGuuGj9HePzfqrp3FK16JmvL_GiJ0vDQDXpQzBIMlesBNwmAvmetDHn45adG7WJmjsQQLlc7iL_fyY2TR0aqXu5qPnJeHTS4Ls_IyqDvodqzUcE_ua-0jhP4hWw-60KUxj-KoInCDOn4EIqbnKgFfF019TzHbMxqbabp6giictUAFrE92CDlh4-jvol52BQcUFXSZ2nF5gemI466Kk_LE7s8i8FJGgyzt6VitH3CC_abxJiz_CaOI3uBZLO6n145-yKQFZdqFAbt4BIh09T5L7t_oA1U23Lu53ofDD9rL5QqDEsNU7vUMs044tr8k_Ho8eDYlwn_5qqPpPd3xt3MzrVeWo7C6dRtBGvvKdCfeK5ntmAovJR-Jsiyu286koYzDtVUzKIeXRjHYGOcDGB6QQHPaNePq61zK0HXPVwtexG7vy-F841tB0YlpBsqCoL4_D56RU-6-V2iMK6k6GllzH_GymiYdc0sUmDRPXhQXtLhpCRvgYEaebyuNtLdHij2yWXknaqepT3nkJ3jCTqRd5e8_8gw4pipq4UOiEp463avConrmBc05jpikEZ5_vLF&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZ9E24kWJY5zWIbGxgAfiwJfADeSP0rFcp5LhiIgBwI23ARABIABgu4aAgNAKggEXY2EtcHViLTkxMzgyNDc2NTM3NTQ1MzPIAQmpAl4u4D5Ai7Q-4AIAqAMBqgToAU_QKKtDI32Fs6FgybG7GpRb47JtblZLEI9mX2tuHZwGCdItM15DYMmX2pTuTE0OAkQkak1yKkEwUt-Uw-tvTBWRB8TTsicp6Gf2O6s9m8I4rwFPwmRxmeZT_WYRC7Mw8gCG1mpIu7EyAb2kCHapL-uKyAdfQ5GZudUk9uus-sgRvxfo0zfqZKSHeaYcMZ2aYgrCMqi5QDT3eN_QPUtBX9DKVC3MLZEWuacauSOawC_uNY9v9DiYExjt12sW9vQsMJvHFF4PdYNY9GMCUuiexzo2H_r2khA33Wb0r5oDtA8hU3lkxYOmEDPgBAGABs26yuH-nLnMQaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1VKSdeuFataJYQRPBlmLF59aSwDw%26client%3Dca-pub-9138247653754533%26adurl%3D
Frame ID: F7104FEDE511C9E0522E7229274E736E
Requests: 21 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 729BCC2CC073404EB0FBA62F81CBF56C
Requests: 6 HTTP requests in this frame

Frame: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Frame ID: DBE81D0B93CEBB883CB33C358C620844
Requests: 31 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Frame ID: B5EF4D93D29F7E34363647BA8641A08A
Requests: 19 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Frame ID: 3ADB18A5433B3D80404385424818F329
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1669940706186&gdpr=0
Frame ID: AA58D3A6E5CD3E877F823EF3727AB4CE
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8&gdpr=0
Frame ID: 6E8E07AAA0EFEC31DD677D95DCE9BADF
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=0
Frame ID: DBD71E3025B69488160F0D7A3C27CB30
Requests: 10 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=A023427D-3228-4944-A5FB-0AC132CF716F&gdpr=0&gdpr_consent=
Frame ID: 2667C250E98D69D2EB2BCB2A71B97945
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:6f7c6389-45e6-4600-9ebf-9777e54faf22&gdpr=0&gdpr_consent=
Frame ID: C5B950D18CE657F6AAF38B1D4B6D577F
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8061416846806079050
Frame ID: 8BD4937F367419F44A9B4BD178A6C3BA
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 0B2CB98E6C04A18856580F4AA7BEA6F2
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=A023427D-3228-4944-A5FB-0AC132CF716F&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: 9DDA465CE7D1BC90122B89FF90A89C06
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4315024596449037830&gdpr=0&gdpr_consent=
Frame ID: 0A487154F018E85806DFFD022BAE6A89
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=ZHCqWWZ291V_IaZZYHW_WWYg81N_eqIEZnXSF7Xw
Frame ID: 510AEE5E52694CE57A3AC476E87EBBC3
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7172340731432269973&gdpr=0&gdpr_consent=
Frame ID: E27EC92585E7A0C4D2838C1E5E483CC8
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=YgfOmiPyT-NRJ6UO_zX2ftmKxGo
Frame ID: 688AB28A308AC5B1EDD2329885E0CEE5
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAD12k7HEowAACDKqJTlkw&gdpr=0&gdpr_consent=
Frame ID: 4431494ACDC8923BC5C6DAB546D0206F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y4lF4wAAAI5sjQAF&gdpr=0&gdpr_consent=
Frame ID: 331D3EC71B63A8D80E4FE9C85023CA1A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={viewer_token}&gdpr=0
Frame ID: 35057CCE84C99B6363D3B0A70D8B18AD
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 770A3353EC332949B97EC5B927636828
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: D78FDCE44098569DAEFB6285CBD1F2FB
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7740149536
Frame ID: BEC87A5C5F5C8A7F181D7127DD44E1E6
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: B6455A016C8AA85F417B43326A49471F
Requests: 1 HTTP requests in this frame

Frame: https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=012e89385aac39d1/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253D39puKE4JabXnSRYSVggjYRQb
Frame ID: 303967F9F7337DA837DE71A95802D287
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: F12C469B613D158BA7C900371D727EA1
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=1plus1.ua
Frame ID: 82372B8A7CCFDBF30E8E5376BC66C9EB
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 237518F26DE41BB9CFF4312138677ADB
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 91402851F6AC75B21B868FF08BAF74A0
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Офіційний сайт каналу 1+1Kyivstar

Page URL History Show full URLs

http://1plus1.ua/ HTTP 301
https://1plus1.ua/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Gemius (Analytics) Expand

Overall confidence: 100%
Detected patterns

hit\.gemius\.pl/xgemius\.js
hit\.gemius\.pl
xgemius\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Matomo Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

piwik\.js|piwik\.php

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

399
Requests

86 %
HTTPS

31 %
IPv6

88
Domains

142
Subdomains

100
IPs

15
Countries

6830 kB
Transfer

13396 kB
Size

129
Cookies

32 Outgoing links

These are links going to different origins than the main page.

URL: https://1plus1.video/
Title: Відео

Search URL Search Domain Scan URL

URL: https://www.facebook.com/1plus1.ua/

Search URL Search Domain Scan URL

URL: https://t.me/OnePlusOneChannel

Search URL Search Domain Scan URL

URL: https://instagram.com/1plus1_ua?utm_medium=copy_link

Search URL Search Domain Scan URL

URL: https://poshuk.1plus1.ua/
Title: Знайти своїх

Search URL Search Domain Scan URL

URL: https://dovgadoba.1plus1.ua/
Title: Довга доба

Search URL Search Domain Scan URL

URL: https://1plus1.video/tancy-so-zvezdami/
Title: Всі відео

Search URL Search Domain Scan URL

URL: https://1plus1.video/golos-strany/12-sezon
Title: Інеса Грицаєнко — "Чи разом" — Фінал — Голос країни 12 сезон 12 сезон 12 випуск

Search URL Search Domain Scan URL

URL: https://images.1plus1.ua/uploads/gallery/000/861/427/52e43f15d2888e2bea1a412d1f3df3f4.jpg?v=1645557776

Search URL Search Domain Scan URL

URL: https://images.1plus1.ua/uploads/gallery/001/079/440/240de918a00b0e609c0e7b5c81bbf561.jpg?v=1661864391

Search URL Search Domain Scan URL

URL: https://images.1plus1.ua/uploads/gallery/001/079/449/3b2dafe0170389d730ee64edf0bc44c0.png?v=1661864454

Search URL Search Domain Scan URL

URL: https://images.1plus1.ua/uploads/gallery/001/079/413/8fbf1d1fdc445434595ab6c4eb997491.jpg?v=1661864350

Search URL Search Domain Scan URL

URL: https://images.1plus1.ua/uploads/gallery/001/079/431/2cb1a102d69eac6570896b3c56145979.jpg?v=1661864431

Search URL Search Domain Scan URL

URL: https://images.1plus1.ua/uploads/gallery/000/860/641/337329a5e3fec02712e8d60b21e1412b.jpg?v=1645529997

Search URL Search Domain Scan URL

URL: https://images.1plus1.ua/uploads/gallery/001/084/672/28171d2034538ff08ebe1197f24baf19.jpg?v=1661866087

Search URL Search Domain Scan URL

URL: https://images.1plus1.ua/uploads/gallery/000/860/668/6476cab202c46a67552db7f8e6293399.jpg?v=1645530090

Search URL Search Domain Scan URL

URL: https://images.1plus1.ua/uploads/gallery/001/084/663/efc721c85ede23339e4a80e809a772a9.jpg?v=1661866127

Search URL Search Domain Scan URL

URL: https://images.1plus1.ua/uploads/gallery/000/860/659/b179b1a345011da2f620df40a3fba89a.jpg?v=1645530060

Search URL Search Domain Scan URL

URL: https://1plus1.video/video/embed/E2fzXbha?l=ua

Search URL Search Domain Scan URL

URL: https://tsn.ua/

Search URL Search Domain Scan URL

URL: https://plus-plus.tv/

Search URL Search Domain Scan URL

URL: https://2plus2.ua/

Search URL Search Domain Scan URL

URL: https://tet.tv/

Search URL Search Domain Scan URL

URL: https://1plus1.international/

Search URL Search Domain Scan URL

URL: https://bigudi.tv/

Search URL Search Domain Scan URL

URL: https://www.unian.net/

Search URL Search Domain Scan URL

URL: https://paramountcomedy.com.ua/

Search URL Search Domain Scan URL

URL: https://tv.kyivstar.ua/
Title: Kyivstar

Search URL Search Domain Scan URL

URL: https://media.1plus1.ua/ua/media/channels/1plus1
Title: ПРО КАНАЛ

Search URL Search Domain Scan URL

URL: https://sales.1plus1.digital/
Title: РЕКЛАМА

Search URL Search Domain Scan URL

URL: https://media.1plus1.ua/ua/media/channels/problems
Title: ПРОБЛЕМИ З ПРИЙОМОМ КАНАЛУ 1+1

Search URL Search Domain Scan URL

URL: https://media.1plus1.ua/ua/hr
Title: КАР’ЄРА

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://1plus1.ua/ HTTP 301
https://1plus1.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 96

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=2d171c45-91fe-48a7-a35a-c56388b8b76f

Request Chain 113

https://gaua.hit.gemius.pl/_1669940705712/rexdot.js?l=100&sendf=8&id=AjrqKCOxP8PKBji0fzFPYcU1XmENAbtLwaFZEcN9oWn.27&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2F1plus1.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=sv13PBuAGrQf9UmyzcK3vQj6bMfjcE.z_ASsHJ6enz7.Q7EZJMbS2vNMvTuud4tvnVFxEIwiazq_PbY0gdlk5RdMSZbp/vLei3B.yRoGp6/&fpdata=-TURNEDOFF&ltime=490&inner=_ver%3D331%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=638945e10d1ea5d2 HTTP 301
https://gaua.hit.gemius.pl/__/_1669940705712/rexdot.js?l=100&sendf=8&id=AjrqKCOxP8PKBji0fzFPYcU1XmENAbtLwaFZEcN9oWn.27&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2F1plus1.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=sv13PBuAGrQf9UmyzcK3vQj6bMfjcE.z_ASsHJ6enz7.Q7EZJMbS2vNMvTuud4tvnVFxEIwiazq_PbY0gdlk5RdMSZbp/vLei3B.yRoGp6/&fpdata=-TURNEDOFF&ltime=490&inner=_ver%3D331%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=638945e10d1ea5d2

Request Chain 138

https://pbjs.e-planning.net/pbjs/1/2e43c/1/1plus1.ua/ROS?rnd=0.427417296333102&e=300x250_0%3A300x250%2B300x250_1%3A300x250%2C300x600%2B300x250_2%3A300x250%2C300x600%2B970x250_0%3A970x250%2C750x250%2B1440x180_0%3A1440x180&ur=https%3A%2F%2F1plus1.ua%2F&pbv=6.25.1-d&ncb=1&vs=FFFFF&crs=UTF-8&fr=https%3A%2F%2F1plus1.ua%2F&gdpr=0&e_pubcid=21d9fa2c-cc25-4160-ad0d-9f6828ed618a HTTP 302
https://pbjs.e-planning.net/hb/1/2e43c/1/1plus1.ua/ROS?ct=1&r=pbjs&rnd=0.427417296333102&e=300x250_0%3A300x250%2B300x250_1%3A300x250%2C300x600%2B300x250_2%3A300x250%2C300x600%2B970x250_0%3A970x250%2C750x250%2B1440x180_0%3A1440x180&ur=https%3A%2F%2F1plus1.ua%2F&pbv=6.25.1-d&ncb=1&vs=FFFFF&crs=UTF-8&fr=https%3A%2F%2F1plus1.ua%2F&gdpr=0&e_pubcid=21d9fa2c-cc25-4160-ad0d-9f6828ed618a

Request Chain 199

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEP9wiIN8UI1qJW8oJIXvt-o&google_cver=1&google_push=ASkJ3FZxh4oJIe9d06CDKpw0XAL8vm2WVTSIsWnJ8M6fwGSZ62fEKlcedVDHo6vgMIYJ-Ef3_o2yRLO-RcELC1zeDksa_uX4wOeG HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEP9wiIN8UI1qJW8oJIXvt-o&google_push=ASkJ3FZxh4oJIe9d06CDKpw0XAL8vm2WVTSIsWnJ8M6fwGSZ62fEKlcedVDHo6vgMIYJ-Ef3_o2yRLO-RcELC1zeDksa_uX4wOeG

Request Chain 200

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJzLyfSZmzv1PyDvKPlm0wM&google_cver=1&google_push=ASkJ3Fbbl4HwXaIEGX6OFoNO_8d4NlvtAl8fBjM8dcRJGzbzbJVR1f0MF8ay5N9UXvX6M53OmsAyrL_WFi25pMLgnNguSj6AKuR6 HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEJzLyfSZmzv1PyDvKPlm0wM&google_cver=1&google_push=ASkJ3Fbbl4HwXaIEGX6OFoNO_8d4NlvtAl8fBjM8dcRJGzbzbJVR1f0MF8ay5N9UXvX6M53OmsAyrL_WFi25pMLgnNguSj6AKuR6 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTg0NzA2MTUwMjY0ODU1NzU2NQ&google_push=ASkJ3Fbbl4HwXaIEGX6OFoNO_8d4NlvtAl8fBjM8dcRJGzbzbJVR1f0MF8ay5N9UXvX6M53OmsAyrL_WFi25pMLgnNguSj6AKuR6

Request Chain 201

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEAMahFG-TAYn1XW6z7B9TiY&google_cver=1&google_push=ASkJ3FaGD9n0YBUMC_2OvcDk3cHuRiunVvG5LgfU-lESykLlC2Ydcu_5oetsG8N5JbkhBBv0MKWtBLDh9DYnieA-seC3Fxr3DBqU HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEAMahFG-TAYn1XW6z7B9TiY&google_push=ASkJ3FaGD9n0YBUMC_2OvcDk3cHuRiunVvG5LgfU-lESykLlC2Ydcu_5oetsG8N5JbkhBBv0MKWtBLDh9DYnieA-seC3Fxr3DBqU&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEAMahFG-TAYn1XW6z7B9TiY&google_hm=Y4lF4xJtJ9apRJP1LwFWoAAAAsYAAAIB&google_nid=index&google_push=ASkJ3FaGD9n0YBUMC_2OvcDk3cHuRiunVvG5LgfU-lESykLlC2Ydcu_5oetsG8N5JbkhBBv0MKWtBLDh9DYnieA-seC3Fxr3DBqU

Request Chain 202

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEMlFEhgg9ZeVPHlmWrXzF1k&google_cver=1&google_push=ASkJ3FZoGMx98Nx27NPKh7h9AeZZBgPS6JWBP-Z9RwaOso8YJco4IeTcEt1nHjortF3WlgiFy5VWY3bkmVDPzxZE66cUyy9Zyl58 HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEMlFEhgg9ZeVPHlmWrXzF1k&google_cver=1&google_push=ASkJ3FZoGMx98Nx27NPKh7h9AeZZBgPS6JWBP-Z9RwaOso8YJco4IeTcEt1nHjortF3WlgiFy5VWY3bkmVDPzxZE66cUyy9Zyl58&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ASkJ3FZoGMx98Nx27NPKh7h9AeZZBgPS6JWBP-Z9RwaOso8YJco4IeTcEt1nHjortF3WlgiFy5VWY3bkmVDPzxZE66cUyy9Zyl58&google_hm=FvvZrGZHlGY41ZlVQxa737fP

Request Chain 203

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEIhC_tQWymli7pG07vEbwLo&google_cver=1&google_push=ASkJ3FbB9Qt8_uLXcGkj-Tam14S9yvf4Qc2X-fBxa5jR60CwpXZfK5mXK134qmpr_sdrXkZOkvdsTkQDFrVKODX3WdcQE1AXIXZ5 HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=ASkJ3FbB9Qt8_uLXcGkj-Tam14S9yvf4Qc2X-fBxa5jR60CwpXZfK5mXK134qmpr_sdrXkZOkvdsTkQDFrVKODX3WdcQE1AXIXZ5&google_gid=CAESEIhC_tQWymli7pG07vEbwLo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjgyMTg1Nzk1MTMxOTcyNDYxNDA2&google_push=ASkJ3FbB9Qt8_uLXcGkj-Tam14S9yvf4Qc2X-fBxa5jR60CwpXZfK5mXK134qmpr_sdrXkZOkvdsTkQDFrVKODX3WdcQE1AXIXZ5

Request Chain 205

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESECmgWJjwoErYkY3xoc429os&google_cver=1&google_push=ASkJ3FYUQYFBFPvEnR1tHhuzpJu3xyH25oSD0PSJQ-GTjy9XrSIDbFiq7SoeHVKuDoqcJr6HnJe2Y04NjNNI3-fCTLaahgvF4vkYMA HTTP 302
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESECmgWJjwoErYkY3xoc429os&google_cver=1&google_push=ASkJ3FYUQYFBFPvEnR1tHhuzpJu3xyH25oSD0PSJQ-GTjy9XrSIDbFiq7SoeHVKuDoqcJr6HnJe2Y04NjNNI3-fCTLaahgvF4vkYMA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=82ef57d0-280c-47d2-bf64-69bb409e1ca1&%%GOOGLE_PUSH_PAIR%%

Request Chain 225

https://um.simpli.fi/gp_match?google_gid=CAESEIhlS_DDPsG5Nnn7PC4uEXs&google_cver=1&google_push=ASkJ3FZEu5c0SkqIpBLfRVPrebY19SXK1EiklO4jvYweEMBGgO34Rf4Y4O0g0JZ5nzdE3xlFpdRbaGgEY_JPMEiKHbKS2C5e56aR HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0F9A96254A26467AB7FCE4D8D767D741&google_push=ASkJ3FZEu5c0SkqIpBLfRVPrebY19SXK1EiklO4jvYweEMBGgO34Rf4Y4O0g0JZ5nzdE3xlFpdRbaGgEY_JPMEiKHbKS2C5e56aR

Request Chain 228

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJzLyfSZmzv1PyDvKPlm0wM&google_cver=1&google_push=ASkJ3FafOQXb-6hh0_MdIywbe9EavT1ohympp92JPNWHW_S2sm1Ub_fP23vVTb4i2IwNe9XtdkYcijEo4lXmHYblZPLJ1POvi4g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzM0NzM3NTYzMDQ2ODM2NTk4OQ&google_push=ASkJ3FafOQXb-6hh0_MdIywbe9EavT1ohympp92JPNWHW_S2sm1Ub_fP23vVTb4i2IwNe9XtdkYcijEo4lXmHYblZPLJ1POvi4g

Request Chain 235

https://um.simpli.fi/gp_match?google_gid=CAESEIhlS_DDPsG5Nnn7PC4uEXs&google_cver=1&google_push=ASkJ3FbLe3eTASnkNBAavNxR5GcuR38yW1hm4y-zd-o22X1r3pxR8zBG7utS2MaYzLdgggGyI8mrjMwDyFQQrT8NvgKTaTNLtfyuLg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=399D6E80F9B949FBB4C6CFFB23B25D71&google_push=ASkJ3FbLe3eTASnkNBAavNxR5GcuR38yW1hm4y-zd-o22X1r3pxR8zBG7utS2MaYzLdgggGyI8mrjMwDyFQQrT8NvgKTaTNLtfyuLg

Request Chain 238

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJzLyfSZmzv1PyDvKPlm0wM&google_cver=1&google_push=ASkJ3FbRtv4LqQxObOGoiCjA0yir2Byhi8NTf5P72TQX7ZXlI64LlLT--c4GW4ku1Newkxu3wTUibeZ79fxRyi8cHNiDDkrmiqYnbA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDI3MzA5NjA4NjY4NjM3MDMxOQ&google_push=ASkJ3FbRtv4LqQxObOGoiCjA0yir2Byhi8NTf5P72TQX7ZXlI64LlLT--c4GW4ku1Newkxu3wTUibeZ79fxRyi8cHNiDDkrmiqYnbA

Request Chain 282

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2F1plus1.ua%2F&domain=1plus1.ua&cw=1&pbt=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=1EPauXxxa3BJR05FKzBPRnFxVEJ6ZjE3YkpzWURGUXZRUm9TdFdQd3RYc01RUzlUOVQweldlMHJQMTJXdkFuZW1uVUlweFpJaHlubzJiQnlsUGhmV2k3c1p6NEVTZG1iWFY3dVIwR3lKS1RCU1grdzR0Rnl5bmJoa3c5ODJsOVVyMEQvSldPN091MGhCaFhXYW9MWjVMYk14SlRld2p1ZVd5L3M4Rm1yRXh4YmZuTTY3dXVuTWZoYlhhQktiNDNFcC9xem4wOGRsMHNqZzQ0dTkxcEh5ZFlzZHJDWGdjL3phUk9pdnd6emFtMVVmakhBPXw&cppv=2

Request Chain 290

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=c29d6389-45e6-4c00-87bf-4c95e804e09b

Request Chain 291

https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&&val=5OIlLubkeCL_syku4OcwLuayfCT_6C1z5ueCn9qv

Request Chain 292

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4273096086686370319

Request Chain 295

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMdLZhyO71LVKkY9cxibZvk&google_cver=1

Request Chain 299

https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D4afbfe1a-6e19-44c7-6553-04cd5581b608%26reqId%3D583c220e-32cb-441a-4615-024fde474210%26zdid%3D1361 HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D4afbfe1a-6e19-44c7-6553-04cd5581b608%26reqId%3D583c220e-32cb-441a-4615-024fde474210%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=cf467396-d9c1-44b2-abe4-93e2ddf3b92d&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4afbfe1a-6e19-44c7-6553-04cd5581b608&reqId=583c220e-32cb-441a-4615-024fde474210&zdid=1361

Request Chain 304

https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D4afbfe1a-6e19-44c7-6553-04cd5581b608%26reqId%3D583c220e-32cb-441a-4615-024fde474210%26zdid%3D1361 HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D4afbfe1a-6e19-44c7-6553-04cd5581b608%26reqId%3D583c220e-32cb-441a-4615-024fde474210%26zdid%3D1361&rdf=1 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&cid=A023427D-3228-4944-A5FB-0AC132CF716F&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4afbfe1a-6e19-44c7-6553-04cd5581b608&reqId=583c220e-32cb-441a-4615-024fde474210&zdid=1361

Request Chain 305

https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4afbfe1a-6e19-44c7-6553-04cd5581b608&reqId=583c220e-32cb-441a-4615-024fde474210&zdid=1361 HTTP 302
https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4afbfe1a-6e19-44c7-6553-04cd5581b608&reqId=583c220e-32cb-441a-4615-024fde474210&zdid=1361&s_h=1 HTTP 302
https://mwzeom.zeotap.com/mw?cid=7ca7f275-5f2c-4967-ae67-c8da5b9edf1d&zpartnerid=317&gdpr=1&gdpr_consent=

Request Chain 306

https://dpm.demdex.net/ibs:dpid=199624&dpuuid=4afbfe1a-6e19-44c7-6553-04cd5581b608&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D4afbfe1a-6e19-44c7-6553-04cd5581b608%26reqId%3D583c220e-32cb-441a-4615-024fde474210%26zdid%3D1361 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=4afbfe1a-6e19-44c7-6553-04cd5581b608&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D4afbfe1a-6e19-44c7-6553-04cd5581b608%26reqId%3D583c220e-32cb-441a-4615-024fde474210%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=84777943709590018511959855765117311712&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4afbfe1a-6e19-44c7-6553-04cd5581b608&reqId=583c220e-32cb-441a-4615-024fde474210&zdid=1361

Request Chain 308

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D4afbfe1a-6e19-44c7-6553-04cd5581b608%26reqId%3D583c220e-32cb-441a-4615-024fde474210%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=7172340731431090325&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4afbfe1a-6e19-44c7-6553-04cd5581b608&reqId=583c220e-32cb-441a-4615-024fde474210&zdid=1361

Request Chain 309

https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=4afbfe1a-6e19-44c7-6553-04cd5581b608 HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=4afbfe1a-6e19-44c7-6553-04cd5581b608

Request Chain 310

https://idsync.frontend.weborama.fr/ids?key=zeotap&value=4afbfe1a-6e19-44c7-6553-04cd5581b608&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D4afbfe1a-6e19-44c7-6553-04cd5581b608%26reqId%3D583c220e-32cb-441a-4615-024fde474210%26zdid%3D1361 HTTP 302
https://idsync.frontend.weborama.fr/ids?key=zeotap&value=4afbfe1a-6e19-44c7-6553-04cd5581b608&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D4afbfe1a-6e19-44c7-6553-04cd5581b608%26reqId%3D583c220e-32cb-441a-4615-024fde474210%26zdid%3D1361&bounce=1&random=73126985 HTTP 302
https://mwzeom.zeotap.com/mw?webouuid=0XwpFPu6rJENCXGvrHUA0e&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4afbfe1a-6e19-44c7-6553-04cd5581b608&reqId=583c220e-32cb-441a-4615-024fde474210&zdid=1361

Request Chain 311

https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D[sas_uid]%26zpartnerid%3D592%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D4afbfe1a-6e19-44c7-6553-04cd5581b608%26reqId%3D583c220e-32cb-441a-4615-024fde474210%26zdid%3D1361 HTTP 302
https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https://mwzeom.zeotap.com/mw?cid=[sas_uid]&zpartnerid=592&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4afbfe1a-6e19-44c7-6553-04cd5581b608&reqId=583c220e-32cb-441a-4615-024fde474210&zdid=1361&cklb=1 HTTP 302
https://mwzeom.zeotap.com/mw?cid=

Request Chain 313

https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
https://ups.analytics.yahoo.com/ups/58697/cms?partner_id=ZTAP HTTP 302
https://mwzeom.zeotap.com/mw?cid=y-NMxkK_JE2oqPWl3jygP2R.5wZlm6tb5evQ--~A&zpartnerid=570&env=mWeb

Request Chain 314

https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=GBR&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4afbfe1a-6e19-44c7-6553-04cd5581b608&reqId=583c220e-32cb-441a-4615-024fde474210&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=GBR&zdid=1361&cid=9MhQKoDjAstvR8ybr1dgTZCfYTih72yK%2BS41iYitP1U%3D

Request Chain 318

https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D4afbfe1a-6e19-44c7-6553-04cd5581b608%26reqId%3D583c220e-32cb-441a-4615-024fde474210%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=Y4lF4wAAAI5sjQAF&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4afbfe1a-6e19-44c7-6553-04cd5581b608&reqId=583c220e-32cb-441a-4615-024fde474210&zdid=1361

Request Chain 320

https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4afbfe1a-6e19-44c7-6553-04cd5581b608&reqId=583c220e-32cb-441a-4615-024fde474210&zdid=1361 HTTP 302
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4afbfe1a-6e19-44c7-6553-04cd5581b608&reqId=583c220e-32cb-441a-4615-024fde474210&zdid=1361

Request Chain 321

https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=4afbfe1a-6e19-44c7-6553-04cd5581b608&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4afbfe1a-6e19-44c7-6553-04cd5581b608&reqId=583c220e-32cb-441a-4615-024fde474210&zdid=1361 HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=4afbfe1a-6e19-44c7-6553-04cd5581b608&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4afbfe1a-6e19-44c7-6553-04cd5581b608&reqId=583c220e-32cb-441a-4615-024fde474210&zdid=1361&dcc=t

Request Chain 323

https://obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D4afbfe1a-6e19-44c7-6553-04cd5581b608%26reqId%3D583c220e-32cb-441a-4615-024fde474210%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4afbfe1a-6e19-44c7-6553-04cd5581b608&reqId=583c220e-32cb-441a-4615-024fde474210&zdid=1361

Request Chain 324

https://pixel.rubiconproject.com/token?pid=41544&puid=4afbfe1a-6e19-44c7-6553-04cd5581b608&gdpr=0&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4afbfe1a-6e19-44c7-6553-04cd5581b608&reqId=583c220e-32cb-441a-4615-024fde474210&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=LB5RKVJ8-23-44X2&env=mWeb&zpartnerid=1770&gdpr=0

Request Chain 325

https://x.bidswitch.net/syncd?dsp_id=461&user_group=1&expires=5&user_id=4afbfe1a-6e19-44c7-6553-04cd5581b608&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BBSW_UID%7D%26env%3DmWeb%26zpartnerid%3D1771%26gdpr%3D1%26gdpr_consent%3D%7Bconsent_string%7D%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D4afbfe1a-6e19-44c7-6553-04cd5581b608%26reqId%3D583c220e-32cb-441a-4615-024fde474210%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=82ef57d0-280c-47d2-bf64-69bb409e1ca1&env=mWeb&zpartnerid=1771&gdpr=1&gdpr_consent={consent_string}&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4afbfe1a-6e19-44c7-6553-04cd5581b608&reqId=583c220e-32cb-441a-4615-024fde474210&zdid=1361

Request Chain 332

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:6f7c6389-45e6-4600-9ebf-9777e54faf22&gdpr=0&gdpr_consent=

Request Chain 333

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8061416846806079050

Request Chain 335

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=A023427D-3228-4944-A5FB-0AC132CF716F&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=A023427D-3228-4944-A5FB-0AC132CF716F&redir=true&gdpr=0&gdpr_consent=&dcc=t

Request Chain 336

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4315024596449037830&gdpr=0&gdpr_consent=

Request Chain 337

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=ZHCqWWZ291V_IaZZYHW_WWYg81N_eqIEZnXSF7Xw

Request Chain 338

https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7172340731432269973&gdpr=0&gdpr_consent=

Request Chain 339

https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=YgfOmiPyT-NRJ6UO_zX2ftmKxGo

Request Chain 340

https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEMTJrN0hFb3dBQUNES3FKVGxrdw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAD12k7HEowAACDKqJTlkw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=5231574121756514718&gdpr=0&gdpr_consent= HTTP 303
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAD12k7HEowAACDKqJTlkw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D5231574121756514718%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP 302
https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=5231574121756514718&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAD12k7HEowAACDKqJTlkw&pid=558502&do=add&gdpr=0 HTTP 303
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAD12k7HEowAACDKqJTlkw&gdpr=0&gdpr_consent=

Request Chain 341

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y4lF4wAAAI5sjQAF&gdpr=0&gdpr_consent=

Request Chain 342

https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}&gdpr=0&gdpr_consent= HTTP 307
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={viewer_token}&gdpr=0

Request Chain 343

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}

Request Chain 345

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1669940709907 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7740149536

Request Chain 347

https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid HTTP 302
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=012e89385aac39d1/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253D39puKE4JabXnSRYSVggjYRQb

Request Chain 349

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=oCNCfTIoSUSl-wrBMs9xbw%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

Request Chain 350

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=ea826389-45e6-4100-b681-37312860ea11

Request Chain 351

https://pixel.onaudience.com/?partner=214&mapped=A023427D-3228-4944-A5FB-0AC132CF716F&gdpr=0&gdpr_consent= HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0 HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1 HTTP 302
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=6c9d3a7c43f9ca98ed044a4d899aeb16&gdpr=0 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0

Request Chain 352

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QTAyMzQyN0QtMzIyOC00OTQ0LUE1RkItMEFDMTMyQ0Y3MTZG&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 353

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELl4IgrQ1Lt1qm36sC_nB1g&google_cver=1

Request Chain 355

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4273096086686370319

Request Chain 357

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=82ef57d0-280c-47d2-bf64-69bb409e1ca1 HTTP 302
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=82ef57d0-280c-47d2-bf64-69bb409e1ca1 HTTP 302
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=3ebe5a5f-d8a1-43e7-b6ec-5c3049378157&user_group=1&ssp=pubmatic&bsw_param=82ef57d0-280c-47d2-bf64-69bb409e1ca1 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=82ef57d0-280c-47d2-bf64-69bb409e1ca1&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 359

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=A023427D-3228-4944-A5FB-0AC132CF716F&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=A023427D-3228-4944-A5FB-0AC132CF716F&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-v.Tx1JxE2uXckjPFGJuRmiGWNXaE.uA-~A&gdpr=0&gdpr_consent=

Request Chain 362

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8454689773244634111&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 363

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:3a5a6b47-db12-4cf3-b25f-ba3287173543&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

Request Chain 364

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4315024596449037830

Request Chain 365

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0 HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=MsdSBcd-Rpu93j7A0cNRQA&rk=usync-na&gdpr=0 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=MsdSBcd-Rpu93j7A0cNRQA&gdpr=0

Request Chain 366

https://token.rubiconproject.com/token?pid=36584&gdpr=0 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LB5RKVJ8-23-44X2&gdpr=0

Request Chain 367

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/x_hhYKvWeTY-ekrJ4JQBIsn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=0 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-2P.WH2JE2oLmjvzD07pHk22HYLr2VnUfLwYHoA--~A

Request Chain 369

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEB7eCifYytj57MUmU3mWKg8&google_cver=1

Request Chain 370

https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDA0M2Q2YzdlNzZmY2NlZjI5YjIzYzUwMmI0M2VkNWY3NzFhNDY2NQ&gdpr=0

Request Chain 371

https://token.rubiconproject.com/token?pid=25470&gdpr=0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEI1UktWSjgtMjMtNDRYMg==&gdpr=0

Request Chain 372

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0 HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=jfy_RALWSpCdFVtyv81GNg&rk=usync-other&gdpr=0 HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=jfy_RALWSpCdFVtyv81GNg&gdpr=0

Request Chain 384

https://gum.criteo.com/sid/json?origin=publishertag&domain=1plus1.ua&sn=ChromeSyncframe&so=3&topUrl=1plus1.ua&bundle=OiHLs19Bc2N6WlVTa3pGUmJwMmFsa0tNM2dEMmlnbjhPeG51dFdtemhyenZkJTJCWjhkYlpHV2JtMTJuSmZiWWFCZXBzV20lMkI1YmpKSTRGcXBLV0xiQSUyRjJkWEM4S2RKUSUyQlhhMXRXSGZialptUEpvVEpQSE1BNnBweUdiSWlZOEtMeDFOUXhQ&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=SCwZf3xyQ3R3Z09xbGFWN0pBYUdlSlJ1dThYSXRJSmxpRGlpMCs0ZHBXblF4WVhBT2dMNHFwMUZMSmo3bzdXditBZWJvNis3SnhrZ2ZoVzdWR2NyUHNxWW5BdnN5MjRVQkEwSDJ4QzZOOGpSSWRHTnJVOXQ3UHJRMzR6aGlERXFaRzlVb2JtRTFUZWt4ay83RHVZdm56a2d6MngrSEJQQ0tHbW13WlI1VjFlZ0gwcnJGaXlTLy9BNjlqcGRuVm0zUDdzQ2lQSkdVNit6UGlwRkZRSkg2cUJwSTBVbklrajB1Ky9xWnNZOEpBQWw5cGU1MnR3MGlNUFA0QmV0WmsvK24xUVhqZlpvejZoUjVkNGFiMG9EU2cxanlNQT09fA&cppv=2

399 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
1plus1.ua/
Redirect Chain

http://1plus1.ua/
https://1plus1.ua/

305 KB
70 KB

435ms
153ms

Document
text/html

195.137.240.80
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://1plus1.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.80 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front02.1plus1.ua
Software: nginx /
Resource Hash: bcd9de9f6256f24e16a041d004536161e02bab316b697ea1b0696d5c0a049a16

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Cache-Control: no-cache, private
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Fri, 02 Dec 2022 00:25:04 GMT
Keep-Alive: timeout=15
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

Redirect headers

Connection: keep-alive
Content-Length: 178
Content-Type: text/html
Date: Fri, 02 Dec 2022 00:25:03 GMT
Keep-Alive: timeout=15
Location: https://1plus1.ua/
Server: nginx

GET
H/1.1 200
OK desktop.css
1plus1.ua/build/css/ 136 KB
33 KB 152ms
79ms Stylesheet
text/css 195.137.240.80
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://1plus1.ua/build/css/desktop.css?id=c39a6fec71f6f36b6aef
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.80 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front02.1plus1.ua
Software: nginx /
Resource Hash: 2b7f68582252a22f529528a5bcd334c5d727a7e972d2808677aaee4a4ba20259

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 00:25:04 GMT
Content-Encoding: gzip
Last-Modified: Mon, 27 Jun 2022 13:34:00 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Fri, 09 Dec 2022 00:25:04 GMT

GET
H/1.1 200
OK api.0.3.0.js Show response
1plus1.video/static/player/js/ 7 KB
3 KB 354ms
84ms Script
application/javascript 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://1plus1.video/static/player/js/api.0.3.0.js
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: a5af34b74868f58da2483e0ad87af7bfb087d4fc23ee86139a4fba443bb66e5f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 00:25:04 GMT
Content-Encoding: gzip
Last-Modified: Tue, 13 Apr 2021 11:47:42 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Sun, 01 Jan 2023 00:20:09 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 142 KB
48 KB 161ms
64ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1c6e511afb1166f45bc6126b398a29f6254137bcb42367c1a3537dbded17bf9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48997
x-xss-protection: 0
server: cafe
etag: 12870221312457355749
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 02 Dec 2022 00:25:04 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 142 KB
48 KB 175ms
78ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7632246187727089

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba6cad67f29d3244d460712d68acf354eae643092ab34d7c65e5efded3528c0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1plus1.ua/
Origin: https://1plus1.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48952
x-xss-protection: 0
server: cafe
etag: 8709300806120361697
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 02 Dec 2022 00:25:04 GMT

GET
H2 200 309d4bab1c15aece7d43712ea51540c3_1050x960.jpg
images.1plus1.ua/uploads/articles/001/186/114/ 146 KB
146 KB 579ms
302ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/186/114/309d4bab1c15aece7d43712ea51540c3_1050x960.jpg?v=1669886806
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 3bacc2e49520c724c3cc3b1d5f228d7a3b581d838c9c98f36200cc7546e07391

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:04 GMT
last-modified: Thu, 01 Dec 2022 09:26:47 GMT
server: nginx
etag: "462a475a9b6b947cf91f39fd3efff431"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 149511
x-1p1-cdn: HIT; Thu, 01 Dec 2022 22:48:29 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 0d972df678d461b0c40e4c004c768616_1050x960.jpg
images.1plus1.ua/uploads/articles/001/184/851/ 82 KB
82 KB 805ms
529ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/184/851/0d972df678d461b0c40e4c004c768616_1050x960.jpg?v=1669810313
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: f341145b3025d881ad690fe7e7bc7d19035fafccc9550b7c39ecff633300973c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:05 GMT
last-modified: Wed, 30 Nov 2022 13:43:21 GMT
server: nginx
etag: "02f6fd251d6296239c92b17026f37c21"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 83908
x-1p1-cdn: REVALIDATED; Thu, 01 Dec 2022 22:52:49 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 cbcac5ce6b0a3b669cb7e7eae0914a6d_1050x960.jpg
images.1plus1.ua/uploads/articles/001/177/345/ 52 KB
53 KB 504ms
227ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/177/345/cbcac5ce6b0a3b669cb7e7eae0914a6d_1050x960.jpg?v=1669327505
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 2d57562b09705f19403af6796a0638377219ecb109f5fe327a2ff5aa50e6ea68

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:04 GMT
last-modified: Thu, 24 Nov 2022 22:05:07 GMT
server: nginx
etag: "f95392365d4bd34489fceb20cb2d427d"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 53587
x-1p1-cdn: REVALIDATED; Thu, 01 Dec 2022 22:52:49 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 14c933e9d81d00ffedbb11330062ca04_1050x960.jpg
images.1plus1.ua/uploads/articles/001/083/370/ 81 KB
81 KB 807ms
531ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/083/370/14c933e9d81d00ffedbb11330062ca04_1050x960.jpg?v=1661784030
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 1a262f8dc145427f322ea5645e201a2a13d56226a8ad6a2122936c24a8800c00

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:05 GMT
last-modified: Mon, 29 Aug 2022 14:40:30 GMT
server: nginx
etag: "6f33c922c6bb916f9707825765c0cdf5"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 82687
x-1p1-cdn: REVALIDATED; Thu, 01 Dec 2022 22:52:49 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 7673cd568bc96f42eb2ff644ad3385de_210x150.jpg
images.1plus1.ua/uploads/articles/001/160/479/ 9 KB
9 KB 502ms
225ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/160/479/7673cd568bc96f42eb2ff644ad3385de_210x150.jpg?v=1668072394
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: a054479604c0c8d2fd0d2c6fc476f71daac829c9ff283326172f4b578215984b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:04 GMT
last-modified: Thu, 10 Nov 2022 09:26:38 GMT
server: nginx
etag: "5a40e6cc1e6b58a7624916b4e1e3f61d"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 9195
x-1p1-cdn: REVALIDATED; Thu, 01 Dec 2022 22:49:28 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 7cbd406dc356f59bfec086c44707a653_210x150.png
images.1plus1.ua/uploads/articles/001/171/369/ 21 KB
21 KB 503ms
227ms Image
image/png 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/171/369/7cbd406dc356f59bfec086c44707a653_210x150.png?v=1668773895
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 25df016532ac65ec7fd0c266bc6d26129f3a1129e93d50c4a0003c27c4c03e99

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:04 GMT
last-modified: Fri, 18 Nov 2022 12:18:15 GMT
server: nginx
etag: "397bbf1b2536f1c52cc933d23a815c77"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 21543
x-1p1-cdn: REVALIDATED; Thu, 01 Dec 2022 22:52:49 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 c0c45236724df0040b3b93c06f66d0bf_210x150.jpg
images.1plus1.ua/uploads/articles/001/177/525/ 6 KB
6 KB 378ms
151ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/177/525/c0c45236724df0040b3b93c06f66d0bf_210x150.jpg?v=1669328712
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: b1dc34499d5b93f7f5cbdb8cf32bf8347c42820dc11377cde13213c81feba3d9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:04 GMT
last-modified: Thu, 24 Nov 2022 22:25:13 GMT
server: nginx
etag: "0775f9a324fea304814ec65b1bcdf7cf"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 5942
x-1p1-cdn: REVALIDATED; Thu, 01 Dec 2022 22:52:49 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 e08ec49117fccecdf6ce4152907a209a_210x150.jpg
images.1plus1.ua/uploads/articles/001/159/957/ 8 KB
8 KB 377ms
151ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/159/957/e08ec49117fccecdf6ce4152907a209a_210x150.jpg?v=1668000955
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 8d03673bdb38cd2472faa49e77089961aacd346205a99d6007d2f0236563ed5b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:04 GMT
last-modified: Wed, 09 Nov 2022 13:35:56 GMT
server: nginx
etag: "8a93fe25dec119f3ef44b94b382b4018"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 7868
x-1p1-cdn: REVALIDATED; Thu, 01 Dec 2022 22:52:49 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 c4bfd7bc85e0f8c939262ec12effa51b_210x150.jpg
images.1plus1.ua/uploads/articles/001/146/346/ 8 KB
8 KB 451ms
225ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/146/346/c4bfd7bc85e0f8c939262ec12effa51b_210x150.jpg?v=1667334513
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 12c187b803479c578230e20004e66c0def183755bb4701a9aaef42ccec8b13f4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:04 GMT
last-modified: Tue, 01 Nov 2022 20:28:35 GMT
server: nginx
etag: "6a5fc768e8e918c744ae0d05511bfc13"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 7709
x-1p1-cdn: REVALIDATED; Thu, 01 Dec 2022 22:48:26 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 e0b7b3b8339faa504acf5a3784e13445_210x150.jpg
images.1plus1.ua/uploads/articles/001/182/145/ 10 KB
11 KB 376ms
149ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/182/145/e0b7b3b8339faa504acf5a3784e13445_210x150.jpg?v=1669718203
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: eef8d0bfe9f8f5901665527a9ff12cf1717de3687006bf7e493b8d7bf1f1eafe

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:04 GMT
last-modified: Tue, 29 Nov 2022 10:36:45 GMT
server: nginx
etag: "7b79b56cdde410fdd70cf2e1d46c822a"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 10574
x-1p1-cdn: HIT; Thu, 01 Dec 2022 22:48:31 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 a7665628167514c49ca97af650db2ac5_210x150.jpg
images.1plus1.ua/uploads/articles/001/184/215/ 7 KB
7 KB 604ms
378ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/184/215/a7665628167514c49ca97af650db2ac5_210x150.jpg?v=1669729892
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 52e64c7e4a446c316d0e0e986ee9ba149fb9994785ac610ec7499cb49202e889

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:04 GMT
last-modified: Tue, 29 Nov 2022 13:51:35 GMT
server: nginx
etag: "268b1a7083ea7ae7f3a3ef14e62f7809"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 7128
x-1p1-cdn: HIT; Thu, 01 Dec 2022 22:52:49 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fc7f48639d70978393eace78e715d747_210x150.jpg
images.1plus1.ua/uploads/articles/001/182/235/ 10 KB
10 KB 846ms
619ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/182/235/fc7f48639d70978393eace78e715d747_210x150.jpg?v=1669718268
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: b6a7e017d6531568e10980ab7baa2494d885f6bfea20d9ff62f2350fecb0e96e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:05 GMT
last-modified: Tue, 29 Nov 2022 10:37:51 GMT
server: nginx
etag: "6487019feab1fc20749f5f3afb736abb"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 9828
x-1p1-cdn: REVALIDATED; Thu, 01 Dec 2022 22:48:32 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 e44af3db28865803afba4f73ed543228_210x150.jpg
images.1plus1.ua/uploads/articles/001/186/567/ 5 KB
5 KB 606ms
380ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/186/567/e44af3db28865803afba4f73ed543228_210x150.jpg?v=1669898295
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 6a7ef4d4e73e9f6efd594c826a571a6ba25c1d6db24ced0373ad8c4e5d238704

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:04 GMT
last-modified: Thu, 01 Dec 2022 12:38:18 GMT
server: nginx
etag: "97d0fcc7864aed7793b44b85c9da5c52"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 5141
x-1p1-cdn: HIT; Thu, 01 Dec 2022 22:48:28 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 309d4bab1c15aece7d43712ea51540c3_210x150.jpg
images.1plus1.ua/uploads/articles/001/186/114/ 9 KB
9 KB 604ms
377ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/186/114/309d4bab1c15aece7d43712ea51540c3_210x150.jpg?v=1669886807
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: b7c5240740768ec6e6a43987cf208d461e3810f7be185eedf4663a793abb8050

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:04 GMT
last-modified: Thu, 01 Dec 2022 09:45:36 GMT
server: nginx
etag: "659db861aa8dbbdb0e1059617ab76c6f"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 9272
x-1p1-cdn: HIT; Thu, 01 Dec 2022 22:48:30 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 f5b9b8d9cdca31c4c0706759a3586545_210x150.png
images.1plus1.ua/uploads/articles/001/187/806/ 19 KB
19 KB 606ms
380ms Image
image/png 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/187/806/f5b9b8d9cdca31c4c0706759a3586545_210x150.png?v=1669910013
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: c7a6112e212afca9a176ac517561580f6de5d11b451ff6e599864a9d95959845

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:04 GMT
last-modified: Thu, 01 Dec 2022 15:53:34 GMT
server: nginx
etag: "b234758e99f6983f2089e9b166db2a01"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 18946
x-1p1-cdn: HIT; Thu, 01 Dec 2022 22:52:49 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 771238924c8abe1cbad072c2b4600acc_210x150.jpg
images.1plus1.ua/uploads/articles/001/187/626/ 4 KB
4 KB 377ms
150ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/187/626/771238924c8abe1cbad072c2b4600acc_210x150.jpg?v=1669907564
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: ace0b9c0aef69c0ec0c632381a21d9424c40efc9ff1c0f57aa819a7f3ddc281a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:04 GMT
last-modified: Thu, 01 Dec 2022 15:12:45 GMT
server: nginx
etag: "4df173028ef716934b7a72e2c0c1ace9"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 3772
x-1p1-cdn: HIT; Thu, 01 Dec 2022 22:48:31 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 09a77907f2aa197f762f57586883c09f_210x150.jpg
images.1plus1.ua/uploads/articles/001/187/446/ 7 KB
8 KB 607ms
381ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/187/446/09a77907f2aa197f762f57586883c09f_210x150.jpg?v=1669904091
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 3da7aaa6de24315ac994187cff4bea9a3683d0e11fd0e1942f6ba7c1734371b2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:04 GMT
last-modified: Thu, 01 Dec 2022 14:14:53 GMT
server: nginx
etag: "b51923be789627523bc59c379527779f"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 7661
x-1p1-cdn: HIT; Thu, 01 Dec 2022 22:52:49 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 a93fbca7f0b0a2df885ab9daa07e9ca1_210x150.png
images.1plus1.ua/uploads/articles/001/187/347/ 53 KB
53 KB 605ms
378ms Image
image/png 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/187/347/a93fbca7f0b0a2df885ab9daa07e9ca1_210x150.png?v=1669902537
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: b026f1f9d66dcd8e5f63e9a0956d454197dd503454c9c4ffb5b5189e2ea20a3e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:04 GMT
last-modified: Thu, 01 Dec 2022 13:48:57 GMT
server: nginx
etag: "bf4725dd073966a4f313e3eab9905dfa"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 53876
x-1p1-cdn: HIT; Thu, 01 Dec 2022 22:52:49 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 146 KB
52 KB 157ms
61ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PWKM5Z

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e74d4841fe9f943f39974ca92cdeeb4ce3a0f1933b9bae31191d5113055f11a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52432
x-xss-protection: 0
last-modified: Fri, 02 Dec 2022 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 02 Dec 2022 00:25:04 GMT

GET
H/1.1 200
OK app.js Show response
1plus1.ua/build/js/ 315 KB
112 KB 82ms
82ms Script
application/javascript 195.137.240.80
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://1plus1.ua/build/js/app.js?id=ff35a9d53833cf45c98e
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.80 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front02.1plus1.ua
Software: nginx /
Resource Hash: 3fdf445b8cfc96cac2dc15cf848136734465e421404c4af45aa2edf8aac271e1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 00:25:04 GMT
Content-Encoding: gzip
Last-Modified: Thu, 20 Jan 2022 11:37:07 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=604800
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Fri, 09 Dec 2022 00:25:04 GMT

GET
H/1.1 200
OK l.js Show response
api.1plus1.video/u/ 895 B
2 KB 364ms
94ms Script
application/javascript 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.1plus1.video/u/l.js?p=&l=ua&f=0&auth=1&login_profile=1
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: a96c4d26f0a407e7287c2db1557b084ecfab703553d60a4f8980f711a5632750

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 00:25:04 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: https://1plus1.ua
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 wrapper_hb_298309_4139.js Show response
player.adtelligent.com/prebid/ 2 KB
1 KB 134ms
38ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/prebid/wrapper_hb_298309_4139.js?cb=19328
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1d09013d3a41d98fb51611338090332b2513522dde37404c17e1c809878e97f3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires: Sun, 04 Dec 2022 00:25:04 GMT
date: Fri, 02 Dec 2022 00:25:04 GMT
content-encoding: gzip
last-modified: Thu, 01 Dec 2022 10:43:34 GMT
server: nginx
etag: W/"63888556-6c4"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=172800
x-proxy-cache: HIT

GET
H2 200 piwik.js Show response
assay.1plus1.ua/ 57 KB
23 KB 278ms
81ms Script
application/javascript 195.137.240.12
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL

https://assay.1plus1.ua/piwik.js

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

195.137.240.12 , Ukraine, ASN29389 (ASN-UNIAN, UA),

Reverse DNS

assay.1plus1.ua

Software

nginx /

Resource Hash

714576ef1d7b58980b7658ae9b8b4d74a223fba87934dc442db4098873e179a3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:04 GMT
content-encoding: gzip
last-modified: Tue, 08 Jan 2019 00:15:41 GMT
server: nginx
etag: W/"5c33ebad-e3b1"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 loader2.js Show response
cdn.admixer.net/scripts3/ 176 KB
55 KB 592ms
136ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/loader2.js
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 7728946db189aa5afd0b17d585fd24521909793a688ec2ef72c019a8bf92dc97

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc16
date: Fri, 02 Dec 2022 00:25:05 GMT
content-encoding: gzip
last-modified: Thu, 17 Nov 2022 09:22:42 GMT
server: nginx
etag: W/"6375fd62-2c101"
x-cached-since: 2022-12-02T00:21:32+00:00
content-type: application/javascript
cache-control: max-age=600
cache: HIT
expires: Thu, 17 Nov 2022 09:34:09 GMT

GET
H2 200 hotjar-1437498.js Show response
static.hotjar.com/c/ 7 KB
3 KB 174ms
48ms Script
application/javascript 13.225.78.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1437498.js?sv=6

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.14 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-14.fra2.r.cloudfront.net

Software

Resource Hash

08ca7467e21f1525635305d4048e0d9054b9d26b7c72ac9de64b01a66e57e0da

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:24:38 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 91ba7c34719cd9c69e0357c149b94b90.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 26
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/caafae0d8e2ce3160cbf148e6c93ab38
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
x-amz-cf-id: D1EUUMOBy3laZnDg5OLpG1oX-vXqNhz2yL5OSXnHffXh87G5wQH-ng==

GET
H/1.1 200
OK 1plus1_2020-Bold.woff2
1plus1.ua/build/fonts/ 40 KB
40 KB 79ms
78ms Font
font/woff2 195.137.240.80
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://1plus1.ua/build/fonts/1plus1_2020-Bold.woff2?162ea61293c1251c9d38ebfbb41955e8
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/build/css/desktop.css?id=c39a6fec71f6f36b6aef
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.80 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front02.1plus1.ua
Software: nginx /
Resource Hash: f7d679ac3eacbeb4ab5801b3f1dd63d710fad1c3d44440be04f102adb53a6bcb

Request headers

Referer: https://1plus1.ua/build/css/desktop.css?id=c39a6fec71f6f36b6aef
Origin: https://1plus1.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 00:25:04 GMT
Last-Modified: Tue, 12 Oct 2021 22:31:59 GMT
Server: nginx
Content-Type: font/woff2
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 40500
Expires: Fri, 09 Dec 2022 00:25:04 GMT

GET
H/1.1 200
OK 1plus1_2020-Regular.woff2
1plus1.ua/build/fonts/ 38 KB
39 KB 164ms
163ms Font
font/woff2 195.137.240.80
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://1plus1.ua/build/fonts/1plus1_2020-Regular.woff2?90bfe5ae3558a09fc8e59e35be273ed8
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/build/css/desktop.css?id=c39a6fec71f6f36b6aef
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.80 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front02.1plus1.ua
Software: nginx /
Resource Hash: fa1e91b87103157f908a9ee3b3c0eab74ab3c71026f7538071c715a009f73b7a

Request headers

Referer: https://1plus1.ua/build/css/desktop.css?id=c39a6fec71f6f36b6aef
Origin: https://1plus1.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 00:25:04 GMT
Last-Modified: Tue, 12 Oct 2021 22:31:59 GMT
Server: nginx
Content-Type: font/woff2
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 39364
Expires: Fri, 09 Dec 2022 00:25:04 GMT

GET
H/1.1 200
OK 1plus1_2020-Light.woff2
1plus1.ua/build/fonts/ 40 KB
40 KB 151ms
78ms Font
font/woff2 195.137.240.80
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://1plus1.ua/build/fonts/1plus1_2020-Light.woff2?cfb0332de68c76eefb11f8e7b649bf5b
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/build/css/desktop.css?id=c39a6fec71f6f36b6aef
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.80 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front02.1plus1.ua
Software: nginx /
Resource Hash: ff3ae49d160812d67552eddd8cde0a5b4bae37c20ebdcf47784a74f6f23be809

Request headers

Referer: https://1plus1.ua/build/css/desktop.css?id=c39a6fec71f6f36b6aef
Origin: https://1plus1.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 00:25:04 GMT
Last-Modified: Tue, 12 Oct 2021 22:31:59 GMT
Server: nginx
Content-Type: font/woff2
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 40576
Expires: Fri, 09 Dec 2022 00:25:04 GMT

GET
H/1.1 200
OK dancingStars__slide.jpg
1plus1.ua/build/images/ 33 KB
34 KB 312ms
153ms Image
image/jpeg 195.137.240.80
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1plus1.ua/build/images/dancingStars__slide.jpg?c8c69a3b3ba47ad12f574e642cd8ff97
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/build/css/desktop.css?id=c39a6fec71f6f36b6aef
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.80 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front02.1plus1.ua
Software: nginx /
Resource Hash: 77639b450a3179e657341017374b6b46eaa79cf1e02cd816c53feb97db03bf6c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/build/css/desktop.css?id=c39a6fec71f6f36b6aef
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 00:25:04 GMT
Last-Modified: Tue, 09 Nov 2021 09:53:25 GMT
Server: nginx
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 34003
Expires: Fri, 09 Dec 2022 00:25:04 GMT

GET
H/1.1 200
OK 1plus1_2020-RegularOblique.woff2
1plus1.ua/build/fonts/ 43 KB
43 KB 212ms
78ms Font
font/woff2 195.137.240.80
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://1plus1.ua/build/fonts/1plus1_2020-RegularOblique.woff2?c64da9994c0baf83a13910fe8cea8652
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/build/css/desktop.css?id=c39a6fec71f6f36b6aef
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.80 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front02.1plus1.ua
Software: nginx /
Resource Hash: 67318e1c9ea0047b035276d21690ea657f781686c5fb857f4f80ba1084ea3671

Request headers

Referer: https://1plus1.ua/build/css/desktop.css?id=c39a6fec71f6f36b6aef
Origin: https://1plus1.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 00:25:04 GMT
Last-Modified: Tue, 12 Oct 2021 22:31:59 GMT
Server: nginx
Content-Type: font/woff2
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 43528
Expires: Fri, 09 Dec 2022 00:25:04 GMT

GET
H/1.1 200
OK 1plus1_2020-Black.woff2
1plus1.ua/build/fonts/ 38 KB
38 KB 286ms
152ms Font
font/woff2 195.137.240.80
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://1plus1.ua/build/fonts/1plus1_2020-Black.woff2?7d9bb787c86f7fe8b7258cdeee70c3bd
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/build/css/desktop.css?id=c39a6fec71f6f36b6aef
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.80 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front02.1plus1.ua
Software: nginx /
Resource Hash: fb28e529eb48422c4f3150357d137cfa2fba6055291e5e75ad8239da66074888

Request headers

Referer: https://1plus1.ua/build/css/desktop.css?id=c39a6fec71f6f36b6aef
Origin: https://1plus1.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 00:25:04 GMT
Last-Modified: Tue, 12 Oct 2021 22:31:59 GMT
Server: nginx
Content-Type: font/woff2
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 38848
Expires: Fri, 09 Dec 2022 00:25:04 GMT

GET
H2 200 f5b9b8d9cdca31c4c0706759a3586545_770x420.png
images.1plus1.ua/uploads/articles/001/187/806/ 139 KB
140 KB 663ms
451ms Image
image/png 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/187/806/f5b9b8d9cdca31c4c0706759a3586545_770x420.png?v=1669910014
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 0830582068d5a42acc0dc534f7ad55138e0881454a96bfd3385ab75da0654cdc

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:04 GMT
last-modified: Thu, 01 Dec 2022 15:53:34 GMT
server: nginx
etag: "cfe611dc8882a7b12f21c8f133d00caa"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 142637
x-1p1-cdn: HIT; Thu, 01 Dec 2022 22:52:49 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 771238924c8abe1cbad072c2b4600acc_490x1050.jpg
images.1plus1.ua/uploads/articles/001/187/626/ 57 KB
57 KB 594ms
381ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/187/626/771238924c8abe1cbad072c2b4600acc_490x1050.jpg?v=1669907565
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: d0d6975975d297c9ac0463058ff449eaffdeb53e74dbafa250d0731016885a8f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:04 GMT
last-modified: Thu, 01 Dec 2022 15:15:01 GMT
server: nginx
etag: "15dc22bbc57152f39b85947aada39567"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 58004
x-1p1-cdn: HIT; Thu, 01 Dec 2022 22:48:36 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 09a77907f2aa197f762f57586883c09f_770x420.jpg
images.1plus1.ua/uploads/articles/001/187/446/ 40 KB
40 KB 666ms
454ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/187/446/09a77907f2aa197f762f57586883c09f_770x420.jpg?v=1669904096
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 90af1b8239e522439c1c988738f98deaf230e9471fca97553c2bb175ccd45971

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:04 GMT
last-modified: Thu, 01 Dec 2022 14:14:58 GMT
server: nginx
etag: "d9876a957adbfd4bacaec57803cfd079"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 40799
x-1p1-cdn: HIT; Thu, 01 Dec 2022 22:52:49 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 a7665628167514c49ca97af650db2ac5_770x420.jpg
images.1plus1.ua/uploads/articles/001/184/215/ 42 KB
42 KB 665ms
453ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/184/215/a7665628167514c49ca97af650db2ac5_770x420.jpg?v=1669729899
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: cd66e57a46fc971d0a0325d01248012669c1388ab1dc6b7ffa3ca968a9769a94

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:04 GMT
last-modified: Tue, 29 Nov 2022 13:51:42 GMT
server: nginx
etag: "d7d288deeb462ede9f4d5c575667fd48"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 42782
x-1p1-cdn: HIT; Thu, 01 Dec 2022 22:48:35 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 2a9b9ae8c1874a906d0bcb255fa74b7b_490x1050.jpg
images.1plus1.ua/uploads/articles/000/963/235/ 66 KB
67 KB 487ms
486ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/000/963/235/2a9b9ae8c1874a906d0bcb255fa74b7b_490x1050.jpg?v=1652181813
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 5a4bf6765c70fc79d4a77d75bbd839f0054209a82412b838a05b070141ef0889

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:05 GMT
last-modified: Tue, 10 May 2022 11:23:34 GMT
server: nginx
etag: "fc7e2658bd1f9868a872f0295e5ecce9"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 67985
x-1p1-cdn: REVALIDATED; Thu, 01 Dec 2022 23:30:54 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 b634e95cb4e072767b2c9faaa2728477_350x350.jpg
images.1plus1.ua/uploads/articles/000/859/720/ 13 KB
14 KB 495ms
494ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/000/859/720/b634e95cb4e072767b2c9faaa2728477_350x350.jpg?v=1645456207
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 8a224f5666106a0d1c78951d4dfb964ab63183d044119a68404f7c01c19f951d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:05 GMT
last-modified: Mon, 21 Feb 2022 15:10:07 GMT
server: nginx
etag: "b9d33f76e570821d980e3a7595b7f15a"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 13745
x-1p1-cdn: REVALIDATED; Thu, 01 Dec 2022 23:30:54 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 3ef0edcf9a05d7422edf32bfc5510bc4_350x350.jpg
images.1plus1.ua/uploads/articles/000/841/054/ 13 KB
13 KB 487ms
486ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/000/841/054/3ef0edcf9a05d7422edf32bfc5510bc4_350x350.jpg?v=1644229512
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: f1f3fd397b3a2fe331f7c691c53f0b577d2cbd2398b84e4c3fc8fcb653570a2a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:05 GMT
last-modified: Mon, 07 Feb 2022 10:25:12 GMT
server: nginx
etag: "1e490b3e02de4533a0e0d3577347d4e7"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 13088
x-1p1-cdn: REVALIDATED; Thu, 01 Dec 2022 23:30:54 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 96fb4455b12c0e0bfb8c5cee42aea643_350x350.jpg
images.1plus1.ua/uploads/articles/000/841/327/ 24 KB
25 KB 414ms
414ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/000/841/327/96fb4455b12c0e0bfb8c5cee42aea643_350x350.jpg?v=1644239449
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: ce7c4b304c61ab6f6bc5bc4d333177a66061d1b84c6ee3b0b322ec360f65dcc4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:04 GMT
last-modified: Mon, 07 Feb 2022 13:10:49 GMT
server: nginx
etag: "3b63edeebc085c7329eb132a56399239"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 25029
x-1p1-cdn: HIT; Fri, 02 Dec 2022 00:09:02 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 d1734693cb79dbe3fefcf84fba0c63f0_350x350.jpg
images.1plus1.ua/uploads/articles/000/840/793/ 29 KB
29 KB 415ms
414ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/000/840/793/d1734693cb79dbe3fefcf84fba0c63f0_350x350.jpg?v=1644225067
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 16aec55d227d15b95ca9a2297e928565f7563468e81b0f92cfaff43c2aede381

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:04 GMT
last-modified: Mon, 07 Feb 2022 09:11:08 GMT
server: nginx
etag: "a679dc9f06348d06073cc07e617ecdc8"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 29355
x-1p1-cdn: HIT; Fri, 02 Dec 2022 00:09:02 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 10c087244f4c6e30bfb2f60aff192542_140x140.jpg
images.1plus1.ua/uploads/articles/000/861/010/ 4 KB
4 KB 415ms
415ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/000/861/010/10c087244f4c6e30bfb2f60aff192542_140x140.jpg?v=1645539114
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: d807c12f029f4df6967f2f082f63eee8013a45f2125c9201b368bb4bb37f9361

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:04 GMT
last-modified: Tue, 22 Feb 2022 14:11:56 GMT
server: nginx
etag: "f4a4cdc50a9738d9bf7bef45569acf60"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 3652
x-1p1-cdn: HIT; Fri, 02 Dec 2022 00:09:04 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 9da3f01e570b8a62d591bb08b3891fd5_140x140.png
images.1plus1.ua/uploads/articles/001/133/830/ 24 KB
24 KB 416ms
415ms Image
image/png 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/133/830/9da3f01e570b8a62d591bb08b3891fd5_140x140.png?v=1666378682
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 92041182fcc3c5360775d050db26696d325f66110658bcf563a4d1046ba0125f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:04 GMT
last-modified: Fri, 21 Oct 2022 18:58:02 GMT
server: nginx
etag: "464c857a9953e9f8e069a81472c26686"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 24216
x-1p1-cdn: HIT; Fri, 02 Dec 2022 00:09:14 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 3c1e1d9fce7e48a3524cbcf47dad1346_140x140.jpg
images.1plus1.ua/uploads/articles/001/097/878/ 4 KB
4 KB 416ms
416ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/097/878/3c1e1d9fce7e48a3524cbcf47dad1346_140x140.jpg?v=1663315728
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 47548feea43cf88831b574cabfc5b7df371388a1e78856f9fb7ed81de4676d22

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:04 GMT
last-modified: Fri, 16 Sep 2022 08:08:48 GMT
server: nginx
etag: "b4913e8e033cc5b9ac53b225d1b3edba"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 3766
x-1p1-cdn: HIT; Fri, 02 Dec 2022 00:09:14 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 f8e670099b35be64983f9897f4e6bdb6_140x140.jpg
images.1plus1.ua/uploads/articles/001/037/671/ 5 KB
5 KB 417ms
416ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/037/671/f8e670099b35be64983f9897f4e6bdb6_140x140.jpg?v=1657801679
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 4596b3d166f6e8609c22c2c710e14944bf6dfdf65b6eb8f8e3106628d390385a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:04 GMT
last-modified: Thu, 14 Jul 2022 12:27:59 GMT
server: nginx
etag: "fa8d98c12377f81bc679bc80f4f69816"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 4707
x-1p1-cdn: HIT; Fri, 02 Dec 2022 00:09:16 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 e0986beb47e21ded981cc0f92685e782_140x140.jpg
images.1plus1.ua/uploads/articles/001/029/724/ 5 KB
5 KB 417ms
416ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/029/724/e0986beb47e21ded981cc0f92685e782_140x140.jpg?v=1657181867
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 3b0464081ea585a89a02303644ebb231f4cbf5ce95d349a3fcd277b15acbe9f6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:04 GMT
last-modified: Thu, 07 Jul 2022 08:17:48 GMT
server: nginx
etag: "97395a5ea5b286a352afe6c2cef41eef"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 5025
x-1p1-cdn: HIT; Fri, 02 Dec 2022 00:09:16 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 92d3195f325a4d45ee303ab9d892d5b3.190x105.jpg
images.1plus1.video/card-5/E2fzXbha/ 13 KB
13 KB 436ms
180ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/card-5/E2fzXbha/92d3195f325a4d45ee303ab9d892d5b3.190x105.jpg
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 18490029527d0166564d08d77d15347f5c7604cb916606860eb0bf458565ba9f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:05 GMT
last-modified: Tue, 15 Jun 2021 14:24:39 GMT
server: nginx
etag: "a87fa4df91a2dc0e28d9c245f9b31a56"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 13066
x-1p1-cdn: BYPASS; Fri, 02 Dec 2022 00:25:05 GMT
expires: Fri, 09 Dec 2022 00:25:05 GMT

GET
H2 200 9fef5ac5c02b786d294d1ec518d81257.190x105.jpg
images.1plus1.video/card-5/IRHSLdka/ 11 KB
12 KB 489ms
255ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/card-5/IRHSLdka/9fef5ac5c02b786d294d1ec518d81257.190x105.jpg
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 8f9e71ad37578a2db5a8e702ba31316a65dc3f36b2883198adab4d8261631483

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:05 GMT
last-modified: Tue, 15 Jun 2021 14:24:45 GMT
server: nginx
etag: "2e74435d3edf5310a445de62177853fb"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 11649
x-1p1-cdn: BYPASS; Fri, 02 Dec 2022 00:25:05 GMT
expires: Fri, 09 Dec 2022 00:25:05 GMT

GET
H2 200 9a92952634e23723a23e420e15b6f09d.190x105.jpg
images.1plus1.video/card-5/NCkBenm2/ 9 KB
9 KB 451ms
257ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/card-5/NCkBenm2/9a92952634e23723a23e420e15b6f09d.190x105.jpg
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 0fc2fc5d88d357fa83957e664039e6a19588081e55a215d8d077eed82d43beba

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:05 GMT
last-modified: Tue, 01 Jun 2021 10:56:33 GMT
server: nginx
etag: "5df517d83b1757de3cf407fdcd55b5a0"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 9392
x-1p1-cdn: BYPASS; Fri, 02 Dec 2022 00:25:05 GMT
expires: Fri, 09 Dec 2022 00:25:05 GMT

GET
H2 200 9556af606060a6b58f92630ea068995e.190x105.jpg
images.1plus1.video/card-5/hu7lAxSR/ 8 KB
8 KB 373ms
180ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/card-5/hu7lAxSR/9556af606060a6b58f92630ea068995e.190x105.jpg
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: f98c3b183a8834fa2303d8c358f62cc42785540dec4bcca3bf682dcd893874bb

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:05 GMT
last-modified: Tue, 01 Jun 2021 10:56:41 GMT
server: nginx
etag: "7ea4a7d31c835975e1e8be8db6f4f88c"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 8104
x-1p1-cdn: BYPASS; Fri, 02 Dec 2022 00:25:05 GMT
expires: Fri, 09 Dec 2022 00:25:05 GMT

GET
H2 200 1eda3950d64f35c64203c53fd9a9a786.190x105.jpg
images.1plus1.video/card-5/lCJAkGEa/ 10 KB
10 KB 343ms
150ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/card-5/lCJAkGEa/1eda3950d64f35c64203c53fd9a9a786.190x105.jpg
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 851ab1d0997cc0dd8c000ccb7d04106aafa3d5586dd097a74a0805301b8ec95d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:05 GMT
last-modified: Tue, 01 Jun 2021 10:56:28 GMT
server: nginx
etag: "c134988e94035ff0ee6cd435dde2c1e3"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 10297
x-1p1-cdn: BYPASS; Fri, 02 Dec 2022 00:25:05 GMT
expires: Fri, 09 Dec 2022 00:25:05 GMT

GET
H/1.1 200
OK E2fzXbha Show response
1plus1.video/video/embed/ Frame 2C8F 11 KB
6 KB 138ms
138ms Document
text/html 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://1plus1.video/video/embed/E2fzXbha?l=ua
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: d29861a86dc9d4d402d18daaeb2240ae671255778f7e7a86b559be20483b9726

Request headers

Referer: https://1plus1.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Fri, 02 Dec 2022 00:25:04 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=15
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H2 200 67ef2c0a9501097cb8734adaa072d19e.190x105.jpg
images.1plus1.video/card-6/H24ZH9Ea/ 8 KB
8 KB 438ms
256ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/card-6/H24ZH9Ea/67ef2c0a9501097cb8734adaa072d19e.190x105.jpg
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 3c0a3a7c452a54fef2cf13d365b259877a30895a6495b92bdd747a765d983595

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:05 GMT
last-modified: Sun, 20 Nov 2022 17:49:35 GMT
server: nginx
etag: "7bedbed17cc394286ff6c53a55990abd"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 8225
x-1p1-cdn: BYPASS; Fri, 02 Dec 2022 00:25:05 GMT
expires: Fri, 09 Dec 2022 00:25:05 GMT

GET
H2 200 8a1dfef22d38e392bd33f49cd92b4ff8.190x105.jpg
images.1plus1.video/card-6/7Rzm5epa/ 12 KB
12 KB 292ms
290ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/card-6/7Rzm5epa/8a1dfef22d38e392bd33f49cd92b4ff8.190x105.jpg
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 3e6ccae9d716d8a587a510818fc99653fcea5dded95f47782b61c76c7a4dabd5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:05 GMT
last-modified: Sun, 20 Nov 2022 23:29:17 GMT
server: nginx
etag: "c4a1cb238e31b57d2af48d9395a4884c"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 12410
x-1p1-cdn: BYPASS; Fri, 02 Dec 2022 00:25:05 GMT
expires: Fri, 09 Dec 2022 00:25:05 GMT

GET
H2 200 48d74967a7fb54c2cf6df7b12a0eea49.190x105.jpg
images.1plus1.video/card-6/H2qwlKg2/ 12 KB
12 KB 215ms
214ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/card-6/H2qwlKg2/48d74967a7fb54c2cf6df7b12a0eea49.190x105.jpg
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 24e7aea27b4dff26bf745dbf3d8e68b4c27d0846008401b71796c2c2154a73bc

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:05 GMT
last-modified: Sun, 13 Nov 2022 22:09:28 GMT
server: nginx
etag: "676129690e350c99dd82262fd7a37475"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 12406
x-1p1-cdn: BYPASS; Fri, 02 Dec 2022 00:25:05 GMT
expires: Fri, 09 Dec 2022 00:25:05 GMT

GET
H2 200 bce09c7680e988dc8b9128d629f32bb7.190x105.jpg
images.1plus1.video/card-6/HaqwFoSa/ 12 KB
12 KB 292ms
291ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/card-6/HaqwFoSa/bce09c7680e988dc8b9128d629f32bb7.190x105.jpg
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 8fe0fdb2b9207a73e3ef2838107287c40fbe1257c485a07e7f9af8207c23ad24

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:05 GMT
last-modified: Sun, 06 Nov 2022 22:30:31 GMT
server: nginx
etag: "d7474b89ade683c29fcb70630ec3191f"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 12433
x-1p1-cdn: BYPASS; Fri, 02 Dec 2022 00:25:05 GMT
expires: Fri, 09 Dec 2022 00:25:05 GMT

GET
H2 200 9476628aa8f3aec77169149edb23192d.190x105.jpg
images.1plus1.video/card-6/oRGs5fDC/ 12 KB
12 KB 292ms
291ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/card-6/oRGs5fDC/9476628aa8f3aec77169149edb23192d.190x105.jpg
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: d6b49756d33011a4890d6987aa02c915e192b7b241627bb179fb38154aa6f963

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:05 GMT
last-modified: Sun, 30 Oct 2022 19:17:52 GMT
server: nginx
etag: "cbc9b8fe7616565197c3780b28c5ed67"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 12419
x-1p1-cdn: BYPASS; Fri, 02 Dec 2022 00:25:05 GMT
expires: Fri, 09 Dec 2022 00:25:05 GMT

GET
H2 200 52e43f15d2888e2bea1a412d1f3df3f4_755x500.jpg
images.1plus1.ua/uploads/gallery/000/861/427/ 34 KB
34 KB 398ms
397ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/gallery/000/861/427/52e43f15d2888e2bea1a412d1f3df3f4_755x500.jpg?v=1645557790
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 1a1cbd003f02f0c1712e6de047260a8897034a6966acd5cccf3472fd1637ffb3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:04 GMT
last-modified: Tue, 22 Feb 2022 19:23:10 GMT
server: nginx
etag: "83a5e65aa6e0b9abe0e1d35df7ad25b8"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 35041
x-1p1-cdn: HIT; Thu, 01 Dec 2022 23:53:59 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 240de918a00b0e609c0e7b5c81bbf561_755x500.jpg
images.1plus1.ua/uploads/gallery/001/079/440/ 47 KB
47 KB 398ms
397ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/gallery/001/079/440/240de918a00b0e609c0e7b5c81bbf561_755x500.jpg?v=1661864391
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: cde44a1b2c04c5994bfc3e877d8ddc4ab44760347955af9c8fd370b10bea35a0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:04 GMT
last-modified: Wed, 24 Aug 2022 13:50:30 GMT
server: nginx
etag: "9744b481d651c3f3984cba0f7a3e6af8"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 48053
x-1p1-cdn: HIT; Thu, 01 Dec 2022 23:53:59 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 3b2dafe0170389d730ee64edf0bc44c0_755x500.png
images.1plus1.ua/uploads/gallery/001/079/449/ 487 KB
487 KB 476ms
475ms Image
image/png 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/gallery/001/079/449/3b2dafe0170389d730ee64edf0bc44c0_755x500.png?v=1661864454
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: d3031ee72a364aeaffd991044ce55281db1a614ef5fb84ec49fa991e9b547ca8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:05 GMT
last-modified: Wed, 24 Aug 2022 13:51:32 GMT
server: nginx
etag: "2b6d874276e6f9a3ad3348d97c110928"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 498264
x-1p1-cdn: REVALIDATED; Thu, 01 Dec 2022 22:52:49 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 8fbf1d1fdc445434595ab6c4eb997491_755x500.jpg
images.1plus1.ua/uploads/gallery/001/079/413/ 57 KB
57 KB 465ms
464ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/gallery/001/079/413/8fbf1d1fdc445434595ab6c4eb997491_755x500.jpg?v=1661864350
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: bda7622ec772fb96ea5b3200a730601a3f51749850cf93d0030acaac24f7e729

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:05 GMT
last-modified: Wed, 24 Aug 2022 13:47:57 GMT
server: nginx
etag: "7ca762a988131f5bcbcf50a820b85dc4"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 58142
x-1p1-cdn: REVALIDATED; Thu, 01 Dec 2022 23:53:59 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 2cb1a102d69eac6570896b3c56145979_755x500.jpg
images.1plus1.ua/uploads/gallery/001/079/431/ 40 KB
41 KB 474ms
473ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/gallery/001/079/431/2cb1a102d69eac6570896b3c56145979_755x500.jpg?v=1661864431
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 70b59bb9497e5e0c1e576f5efc2048b1135d82312ac4a023b82f5d93d06a0451

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:05 GMT
last-modified: Wed, 24 Aug 2022 13:49:58 GMT
server: nginx
etag: "8a5cbe7c5cff07959609f169fdd6dfe6"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 41463
x-1p1-cdn: REVALIDATED; Thu, 01 Dec 2022 23:53:59 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 337329a5e3fec02712e8d60b21e1412b_755x500.jpg
images.1plus1.ua/uploads/gallery/000/860/641/ 30 KB
30 KB 475ms
474ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/gallery/000/860/641/337329a5e3fec02712e8d60b21e1412b_755x500.jpg?v=1645530002
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: abee2ab95491ef1e29b65b7c025f035fc075327c87817750d1149ed782780477

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:05 GMT
last-modified: Tue, 22 Feb 2022 11:40:02 GMT
server: nginx
etag: "cde866112b4b81b54aa1bd45cc67011d"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 30780
x-1p1-cdn: REVALIDATED; Thu, 01 Dec 2022 23:53:59 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 28171d2034538ff08ebe1197f24baf19_755x500.jpg
images.1plus1.ua/uploads/gallery/001/084/672/ 27 KB
27 KB 473ms
472ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/gallery/001/084/672/28171d2034538ff08ebe1197f24baf19_755x500.jpg?v=1661866110
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: cf78db9ae428d32c1d7f8704bd9f3a48d20f97cb961c4558fc124ca7c91730f9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:05 GMT
last-modified: Tue, 30 Aug 2022 13:28:32 GMT
server: nginx
etag: "d9d3829ea7bc2f7aab70e5ad16f7984f"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 27756
x-1p1-cdn: REVALIDATED; Thu, 01 Dec 2022 23:53:59 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 6476cab202c46a67552db7f8e6293399_755x500.jpg
images.1plus1.ua/uploads/gallery/000/860/668/ 26 KB
26 KB 472ms
471ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/gallery/000/860/668/6476cab202c46a67552db7f8e6293399_755x500.jpg?v=1645530093
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: bbb05b94711d32b94bf45db19a44a6f68bc361a1374016744bfd911dc43c4e3c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:05 GMT
last-modified: Tue, 22 Feb 2022 11:41:33 GMT
server: nginx
etag: "1aa71e70bddf3967c0297a3b71f6dbc7"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 26725
x-1p1-cdn: REVALIDATED; Thu, 01 Dec 2022 23:53:59 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 xgemius.js Show response
gaua.hit.gemius.pl/ 64 KB
17 KB 195ms
62ms Script
application/x-javascript 54.37.238.28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/xgemius.js
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.37.238.28 , Poland, ASN16276 (OVH, FR),
Reverse DNS: ip28.ip-54-37-238.eu
Software: GHC /
Resource Hash: d4d4b08095d094be00aaa090c9f065a48336005f6a028c2cb170c878d2932e6e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:05 GMT
content-encoding: gzip
last-modified: Thu, 10 Nov 2022 11:36:49 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: max-age=43200
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 17204
expires: Fri, 02 Dec 2022 12:25:05 GMT

GET
H2 200 cm.js Show response
source.mmi.bemobile.ua/cm/ 52 KB
20 KB 285ms
81ms Script
application/javascript 194.247.175.38
BEMOBILE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://source.mmi.bemobile.ua/cm/cm.js
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.247.175.38 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software: nginx/1.13.0 /
Resource Hash: 5d1b56a762d63b6e9bfb8a70552ce75c1c3938c782f8d9de971ecc960836c451

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:05 GMT
content-encoding: gzip
last-modified: Wed, 06 Nov 2019 07:55:53 GMT
server: nginx/1.13.0
etag: W/"5dc27c89-d0f6"
content-type: application/javascript; charset=utf-8
cache-control: no-cache
expires: Thu, 07 Nov 2019 07:55:53 GMT

GET
H2 200 pic.gif
pa.tns-ua.com/bug/ 56 B
138 B 317ms
87ms Image
image/gif 194.247.175.19
BEMOBILE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pa.tns-ua.com/bug/pic.gif?siteid=1plus1.ua&j=1&nocache=0.8992497380269009
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.247.175.19 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software: nginx/1.13.0 /
Resource Hash: 2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:05 GMT
cache-control: no-cache
server: nginx/1.13.0
expires: -1

GET
H2 200 sdk.js Show response
connect.facebook.net/uk_UA/ 3 KB
2 KB 138ms
46ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/uk_UA/sdk.js

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f944cb5dc975f9f4234692996179e8b1d6ec838e972ab21459cda65a2a61b4af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 02 Dec 2022 00:25:05 GMT
content-md5: A+P4pCCtyJRdNrPPXx/J2w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1688
x-fb-rlafr: 0
x-fb-debug: Fr6OsYOxU8Mq7fQBMfgo91pb5Gv4R7ijEVSK/UzdLgIgZUxDALgflVgwY5IcYrVZoB+mkKOaYJj6UELdo0Einw==
x-fb-trip-id: 1679558926
x-fb-content-md5: b1a070e720afde7cb2e429c5cac0b69f
cross-origin-opener-policy: same-origin-allow-popups
etag: "0f1d779deb61a99a1b053f0335cac2d9"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 02 Dec 2022 00:25:42 GMT

GET
H2 200 hbw_master_298309_4139.js Show response
player.adtelligent.com/prebidlink/19328/ 112 KB
33 KB 55ms
54ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/prebidlink/19328/hbw_master_298309_4139.js
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebid/wrapper_hb_298309_4139.js?cb=19328
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 9cf081450e54a76adead74a3519b80707e91d7cf5c08256bbb3ac82783868517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires: Sun, 04 Dec 2022 00:25:04 GMT
date: Fri, 02 Dec 2022 00:25:04 GMT
content-encoding: gzip
last-modified: Thu, 01 Dec 2022 17:43:24 GMT
server: nginx
etag: W/"6388e7bc-1c01a"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=172800
x-proxy-cache: HIT

GET
H2 200 hb_298309_4139.js Show response
player.adtelligent.com/prebidlink/19328/ 352 KB
109 KB 101ms
101ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/prebidlink/19328/hb_298309_4139.js
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebid/wrapper_hb_298309_4139.js?cb=19328
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 866c1245aa992a1f895635f3205d94b8ac5489d00d5cff179a028818ea9a9422

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires: Sun, 04 Dec 2022 00:25:04 GMT
date: Fri, 02 Dec 2022 00:25:04 GMT
content-encoding: gzip
last-modified: Mon, 31 Oct 2022 12:05:27 GMT
server: nginx
etag: W/"635fba07-580bf"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=172800
x-proxy-cache: HIT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 80 KB
27 KB 157ms
53ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b49efd7b5ec993c650c6e20a2ef4471ff4e3803f39239c419b487e892f787954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27409
x-xss-protection: 0
server: sffe
etag: "1409 / 395 of 1000 / last-modified: 1669936012"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 02 Dec 2022 00:25:05 GMT

GET
H/1.1 200
OK ovva.0.3.0.css
1plus1.video/static/player/css/ Frame 2C8F 171 KB
26 KB 168ms
167ms Stylesheet
text/css 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://1plus1.video/static/player/css/ovva.0.3.0.css?v=704f1bf8100dcad41f29c14adca06bf8df2c5c76
Requested by: Host: 1plus1.video
URL: https://1plus1.video/video/embed/E2fzXbha?l=ua
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: 3dac64a94fcc4eae3c54f1f12824e9b82bebbec1acb3cb8b908f4ecc1f90e578

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/video/embed/E2fzXbha?l=ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 00:25:04 GMT
Content-Encoding: gzip
Last-Modified: Mon, 29 Nov 2021 13:08:40 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Sun, 01 Jan 2023 00:24:23 GMT

GET
H/1.1 200
OK ovva.0.3.0.js Show response
1plus1.video/static/player/js/ Frame 2C8F 198 KB
69 KB 329ms
164ms Script
application/javascript 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=704f1bf8100dcad41f29c14adca06bf8df2c5c76
Requested by: Host: 1plus1.video
URL: https://1plus1.video/video/embed/E2fzXbha?l=ua
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: 517d4417f1918881abb8b87e7be918ca95b9eb50de3a5ef4a46e2e39626aba7b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/video/embed/E2fzXbha?l=ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 00:25:05 GMT
Content-Encoding: gzip
Last-Modified: Wed, 12 Jan 2022 10:01:09 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Sun, 01 Jan 2023 00:22:48 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 2C8F 109 KB
43 KB 148ms
56ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-104502981-1

Requested by

Host: 1plus1.video
URL: https://1plus1.video/video/embed/E2fzXbha?l=ua

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

852b1e2adbcc37f8bf6887291541285e1d0fa18b5c448d1cbc82b663ba7965fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:05 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43600
x-xss-protection: 0
last-modified: Fri, 02 Dec 2022 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 02 Dec 2022 00:25:05 GMT

GET
H2 200 modules.90de377b639fd5b933d2.js Show response
script.hotjar.com/ 263 KB
67 KB 161ms
50ms Script
application/javascript 13.224.189.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.90de377b639fd5b933d2.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1437498.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-42.fra2.r.cloudfront.net

Software

Resource Hash

36e764ba72de0f2e398100e2449d677b02ff15669733bf8a823f01da53af1c2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 13:37:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
age: 38879
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 68504
last-modified: Thu, 01 Dec 2022 13:36:28 GMT
etag: "8766036825574dfbddbfc197bd098f6b"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: 8Repff_c_7N4V4_yZMxjYEW92wizpjc6AmFXzD__NqhU4LKIyghaig==

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/ 354 KB
117 KB 94ms
93ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7632246187727089&plah=1plus1.ua

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e8ad1ed9aa315cd986650033dfe816eab16e05758464729b1cba116a820c52a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119172
x-xss-protection: 0
server: cafe
etag: 1719986280388044642
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 02 Dec 2022 00:25:04 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/ Frame 1E19 10 KB
5 KB 138ms
43ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1plus1.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 26639
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 01 Dec 2022 17:01:05 GMT
etag: 10353107486223812946
expires: Thu, 15 Dec 2022 17:01:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 102ms
44ms Script
text/javascript 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PWKM5Z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 02 Dec 2022 00:20:29 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 276
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Fri, 02 Dec 2022 02:20:29 GMT

GET
H/1.1 200
OK / Show response
ghb.adtelligent.com/geo/ 151 B
416 B 102ms
32ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/geo/
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19328/hbw_master_298309_4139.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: f8861dbc72f4364c06b16ee0c58bdcfa454c10e97b5a734551b1ebbd4117f061

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 00:25:04 GMT
Server: Adtelligent
Content-Type: application/json
Access-Control-Allow-Origin: https://1plus1.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 151

GET
H/1.1 200
OK tracking Show response
ghb.adtelligent.com/adunit/ 43 B
426 B 102ms
33ms XHR
image/gif 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/adunit/tracking?event=11&type=0&client_id=298309&site_id=4139&full_page_url=https%3A%2F%2F1plus1.ua%2F&adid=5rkujb.0p&features=147488&vpbv=F102&tte=129&lifecycle_tte=1336
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19328/hbw_master_298309_4139.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 00:25:04 GMT
Server: Adtelligent
Content-Type: image/gif
Access-Control-Allow-Origin: https://1plus1.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 43

GET
H/1.1 200
OK api.auth.0.0.5.js Show response
api.1plus1.video/static/js/ 108 KB
33 KB 248ms
173ms Script
application/javascript 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.1plus1.video/static/js/api.auth.0.0.5.js?v=704f1bf8100dcad41f29c14adca06bf8df2c5c76
Requested by: Host: api.1plus1.video
URL: https://api.1plus1.video/u/l.js?p=&l=ua&f=0&auth=1&login_profile=1
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: 792972a6b7f330144c0cf22b9c63f8efaff4665dfb2b43868d0cbbaff721d100

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 00:25:05 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Apr 2022 11:59:04 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Sun, 01 Jan 2023 00:24:01 GMT

GET
H2 200 box-5e66f98b4ee957db209dc6f63e3d59dd.html Show response
vars.hotjar.com/ Frame 1F69 2 KB
1 KB 148ms
46ms Document
text/html 18.66.147.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1437498.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-113.fra60.r.cloudfront.net

Software

Resource Hash

cbffce6f8642619af7ed7335e32750f7f2933765d32c113115da0710aa7deadc

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://1plus1.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 731699
cache-control: max-age=31536000
content-encoding: br
content-length: 1035
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 23 Nov 2022 13:10:06 GMT
etag: "e0652b84b7b3b650769c759fc520c3f8"
last-modified: Wed, 23 Nov 2022 13:09:18 GMT
strict-transport-security: max-age=2592000; includeSubDomains
vary: Accept-Encoding
via: 1.1 da392114e7046bd9720a70f40c796f62.cloudfront.net (CloudFront)
x-amz-cf-id: R0ESMhYLRajHyTKwx8LHviIL4D_pDduez91tGzd_OAghVrZ3LWPk1Q==
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
x-robots-tag: none

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 385 B
696 B 275ms
143ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=1plus1.ua&callback=_gfp_s_&client=ca-pub-7632246187727089&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7632246187727089&plah=1plus1.ua

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e1b22a98c373ea1ed25a67dfc1a0dc8c90e303c260bc45b9a75424b4932178bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 252
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
792 B 191ms
53ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=1plus1.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 154ms
53ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=1plus1.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 79ms
78ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2F1plus1.ua%2F&tn=DIV&cls=cookies%20open&ign=false&pw=1600&ph=1200&x=1575&y=1175

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 00:25:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 79ms
78ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2F1plus1.ua%2F&tn=HEADER&cls=header&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 00:25:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 86C1 603 B
68 B 155ms
64ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7632246187727089&output=html&adk=1812271804&adf=3025194257&lmt=1669940705&plat=1%3A16777216%2C2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2F1plus1.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669940704850&bpp=3&bdt=599&idt=175&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8386076655232&frm=20&pv=2&ga_vid=717394687.1669940705&ga_sid=1669940705&ga_hid=145733559&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774648%2C42531705%2C44774652%2C44777506%2C44770881%2C31065825&oid=2&pvsid=819107935438855&tmod=1266487736&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=193

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1plus1.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 02 Dec 2022 00:25:05 GMT
expires: Fri, 02 Dec 2022 00:25:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK csyncs Show response
ghb.adtelligent.com/ 728 B
675 B 33ms
33ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/csyncs?aid1=437381&aid2=638043
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19328/hbw_master_298309_4139.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: f55b032b8ee2ad5218d33664d54f4a90f610a860add5e3c2d66ab33327d742ed

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 00:25:04 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://1plus1.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 371

GET
H2 200 piwik.php
assay.1plus1.ua/ 43 B
145 B 86ms
86ms Image
image/gif 195.137.240.12
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assay.1plus1.ua/piwik.php?action_name=%D0%9E%D1%84%D1%96%D1%86%D1%96%D0%B9%D0%BD%D0%B8%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%D1%83%201%2B1&idsite=2&rec=1&r=904898&h=0&m=25&s=5&url=https%3A%2F%2F1plus1.ua%2F&_id=3c8e950a205689a8&_idts=1669940705&_idvc=1&_idn=0&_refts=0&_viewts=1669940705&send_image=1&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&gt_ms=231

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

195.137.240.12 , Ukraine, ASN29389 (ASN-UNIAN, UA),

Reverse DNS

assay.1plus1.ua

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:05 GMT
content-encoding: none
server: nginx
content-length: 43
x-frame-options: SAMEORIGIN
content-type: image/gif

GET
H/1.1 400
Bad Request 981e2a0ec1c40493e59b139b8db4f728.gif Show response
cs.admanmedia.com/ Frame D985 20 B
189 B 6142ms
5665ms Document
text/plain 80.77.87.163

General

Check archive.org

Show headers Download Go to

Full URL: https://cs.admanmedia.com/981e2a0ec1c40493e59b139b8db4f728.gif?puid=[UID]&redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D737612%26extuid%3D%5BUID%5D
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19328/hbw_master_298309_4139.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 80.77.87.163 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: c1e253200f916f76ff84eed9148f10f19670158475f152653d064f4c6127558d

Request headers

Referer: https://1plus1.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Connection: keep-alive
Content-Type: text/plain
Date: Fri, 02 Dec 2022 00:25:11 GMT
Server: nginx
Transfer-Encoding: chunked

GET
H2 200 getuid Show response
eb2.3lift.com/ Frame 05FE 37 B
140 B 143ms
51ms Document
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D738167%26extuid%3D%24UID
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19328/hbw_master_298309_4139.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://1plus1.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Fri, 02 Dec 2022 00:25:05 GMT

GET
H/1.1

200
OK

csync
sync.adtelligent.com/
Redirect Chain

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=2d171c45-91fe-48a7-a35a-c56388b8b76f

0
404 B

416ms
183ms

Image
text/plain

62.149.1.122
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=2d171c45-91fe-48a7-a35a-c56388b8b76f
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: HTTP/1.1
Server: 62.149.1.122 Vyshhorod, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 00:25:05 GMT
Server: Adtelligent
Etag: 72b17cf5904544ef
Content-Length: 0

Redirect headers

location: https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=2d171c45-91fe-48a7-a35a-c56388b8b76f
date: Fri, 02 Dec 2022 00:25:05 GMT
cache-control: no-store no-transform
server: nginx
content-length: 166
content-type: text/html; charset=utf-8

GET
H/1.1 204
No Content pixel
ap.lijit.com/ 0
277 B 152ms
47ms Image
text/plain 72.251.249.9
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.9 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 02 Dec 2022 00:25:05 GMT
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT

GET
H2 200 fpdata.js Show response
gaua.hit.gemius.pl/ 278 B
393 B 65ms
65ms Script
application/x-javascript 54.37.238.28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/fpdata.js?href=1plus1.ua
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.37.238.28 , Poland, ASN16276 (OVH, FR),
Reverse DNS: ip28.ip-54-37-238.eu
Software: GHC /
Resource Hash: a2c2e26f2182feabc8d2237411f57a18d1b2044f6be56dee2f8674dff604ccbb

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:05 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag: PRIVATE7520710249
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: private, max-age=2592000
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 278
expires: Sun, 01 Jan 2023 00:25:05 GMT

GET
H2 200 lsget.html Show response
ls.hit.gemius.pl/ Frame AEE3 5 KB
3 KB 199ms
64ms Document
text/html 146.59.30.104
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ls.hit.gemius.pl/lsget.html
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.30.104 , France, ASN16276 (OVH, FR),
Reverse DNS: ip104.ip-146-59-30.eu
Software: GHC /
Resource Hash: d1b3cdfe937a2b56099fd5d8533f7835bea5f096df97a0c796a16895c1a8fba4

Request headers

Referer: https://1plus1.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
accept-ranges: none
cache-control: private, max-age=2592000
content-encoding: gzip
content-length: 2719
content-type: text/html;charset=utf-8
cross-origin-resource-policy: cross-origin
date: Fri, 02 Dec 2022 00:25:05 GMT
etag: PRIVATE7520710249
expires: Sun, 01 Jan 2023 00:25:05 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
p3p: CP="NOI DSP COR NID PSAo OUR IND"
server: GHC
vary: Accept-Encoding,Origin,User-Agent

GET
H/1.1 200
OK l.js Show response
api.1plus1.video/u/ Frame 2C8F 898 B
2 KB 105ms
105ms Script
application/javascript 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.1plus1.video/u/l.js?p=128902&l=ua&f=0&auth=1&login_profile=1&_t=1669940705256
Requested by: Host: 1plus1.video
URL: https://1plus1.video/video/embed/E2fzXbha?l=ua
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: 1e2d0103e980ddf38d9edecca5828918e9bd3d6fd7d3802482649ca4395e0005

Request headers

Referer: https://1plus1.video/
Origin: https://1plus1.video
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 00:25:05 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: https://1plus1.video
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame 2C8F 134 KB
50 KB 54ms
54ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WPC3Q76

Requested by

Host: 1plus1.video
URL: https://1plus1.video/video/embed/E2fzXbha?l=ua

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

53425062f9fbcabcb35c3b527eb87b32995860addde9c6a5830b25f486798bf6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:05 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50960
x-xss-protection: 0
last-modified: Fri, 02 Dec 2022 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 02 Dec 2022 00:25:05 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 2C8F 49 KB
20 KB 112ms
32ms Script
text/javascript 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-104502981-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 02 Dec 2022 00:20:29 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 276
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Fri, 02 Dec 2022 02:20:29 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/uk_UA/ 305 KB
86 KB 94ms
46ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/uk_UA/sdk.js?hash=6a21f5477d7b00b0f9c2da7710622752

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/uk_UA/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5cb557ba0bbf7d32c030c14e975c5c67659ed9dc8b8c3a996cc71146ab563407

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://1plus1.ua/
Origin: https://1plus1.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 02 Dec 2022 00:25:05 GMT
content-md5: afUf5SWURseHfpDiapXpyw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88504
x-fb-rlafr: 0
x-fb-debug: U1LUi47ZKitLnC4SCX2swMHrIuACYcCzHpNw7yZmNa9tw/gc2XgbdU3JXA+tdyyKqhZjkVk8a6ttyqZzJYg/7g==
x-fb-content-md5: a5b3087c08f6a6e27c1d3f3332390d13
cross-origin-opener-policy: same-origin-allow-popups
etag: "693918fa902a4e7e22c0d9f8e9d52dd7"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 01 Dec 2023 22:25:31 GMT

GET
H/1.1 200
OK api.auth.0.0.5.js Show response
api.1plus1.video/static/js/ Frame 2C8F 108 KB
33 KB 265ms
171ms Script
application/javascript 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.1plus1.video/static/js/api.auth.0.0.5.js?v=704f1bf8100dcad41f29c14adca06bf8df2c5c76
Requested by: Host: api.1plus1.video
URL: https://api.1plus1.video/u/l.js?p=128902&l=ua&f=0&auth=1&login_profile=1&_t=1669940705256
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: 792972a6b7f330144c0cf22b9c63f8efaff4665dfb2b43868d0cbbaff721d100

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 00:25:05 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Apr 2022 11:59:04 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Sun, 01 Jan 2023 00:24:01 GMT

GET
H2 200 c.html Show response
cdn.admixer.net/scripts3/51428/ Frame 180E 738 B
518 B 137ms
137ms Document
text/html 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/51428/c.html?b=51428
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer: https://1plus1.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache: HIT
cache-control: max-age=31622400
content-encoding: gzip
content-type: text/html
date: Fri, 02 Dec 2022 00:25:05 GMT
etag: W/"6375fd72-2e2"
expires: Wed, 29 Nov 2023 14:29:10 GMT
last-modified: Thu, 17 Nov 2022 09:22:58 GMT
server: nginx
vary: Accept-Encoding
x-cached-since: 2022-11-28T14:29:10+00:00
x-id: fr5-up-gc16

GET
H2 200 a21031c0f6a0994b3314.b.js Show response
cdn.admixer.net/scripts3/51428/ 23 KB
8 KB 145ms
145ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/51428/a21031c0f6a0994b3314.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 680f6e9a0e9f9d8c145e11d6937f688ff4299215d44bf0a54368ffc6acdbfc51

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc16
date: Fri, 02 Dec 2022 00:25:05 GMT
content-encoding: gzip
last-modified: Thu, 17 Nov 2022 09:22:56 GMT
server: nginx
etag: W/"6375fd70-5d41"
vary: Accept-Encoding
x-cached-since: 2022-11-23T09:12:43+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Fri, 24 Nov 2023 09:12:43 GMT

GET
H2 200 0a75d04ce9f53a1a35b6.b.js Show response
cdn.admixer.net/scripts3/51428/ 75 KB
20 KB 153ms
153ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/51428/0a75d04ce9f53a1a35b6.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: ecd2e45fcd6ed0f17eaefccd72cdb8253be8673636adcbf3f8902aeeed654fe2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc16
date: Fri, 02 Dec 2022 00:25:05 GMT
content-encoding: gzip
last-modified: Thu, 17 Nov 2022 09:22:47 GMT
server: nginx
etag: W/"6375fd67-12c39"
vary: Accept-Encoding
x-cached-since: 2022-11-17T09:24:09+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Sat, 18 Nov 2023 09:24:09 GMT

GET
H2 200 cds.js Show response
pa.tns-ua.com/viewability/ 2 KB
3 KB 81ms
80ms Script
application/javascript 194.247.175.19
BEMOBILE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pa.tns-ua.com/viewability/cds.js
Requested by: Host: source.mmi.bemobile.ua
URL: https://source.mmi.bemobile.ua/cm/cm.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.247.175.19 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software: nginx/1.13.0 /
Resource Hash: 9cfc3a96cab0eb315783265b6db554e532e060952d409399cc7dd1d7e775b9a3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:05 GMT
last-modified: Fri, 25 May 2018 10:26:40 GMT
server: nginx/1.13.0
accept-ranges: bytes
etag: "5b07e4e0-9c3"
content-length: 2499
content-type: application/javascript; charset=utf-8

GET
H2 200 pubads_impl_2022113001.js Show response
securepubads.g.doubleclick.net/gpt/ 384 KB
131 KB 150ms
45ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022113001.js?cb=31071080

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

728e669b9c7cb9efcdc7fd22a9b2250ea2f9ea278392fd8f48cdc40f1946944e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 11:47:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 131857
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133236
x-xss-protection: 0
last-modified: Wed, 30 Nov 2022 09:36:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 30 Nov 2023 11:47:28 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 157 B
725 B 157ms
53ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=1plus1.ua

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab326af9dc6c82a2117248f99b169c68e64ef429ca3cfb75ddf9aa81e07c3a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:05 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 90
x-xss-protection: 0
expires: Fri, 02 Dec 2022 00:25:05 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 112ms
41ms XHR
text/plain 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=145733559&t=pageview&_s=1&dl=https%3A%2F%2F1plus1.ua%2F&ul=en-us&de=UTF-8&dt=%D0%9E%D1%84%D1%96%D1%86%D1%96%D0%B9%D0%BD%D0%B8%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%D1%83%201%2B1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAEABAAAAACAAI~&jid=1211880671&gjid=901564298&cid=717394687.1669940705&tid=UA-22507043-9&_gid=918173851.1669940706&_r=1&gtm=2wgbu0PWKM5Z&z=718255584

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 00:25:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://1plus1.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 110ms
43ms XHR
text/plain 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=145733559&t=pageview&_s=1&dl=https%3A%2F%2F1plus1.ua%2F&ul=en-us&de=UTF-8&dt=%D0%9E%D1%84%D1%96%D1%86%D1%96%D0%B9%D0%BD%D0%B8%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%D1%83%201%2B1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAjAAEABAAAAACAAI~&jid=1217031261&gjid=1828696636&cid=717394687.1669940705&tid=UA-113262294-1&_gid=918173851.1669940706&_r=1&gtm=2wgbu0PWKM5Z&z=1993993639

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 00:25:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://1plus1.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rexdot.js Show response
gaua.hit.gemius.pl/__/_1669940705712/
Redirect Chain

https://gaua.hit.gemius.pl/_1669940705712/rexdot.js?l=100&sendf=8&id=AjrqKCOxP8PKBji0fzFPYcU1XmENAbtLwaFZEcN9oWn.27&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2F1pl...
https://gaua.hit.gemius.pl/__/_1669940705712/rexdot.js?l=100&sendf=8&id=AjrqKCOxP8PKBji0fzFPYcU1XmENAbtLwaFZEcN9oWn.27&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2F...

169 B
425 B

122ms
121ms

Script
application/x-javascript

54.37.238.28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/__/_1669940705712/rexdot.js?l=100&sendf=8&id=AjrqKCOxP8PKBji0fzFPYcU1XmENAbtLwaFZEcN9oWn.27&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2F1plus1.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=sv13PBuAGrQf9UmyzcK3vQj6bMfjcE.z_ASsHJ6enz7.Q7EZJMbS2vNMvTuud4tvnVFxEIwiazq_PbY0gdlk5RdMSZbp/vLei3B.yRoGp6/&fpdata=-TURNEDOFF&ltime=490&inner=_ver%3D331%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=638945e10d1ea5d2
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Server: 54.37.238.28 , Poland, ASN16276 (OVH, FR),
Reverse DNS: ip28.ip-54-37-238.eu
Software: GHC /
Resource Hash: 85923b4233b4c7cc90a3f1d9c95e0a7209e46873bedb176f79d755ddcad4816a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 00:25:05 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 169
expires: Thu, 01 Dec 2022 00:25:05 GMT

Redirect headers

pragma: no-cache
date: Fri, 02 Dec 2022 00:25:05 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: /__/_1669940705712/rexdot.js?l=100&sendf=8&id=AjrqKCOxP8PKBji0fzFPYcU1XmENAbtLwaFZEcN9oWn.27&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2F1plus1.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=sv13PBuAGrQf9UmyzcK3vQj6bMfjcE.z_ASsHJ6enz7.Q7EZJMbS2vNMvTuud4tvnVFxEIwiazq_PbY0gdlk5RdMSZbp/vLei3B.yRoGp6/&fpdata=-TURNEDOFF&ltime=490&inner=_ver%3D331%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=638945e10d1ea5d2
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Thu, 01 Dec 2022 00:25:05 GMT

GET
H/1.1 200
OK api.auth.css
api.1plus1.video/static/css/ 56 KB
9 KB 86ms
86ms Stylesheet
text/css 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.1plus1.video/static/css/api.auth.css?_t1229123006663
Requested by: Host: client
URL: about:client
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: a691ce0fb054d5f2128394b9ad9c5961d7c0cdc1804bc83d6760df78ee304d7f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 00:25:05 GMT
Content-Encoding: gzip
Last-Modified: Tue, 13 Apr 2021 11:47:41 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Sun, 01 Jan 2023 00:25:05 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 149ms
45ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1834787353214372&ev=fb_page_view&dl=https%3A%2F%2F1plus1.ua%2F&rl=&if=false&ts=1669940705745&sw=1600&sh=1200&at=

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 02 Dec 2022 00:25:05 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 925 B
996 B 154ms
52ms Script
text/javascript 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=__api_auth_recaptcha_on_load__&render=explicit&hl=uk

Requested by

Host: api.1plus1.video
URL: https://api.1plus1.video/static/js/api.auth.0.0.5.js?v=704f1bf8100dcad41f29c14adca06bf8df2c5c76

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

48e0160532c6bbef842ff3f1fc3b75a0de690923cb23a66cc6726ac7af1b40c4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 583
x-xss-protection: 1; mode=block
expires: Fri, 02 Dec 2022 00:25:05 GMT

GET
H/1.1 200
OK api.auth.css
api.1plus1.video/static/css/ Frame 2C8F 56 KB
9 KB 85ms
85ms Stylesheet
text/css 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.1plus1.video/static/css/api.auth.css?_t1589156722047
Requested by: Host: client
URL: about:client
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: a691ce0fb054d5f2128394b9ad9c5961d7c0cdc1804bc83d6760df78ee304d7f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 00:25:05 GMT
Content-Encoding: gzip
Last-Modified: Mon, 03 Aug 2020 07:12:56 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Sun, 01 Jan 2023 00:25:05 GMT

GET
H2 200 cm.html Show response
pa.tns-ua.com/viewability/ Frame BC09 3 KB
1 KB 82ms
80ms Document
text/html 194.247.175.19
BEMOBILE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pa.tns-ua.com/viewability/cm.html
Requested by: Host: pa.tns-ua.com
URL: https://pa.tns-ua.com/viewability/cds.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.247.175.19 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software: nginx/1.13.0 /
Resource Hash: 9b99450717649bd5715ae5cba0e064d8cc879abe705815792d66097163cfb576

Request headers

Referer: https://1plus1.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 02 Dec 2022 00:25:05 GMT
etag: W/"5b2ccc0c-b5f"
last-modified: Fri, 22 Jun 2018 10:14:36 GMT
server: nginx/1.13.0

GET
H2 200 api.js Show response
www.google.com/recaptcha/ Frame 2C8F 925 B
648 B 140ms
56ms Script
text/javascript 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=__api_auth_recaptcha_on_load__&render=explicit&hl=uk

Requested by

Host: api.1plus1.video
URL: https://api.1plus1.video/static/js/api.auth.0.0.5.js?v=704f1bf8100dcad41f29c14adca06bf8df2c5c76

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

48e0160532c6bbef842ff3f1fc3b75a0de690923cb23a66cc6726ac7af1b40c4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 583
x-xss-protection: 1; mode=block
expires: Fri, 02 Dec 2022 00:25:05 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
740 B 156ms
58ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700&subset=cyrillic-ext,latin-ext

Requested by

Host: api.1plus1.video
URL: https://api.1plus1.video/static/css/api.auth.css?_t1229123006663

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

910612fc65208677f4e2fff60558e0f1949138a3696402a17ed5582efe0d2649

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://api.1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 02 Dec 2022 00:25:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 22:41:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 02 Dec 2022 00:25:05 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 7 B
440 B 121ms
39ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-22507043-9&cid=717394687.1669940705&jid=1211880671&gjid=901564298&_gid=918173851.1669940706&_u=YAhAAEAAAAAAACAAI~&z=1560202306

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 02 Dec 2022 00:25:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://1plus1.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 2C8F 5 KB
1 KB 116ms
57ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700&subset=cyrillic-ext,latin-ext

Requested by

Host: api.1plus1.video
URL: https://api.1plus1.video/static/css/api.auth.css?_t1589156722047

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

910612fc65208677f4e2fff60558e0f1949138a3696402a17ed5582efe0d2649

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://api.1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 02 Dec 2022 00:25:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 02 Dec 2022 00:17:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 02 Dec 2022 00:25:05 GMT

GET
H2 200 PageStatEntry Show response
sslpagestat.mmi.bemobile.ua/pagestat/ 36 B
131 B 466ms
80ms XHR
application/json 194.247.175.25
BEMOBILE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sslpagestat.mmi.bemobile.ua/pagestat/PageStatEntry?cookie=38BFAF59248F42449A96BCC567389BBE&time=1669940705709&location=https%3A%2F%2F1plus1.ua%2F&referrer=&is_flash=0&session_id=176620710&version=3.5.337_ua/1.83&sw=1600&sh=1200&scd=24&spd=24&tnscm_adn=inline_cm&param1=~cm_timer~&param2=0&param3=1200&param5=2&vt=d
Requested by: Host: source.mmi.bemobile.ua
URL: https://source.mmi.bemobile.ua/cm/cm.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.247.175.25 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 147b1111edda7e2c2f9d672b5649de2f2dc5d5cb9dda7905198aa883a4273013

Request headers

Accept: application/json
Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 02 Dec 2022 00:25:06 GMT
server: nginx/1.18.0
content-length: 36
content-type: application/json

GET
H2 200 pic.gif
pa.tns-ua.com/bug/ 56 B
230 B 81ms
81ms Image
image/gif 194.247.175.19
BEMOBILE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pa.tns-ua.com/bug/pic.gif?uid=38BFAF59248F42449A96BCC567389BBE&time=1669940705868
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.247.175.19 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software: nginx/1.13.0 /
Resource Hash: 2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:05 GMT
cache-control: no-cache
server: nginx/1.13.0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 recaptcha__uk.js Show response
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/ 433 KB
164 KB 145ms
45ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__uk.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=__api_auth_recaptcha_on_load__&render=explicit&hl=uk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e7cb45f857dee266e3e30474fe53581495d160fe7900d34423acb84ff6ea898

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1plus1.ua/
Origin: https://1plus1.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 03:52:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 246764
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 167220
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 29 Nov 2023 03:52:22 GMT

GET
H2 200 config.json Show response
player.adtelligent.com/exchange_rates/298308/ 4 KB
2 KB 118ms
39ms XHR
application/json 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/exchange_rates/298308/config.json?cb=https%3A%2F%2F1plus1.ua%2F
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19328/hb_298309_4139.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 0d6693e6463d01ca864b923e65637d347b412258105ce4633cf195cc051db4d2

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

expires: Sun, 04 Dec 2022 00:25:06 GMT
date: Fri, 02 Dec 2022 00:25:06 GMT
content-encoding: gzip
last-modified: Thu, 01 Dec 2022 12:02:15 GMT
server: nginx
etag: W/"638897c7-117e"
content-type: application/json
access-control-allow-origin: https://1plus1.ua
cache-control: max-age=172800
x-proxy-cache: HIT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 150ms
56ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-22507043-9&cid=717394687.1669940705&jid=1211880671&_u=YAhAAEAAAAAAACAAI~&z=986879911

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 00:25:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.co.uk/ads/ 42 B
501 B 156ms
54ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-22507043-9&cid=717394687.1669940705&jid=1211880671&_u=YAhAAEAAAAAAACAAI~&z=986879911

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 00:25:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
122 B 146ms
53ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=1plus1.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022113001.js?cb=31071080

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 147ms
54ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=1plus1.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022113001.js?cb=31071080

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 149 KB
45 KB 411ms
320ms XHR
text/plain 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=819107935438855&correlator=1841785487788961&eid=31071080%2C31065825&output=ldjh&gdfp_req=1&vrg=2022113001&ptt=17&impl=fifs&iu_parts=82479101%2C1plus1.ua%2CWeb_Interstitual&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=2&adks=2910912907&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie=ID%3D2ba2d3d13f65943b-2238541601d8003a%3AT%3D1669940705%3ART%3D1669940705%3AS%3DALNI_MYPh24nuwW7C3zx_3Byk4YLfiCjuw&gpic=UID%3D00000b8b58fe2c71%3AT%3D1669940705%3ART%3D1669940705%3AS%3DALNI_MbwnHswTwZxOcEXqSxv-DzNS9FOHQ&abxe=1&dt=1669940705959&lmt=1669940705&dlt=1669940704251&idt=1661&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2F1plus1.ua%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=717394687.1669940705&ga_sid=1669940705&ga_hid=145733559&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022113001.js?cb=31071080

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2ee3cff8b2c0bd6784ceef8b280853d3d8d44f6880896b809132086302bf34fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46071
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://1plus1.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2851 6 KB
3 KB 200ms
52ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022113001.js?cb=31071080

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1plus1.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 02 Dec 2022 00:25:06 GMT
expires: Sat, 02 Dec 2023 00:25:06 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads_2022113001.js Show response
securepubads.g.doubleclick.net/gpt/ 37 KB
14 KB 135ms
47ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022113001.js?cb=31071080

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022113001.js?cb=31071080

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf32eba3b260cbb1c5761c4a8ddcd9576a8d3e571ff6b0cd902f75353bb051b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 11:57:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 131244
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13828
x-xss-protection: 0
last-modified: Wed, 30 Nov 2022 09:36:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 30 Nov 2023 11:57:42 GMT

GET
H2 200 recaptcha__uk.js Show response
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/ Frame 2C8F 433 KB
163 KB 123ms
95ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__uk.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=__api_auth_recaptcha_on_load__&render=explicit&hl=uk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e7cb45f857dee266e3e30474fe53581495d160fe7900d34423acb84ff6ea898

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1plus1.video/
Origin: https://1plus1.video
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 03:52:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 246764
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 167220
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 29 Nov 2023 03:52:22 GMT

POST
H2 200 translator Show response
hbopenbid.pubmatic.com/ 14 KB
8 KB 311ms
137ms XHR
application/json 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19328/hb_298309_4139.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 87aef9fa327a66d58ed38a47d7a7f8bb4968d80ef3431d99bda7f84c8a2c6a40

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://1plus1.ua
date: Fri, 02 Dec 2022 00:25:05 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-openrtb-version: 2.3
content-encoding: gzip
content-type: application/json

POST
H2 200 cdb Show response
bidder.criteo.com/ 18 B
306 B 137ms
56ms XHR
application/json 2a02:2638::24
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.25.1-d&cb=26673886215

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19328/hb_298309_4139.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 02 Dec 2022 00:25:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://1plus1.ua
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

POST
H2 200 i Show response
ads.adnuntius.delivery/ 7 KB
2 KB 142ms
68ms XHR
application/json 172.67.137.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adnuntius.delivery/i?tzo=0&format=json&consentString=undefined
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19328/hb_298309_4139.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.137.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3aba672734930d62b3665183df1778f1e7c7673dda9e9a9a7dc9678159b970b2

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 02 Dec 2022 00:25:06 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-adn-diagnostic-request-id: 4719485feb2475b755246d201f56a196
x-adn-backend-server-id: fa6ad80f
content-length: 1234
pragma: no-cache
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qhEWHLSLfDpJ%2FmnE3vbT4vktaX3LyCu%2FaeOc%2BXf3e6aF1wWKuI5xJGYVch%2FUKICU77AUT4a5Wg77O9ib2jSwk1r9TwSWvybklD3M8o7cHwEus8gnnqjQ9koEEEHI0sI0qwSqzdSsPCEw"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://1plus1.ua
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 772fec653f5654be-MAN
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

ROS Show response
pbjs.e-planning.net/hb/1/2e43c/1/1plus1.ua/
Redirect Chain

https://pbjs.e-planning.net/pbjs/1/2e43c/1/1plus1.ua/ROS?rnd=0.427417296333102&e=300x250_0%3A300x250%2B300x250_1%3A300x250%2C300x600%2B300x250_2%3A300x250%2C300x600%2B970x250_0%3A970x250%2C750x250%...
https://pbjs.e-planning.net/hb/1/2e43c/1/1plus1.ua/ROS?ct=1&r=pbjs&rnd=0.427417296333102&e=300x250_0%3A300x250%2B300x250_1%3A300x250%2C300x600%2B300x250_2%3A300x250%2C300x600%2B970x250_0%3A970x250%...

585 B
995 B

40ms
39ms

XHR
application/json

185.172.90.251
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://pbjs.e-planning.net/hb/1/2e43c/1/1plus1.ua/ROS?ct=1&r=pbjs&rnd=0.427417296333102&e=300x250_0%3A300x250%2B300x250_1%3A300x250%2C300x600%2B300x250_2%3A300x250%2C300x600%2B970x250_0%3A970x250%2C750x250%2B1440x180_0%3A1440x180&ur=https%3A%2F%2F1plus1.ua%2F&pbv=6.25.1-d&ncb=1&vs=FFFFF&crs=UTF-8&fr=https%3A%2F%2F1plus1.ua%2F&gdpr=0&e_pubcid=21d9fa2c-cc25-4160-ad0d-9f6828ed618a
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Server: 185.172.90.251 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: ads.us.e-plannning.net
Software: openresty /
Resource Hash: 552d8181c06487c3f5f649a7d20803a0b7ce62ff76430c926dc58af2da2a2a9e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires: Fri, 02 Dec 2022 00:25:06 GMT
date: Fri, 02 Dec 2022 00:25:06 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://1plus1.ua
content-type: application/json
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-length: 585
x-sid: AMS-937

Redirect headers

date: Fri, 02 Dec 2022 00:25:06 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://1plus1.ua
location: /hb/1/2e43c/1/1plus1.ua/ROS?ct=1&r=pbjs&rnd=0.427417296333102&e=300x250_0%3A300x250%2B300x250_1%3A300x250%2C300x600%2B300x250_2%3A300x250%2C300x600%2B970x250_0%3A970x250%2C750x250%2B1440x180_0%3A1440x180&ur=https%3A%2F%2F1plus1.ua%2F&pbv=6.25.1-d&ncb=1&vs=FFFFF&crs=UTF-8&fr=https%3A%2F%2F1plus1.ua%2F&gdpr=0&e_pubcid=21d9fa2c-cc25-4160-ad0d-9f6828ed618a
content-type: text/html; charset=iso-8859-1
access-control-allow-credentials: true
x-sid: AMS-937

GET
H2 200 arj Show response
adtelligent-d.openx.net/w/1.0/ 174 B
581 B 299ms
220ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adtelligent-d.openx.net/w/1.0/arj?ju=https%3A%2F%2F1plus1.ua%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=c6b2aee5-4009-4510-ab89-74f608907fcd%2C5dd1cedd-f37b-4e8f-b68d-a6177fb0eeb7%2Ca4a9d27c-d91c-4274-b469-dbc245a08371%2Ce7047fb6-595a-4e6c-b64b-22182075fa90%2Ca4f20077-b652-4e9d-8e81-306aa6b19ea1&nocache=1669940706031&gdpr=0&pubcid=21d9fa2c-cc25-4160-ad0d-9f6828ed618a&schain=1.0%2C1!adtelligent.com%2C298309%2C1%2C%2C%2C&aus=300x250%7C300x600%2C300x250%7C970x250%2C750x250%7C300x600%2C300x250%7C1440x180&divids=div-gpt-ad-1519059092931-2%2Cdiv-gpt-ad-1519059092931-01096935283%2Cdiv-gpt-ad-1519059092931-1%2Cdiv-gpt-ad-1519059092931-02002143629%2Capi-gpt-catfish-wrapper&aucs=%252F82479101%252F1plus1.ua%252F1plus1_300x250_2%2523div-gpt-ad-1519059092931-2%2C%252F82479101%252F1plus1.ua%252F1plus1_300x600%2523div-gpt-ad-1519059092931-02002143629%2C%252F82479101%252F1plus1.ua%252F1plus1_1250x250%2523div-gpt-ad-1519059092931-1%2C%252F82479101%252F1plus1.ua%252F1plus1_300x600%2523div-gpt-ad-1519059092931-02002143629%2C%252F82479101%252F1plus1.ua%252Fcatfish%2523api-gpt-catfish-wrapper&auid=541177132%2C541177132%2C541177132%2C541177132%2C541177132
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19328/hb_298309_4139.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: b4e355f1d9980eee296cdea3d4464548165ed49ca437ec43302a037bc9b99061

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 00:25:06 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: application/json
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://1plus1.ua
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 162
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ 18 B
307 B 119ms
45ms XHR
application/json 2a02:2638::24
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.25.1-d&cb=14634739621

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19328/hb_298309_4139.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 02 Dec 2022 00:25:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://1plus1.ua
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

POST
H2 200 v1 Show response
hb-api.omnitagjs.com/hb-api/prebid/ 180 B
525 B 290ms
186ms XHR
application/json 185.255.84.150
IGUANE-

General

Check archive.org

Show headers Download Go to

Full URL

https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2F1plus1.ua%2F&CanonicalUrl=https%3A%2F%2Fm.1plus1.ua%2F&PublisherDomain=https%3A%2F%2F1plus1.ua

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19328/hb_298309_4139.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.150 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

0ce213a8d1d2256cb4c1fafcab0414291123174212d60c637057dfe7e856380a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 00:25:06 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://1plus1.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 137
vary: Accept-Encoding
access-control-allow-headers: Accept-Encoding, Content-Type
content-length: 180
expires: 0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 325 B
871 B 267ms
116ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2126352&size_id=15&gdpr=0&eid_pubcid.org=21d9fa2c-cc25-4160-ad0d-9f6828ed618a%5E1&rf=https%3A%2F%2F1plus1.ua%2F&tg_i.pbadslot=%2F82479101%2F1plus1.ua%2F1plus1_300x250_2%23div-gpt-ad-1519059092931-2&tk_flint=pbjs_lite_v6.25.1-d&x_source.tid=c6b2aee5-4009-4510-ab89-74f608907fcd&l_pb_bid_id=38c9cf9650a29b1&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F82479101%2F1plus1.ua%2F1plus1_300x250_2%23div-gpt-ad-1519059092931-2&slots=1&rand=0.8902289284628888
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19328/hb_298309_4139.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: b19dc54f222d811d69cf373dbf3032c2e65ebc718fab2700f7ce64d894f350ec

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 00:25:06 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://1plus1.ua
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 325
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 353 B
676 B 279ms
128ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2126352&size_id=15&alt_size_ids=10&gdpr=0&eid_pubcid.org=21d9fa2c-cc25-4160-ad0d-9f6828ed618a%5E1&rf=https%3A%2F%2F1plus1.ua%2F&tg_i.pbadslot=%2F82479101%2F1plus1.ua%2F1plus1_300x600%23div-gpt-ad-1519059092931-02002143629&tk_flint=pbjs_lite_v6.25.1-d&x_source.tid=5dd1cedd-f37b-4e8f-b68d-a6177fb0eeb7&l_pb_bid_id=39690c1553296b3&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F82479101%2F1plus1.ua%2F1plus1_300x600%23div-gpt-ad-1519059092931-02002143629&slots=1&rand=0.5188701461406784
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19328/hb_298309_4139.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 3dc32f4dd92e453688e95ab7b21d20906d11f4dd58287b36077f436c9ff2d45c

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 00:25:06 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://1plus1.ua
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 353
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 324 B
648 B 308ms
158ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2126352&size_id=57&gdpr=0&eid_pubcid.org=21d9fa2c-cc25-4160-ad0d-9f6828ed618a%5E1&rf=https%3A%2F%2F1plus1.ua%2F&tg_i.pbadslot=%2F82479101%2F1plus1.ua%2F1plus1_1250x250%23div-gpt-ad-1519059092931-1&tk_flint=pbjs_lite_v6.25.1-d&x_source.tid=a4a9d27c-d91c-4274-b469-dbc245a08371&l_pb_bid_id=404578f7cb76496&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F82479101%2F1plus1.ua%2F1plus1_1250x250%23div-gpt-ad-1519059092931-1&slots=1&rand=0.917054123228092
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19328/hb_298309_4139.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: cd2f3b9bc872e63fefa77e68f41c4da41c5bf626985f9a6a3f9d66e9895e2a04

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 00:25:06 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://1plus1.ua
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 324
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 353 B
677 B 364ms
213ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2126352&size_id=15&alt_size_ids=10&gdpr=0&eid_pubcid.org=21d9fa2c-cc25-4160-ad0d-9f6828ed618a%5E1&rf=https%3A%2F%2F1plus1.ua%2F&tg_i.pbadslot=%2F82479101%2F1plus1.ua%2F1plus1_300x600%23div-gpt-ad-1519059092931-02002143629&tk_flint=pbjs_lite_v6.25.1-d&x_source.tid=e7047fb6-595a-4e6c-b64b-22182075fa90&l_pb_bid_id=41f39757bfc7461&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F82479101%2F1plus1.ua%2F1plus1_300x600%23div-gpt-ad-1519059092931-02002143629&slots=1&rand=0.3886473241417483
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19328/hb_298309_4139.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: cd97d28e3dfc583ddec299426f05790dd724a2a0b0cc301e63a4f4b9fd25a1b8

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 00:25:06 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://1plus1.ua
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 353
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
356 B 143ms
46ms XHR
application/json 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19328/hb_298309_4139.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://1plus1.ua
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
270 B 129ms
41ms XHR
text/plain 147.75.85.234
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19328/hb_298309_4139.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://1plus1.ua
date: Fri, 02 Dec 2022 00:25:05 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
server: envoy
vary: origin, Accept-Encoding

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
172 B 136ms
44ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19328/hb_298309_4139.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://1plus1.ua
date: Fri, 02 Dec 2022 00:25:06 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 324 B
649 B 271ms
126ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48254&zone_id=1767304&size_id=15&gdpr=0&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=21d9fa2c-cc25-4160-ad0d-9f6828ed618a%5E1&rf=https%3A%2F%2F1plus1.ua%2F&tg_i.pbadslot=%2F82479101%2F1plus1.ua%2F1plus1_300x250_2%23div-gpt-ad-1519059092931-2&tk_flint=pbjs_lite_v6.25.1-d&x_source.tid=c6b2aee5-4009-4510-ab89-74f608907fcd&l_pb_bid_id=61ce13be09498d2&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F82479101%2F1plus1.ua%2F1plus1_300x250_2%23div-gpt-ad-1519059092931-2&slots=1&rand=0.4982181741817595
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19328/hb_298309_4139.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 25b7e06ecde509f040d400051a2e39057e5e0810676edeaa88bdf0e988cc83c0

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 00:25:06 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://1plus1.ua
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 324
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 352 B
675 B 275ms
129ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48254&zone_id=1767304&size_id=15&alt_size_ids=10&gdpr=0&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=21d9fa2c-cc25-4160-ad0d-9f6828ed618a%5E1&rf=https%3A%2F%2F1plus1.ua%2F&tg_i.pbadslot=%2F82479101%2F1plus1.ua%2F1plus1_300x600%23div-gpt-ad-1519059092931-02002143629&tk_flint=pbjs_lite_v6.25.1-d&x_source.tid=5dd1cedd-f37b-4e8f-b68d-a6177fb0eeb7&l_pb_bid_id=62cf3c961a45629&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F82479101%2F1plus1.ua%2F1plus1_300x600%23div-gpt-ad-1519059092931-02002143629&slots=1&rand=0.479449677412769
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19328/hb_298309_4139.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 983edd88a840cea7c1db04b4d552be5b8e57a4fffd14ae0e02f6219f7c2254f0

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 00:25:06 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://1plus1.ua
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 352
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 10 KB
6 KB 290ms
146ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48254&zone_id=1767304&size_id=57&gdpr=0&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=21d9fa2c-cc25-4160-ad0d-9f6828ed618a%5E1&rf=https%3A%2F%2F1plus1.ua%2F&tg_i.pbadslot=%2F82479101%2F1plus1.ua%2F1plus1_1250x250%23div-gpt-ad-1519059092931-1&tk_flint=pbjs_lite_v6.25.1-d&x_source.tid=a4a9d27c-d91c-4274-b469-dbc245a08371&l_pb_bid_id=633e95e07f75919&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F82479101%2F1plus1.ua%2F1plus1_1250x250%23div-gpt-ad-1519059092931-1&slots=1&rand=0.670943341663566
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19328/hb_298309_4139.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: b378be3abacb8f5d9f5f3d00256f2b9f0342f97cac24b6f59eb9c9dfeb1bf1e3

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 00:25:06 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://1plus1.ua
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 352 B
677 B 277ms
132ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48254&zone_id=1767304&size_id=15&alt_size_ids=10&gdpr=0&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=21d9fa2c-cc25-4160-ad0d-9f6828ed618a%5E1&rf=https%3A%2F%2F1plus1.ua%2F&tg_i.pbadslot=%2F82479101%2F1plus1.ua%2F1plus1_300x600%23div-gpt-ad-1519059092931-02002143629&tk_flint=pbjs_lite_v6.25.1-d&x_source.tid=e7047fb6-595a-4e6c-b64b-22182075fa90&l_pb_bid_id=64a93924b120541&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F82479101%2F1plus1.ua%2F1plus1_300x600%23div-gpt-ad-1519059092931-02002143629&slots=1&rand=0.11970386647458464
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19328/hb_298309_4139.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 071fb74bf1e64747a6bc1e85e67ea9db7ecffa5cc08bd2a3b21242765157c198

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 00:25:06 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://1plus1.ua
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 352
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
111 B 252ms
100ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19328/hb_298309_4139.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://1plus1.ua
date: Fri, 02 Dec 2022 00:25:05 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid.1.2.aspx Show response
inv-nets.admixer.net/ 1003 B
1 KB 143ms
47ms XHR
text/javascript 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/prebid.1.2.aspx

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19328/hb_298309_4139.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

97422c479f71bd0454b5841b86dd72bda2da5afd339475df0a9db4cf01b69f79

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 02 Dec 2022 00:25:06 GMT
Server: nginx
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: https://1plus1.ua
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 1003
X-Xss-Protection: 0

POST
H/1.1 200
OK / Show response
ghb.adtelligent.com/v2/auction/ 1 KB
561 B 36ms
34ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/v2/auction/
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19328/hb_298309_4139.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: f3475bc89a225ba160bec8add5d60d75a411ea1c559423e19200146c18e301af

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 02 Dec 2022 00:25:05 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://1plus1.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 257

POST
H/1.1 200
OK / Show response
ghb1.adtelligent.com/v2/auction/ 303 B
463 B 120ms
34ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb1.adtelligent.com/v2/auction/
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19328/hb_298309_4139.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 1d34ec451023ff9ad1bdb5258132e86edd296d47c4d3c04522cfaf31028e2277

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 02 Dec 2022 00:25:05 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://1plus1.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 159

POST
H2 200 bid Show response
a4p.adpartner.pro/hb/ 3 B
250 B 68ms
66ms XHR
application/json 51.83.220.94
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/hb/bid?tag=8048&sizes=1440x180&referer=https%3A%2F%2F1plus1.ua%2F
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19328/hb_298309_4139.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-03.adpartner.pro
Software: nginx /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://1plus1.ua
date: Fri, 02 Dec 2022 00:25:06 GMT
cache-control: no-store no-transform
access-control-allow-credentials: true
server: nginx
content-length: 3
content-type: application/json

POST
H/1.1 200
OK / Show response
ghb2.adtelligent.com/v2/auction/ 361 B
466 B 127ms
35ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb2.adtelligent.com/v2/auction/
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19328/hb_298309_4139.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 95641b80c335f12465b07d52f52f972b21a4176767a9ca5190a3042c1f468b0c

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 02 Dec 2022 00:25:05 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://1plus1.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 162

GET
H/1.1 200
OK hls.light.min.js Show response
1plus1.video/static/player/js/ Frame 2C8F 153 KB
53 KB 84ms
83ms Script
application/javascript 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://1plus1.video/static/player/js/hls.light.min.js
Requested by: Host: 1plus1.video
URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=704f1bf8100dcad41f29c14adca06bf8df2c5c76
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: bd9072da49e87b2c3688527532eb51a54a6886366915be497e4e2de0c83e5859

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/video/embed/E2fzXbha?l=ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 00:25:06 GMT
Content-Encoding: gzip
Last-Modified: Mon, 11 Dec 2017 12:35:16 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Sun, 01 Jan 2023 00:24:24 GMT

GET
H2 200 92d3195f325a4d45ee303ab9d892d5b3.custom.jpg
images.1plus1.video/card-5/E2fzXbha/ Frame 2C8F 475 KB
476 KB 107ms
106ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/card-5/E2fzXbha/92d3195f325a4d45ee303ab9d892d5b3.custom.jpg
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: bc612c0463c547f2d209aebf6d513fe30242194a0c14739ac81495248c0c4d66

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:06 GMT
last-modified: Tue, 15 Jun 2021 14:24:37 GMT
server: nginx
etag: "c7be8b09dd21bd3fc4aad93543f193e6"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 486113
x-1p1-cdn: BYPASS; Fri, 02 Dec 2022 00:25:06 GMT
expires: Fri, 09 Dec 2022 00:25:06 GMT

GET
DATA 200
OK truncated
/ Frame 2C8F 369 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5f9ecc527406b9b72bc3a9f4527892dcf842584b7e6aeb7ce816a4c7c8803954

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
fonts.gstatic.com/s/opensans/v34/ Frame 2C8F 26 KB
26 KB 217ms
107ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700&subset=cyrillic-ext,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59bd288e64c57e034672999e33ebda6eb5ad1575945eb563dbfb5b44f226e1e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://1plus1.video
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 19:00:18 GMT
x-content-type-options: nosniff
age: 278688
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26240
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:14:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Nov 2023 19:00:18 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ Frame 2C8F 44 KB
44 KB 152ms
43ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700&subset=cyrillic-ext,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://1plus1.video
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 18:50:24 GMT
x-content-type-options: nosniff
age: 279282
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Nov 2023 18:50:24 GMT

GET
H2 200 gplayer.js Show response
gaua.hit.gemius.pl/ Frame 2C8F 23 KB
6 KB 73ms
73ms Script
application/x-javascript 54.37.238.28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/gplayer.js
Requested by: Host: 1plus1.video
URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=704f1bf8100dcad41f29c14adca06bf8df2c5c76
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.37.238.28 , Poland, ASN16276 (OVH, FR),
Reverse DNS: ip28.ip-54-37-238.eu
Software: GHC /
Resource Hash: e839c6cc63b861d1bdad75ce13f3122bbea54d1896715655926f97a958db4dbe

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:06 GMT
content-encoding: gzip
last-modified: Thu, 10 Nov 2022 11:36:49 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: max-age=43200
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 6283
expires: Fri, 02 Dec 2022 12:25:06 GMT

GET
H/1.1 200
OK 128902 Show response
api.1plus1.video/v2/ua/recommendation_projects/ Frame 2C8F 1 KB
1 KB 106ms
106ms XHR
application/json 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.1plus1.video/v2/ua/recommendation_projects/128902?cid=E2fzXbha&vct=3&_t59787918330
Requested by: Host: 1plus1.video
URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=704f1bf8100dcad41f29c14adca06bf8df2c5c76
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: dfc09688914bc7228ac5c2740111b7de79125f73ac80855446cb6a99e6db720c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 00:25:06 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://1plus1.video
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
122 B 54ms
54ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=1plus1.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022113001.js?cb=31071080

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 54ms
54ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=1plus1.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022113001.js?cb=31071080

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 98 KB
16 KB 360ms
359ms XHR
text/plain 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=819107935438855&correlator=1434097566942012&eid=31071080%2C31065825&output=ldjh&gdfp_req=1&vrg=2022113001&ptt=17&impl=fifs&iu_parts=82479101%2C1plus1.ua%2C1plus1_300x250_2%2C1plus1_300x600%2C1plus1_1250x250%2Ccatfish&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F3%2C%2F0%2F1%2F5&prev_iu_szs=300x250%2C300x600%7C300x250%2C970x250%7C750x250%2C300x600%7C300x250%2C1440x180&ifi=3&adks=695559250%2C561001319%2C3836652839%2C1074707211%2C2198103003&sfv=1-0-40&prev_scp=Project_1plus1%3DMain%26hb_rfBid%3D0%26excl_cat%3DPREPOST%7CProject_1plus1%3DMain%26hb_rfBid%3D0%26excl_cat%3DPREPOST%7CProject_1plus1%3DMain%26hb_rfBid%3D0%26excl_cat%3DPREPOST%7CProject_1plus1%3DOther%26hb_rfBid%3D0%26excl_cat%3DPREPOST%7CProject_1plus1%3Dother%26hb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&sc=1&cookie=ID%3D2ba2d3d13f65943b-2238541601d8003a%3AT%3D1669940705%3ART%3D1669940705%3AS%3DALNI_MYPh24nuwW7C3zx_3Byk4YLfiCjuw&gpic=UID%3D00000b8b58fe2c71%3AT%3D1669940705%3ART%3D1669940705%3AS%3DALNI_MbwnHswTwZxOcEXqSxv-DzNS9FOHQ&abxe=1&dt=1669940706458&lmt=1669940706&dlt=1669940704251&idt=1661&adxs=299%2C983%2C315%2C983%2C80&adys=701%2C2389%2C4409%2C4958%2C1020&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C1%7C2%7C3%7C0&ucis=2%7C3%7C4%7C5%7C6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2F1plus1.ua%2F&frm=20&vis=1&psz=314x0%7C300x0%7C1176x120%7C300x0%7C1600x-1&msz=314x0%7C300x0%7C1176x0%7C300x0%7C1600x-1&fws=0%2C0%2C0%2C0%2C512&ohw=0%2C0%2C0%2C0%2C0&ga_vid=717394687.1669940705&ga_sid=1669940705&ga_hid=145733559&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022113001.js?cb=31071080

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

71415f5562403e75afa89b32a28fdc2c7d6d0a3019722c52ca468c929c94b93e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:06 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16550
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-1,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,-1,-1,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://1plus1.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame FD92 6 KB
3 KB 136ms
45ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022113001.js?cb=31071080

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1plus1.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 02 Dec 2022 00:25:06 GMT
expires: Sat, 02 Dec 2023 00:25:06 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 f0ee1990bc109bdc1d80ced614848fbe.220x330.jpg
images.1plus1.video/playlist-1/118669/ Frame 2C8F 84 KB
84 KB 146ms
144ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/118669/f0ee1990bc109bdc1d80ced614848fbe.220x330.jpg
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: e52ce9aedd00c17de0baddbfc8112577c1a48f3d1c8aee25953a53feb7281d7c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:06 GMT
last-modified: Thu, 23 Sep 2021 09:37:45 GMT
server: nginx
etag: "cd80b64d6e8b1fb3fb0449e270085489"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 85922
x-1p1-cdn: BYPASS; Fri, 02 Dec 2022 00:25:06 GMT
expires: Fri, 09 Dec 2022 00:25:06 GMT

GET
H2 200 08889206d0bc6f22496fd04b86041fed.220x330.jpg
images.1plus1.video/playlist-1/326/ Frame 2C8F 91 KB
91 KB 250ms
249ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/326/08889206d0bc6f22496fd04b86041fed.220x330.jpg
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 176cec0c0610df2346dd22066f273900fa263f1071814b001d07ffbd654b9eda

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:06 GMT
last-modified: Sat, 13 Feb 2021 11:59:34 GMT
server: nginx
etag: "70c7ed91bbef141e65887484066b2093"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 93213
x-1p1-cdn: BYPASS; Fri, 02 Dec 2022 00:25:06 GMT
expires: Fri, 09 Dec 2022 00:25:06 GMT

GET
H2 200 580fc007f314b6c7a87ec2f320914a1a.220x330.jpg
images.1plus1.video/playlist-1/5589/ Frame 2C8F 82 KB
83 KB 141ms
139ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/5589/580fc007f314b6c7a87ec2f320914a1a.220x330.jpg
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: ae0b2fa6956c5bbeab3ebb80e69bc0d313506fbf6d9a75fdd41d3511d8aeb120

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:06 GMT
last-modified: Wed, 26 Jan 2022 08:14:28 GMT
server: nginx
etag: "3917fa01fa34fdfd43db5b1c15071af1"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 84258
x-1p1-cdn: BYPASS; Fri, 02 Dec 2022 00:25:06 GMT
expires: Fri, 09 Dec 2022 00:25:06 GMT

GET
H2 200 fa026e772cfd5e39f5c43fb03bea1247.220x330.jpg
images.1plus1.video/playlist-1/101800/ Frame 2C8F 77 KB
78 KB 143ms
142ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/101800/fa026e772cfd5e39f5c43fb03bea1247.220x330.jpg
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 7f4b62d09dc30ffd1f6943c722fc053199beca02c3a5962264608d05ec583484

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:06 GMT
last-modified: Thu, 23 Sep 2021 09:32:32 GMT
server: nginx
etag: "1ac7c7bca48ad0b6bf49709fb825bd52"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 79302
x-1p1-cdn: BYPASS; Fri, 02 Dec 2022 00:25:06 GMT
expires: Fri, 09 Dec 2022 00:25:06 GMT

GET
H2 200 e2811c3b984e91c24e364696bb27bc38.220x330.jpg
images.1plus1.video/playlist-1/93/ Frame 2C8F 73 KB
73 KB 144ms
143ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/93/e2811c3b984e91c24e364696bb27bc38.220x330.jpg
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 623b8ed926c2eb6436ec5a876949f4986eea52ccb69a6a0064164dd9d6361179

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:06 GMT
last-modified: Sat, 30 Oct 2021 07:14:20 GMT
server: nginx
etag: "a24e7612ca888c6a3f26a9c9ad42fb7a"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 74890
x-1p1-cdn: BYPASS; Fri, 02 Dec 2022 00:25:06 GMT
expires: Fri, 09 Dec 2022 00:25:06 GMT

GET
H2 200 gemiuslib.js Show response
gaua.hit.gemius.pl/ Frame 2C8F 61 KB
16 KB 63ms
63ms Script
application/x-javascript 54.37.238.28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/gemiuslib.js
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/gplayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.37.238.28 , Poland, ASN16276 (OVH, FR),
Reverse DNS: ip28.ip-54-37-238.eu
Software: GHC /
Resource Hash: 2cdee42b7d068f78d131568b5f3eed1975a5d656ca3ab20a747e31439598f5f7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:06 GMT
content-encoding: gzip
last-modified: Thu, 10 Nov 2022 11:36:49 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: max-age=43200
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 16639
expires: Fri, 02 Dec 2022 12:25:06 GMT

GET
H/1.1 200
OK api.chat.0.0.1.js Show response
api.1plus1.video/static/js/ Frame 2C8F 33 KB
13 KB 84ms
83ms Script
application/javascript 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.1plus1.video/static/js/api.chat.0.0.1.js
Requested by: Host: 1plus1.video
URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=704f1bf8100dcad41f29c14adca06bf8df2c5c76
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: e2b2134adf52398755a5e6428ee95f6a6f99db6b82530f2b3e964c5be470cfe0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 00:25:06 GMT
Content-Encoding: gzip
Last-Modified: Wed, 23 Feb 2022 14:15:45 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Sun, 01 Jan 2023 00:24:49 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 2C8F 371 KB
124 KB 152ms
53ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: 1plus1.video
URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=704f1bf8100dcad41f29c14adca06bf8df2c5c76

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

530040ebbfc1cd7a18f0537709371ccd55ec5ed96756cb4c121c2a56a33f8f19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126620
x-xss-protection: 0
expires: Fri, 02 Dec 2022 00:25:06 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame FD92 4 KB
636 B 147ms
56ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com
URL: https://f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 02 Dec 2022 00:25:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 22:46:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 02 Dec 2022 00:25:06 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame DC51 6 KB
672 B 132ms
54ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 02 Dec 2022 00:25:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 22:41:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 02 Dec 2022 00:25:06 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame DC51 2 KB
846 B 192ms
91ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 10:41:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49420
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Dec 2022 10:41:26 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame DC51 23 KB
10 KB 144ms
44ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 14:38:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35182
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9428
x-xss-protection: 0
server: cafe
etag: 246362764157784863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Dec 2022 14:38:44 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame DC51 3 KB
1 KB 192ms
92ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 14:38:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35182
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Dec 2022 14:38:44 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame DC51 18 KB
7 KB 154ms
54ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 10:10:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51257
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Dec 2022 10:10:49 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame DC51 0
0 53ms
52ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQv-Zy0-nAhCTpcqo4j8BID1zb3nrR3WFAkaqXHeZhTUum7IQF-jqDfZO-ldJ2_QSXYo-MXDtx51B7IpRQegGy_NfWwKQ
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DC51 155 KB
47 KB 156ms
67ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

302e69dd5cd67c33a01a5d0308c1ead25d5967bd0810b0c073f9fe18124de7bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48508
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1669811598765935"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 02 Dec 2022 00:25:06 GMT

GET
H3 200 83de75e735dabeddf4e705de6f0a2f41.js Show response
www.gstatic.com/mysidia/ Frame DC51 34 KB
14 KB 144ms
53ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/83de75e735dabeddf4e705de6f0a2f41.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f9c1e1da0c197ca101c6fd5ae899d10951dd43316c4ed6b3c9bd38877e79023a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 00:39:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 258345
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14157
x-xss-protection: 0
last-modified: Tue, 15 Nov 2022 00:08:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 27 Feb 2023 00:39:21 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/ Frame FD92 19 KB
8 KB 154ms
58ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com
URL: https://f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

578d39c8cc926851f5be1195f339d26cbbf239f2f7cac8b55b349276514b85fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 16:37:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28081
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8086
x-xss-protection: 0
server: cafe
etag: 7427986489964165156
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Dec 2022 16:37:05 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame FD92 205 B
229 B 131ms
46ms Image
image/png 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com
URL: https://f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 19:26:14 GMT
x-content-type-options: nosniff
age: 17932
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 01 Dec 2023 19:26:14 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame FD92 604 B
628 B 138ms
51ms Image
image/png 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com
URL: https://f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 22:42:07 GMT
x-content-type-options: nosniff
age: 6179
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 01 Dec 2023 22:42:07 GMT

GET
H2 200 fpdata.js Show response
gaua.hit.gemius.pl/ Frame 2C8F 281 B
354 B 62ms
61ms Script
application/x-javascript 54.37.238.28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/fpdata.js?href=1plus1.video
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/gemiuslib.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.37.238.28 , Poland, ASN16276 (OVH, FR),
Reverse DNS: ip28.ip-54-37-238.eu
Software: GHC /
Resource Hash: ff86e2120748847e1fea3b9f96ce936576de9bd0e0de0e4179209f7668862ee3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:06 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag: PRIVATE7520710249
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: private, max-age=2592000
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 281
expires: Sun, 01 Jan 2023 00:25:06 GMT

GET
H2 200 lsget.html Show response
ls.hit.gemius.pl/ Frame F62B 5 KB
3 KB 64ms
63ms Document
text/html 146.59.30.104
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ls.hit.gemius.pl/lsget.html
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/gemiuslib.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.30.104 , France, ASN16276 (OVH, FR),
Reverse DNS: ip104.ip-146-59-30.eu
Software: GHC /
Resource Hash: 330d587b01aef43ca12502db7813f0876381b0814579f11b69625032b5b841c9

Request headers

Referer: https://1plus1.video/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
accept-ranges: none
cache-control: private, max-age=2592000
content-encoding: gzip
content-length: 2717
content-type: text/html;charset=utf-8
cross-origin-resource-policy: cross-origin
date: Fri, 02 Dec 2022 00:25:06 GMT
etag: PRIVATE7520710249
expires: Sun, 01 Jan 2023 00:25:06 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
p3p: CP="NOI DSP COR NID PSAo OUR IND"
server: GHC
vary: Accept-Encoding,Origin,User-Agent

GET
H3 200 bridge3.547.0_uk.html Show response
imasdk.googleapis.com/js/core/ Frame A54B 691 KB
222 KB 139ms
45ms Document
text/html 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.547.0_uk.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b6e46e197e535119ab46392b1e732d3fa5988845ea96b50bb0514736bfad801

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1plus1.video/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 191752
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 226882
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Tue, 29 Nov 2022 19:09:14 GMT
expires: Wed, 29 Nov 2023 19:09:14 GMT
last-modified: Tue, 29 Nov 2022 15:11:42 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 2C8F 44 KB
17 KB 150ms
52ms Script
text/javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 02 Dec 2022 00:25:06 GMT

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 2C8F 107 B
122 B 54ms
54ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=1plus1.video

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 redot.js Show response
gaua.hit.gemius.pl/_1669940706898/ Frame 2C8F 2 B
202 B 62ms
61ms Script
application/x-javascript 54.37.238.28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/_1669940706898/redot.js?l=107&sendf=0&id=ByA1NmOpnbt8LmYqyjQkWrd8.l0YgocyqLXiHjiJayv.h7&et=data&hsrc=3&extra=_EC%3Dstreamcontent%7C_SPI%3D1669940707487%7C_SP%3DE2fzXbha%7C_SPD%3D1plus1.ua%7C_SPV%3D100%7C_SPR%3D665x400%7C_SC%3DE2fzXbha%7CcurrentDomain%3D1plus1.ua%7CcurrentNetwork%3Dhome%7CprojectID%3D128902%7C_SCV%3D100%7Cmute%3Dfalse%7C_SCR%3D665x400%7C_SCT%3DStarodavni%20tradiciyi%20guculivsirovariv%20ta%20sekreti%20virobnictva%20karpatskih%20tverdih%20siriv%7CvideoType%3D3%7CUserType%3DNotAuthorized%7CCategory%3DENT_AVT_1P1%7C_SCD%3D3189%7C_SCTE%3DVideo%7C_SCPD%3D20210612%7C_SCTY%3D1%2F00%7CcontentType%3Dfun%7C_SCTT%3D1&eventid=0&fr=3&tz=0&fv=-&href=https%3A%2F%2F1plus1.video%2Fvideo%2Fembed%2FE2fzXbha%3Fl%3Dua&ref=https%3A%2F%2F1plus1.ua%2F&screen=1600x1200r1000&col=24&window=665x400&vis=1&lsdata=9Slg9b3RuOeTaeGU.byMBEmbfftBrp05D_GJviBtY8v.47X7rOTBzJtKpzQDrMcH2OW11t.9bbdSLDfcB2xLcyi2.Kvf/UJAaFU8KnyL48/&fpdata=dY61Nr6ZaGa5MFdlR8nuDuO_hxJb4Db.NjDe5F6Ehqn.A7&ltime=88&inner=_ver%3D331%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=638945e2281bdd78&fpcap=&fpsec=1
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/gemiuslib.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.37.238.28 , Poland, ASN16276 (OVH, FR),
Reverse DNS: ip28.ip-54-37-238.eu
Software: GHC /
Resource Hash: 75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 00:25:06 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 2
expires: Thu, 01 Dec 2022 00:25:06 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 07AB 1 KB
643 B 46ms
45ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com
URL: https://f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 51257
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 01 Dec 2022 10:10:49 GMT
etag: 48472445140208031
expires: Fri, 02 Dec 2022 10:10:49 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4E35 6 KB
3 KB 44ms
44ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022113001.js?cb=31071080

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1plus1.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 02 Dec 2022 00:25:06 GMT
expires: Sat, 02 Dec 2023 00:25:06 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F91B 6 KB
3 KB 44ms
44ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022113001.js?cb=31071080

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1plus1.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 02 Dec 2022 00:25:06 GMT
expires: Sat, 02 Dec 2023 00:25:06 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 07AB
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEP9wiIN8UI1qJW8oJIXvt-o&google_push=ASkJ3FZxh4oJIe9d06CDKpw0XAL8vm2WVTSIsWnJ8M6fwGSZ62fEKlcedV...

170 B
188 B

145ms
58ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEP9wiIN8UI1qJW8oJIXvt-o&google_push=ASkJ3FZxh4oJIe9d06CDKpw0XAL8vm2WVTSIsWnJ8M6fwGSZ62fEKlcedVDHo6vgMIYJ-Ef3_o2yRLO-RcELC1zeDksa_uX4wOeG

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 00:25:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-lcy-eglc8600058-LCY
pragma: no-cache
date: Fri, 02 Dec 2022 00:25:07 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1669940707.126005,VS0,VE80
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEP9wiIN8UI1qJW8oJIXvt-o&google_push=ASkJ3FZxh4oJIe9d06CDKpw0XAL8vm2WVTSIsWnJ8M6fwGSZ62fEKlcedVDHo6vgMIYJ-Ef3_o2yRLO-RcELC1zeDksa_uX4wOeG
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 07AB
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJzLyfSZmzv1PyDvKPlm0wM&google_cver=1&google_push=ASkJ3Fbbl4HwXaIEGX6OFoNO_8d4NlvtAl8fBjM8dcRJGzbzbJVR1f0MF8ay5N9UXvX6M53OmsAyrL_W...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEJzLyfSZmzv1PyDvKPlm0wM&google_cver=1&google_push=ASkJ3Fbbl4HwXaIEGX6OFoNO_8d4NlvtAl8fBjM8dcRJGzbzbJVR1f0MF8ay5N9UXvX6M53OmsA...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTg0NzA2MTUwMjY0ODU1NzU2NQ&google_push=ASkJ3Fbbl4HwXaIEGX6OFoNO_8d4NlvtAl8fBjM8dcRJGzbzbJVR1f0MF8ay5N9UXvX6M53OmsAyrL...

170 B
188 B

56ms
55ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTg0NzA2MTUwMjY0ODU1NzU2NQ&google_push=ASkJ3Fbbl4HwXaIEGX6OFoNO_8d4NlvtAl8fBjM8dcRJGzbzbJVR1f0MF8ay5N9UXvX6M53OmsAyrL_WFi25pMLgnNguSj6AKuR6

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 00:25:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 02 Dec 2022 00:25:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTg0NzA2MTUwMjY0ODU1NzU2NQ&google_push=ASkJ3Fbbl4HwXaIEGX6OFoNO_8d4NlvtAl8fBjM8dcRJGzbzbJVR1f0MF8ay5N9UXvX6M53OmsAyrL_WFi25pMLgnNguSj6AKuR6
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 07AB
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEAMahFG-TAYn1XW6z7B9TiY&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEAMahFG-TAYn1XW6z7B9TiY&google_push=AS...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEAMahFG-TAYn1XW6z7B9TiY&google_hm=Y4lF4xJtJ9apRJP1LwFWoAAAAsYAAAIB&google_nid=index&google_push=ASkJ3FaGD9n0YBUMC_2OvcDk3cHuRiunVvG5L...

170 B
188 B

102ms
54ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEAMahFG-TAYn1XW6z7B9TiY&google_hm=Y4lF4xJtJ9apRJP1LwFWoAAAAsYAAAIB&google_nid=index&google_push=ASkJ3FaGD9n0YBUMC_2OvcDk3cHuRiunVvG5LgfU-lESykLlC2Ydcu_5oetsG8N5JbkhBBv0MKWtBLDh9DYnieA-seC3Fxr3DBqU

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 00:25:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 02 Dec 2022 00:25:07 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=awMnZPHZnG4aDWRx9BkmqejrB3gIZQ0R%2FMg7KqiGuS3lf0cZMcDyWjM4v83YkcQJwIEM6tYpr%2Fro5mr6d62KHccjYRAo6zUdDEW2NA5sjIGz7w%2F%2F7JE2ygqMdTseKyeG9%2BGIpejx9UMWtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEAMahFG-TAYn1XW6z7B9TiY&google_hm=Y4lF4xJtJ9apRJP1LwFWoAAAAsYAAAIB&google_nid=index&google_push=ASkJ3FaGD9n0YBUMC_2OvcDk3cHuRiunVvG5LgfU-lESykLlC2Ydcu_5oetsG8N5JbkhBBv0MKWtBLDh9DYnieA-seC3Fxr3DBqU
cache-control: no-cache
cf-ray: 772fec6c2bb7b2f1-MAN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 07AB
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEMlFEhgg9ZeVPHlmWrXzF1k&google_cver=1&google_push=ASkJ3FZoGMx98Nx27NPKh7h9AeZZBgPS6JWBP-Z9RwaOso8YJco4IeTcEt1nHjortF3WlgiFy5VWY3bkmVDPzxZE6...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEMlFEhgg9ZeVPHlmWrXzF1k&google_cver=1&google_push=ASkJ3FZoGMx98Nx27NPKh7h9AeZZBgPS6JWBP-Z9RwaOso8YJco4IeTcEt1nHjortF3WlgiFy5VWY3bkmVDPzxZE6...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ASkJ3FZoGMx98Nx27NPKh7h9AeZZBgPS6JWBP-Z9RwaOso8YJco4IeTcEt1nHjortF3WlgiFy5VWY3bkmVDPzxZE66cUyy9Zyl58&google_hm=FvvZrGZHlGY41ZlVQxa737fP

170 B
329 B

61ms
61ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ASkJ3FZoGMx98Nx27NPKh7h9AeZZBgPS6JWBP-Z9RwaOso8YJco4IeTcEt1nHjortF3WlgiFy5VWY3bkmVDPzxZE66cUyy9Zyl58&google_hm=FvvZrGZHlGY41ZlVQxa737fP

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 00:25:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 02 Dec 2022 00:25:07 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ASkJ3FZoGMx98Nx27NPKh7h9AeZZBgPS6JWBP-Z9RwaOso8YJco4IeTcEt1nHjortF3WlgiFy5VWY3bkmVDPzxZE66cUyy9Zyl58&google_hm=FvvZrGZHlGY41ZlVQxa737fP
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 07AB
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEIhC_tQWymli7pG07vEbwLo&google_cver=1&google_push=ASkJ3FbB9Qt8_uLXcGkj-Tam14S9yvf4Qc2X-fBxa5jR60CwpXZfK5mXK134qmpr_sdrXkZOkvdsTkQDFrVKODX3WdcQE1AXIXZ5
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=ASkJ3FbB9Qt8_uLXcGkj-Tam14S9yvf4Qc2X-fBxa5jR60CwpXZfK5mXK134qmpr_sdrXkZOkvdsTkQDFrVKODX3WdcQE1AXIXZ...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjgyMTg1Nzk1MTMxOTcyNDYxNDA2&google_push=ASkJ3FbB9Qt8_uLXcGkj-Tam14S9yvf4Qc2X-fBxa5jR60CwpXZfK5mXK134qmpr...

170 B
232 B

62ms
62ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjgyMTg1Nzk1MTMxOTcyNDYxNDA2&google_push=ASkJ3FbB9Qt8_uLXcGkj-Tam14S9yvf4Qc2X-fBxa5jR60CwpXZfK5mXK134qmpr_sdrXkZOkvdsTkQDFrVKODX3WdcQE1AXIXZ5

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 00:25:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjgyMTg1Nzk1MTMxOTcyNDYxNDA2&google_push=ASkJ3FbB9Qt8_uLXcGkj-Tam14S9yvf4Qc2X-fBxa5jR60CwpXZfK5mXK134qmpr_sdrXkZOkvdsTkQDFrVKODX3WdcQE1AXIXZ5
date: Fri, 02 Dec 2022 00:25:07 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame 07AB 0
75 B 267ms
55ms Image
text/plain 185.86.137.122
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEMktfSDt9mfCndQUs3mXkmA&google_cver=1&google_push=ASkJ3FYSv7BVAY6mDtNGMp381qZwdEUvVhDi2j1yIggqURZ97ZYd3Jgr1piPGqIp_g7f2b5Bp1sDLdqqEd5sY15Rn0fXbE5rOKcU
Requested by: Host: f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com
URL: https://f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:07 GMT
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 07AB
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESECmgWJjwo...
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESECm...
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=82ef57d0-280c-47d2-bf64-69bb409e1ca1&%%GOOGLE_PUSH_PAIR%%

170 B
188 B

56ms
55ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=82ef57d0-280c-47d2-bf64-69bb409e1ca1&%%GOOGLE_PUSH_PAIR%%

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 00:25:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=82ef57d0-280c-47d2-bf64-69bb409e1ca1&%%GOOGLE_PUSH_PAIR%%
date: Fri, 02 Dec 2022 00:25:07 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 07AB 0
223 B 179ms
52ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JWIsIoMlo1xiazkQ485HyFeXYExMxu6JdGhRvq8yYIxBKvbLDKn-l_u59tQGwc-_OYIR_YmA

Requested by

Host: f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com
URL: https://f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:07 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js Show response
pagead2.googlesyndication.com/bg/ Frame 60AE 36 KB
16 KB 48ms
46ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 06:19:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65126
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16010
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 01 Dec 2023 06:19:41 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 4E35 0
0 92ms
87ms Fetch
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CXteR4kWJY53WIbGxgAfiwJfADeSP0rFcp5LhiIgBwI23ARABIABgu4aAgNAKggEXY2EtcHViLTkxMzgyNDc2NTM3NTQ1MzPIAQmpAl4u4D5Ai7Q-4AIAqAMBqgTpAU_QBTCudInmgJ2G7p9h-qcvISh8d1NUpl-Z-YE4EGgAzFyilQEvmZMvTd3xbUoWsltiDR4Ebstf0yvzgMT1d6wrbNGImguprhe1MOyU-sIvq3z_5rkivSThagNxRyOKIF5KitXyHfvcLEk0iGgOj7cPqUuxqv_OdINcLcL0zDA8pDOdFP51PWK74BN-EDtt8i0ubAlvXWm-aBFOPUGziveoEaWmfbzD8AmwgMI2JL0H6p954gobE66eSg9FO0O4OlvQpbBraANqNj-65AAmOFRDRttR_0GXkxyL9QnrbxeVH7BL8WFejN6_4AQBgAbNusrh_py5zEGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTkxMzgyNDc2NTM3NTQ1MzMY1dsW&sigh=OQzmJDBd60o&uach_m=[UACH]&cid=CAQSOwDq26N9ZjuixdJyFcRoiRY_-rbYFae0zCu3Biv_bCRpkYb12rqqmCqZEOzBtPW2M0FE3rr7S3TSuvJ7GAEgEw
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame 4E35 0
0 162ms
55ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kr2KDok1rAL6AYf6VxgCAAAAYYiMxfWLKyvwFgItEOFFiWMguNZovH9p0C95AAASAAA&wp=Y4lF4gAIax0K4BixAAXgYs15agP7qUE_69C7Xg

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:07 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 448939
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame CA6A 132 KB
46 KB 285ms
178ms Document
text/html 2a02:2638::b
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Y4lF4gAIax0K4BixAAXgYs15agP7qUE_69C7Xg&u=%7CWhVuv7W5oSbJabk%2F3mdjCh8NMVCxNexhcK%2FxnivcquQ%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ66URtX1gfQsB7PXt8PBrVICWZYsqhnD-SCGuuGj9HePzfqrp3FK16JgnSdNFhPFcrg-GnYlgAksr9Bl35yWIwaHVw2wy5KNDUZlHy1c5rivEMaBEMOdBuzcOAP3GWmuKprte1l2nkz9ynUu_bvjFx4tJcE_DfVh5_DeMe7AZg4GYRlhTX29QYpcum5QVjAizyMDhTfbsvcRHNVwj9XPpIppx4QBow1cCn0cGe2kJ21v-nYZQK7bYVbmjWx10fiIXnsQ5OkR6AlPKK40j6Zu0m25GtnvHwVletuuS62OALgpMrCVjXWfio9jWNBuWlCyU3N0cJaxV9XtgiMbFM5xQRbcdW0E1HEhEhqhd9Y3_C6q0Zi8jh_UaRC28Gq3WF6hmNvif0HjGPU2qZy3nNLJW1Pz6kX4XyXGCJWW49u_ZVFETbRdYEikxSBluSstDz0ZNNUhZ-m3DQjqhdxXsqkxD7qdzeQsn3Ep1XDoUvdrIuhG3eqRkZkoNRVVq-dfCxSf9VQRFdAgsd4Uf4F6AlYDlY2C5mpFrWZjmcspOE99U-QNuryhZxz5g77woGutTB69fdqJq25UbNJhSgRDIUE41BZ8OuLAcUYQgb&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeeua4kWJY53WIbGxgAfiwJfADeSP0rFcp5LhiIgBwI23ARABIABgu4aAgNAKggEXY2EtcHViLTkxMzgyNDc2NTM3NTQ1MzPIAQmpAl4u4D5Ai7Q-4AIAqAMBqgTsAU_QBTCudInmgJ2G7p9h-qcvISh8d1NUpl-Z-YE4EGgAzFyilQEvmZMvTd3xbUoWsltiDR4Ebstf0yvzgMT1d6wrbNGImguprhe1MOyU-sIvq3z_5rkivSThagNxRyOKIF5KitXyHfvcLEk0iGgOj7cPqUuxqv_OdINcLcL0zDA8pDOdFP51PWK74BN-EDtt8i0ubAlvXWm-aBFOPUGziveoEaWmfbzD8AmwgMI2JL0H6p954gobE66eSg9FO0O4OlvQpfJpSZG5lM2_d_IpoNcn2nBS60srmTKTLodwC4s0oK5n6bDZZtssirDS4AQBgAbNusrh_py5zEGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2ycWUc7hOyfPZtOhVsLi6hlcTCrw%26client%3Dca-pub-9138247653754533%26adurl%3D

Requested by

Host: f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com
URL: https://f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4bb0724887a6e02f3258b106c704ab082fe68b82cfd1a509d1fc7861037f0136

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Fri, 02 Dec 2022 00:25:06 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=x1or3ZsLZIlaRT_xTuZ_6PcrmDcLGuthyMusSGOd0lpdamNtO8TAQ5sWZAL333H2zLoJ_OlUWLeO0CSYXKLtPI_bE-XMVkoKAoLiKu6uQ8SGMcBNZNb5TfVp1Wl_J1GzaNCeYF9zbkew5kWivTL7tVza04F5gyZl5OvKQ0iYsL6hhIRuyB6iyhPFSrBFrzsdewh-XrhEy35EwhawmZP1NSnWMHDktqGGAqJr3eHt5x1vQ7d6TkDenOXkG5TP_KJaKYP5Dw"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 56439227
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 4E35 3 KB
1 KB 165ms
71ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Host: f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com
URL: https://f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 14:38:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35183
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Dec 2022 14:38:44 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 6A10 1 KB
643 B 48ms
44ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com
URL: https://f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 51258
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 01 Dec 2022 10:10:49 GMT
etag: 48472445140208031
expires: Fri, 02 Dec 2022 10:10:49 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 4E35 18 KB
7 KB 142ms
49ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com
URL: https://f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 10:10:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51258
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Dec 2022 10:10:49 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 4E35 24 KB
6 KB 152ms
60ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com
URL: https://f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 00:03:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 260526
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 29 Nov 2023 00:03:01 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4E35 155 KB
47 KB 65ms
62ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com
URL: https://f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

302e69dd5cd67c33a01a5d0308c1ead25d5967bd0810b0c073f9fe18124de7bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48508
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1669811598765935"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 02 Dec 2022 00:25:07 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame F91B 0
0 93ms
90ms Fetch
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CeWF64kWJY5zWIbGxgAfiwJfADeSP0rFcp5LhiIgBwI23ARABIABgu4aAgNAKggEXY2EtcHViLTkxMzgyNDc2NTM3NTQ1MzPIAQmpAl4u4D5Ai7Q-4AIAqAMBqgTlAU_QKKtDI32Fs6FgybG7GpRb47JtblZLEI9mX2tuHZwGCdItM15DYMmX2pTuTE0OAkQkak1yKkEwUt-Uw-tvTBWRB8TTsicp6Gf2O6s9m8I4rwFPwmRxmeZT_WYRC7Mw8gCG1mpIu7EyAb2kCHapL-uKyAdfQ5GZudUk9uus-sgRvxfo0zfqZKSHeaYcMZ2aYgrCMqi5QDT3eN_QPUtBX9DKVC3MLZEWuacauSOawC_uNY9v9DiYExjt12sW9vQscpnmho2th4bLBmya0YwCbDkiFUb8vAjsU_2QMzu8qiM5gv6OwBDgBAGABs26yuH-nLnMQaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItOTEzODI0NzY1Mzc1NDUzMxjV2xY&sigh=c3CYMM14p7A&uach_m=[UACH]&cid=CAQSOwDq26N9ZjuixdJyFcRoiRY_-rbYFae0zCu3Biv_bCRpkYb12rqqmCqZEOzBtPW2M0FE3rr7S3TSuvJ7GAEgEw
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame F91B 0
0 139ms
39ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kr2KDok1rAL6AYf6VxgCAAAAYYiMxfWLKyvwFgItEOFFiWObclwHbp1QftKHPgASAAA&wp=Y4lF4gAIaxwK4BixAAXgYnsqO8ayJvrYHmbKVA

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:07 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 303952
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame F710 132 KB
46 KB 203ms
104ms Document
text/html 2a02:2638::b
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Y4lF4gAIaxwK4BixAAXgYnsqO8ayJvrYHmbKVA&u=%7CWhVuv7W5oSZFomS0aAAZSLJ7WZhJy8bmaCHi%2F%2F9bAfM%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ66URtX1gfQsB7PXt8PBrVICWZYsqhnD-SCGuuGj9HePzfqrp3FK16JmvL_GiJ0vDQDXpQzBIMlesBNwmAvmetDHn45adG7WJmjsQQLlc7iL_fyY2TR0aqXu5qPnJeHTS4Ls_IyqDvodqzUcE_ua-0jhP4hWw-60KUxj-KoInCDOn4EIqbnKgFfF019TzHbMxqbabp6giictUAFrE92CDlh4-jvol52BQcUFXSZ2nF5gemI466Kk_LE7s8i8FJGgyzt6VitH3CC_abxJiz_CaOI3uBZLO6n145-yKQFZdqFAbt4BIh09T5L7t_oA1U23Lu53ofDD9rL5QqDEsNU7vUMs044tr8k_Ho8eDYlwn_5qqPpPd3xt3MzrVeWo7C6dRtBGvvKdCfeK5ntmAovJR-Jsiyu286koYzDtVUzKIeXRjHYGOcDGB6QQHPaNePq61zK0HXPVwtexG7vy-F841tB0YlpBsqCoL4_D56RU-6-V2iMK6k6GllzH_GymiYdc0sUmDRPXhQXtLhpCRvgYEaebyuNtLdHij2yWXknaqepT3nkJ3jCTqRd5e8_8gw4pipq4UOiEp463avConrmBc05jpikEZ5_vLF&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZ9E24kWJY5zWIbGxgAfiwJfADeSP0rFcp5LhiIgBwI23ARABIABgu4aAgNAKggEXY2EtcHViLTkxMzgyNDc2NTM3NTQ1MzPIAQmpAl4u4D5Ai7Q-4AIAqAMBqgToAU_QKKtDI32Fs6FgybG7GpRb47JtblZLEI9mX2tuHZwGCdItM15DYMmX2pTuTE0OAkQkak1yKkEwUt-Uw-tvTBWRB8TTsicp6Gf2O6s9m8I4rwFPwmRxmeZT_WYRC7Mw8gCG1mpIu7EyAb2kCHapL-uKyAdfQ5GZudUk9uus-sgRvxfo0zfqZKSHeaYcMZ2aYgrCMqi5QDT3eN_QPUtBX9DKVC3MLZEWuacauSOawC_uNY9v9DiYExjt12sW9vQsMJvHFF4PdYNY9GMCUuiexzo2H_r2khA33Wb0r5oDtA8hU3lkxYOmEDPgBAGABs26yuH-nLnMQaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1VKSdeuFataJYQRPBlmLF59aSwDw%26client%3Dca-pub-9138247653754533%26adurl%3D

Requested by

Host: f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com
URL: https://f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d0f0279dc3f93ea0ccc5fc338721afef7b57c3c35a0030f3cd0f871542587b27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Fri, 02 Dec 2022 00:25:06 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=W6zJ6JsLZIlaRT_x38SKDBcwkTjxwJCyLSptKSwekAqbD4wPXcqanwf2ozVTlfBMPWlmS65STfe3ZW5-CjkCeRl53F9bYNJhhFnEZeOdmkuKs-qZE_5tod0cTi8UoR8he70t3gCbEBXNOU0o0JpgLfwz37P6AQGLd8RTB-se0dHqyU5G33ascmRl-LoPCkEBX2CkRIgyi8hT0kXx6mkHJkQn89sM6ZrSULzhZBL6pPI_NGR2S7zTckKJ7DkkgdTUoY07SQ"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 52053643
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame F91B 3 KB
1 KB 160ms
73ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Host: f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com
URL: https://f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 14:38:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35183
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Dec 2022 14:38:44 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 729B 1 KB
643 B 57ms
52ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com
URL: https://f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 51258
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 01 Dec 2022 10:10:49 GMT
etag: 48472445140208031
expires: Fri, 02 Dec 2022 10:10:49 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame F91B 18 KB
7 KB 134ms
49ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com
URL: https://f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 10:10:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51258
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Dec 2022 10:10:49 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame F91B 0
0 63ms
59ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRSQO4WJOaUuO_avxkwYYAZRFYsfj3ePyANkMlGbHYzusQ5SQlUIfQmQ7QXfKo4N1b9hpnuJn8ISujaLvasli4ry9ZjAw
Requested by: Host: f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com
URL: https://f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame F91B 24 KB
6 KB 150ms
66ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com
URL: https://f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 00:03:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 260526
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 29 Nov 2023 00:03:01 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F91B 155 KB
47 KB 73ms
65ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com
URL: https://f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

302e69dd5cd67c33a01a5d0308c1ead25d5967bd0810b0c073f9fe18124de7bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48508
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1669811598765935"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 02 Dec 2022 00:25:07 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6A10
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEIhlS_DDPsG5Nnn7PC4uEXs&google_cver=1&google_push=ASkJ3FZEu5c0SkqIpBLfRVPrebY19SXK1EiklO4jvYweEMBGgO34Rf4Y4O0g0JZ5nzdE3xlFpdRbaGgEY_JPMEiKHbKS2C5e56aR
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0F9A96254A26467AB7FCE4D8D767D741&google_push=ASkJ3FZEu5c0SkqIpBLfRVPrebY19SXK1EiklO4jvYweEMBGgO34Rf4Y4O0g0JZ5nzdE3xlFpdRbaGgEY_JPMEi...

170 B
188 B

59ms
58ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0F9A96254A26467AB7FCE4D8D767D741&google_push=ASkJ3FZEu5c0SkqIpBLfRVPrebY19SXK1EiklO4jvYweEMBGgO34Rf4Y4O0g0JZ5nzdE3xlFpdRbaGgEY_JPMEiKHbKS2C5e56aR

Requested by

Host: f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com
URL: https://f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 00:25:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 02 Dec 2022 00:25:07 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0F9A96254A26467AB7FCE4D8D767D741&google_push=ASkJ3FZEu5c0SkqIpBLfRVPrebY19SXK1EiklO4jvYweEMBGgO34Rf4Y4O0g0JZ5nzdE3xlFpdRbaGgEY_JPMEiKHbKS2C5e56aR
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Thu, 01 Dec 2022 00:25:07 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 6A10 70 B
265 B 163ms
48ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESECbR0X5H4gCTYNOwwl7nLeE&google_cver=1&google_push=ASkJ3FZTYS_NxcCjEW1AdHT6-s5o17OBTnF7w47rREThsioy6KqnFIJk8zEuVpVWegyQJpUtrPTi4CAIK5b62Je5wlNpK625GmUY
Requested by: Host: f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com
URL: https://f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 02 Dec 2022 00:25:07 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 6A10 0
173 B 162ms
47ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESELrjkSvf3fyRogZaGS2uSmY&google_cver=1&google_push=ASkJ3FbtPxGAhtnLMBJA5O8Hosmw0zblSnzVvVv9DR-HN3hXpy--0OvKlWrlVjwcvZPuOYJ6OjXtjWnwbUh3hzwc9lgBPYsmPEDA
Requested by: Host: f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com
URL: https://f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:07 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6A10
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJzLyfSZmzv1PyDvKPlm0wM&google_cver=1&google_push=ASkJ3FafOQXb-6hh0_MdIywbe9EavT1ohympp92JPNWHW_S2sm1Ub_fP23vVTb4i2IwNe9XtdkYcijEo...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzM0NzM3NTYzMDQ2ODM2NTk4OQ&google_push=ASkJ3FafOQXb-6hh0_MdIywbe9EavT1ohympp92JPNWHW_S2sm1Ub_fP23vVTb4i2IwNe9XtdkYcij...

170 B
188 B

57ms
56ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzM0NzM3NTYzMDQ2ODM2NTk4OQ&google_push=ASkJ3FafOQXb-6hh0_MdIywbe9EavT1ohympp92JPNWHW_S2sm1Ub_fP23vVTb4i2IwNe9XtdkYcijEo4lXmHYblZPLJ1POvi4g

Requested by

Host: f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com
URL: https://f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 00:25:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 02 Dec 2022 00:25:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzM0NzM3NTYzMDQ2ODM2NTk4OQ&google_push=ASkJ3FafOQXb-6hh0_MdIywbe9EavT1ohympp92JPNWHW_S2sm1Ub_fP23vVTb4i2IwNe9XtdkYcijEo4lXmHYblZPLJ1POvi4g
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 6A10 0
12 B 157ms
53ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LYCitXU2hvixIlQzGkkt9LtQfCsPlYcJIa3ftnOX-nds36hyC7

Requested by

Host: f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com
URL: https://f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:07 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame F710 2 KB
1 KB 138ms
43ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y4lF4gAIaxwK4BixAAXgYnsqO8ayJvrYHmbKVA&u=%7CWhVuv7W5oSZFomS0aAAZSLJ7WZhJy8bmaCHi%2F%2F9bAfM%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ66URtX1gfQsB7PXt8PBrVICWZYsqhnD-SCGuuGj9HePzfqrp3FK16JmvL_GiJ0vDQDXpQzBIMlesBNwmAvmetDHn45adG7WJmjsQQLlc7iL_fyY2TR0aqXu5qPnJeHTS4Ls_IyqDvodqzUcE_ua-0jhP4hWw-60KUxj-KoInCDOn4EIqbnKgFfF019TzHbMxqbabp6giictUAFrE92CDlh4-jvol52BQcUFXSZ2nF5gemI466Kk_LE7s8i8FJGgyzt6VitH3CC_abxJiz_CaOI3uBZLO6n145-yKQFZdqFAbt4BIh09T5L7t_oA1U23Lu53ofDD9rL5QqDEsNU7vUMs044tr8k_Ho8eDYlwn_5qqPpPd3xt3MzrVeWo7C6dRtBGvvKdCfeK5ntmAovJR-Jsiyu286koYzDtVUzKIeXRjHYGOcDGB6QQHPaNePq61zK0HXPVwtexG7vy-F841tB0YlpBsqCoL4_D56RU-6-V2iMK6k6GllzH_GymiYdc0sUmDRPXhQXtLhpCRvgYEaebyuNtLdHij2yWXknaqepT3nkJ3jCTqRd5e8_8gw4pipq4UOiEp463avConrmBc05jpikEZ5_vLF&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZ9E24kWJY5zWIbGxgAfiwJfADeSP0rFcp5LhiIgBwI23ARABIABgu4aAgNAKggEXY2EtcHViLTkxMzgyNDc2NTM3NTQ1MzPIAQmpAl4u4D5Ai7Q-4AIAqAMBqgToAU_QKKtDI32Fs6FgybG7GpRb47JtblZLEI9mX2tuHZwGCdItM15DYMmX2pTuTE0OAkQkak1yKkEwUt-Uw-tvTBWRB8TTsicp6Gf2O6s9m8I4rwFPwmRxmeZT_WYRC7Mw8gCG1mpIu7EyAb2kCHapL-uKyAdfQ5GZudUk9uus-sgRvxfo0zfqZKSHeaYcMZ2aYgrCMqi5QDT3eN_QPUtBX9DKVC3MLZEWuacauSOawC_uNY9v9DiYExjt12sW9vQsMJvHFF4PdYNY9GMCUuiexzo2H_r2khA33Wb0r5oDtA8hU3lkxYOmEDPgBAGABs26yuH-nLnMQaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1VKSdeuFataJYQRPBlmLF59aSwDw%26client%3Dca-pub-9138247653754533%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:07 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 27 Nov 2023 00:25:07 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame F710 2 KB
1 KB 134ms
39ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:07 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 27 Nov 2023 00:25:07 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame F710 308 B
636 B 119ms
43ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:07 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Mon, 27 Nov 2023 00:25:07 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame F710 293 B
621 B 118ms
42ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:07 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Mon, 27 Nov 2023 00:25:07 GMT

GET
H2 200 lg.php
cat.fr.eu.criteo.com/delivery/ Frame F710 43 B
348 B 253ms
46ms Image
image/gif 178.250.0.160
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=LjEK5fBstzTr3IMs025G8JGlVFdu6vyDwG8uHh4aEmeBpiJmFO452ovDyNuaGd9GgJqVMMNED0dhPv_NMjUyeZcX-ih6DINfheqSXLyJLXZiw3sVNKmv1UdA0ZKRSMDTkhAVS7kTlL4AMGwf8Top9hM9b1o-zjSMokOsWbzaxkxJykjahsOpPs2BgRU6MIuViFS2Va_DEEFrBph_QB0wcupA1I4eiOYx37k1LyU1Jix6t-muGA5YjLjBQD_CYSD92hwooR2Ep2z_aw3_j8vwmmg2cQ_K6kz1nIcAuawivISh-iaRBsmK2u4iKXntBoZ-Hhz1eVFuV5xPTRYWP4VOvB8-8ehPDUN1DrwvTQB0WhBGlz5vlVN2c6N_5pcAoWPbH9hJ6F2EBe8kktfAbBfR5EmMzR5j4GWn2lokCxeEaOvj8jsQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 00:25:06 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2681763
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 729B
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEIhlS_DDPsG5Nnn7PC4uEXs&google_cver=1&google_push=ASkJ3FbLe3eTASnkNBAavNxR5GcuR38yW1hm4y-zd-o22X1r3pxR8zBG7utS2MaYzLdgggGyI8mrjMwDyFQQrT8NvgKTaTNLtfyuLg
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=399D6E80F9B949FBB4C6CFFB23B25D71&google_push=ASkJ3FbLe3eTASnkNBAavNxR5GcuR38yW1hm4y-zd-o22X1r3pxR8zBG7utS2MaYzLdgggGyI8mrjMwDyFQQrT8...

170 B
188 B

61ms
60ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=399D6E80F9B949FBB4C6CFFB23B25D71&google_push=ASkJ3FbLe3eTASnkNBAavNxR5GcuR38yW1hm4y-zd-o22X1r3pxR8zBG7utS2MaYzLdgggGyI8mrjMwDyFQQrT8NvgKTaTNLtfyuLg

Requested by

Host: f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com
URL: https://f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 00:25:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 02 Dec 2022 00:25:07 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=399D6E80F9B949FBB4C6CFFB23B25D71&google_push=ASkJ3FbLe3eTASnkNBAavNxR5GcuR38yW1hm4y-zd-o22X1r3pxR8zBG7utS2MaYzLdgggGyI8mrjMwDyFQQrT8NvgKTaTNLtfyuLg
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Thu, 01 Dec 2022 00:25:07 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 729B 70 B
264 B 108ms
49ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESECbR0X5H4gCTYNOwwl7nLeE&google_cver=1&google_push=ASkJ3FYjseJP_-lfbXxa2WDGqC8pAd6BjUj-7K3oNB-VacLJWeTzjYmvbc0liaH5xs-kV8sWhaK9NbqyVW3lduypJQBIqEsJSOeX
Requested by: Host: f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com
URL: https://f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 02 Dec 2022 00:25:07 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 729B 0
120 B 107ms
48ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESELrjkSvf3fyRogZaGS2uSmY&google_cver=1&google_push=ASkJ3FYRlz9wPMESIow7Yoa3qwWu4lb5-BwybEy-P8T3aPcAmb-jaYT7y9kQ2YLkh1VUtDf3hhcmIs8rb7k0WKDy81vagoOuQLT-yw
Requested by: Host: f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com
URL: https://f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:07 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 729B
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJzLyfSZmzv1PyDvKPlm0wM&google_cver=1&google_push=ASkJ3FbRtv4LqQxObOGoiCjA0yir2Byhi8NTf5P72TQX7ZXlI64LlLT--c4GW4ku1Newkxu3wTUibeZ7...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDI3MzA5NjA4NjY4NjM3MDMxOQ&google_push=ASkJ3FbRtv4LqQxObOGoiCjA0yir2Byhi8NTf5P72TQX7ZXlI64LlLT--c4GW4ku1Newkxu3wTUibe...

170 B
188 B

62ms
55ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDI3MzA5NjA4NjY4NjM3MDMxOQ&google_push=ASkJ3FbRtv4LqQxObOGoiCjA0yir2Byhi8NTf5P72TQX7ZXlI64LlLT--c4GW4ku1Newkxu3wTUibeZ79fxRyi8cHNiDDkrmiqYnbA

Requested by

Host: f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com
URL: https://f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 00:25:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 02 Dec 2022 00:25:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDI3MzA5NjA4NjY4NjM3MDMxOQ&google_push=ASkJ3FbRtv4LqQxObOGoiCjA0yir2Byhi8NTf5P72TQX7ZXlI64LlLT--c4GW4ku1Newkxu3wTUibeZ79fxRyi8cHNiDDkrmiqYnbA
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 729B 0
12 B 103ms
53ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JkmHZCozy33JV-nCsZmCeJhzrCd--QDADZF1lkB-IcvLJgFsaI

Requested by

Host: f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com
URL: https://f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:07 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame F710 12 KB
5 KB 122ms
47ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1828854
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b7eOWCpJoZgq%2FcZ%2FQJKIjVQg5RdZO4434WSJsKSPXifQPSdGGGpcBSo5h02Spr%2Ftk4QUhummXDepREA6PJFI8ugm8XASYoAcDOklt8vRUrhTQwKL6DGmc1Vl8agP9PohbWoL%2B%2FFznRJ%2F%2Fp7yg3XJx1Yn"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 772fec6d6ce57443-LHR
expires: Wed, 22 Nov 2023 00:25:07 GMT

GET
DATA 200
OK truncated
/ Frame 4E35 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d90b19869f4eba812106321c0d36dac002f47ee365fd576eddfbe30669b37542

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame F91B 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3e4059271d91a7b19b016da1c29859cfbf6ba5137f88c16ff6e02a42a5d46359

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK / Show response
api.1plus1.video/home/vmap/ Frame A54B 751 B
1 KB 123ms
123ms XHR
application/xml 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.1plus1.video/home/vmap/?s=1plus1.ua&r=YUhSMGNITTZMeTh4Y0d4MWN6RXVkV0V2&w=665&h=400&c=E2fzXbha&d=web&p1v=0&pid=128902
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.547.0_uk.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: 197a48b7946b972c440104a8b4877a5cd5f99e807de5f6fd416ccdec610f35db

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 00:25:07 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/xml
Access-Control-Allow-Origin: https://imasdk.googleapis.com
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame CA6A 2 KB
1 KB 42ms
40ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y4lF4gAIax0K4BixAAXgYs15agP7qUE_69C7Xg&u=%7CWhVuv7W5oSbJabk%2F3mdjCh8NMVCxNexhcK%2FxnivcquQ%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ66URtX1gfQsB7PXt8PBrVICWZYsqhnD-SCGuuGj9HePzfqrp3FK16JgnSdNFhPFcrg-GnYlgAksr9Bl35yWIwaHVw2wy5KNDUZlHy1c5rivEMaBEMOdBuzcOAP3GWmuKprte1l2nkz9ynUu_bvjFx4tJcE_DfVh5_DeMe7AZg4GYRlhTX29QYpcum5QVjAizyMDhTfbsvcRHNVwj9XPpIppx4QBow1cCn0cGe2kJ21v-nYZQK7bYVbmjWx10fiIXnsQ5OkR6AlPKK40j6Zu0m25GtnvHwVletuuS62OALgpMrCVjXWfio9jWNBuWlCyU3N0cJaxV9XtgiMbFM5xQRbcdW0E1HEhEhqhd9Y3_C6q0Zi8jh_UaRC28Gq3WF6hmNvif0HjGPU2qZy3nNLJW1Pz6kX4XyXGCJWW49u_ZVFETbRdYEikxSBluSstDz0ZNNUhZ-m3DQjqhdxXsqkxD7qdzeQsn3Ep1XDoUvdrIuhG3eqRkZkoNRVVq-dfCxSf9VQRFdAgsd4Uf4F6AlYDlY2C5mpFrWZjmcspOE99U-QNuryhZxz5g77woGutTB69fdqJq25UbNJhSgRDIUE41BZ8OuLAcUYQgb&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeeua4kWJY53WIbGxgAfiwJfADeSP0rFcp5LhiIgBwI23ARABIABgu4aAgNAKggEXY2EtcHViLTkxMzgyNDc2NTM3NTQ1MzPIAQmpAl4u4D5Ai7Q-4AIAqAMBqgTsAU_QBTCudInmgJ2G7p9h-qcvISh8d1NUpl-Z-YE4EGgAzFyilQEvmZMvTd3xbUoWsltiDR4Ebstf0yvzgMT1d6wrbNGImguprhe1MOyU-sIvq3z_5rkivSThagNxRyOKIF5KitXyHfvcLEk0iGgOj7cPqUuxqv_OdINcLcL0zDA8pDOdFP51PWK74BN-EDtt8i0ubAlvXWm-aBFOPUGziveoEaWmfbzD8AmwgMI2JL0H6p954gobE66eSg9FO0O4OlvQpfJpSZG5lM2_d_IpoNcn2nBS60srmTKTLodwC4s0oK5n6bDZZtssirDS4AQBgAbNusrh_py5zEGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2ycWUc7hOyfPZtOhVsLi6hlcTCrw%26client%3Dca-pub-9138247653754533%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:07 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 27 Nov 2023 00:25:07 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame CA6A 2 KB
1 KB 43ms
41ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:07 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 27 Nov 2023 00:25:07 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame CA6A 308 B
636 B 91ms
87ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:07 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Mon, 27 Nov 2023 00:25:07 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame CA6A 293 B
621 B 91ms
88ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:07 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Mon, 27 Nov 2023 00:25:07 GMT

GET
H2 200 lg.php
cat.fr.eu.criteo.com/delivery/ Frame CA6A 43 B
347 B 127ms
47ms Image
image/gif 178.250.0.160
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=1pUS0_BstzTr3IMs025G8JGlVFfgVfokj5ha4kEZo69Lbrws9e32KrYCsR_tqiwKsPmonxLbGJ467DUaF9d3_pikrMfjd0N-h_suBm6wceWp288U9ZRV6_LDz-fTBdF5UBAtnvgeyP3Z9LzzzvQKRaOItghIKAE22O5z30jYbc6eSxLmAKycNUpfm8rotvi4Gcv8g5CBsytHHTDdM5sgGCLB9xNe9JJDx-fFUfQLFhEHaU69EgeHIZhpxiocr8Vb7Qrkt8kH6mwyaecSmGeXD0O0xNlEOCJNhsjzWwI4MKZXx6UXPBm0GBSmPqTq3ZhIhXMrN1_fuRK6o0KpBDbiKqq1MHM3XBek4nsLc4eROuug3CXfWk--AUVQ7a-lQMl9dMMHGkokW82ZyCbrLjOeEzDP7U2ovW3eIGK6CMMu7v8uLuKh

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 00:25:07 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3155835
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame F710 12 KB
6 KB 77ms
77ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:07 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 27 Nov 2023 00:25:07 GMT

GET
H2 200 0832836b4097473492e91e5cb1e4ee69_cpn_300x250_1.jpeg
static.criteo.net/design/dt/27605/221125/ Frame F710 58 KB
58 KB 63ms
61ms Image
image/jpeg 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/design/dt/27605/221125/0832836b4097473492e91e5cb1e4ee69_cpn_300x250_1.jpeg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

7c3ccd17975c100ed8bd397a164d2bc1daa66b6383ae09f1108bf7ec794e568f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:07 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 25 Nov 2022 14:58:30 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6380d816-e86a"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 59498
expires: Mon, 27 Nov 2023 00:25:07 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame F710 5 KB
5 KB 197ms
91ms Image
image/png 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=76&m=0&partner=27605&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F57331%2F200109%2F395df197ab7e4ee6ab454e0bf899017e_toast_logo.png&v=3&w=596&s=_FDbrnRz2z4NT6BcM3bm20pH

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

be8e142a463eb19dec1798fb9abdd01e01a91b5d759625acba0a198463008f37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:06 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=30865338
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 4931
expires: Fri, 24 Nov 2023 06:07:26 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame F710 15 KB
15 KB 166ms
61ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=27605&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0282%2F5050%2F5250%2Fproducts%2FHXMSW24_multi.jpg&v=3&w=400&s=D0IzV5-XVm547NC1XO2oLUMK&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

242abd0bf978a4bda9036b4697baa0da7087efdae875a50e812fca61531b3228

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:07 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31322335
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 15044
expires: Wed, 29 Nov 2023 13:04:02 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame F710 0
128 B 149ms
45ms Ping
text/plain 2a02:2638::21
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=W6zJ6JsLZIlaRT_x38SKDBcwkTjxwJCyLSptKSwekAqbD4wPXcqanwf2ozVTlfBMPWlmS65STfe3ZW5-CjkCeRl53F9bYNJhhFnEZeOdmkuKs-qZE_5tod0cTi8UoR8he70t3gCbEBXNOU0o0JpgLfwz37P6AQGLd8RTB-se0dHqyU5G33ascmRl-LoPCkEBX2CkRIgyi8hT0kXx6mkHJkQn89sM6ZrSULzhZBL6pPI_NGR2S7zTckKJ7DkkgdTUoY07SQ&sds=2&rev=83599&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 02 Dec 2022 00:25:06 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame F710 2 KB
1 KB 113ms
111ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:07 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 27 Nov 2023 00:25:07 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame F710 2 KB
1 KB 104ms
104ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:07 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 27 Nov 2023 00:25:07 GMT

GET
H3 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame CA6A 12 KB
5 KB 85ms
43ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 19268
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Yj%2Bfgg5P7cNRVRdUzVAYcH8IMaWL198cczW4OG43zHv%2BQcs3a0z826Q4HLZkycSY%2BgxLmV9TJ8dRNkX1RXe%2FbuLhKmouYc%2BctUS%2FF40ouh86QBGWWc49yyGaWf82%2BJBi%2Bw8cdffxlar%2BgLyM7WtNWKd"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 772fec6e089dd178-LHR
expires: Wed, 22 Nov 2023 00:25:07 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame CA6A 12 KB
6 KB 88ms
88ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:07 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 27 Nov 2023 00:25:07 GMT

POST
H/1.1 204
No Content multitracking Show response
ghb.adtelligent.com/adunit/ 0
220 B 72ms
72ms XHR
text/plain 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/adunit/multitracking
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19328/hbw_master_298309_4139.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://1plus1.ua
Date: Fri, 02 Dec 2022 00:25:06 GMT
Access-Control-Allow-Credentials: true
Server: Adtelligent
Connection: Keep-Alive
X-Robots-Tag: noindex

GET
H2 200 0832836b4097473492e91e5cb1e4ee69_cpn_300x250_1.jpeg
static.criteo.net/design/dt/27605/221125/ Frame CA6A 58 KB
58 KB 65ms
55ms Image
image/jpeg 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/design/dt/27605/221125/0832836b4097473492e91e5cb1e4ee69_cpn_300x250_1.jpeg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

7c3ccd17975c100ed8bd397a164d2bc1daa66b6383ae09f1108bf7ec794e568f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:07 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 25 Nov 2022 14:58:30 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6380d816-e86a"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 59498
expires: Mon, 27 Nov 2023 00:25:07 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame CA6A 5 KB
5 KB 71ms
62ms Image
image/png 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

be8e142a463eb19dec1798fb9abdd01e01a91b5d759625acba0a198463008f37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:06 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=30865338
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 4931
expires: Fri, 24 Nov 2023 06:07:26 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame CA6A 15 KB
15 KB 112ms
103ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

242abd0bf978a4bda9036b4697baa0da7087efdae875a50e812fca61531b3228

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:06 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31322335
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 15044
expires: Wed, 29 Nov 2023 13:04:02 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame CA6A 0
127 B 53ms
45ms Ping
text/plain 2a02:2638::21
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=x1or3ZsLZIlaRT_xTuZ_6PcrmDcLGuthyMusSGOd0lpdamNtO8TAQ5sWZAL333H2zLoJ_OlUWLeO0CSYXKLtPI_bE-XMVkoKAoLiKu6uQ8SGMcBNZNb5TfVp1Wl_J1GzaNCeYF9zbkew5kWivTL7tVza04F5gyZl5OvKQ0iYsL6hhIRuyB6iyhPFSrBFrzsdewh-XrhEy35EwhawmZP1NSnWMHDktqGGAqJr3eHt5x1vQ7d6TkDenOXkG5TP_KJaKYP5Dw&sds=2&rev=83599&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 02 Dec 2022 00:25:06 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame CA6A 2 KB
1 KB 67ms
64ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:07 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 27 Nov 2023 00:25:07 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame CA6A 2 KB
1 KB 69ms
67ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:07 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 27 Nov 2023 00:25:07 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame F710 3 KB
566 B 74ms
73ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,700%7CArvo:400%7CPT+Sans:400&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek,latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek,latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c3574dd2ed97ae8c6bbedd848ab0de559793581a095f15ade9090ab8147982b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 02 Dec 2022 00:25:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 02 Dec 2022 00:25:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 02 Dec 2022 00:25:07 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame CA6A 3 KB
566 B 61ms
61ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c3574dd2ed97ae8c6bbedd848ab0de559793581a095f15ade9090ab8147982b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 02 Dec 2022 00:25:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 02 Dec 2022 00:25:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 02 Dec 2022 00:25:07 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame F710 15 KB
15 KB 41ms
40ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

242abd0bf978a4bda9036b4697baa0da7087efdae875a50e812fca61531b3228

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:07 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31322335
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 15044
expires: Wed, 29 Nov 2023 13:04:02 GMT

GET
H3 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ Frame F710 23 KB
23 KB 137ms
45ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700%7CArvo:400%7CPT+Sans:400&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek,latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek,latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ads.eu.criteo.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 17:07:14 GMT
x-content-type-options: nosniff
age: 199073
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Nov 2023 17:07:14 GMT

GET
H3 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ Frame F710 23 KB
23 KB 137ms
48ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ads.eu.criteo.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 17:07:14 GMT
x-content-type-options: nosniff
age: 199073
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Nov 2023 17:07:14 GMT

GET
H3 200 jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v17/ Frame F710 44 KB
44 KB 220ms
135ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ads.eu.criteo.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 19:26:32 GMT
x-content-type-options: nosniff
age: 104315
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45300
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Nov 2023 19:26:32 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame CA6A 15 KB
15 KB 45ms
45ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

242abd0bf978a4bda9036b4697baa0da7087efdae875a50e812fca61531b3228

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:06 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31322335
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 15044
expires: Wed, 29 Nov 2023 13:04:02 GMT

GET
H3 200 tDbD2oWUg0MKqScQ7Q.woff2
fonts.gstatic.com/s/arvo/v20/ Frame F710 17 KB
17 KB 177ms
116ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/arvo/v20/tDbD2oWUg0MKqScQ7Q.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a444f75e21c8b900953619df3cbc2ecf9e2227416e07d774709adf722bcb415

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ads.eu.criteo.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 23:11:03 GMT
x-content-type-options: nosniff
age: 263644
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17300
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:36:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Nov 2023 23:11:03 GMT

GET
H3 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ Frame CA6A 23 KB
23 KB 123ms
65ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ads.eu.criteo.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 17:07:14 GMT
x-content-type-options: nosniff
age: 199073
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Nov 2023 17:07:14 GMT

GET
H3 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ Frame CA6A 23 KB
23 KB 141ms
83ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ads.eu.criteo.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 17:07:14 GMT
x-content-type-options: nosniff
age: 199073
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Nov 2023 17:07:14 GMT

GET
H3 200 tDbD2oWUg0MKqScQ7Q.woff2
fonts.gstatic.com/s/arvo/v20/ Frame CA6A 17 KB
17 KB 186ms
128ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/arvo/v20/tDbD2oWUg0MKqScQ7Q.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a444f75e21c8b900953619df3cbc2ecf9e2227416e07d774709adf722bcb415

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ads.eu.criteo.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 23:11:03 GMT
x-content-type-options: nosniff
age: 263644
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17300
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:36:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Nov 2023 23:11:03 GMT

GET
H3 200 jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v17/ Frame CA6A 44 KB
44 KB 199ms
141ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ads.eu.criteo.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 19:26:32 GMT
x-content-type-options: nosniff
age: 104315
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45300
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Nov 2023 19:26:32 GMT

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ 87 KB
28 KB 41ms
41ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19328/hb_298309_4139.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:08 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 29 Dec 2021 12:30:46 GMT
server: nginx
etag: W/"61cc54f6-15c19"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 03 Dec 2022 00:25:08 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 89 KB
29 KB 121ms
43ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:08 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Mon, 24 Oct 2022 11:21:19 GMT
server: nginx
etag: W/"6356752f-16294"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 03 Dec 2022 00:25:08 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F91B 42 B
64 B 171ms
80ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssPcxpawohq7sXRFMlXqghg161NQAXeOLRKxunIY3RmqA1dr0N2Pz0rXrpKwH1qDe6EZjy5BPbgQtOFSiGBaGpqXUq1&sig=Cg0ArKJSzLKK_AthdfXUEAE&cid=CAASF-RoXAB7lG5R103CBV0wTBGJT9auTZjP&id=lidar2&mcvt=1001&p=701,299,951,599&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20221130&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=695559250&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1669940706963&rpt=426&isd=0&lsd=0&met=ie&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 00:25:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame F710 0
127 B 40ms
40ms Ping
text/plain 2a02:2638::21
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 02 Dec 2022 00:25:07 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 137ms
43ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2F1plus1.ua%2F&domain=1plus1.ua&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://1plus1.ua
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://1plus1.ua
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Fri, 02 Dec 2022 00:25:08 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 448138
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2F1plus1.ua%2F&domain=1plus1.ua&cw=1&pbt=1&lsw=1
https://mug.criteo.com/sid?cpp=1EPauXxxa3BJR05FKzBPRnFxVEJ6ZjE3YkpzWURGUXZRUm9TdFdQd3RYc01RUzlUOVQweldlMHJQMTJXdkFuZW1uVUlweFpJaHlubzJiQnlsUGhmV2k3c1p6NEVTZG1iWFY3dVIwR3lKS1RCU1grdzR0Rnl5bmJoa3c5OD...

359 B
648 B

131ms
51ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=1EPauXxxa3BJR05FKzBPRnFxVEJ6ZjE3YkpzWURGUXZRUm9TdFdQd3RYc01RUzlUOVQweldlMHJQMTJXdkFuZW1uVUlweFpJaHlubzJiQnlsUGhmV2k3c1p6NEVTZG1iWFY3dVIwR3lKS1RCU1grdzR0Rnl5bmJoa3c5ODJsOVVyMEQvSldPN091MGhCaFhXYW9MWjVMYk14SlRld2p1ZVd5L3M4Rm1yRXh4YmZuTTY3dXVuTWZoYlhhQktiNDNFcC9xem4wOGRsMHNqZzQ0dTkxcEh5ZFlzZHJDWGdjL3phUk9pdnd6emFtMVVmakhBPXw&cppv=2

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

02209cb2ab911af5902e32f2c095cde5ba4c17106dff335c3e3ea8a9b2d263f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 00:25:09 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 983293
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 02 Dec 2022 00:25:09 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-methods: GET
location: https://mug.criteo.com/sid?cpp=1EPauXxxa3BJR05FKzBPRnFxVEJ6ZjE3YkpzWURGUXZRUm9TdFdQd3RYc01RUzlUOVQweldlMHJQMTJXdkFuZW1uVUlweFpJaHlubzJiQnlsUGhmV2k3c1p6NEVTZG1iWFY3dVIwR3lKS1RCU1grdzR0Rnl5bmJoa3c5ODJsOVVyMEQvSldPN091MGhCaFhXYW9MWjVMYk14SlRld2p1ZVd5L3M4Rm1yRXh4YmZuTTY3dXVuTWZoYlhhQktiNDNFcC9xem4wOGRsMHNqZzQ0dTkxcEh5ZFlzZHJDWGdjL3phUk9pdnd6emFtMVVmakhBPXw&cppv=2
access-control-allow-origin: https://1plus1.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 682141
content-length: 0
expires: 0

POST
H/1.1 200 prebid Show response
id5-sync.com/api/config/ 135 B
538 B 173ms
46ms XHR
application/json 162.19.138.82
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/config/prebid

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19328/hb_298309_4139.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.82 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31532337.ip-162-19-138.eu

Software

Resource Hash

f2a8720de45d6e2afa1037156d17e6b24e05d98b9f3ffb06ea6dbd8faafb3297

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://1plus1.ua
date: Fri, 02 Dec 2022 00:25:08 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H2 200 / Show response
spl.zeotap.com/ Frame DBE8 8 KB
2 KB 165ms
63ms Document
text/html 2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19328/hb_298309_4139.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e112a1e6eef1a5986c8b055651ef1febb6ecbe7026cf240d366f092adf1fd59

Request headers

Referer: https://1plus1.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://1plus1.ua
cf-cache-status: DYNAMIC
cf-ray: 772fec7ac8717743-LHR
content-encoding: br
content-type: text/html
date: Fri, 02 Dec 2022 00:25:09 GMT
server: cloudflare
vary: Origin
via: 1.1 google

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame B5EF 15 KB
6 KB 169ms
47ms Document
text/html 88.221.168.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19328/hb_298309_4139.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.221.168.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-168-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://1plus1.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=35734
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Fri, 02 Dec 2022 00:25:09 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Fri, 02 Dec 2022 10:20:43 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 3ADB 15 KB
6 KB 166ms
49ms Document
text/html 88.221.168.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19328/hb_298309_4139.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.221.168.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-168-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://1plus1.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=35734
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Fri, 02 Dec 2022 00:25:09 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Fri, 02 Dec 2022 10:20:43 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 204 /
onetag-sys.com/usync/ Frame AA58 0
0 47ms
45ms Document
text/plain 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1669940706186&gdpr=0

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19328/hb_298309_4139.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://1plus1.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 200 pd Show response
eu-u.openx.net/w/1.0/ Frame 6E8E 666 B
727 B 125ms
101ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8&gdpr=0
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19328/hb_298309_4139.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: f7677e5ae3fe68bc5bf68e616917c6786d003a41f7e15c5170ed1d4e4a0bc702

Request headers

Referer: https://1plus1.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 417
content-type: text/html
date: Fri, 02 Dec 2022 00:25:09 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame DBD7 281 B
554 B 156ms
47ms Document
text/html 23.203.77.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?gdpr=0
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19328/hb_298309_4139.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.203.77.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-77-3.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://1plus1.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 02 Dec 2022 00:25:09 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H3

200

sd
eu-u.openx.net/w/1.0/ Frame 6E8E
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=c29d6389-45e6-4c00-87bf-4c95e804e09b

43 B
61 B

38ms
37ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=c29d6389-45e6-4c00-87bf-4c95e804e09b
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8&gdpr=0
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 00:25:10 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Fri, 02 Dec 2022 00:25:10 GMT
Server: MT3 180 1fd3e2d master hkg-pixel-x27 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=c29d6389-45e6-4c00-87bf-4c95e804e09b
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 02 Dec 2022 00:25:09 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 6E8E
Redirect Chain

https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072956&&val=5OIlLubkeCL_syku4OcwLuayfCT_6C1z5ueCn9qv

43 B
61 B

45ms
45ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&&val=5OIlLubkeCL_syku4OcwLuayfCT_6C1z5ueCn9qv
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8&gdpr=0
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 00:25:09 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 02 Dec 2022 00:25:09 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072956&&val=5OIlLubkeCL_syku4OcwLuayfCT_6C1z5ueCn9qv
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

sd
eu-u.openx.net/w/1.0/ Frame 6E8E
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4273096086686370319

43 B
61 B

77ms
37ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4273096086686370319
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8&gdpr=0
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 00:25:09 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 02 Dec 2022 00:25:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4273096086686370319
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame 6E8E 70 B
264 B 46ms
44ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=f275c575-65a2-7e97-f7db-57804cca5277&gdpr=0
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8&gdpr=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 02 Dec 2022 00:25:09 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 6E8E 170 B
188 B 58ms
57ms Image
image/png 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZGUxYTE2YmYtYWNkNS0yMDMzLWUyM2ItMGQzOTg2Mjg5YzE3

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8&gdpr=0

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 00:25:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 6E8E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMdLZhyO71LVKkY9cxibZvk&google_cver=1

43 B
122 B

49ms
42ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMdLZhyO71LVKkY9cxibZvk&google_cver=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8&gdpr=0
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 00:25:09 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 02 Dec 2022 00:25:09 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMdLZhyO71LVKkY9cxibZvk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
396 B 147ms
45ms XHR
application/json 162.19.138.119
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19328/hb_298309_4139.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.119 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533570.ip-162-19-138.eu

Software

Resource Hash

c389ecb0fc27eecbd0a6630ec11c657d1166692c028e2d281009e4cd7a11700b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://1plus1.ua
date: Fri, 02 Dec 2022 00:25:09 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H/1.1 400
Request failed due to privacy signals getuid
ib.adnxs.com/ Frame DBE8 0
0 146ms
43ms Image
text/html 185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4afbfe1a-6e19-44c7-6553-04cd5581b608&reqId=583c220e-32cb-441a-4615-024fde474210&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame DBE8 170 B
188 B 55ms
54ms Image
image/png 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4afbfe1a-6e19-44c7-6553-04cd5581b608&reqId=583c220e-32cb-441a-4615-024fde474210&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 00:25:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame DBE8
Redirect Chain

https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
https://mwzeom.zeotap.com/mw?cid=cf467396-d9c1-44b2-abe4-93e2ddf3b92d&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4afbfe1a-6e19-44c7-6553-04cd5581b608&reqId=583c220e-32cb-441a...

95 B
152 B

64ms
63ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=cf467396-d9c1-44b2-abe4-93e2ddf3b92d&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4afbfe1a-6e19-44c7-6553-04cd5581b608&reqId=583c220e-32cb-441a-4615-024fde474210&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:09 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 772fec7ceb8c7743-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

date: Fri, 02 Dec 2022 00:25:09 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://mwzeom.zeotap.com/mw?cid=cf467396-d9c1-44b2-abe4-93e2ddf3b92d&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4afbfe1a-6e19-44c7-6553-04cd5581b608&reqId=583c220e-32cb-441a-4615-024fde474210&zdid=1361
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 403 /
dmp.adform.net/serving/cookie/match/ Frame DBE8 0
330 B 58ms
52ms Image
text/plain 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4afbfe1a-6e19-44c7-6553-04cd5581b608&reqId=583c220e-32cb-441a-4615-024fde474210&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 00:25:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame DBE8 70 B
264 B 50ms
44ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D4afbfe1a-6e19-44c7-6553-04cd5581b608%26reqId%3D583c220e-32cb-441a-4615-024fde474210%26zdid%3D1361&gdpr=0&gdpr_consent=
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 02 Dec 2022 00:25:09 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 cm
trc.taboola.com/sg/zeotap/1/ Frame DBE8 0
165 B 699ms
302ms Image
text/plain 2a04:4e42:400::300
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4afbfe1a-6e19-44c7-6553-04cd5581b608&reqId=583c220e-32cb-441a-4615-024fde474210&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-vcl-time-ms: 85
date: Fri, 02 Dec 2022 00:25:10 GMT
via: 1.1 varnish
x-cache-hits: 0
server: nginx
x-timer: S1669940710.144993,VS0,VE85
x-cache: MISS
accept-ranges: bytes
content-length: 0
x-served-by: cache-bog2260036-BOG

GET
H/1.1 200
OK u
dmp.v.fwmrm.net/ad/ Frame DBE8 0
411 B 604ms
112ms Image
text/html 2600:1f18:6593:f601:611c:90e2:c181:1fe2
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:6593:f601:611c:90e2:c181:1fe2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 00:25:10 GMT
Content-Type: text/html
P3P: policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control: no-store
Connection: keep-alive
Keep-Alive: timeout=300
Content-Length: 0
Expires: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame DBE8
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap...
https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap...
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&cid=A023427D-3228-4944-A5FB-0AC132CF716F&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4afbfe1a-6e19-44c7-6553-04cd5581b608&reqId=583c22...

95 B
152 B

58ms
50ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&cid=A023427D-3228-4944-A5FB-0AC132CF716F&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4afbfe1a-6e19-44c7-6553-04cd5581b608&reqId=583c220e-32cb-441a-4615-024fde474210&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:09 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 772fec7c7aef7743-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

location: https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&cid=A023427D-3228-4944-A5FB-0AC132CF716F&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4afbfe1a-6e19-44c7-6553-04cd5581b608&reqId=583c220e-32cb-441a-4615-024fde474210&zdid=1361
date: Fri, 02 Dec 2022 00:25:08 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2

200

mw
mwzeom.zeotap.com/ Frame DBE8
Redirect Chain

https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4afbfe1a-6e19-44c7-6553-04cd5581b608&reqId=583c220e-32cb-441a-4615-024fde474210&zdid=1361
https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4afbfe1a-6e19-44c7-6553-04cd5581b608&reqId=583c220e-32cb-441a-4615-024fde474210&zdid=136...
https://mwzeom.zeotap.com/mw?cid=7ca7f275-5f2c-4967-ae67-c8da5b9edf1d&zpartnerid=317&gdpr=1&gdpr_consent=

95 B
175 B

46ms
46ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=7ca7f275-5f2c-4967-ae67-c8da5b9edf1d&zpartnerid=317&gdpr=1&gdpr_consent=
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:10 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 772fec7decdc7743-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

location: https://mwzeom.zeotap.com/mw?cid=7ca7f275-5f2c-4967-ae67-c8da5b9edf1d&zpartnerid=317&gdpr=1&gdpr_consent=
pragma: no-cache
date: Fri, 02 Dec 2022 00:25:10 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
x-xss-protection: 1; mode=block
expires: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame DBE8
Redirect Chain

https://dpm.demdex.net/ibs:dpid=199624&dpuuid=4afbfe1a-6e19-44c7-6553-04cd5581b608&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=4afbfe1a-6e19-44c7-6553-04cd5581b608&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
https://mwzeom.zeotap.com/mw?cid=84777943709590018511959855765117311712&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4afbfe1a-6e19-44c7-6553-04cd5581b608&reqId=583c220e-32cb-...

95 B
152 B

49ms
48ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=84777943709590018511959855765117311712&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4afbfe1a-6e19-44c7-6553-04cd5581b608&reqId=583c220e-32cb-441a-4615-024fde474210&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:09 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 772fec7d2bd27743-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

DCS: dcs-prod-irl1-2-v045-0665c523e.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: kVqgHirlRMU=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://mwzeom.zeotap.com/mw?cid=84777943709590018511959855765117311712&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4afbfe1a-6e19-44c7-6553-04cd5581b608&reqId=583c220e-32cb-441a-4615-024fde474210&zdid=1361
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 204 /
loadeu.exelator.com/load/ Frame DBE8 0
324 B 228ms
43ms Image
text/plain 54.78.254.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4afbfe1a-6e19-44c7-6553-04cd5581b608&reqId=583c220e-32cb-441a-4615-024fde474210&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:09 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET
H2

200

mw
mwzeom.zeotap.com/ Frame DBE8
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
https://mwzeom.zeotap.com/mw?cid=7172340731431090325&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4afbfe1a-6e19-44c7-6553-04cd5581b608&reqId=583c220e-32cb-441a-4615-...

95 B
152 B

54ms
47ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=7172340731431090325&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4afbfe1a-6e19-44c7-6553-04cd5581b608&reqId=583c220e-32cb-441a-4615-024fde474210&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:09 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 772fec7c7af37743-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

Location: https://mwzeom.zeotap.com/mw?cid=7172340731431090325&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4afbfe1a-6e19-44c7-6553-04cd5581b608&reqId=583c220e-32cb-441a-4615-024fde474210&zdid=1361
Date: Fri, 02 Dec 2022 00:25:09 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

check
pixel.tapad.com/idsync/ex/receive/ Frame DBE8
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=4afbfe1a-6e19-44c7-6553-04cd5581b608
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=4afbfe1a-6e19-44c7-6553-04cd5581b608

95 B
122 B

83ms
42ms

Image
image/png

35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=4afbfe1a-6e19-44c7-6553-04cd5581b608

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

159.248.227.35.bc.googleusercontent.com

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:09 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type: image/png
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

Redirect headers

date: Fri, 02 Dec 2022 00:25:09 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=4afbfe1a-6e19-44c7-6553-04cd5581b608
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame DBE8
Redirect Chain

https://idsync.frontend.weborama.fr/ids?key=zeotap&value=4afbfe1a-6e19-44c7-6553-04cd5581b608&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
https://idsync.frontend.weborama.fr/ids?key=zeotap&value=4afbfe1a-6e19-44c7-6553-04cd5581b608&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
https://mwzeom.zeotap.com/mw?webouuid=0XwpFPu6rJENCXGvrHUA0e&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4afbfe1a-6e19-44c7-6553-04cd5581b608&reqId=583c220e-32cb-44...

95 B
152 B

48ms
47ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?webouuid=0XwpFPu6rJENCXGvrHUA0e&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4afbfe1a-6e19-44c7-6553-04cd5581b608&reqId=583c220e-32cb-441a-4615-024fde474210&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:10 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 772fec7decd97743-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Fri, 02 Dec 2022 00:25:09 GMT
via: 1.1 google
last-modified: Fri, 02 Dec 2022 00:25:10 GMT
server: Weborama Collect Frontend
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location: https://mwzeom.zeotap.com/mw?webouuid=0XwpFPu6rJENCXGvrHUA0e&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4afbfe1a-6e19-44c7-6553-04cd5581b608&reqId=583c220e-32cb-441a-4615-024fde474210&zdid=1361
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame DBE8
Redirect Chain

https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D[sas_uid]%26zpartnerid%3D592%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%...
https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https://mwzeom.zeotap.com/mw?cid=[sas_uid]&zpartnerid=592&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4afbfe1a-6e19-44c7-6553...
https://mwzeom.zeotap.com/mw?cid=

95 B
152 B

50ms
49ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:10 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 772fec7e8dae7743-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

location: https://mwzeom.zeotap.com/mw?cid=
pragma: no-cache
date: Fri, 02 Dec 2022 00:25:09 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2 404 tpid=4afbfe1a-6e19-44c7-6553-04cd5581b608
bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/ Frame DBE8 49 B
265 B 153ms
55ms Image
image/gif 52.49.181.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=4afbfe1a-6e19-44c7-6553-04cd5581b608?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4afbfe1a-6e19-44c7-6553-04cd5581b608&reqId=583c220e-32cb-441a-4615-024fde474210&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.181.242 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-181-242.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 00:25:09 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.24.9
content-length: 49
expires: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame DBE8
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
https://ups.analytics.yahoo.com/ups/58697/cms?partner_id=ZTAP
https://mwzeom.zeotap.com/mw?cid=y-NMxkK_JE2oqPWl3jygP2R.5wZlm6tb5evQ--~A&zpartnerid=570&env=mWeb

95 B
152 B

53ms
53ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=y-NMxkK_JE2oqPWl3jygP2R.5wZlm6tb5evQ--~A&zpartnerid=570&env=mWeb
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:10 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 772fec7e3d5d7743-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

location: https://mwzeom.zeotap.com/mw?cid=y-NMxkK_JE2oqPWl3jygP2R.5wZlm6tb5evQ--~A&zpartnerid=570&env=mWeb
date: Fri, 02 Dec 2022 00:25:10 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

mw
mwzeom.zeotap.com/ Frame DBE8
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=GBR&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4afbfe1a-6e19-44c7-6553-04cd5581b608&reqId=583c220e-32cb-441a-4615-024fde474210&zd...
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=GBR&zdid=1361&cid=9MhQKoDjAstvR8ybr1dgTZCfYTih72yK%2BS41iYitP1U%3D

95 B
152 B

56ms
54ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=GBR&zdid=1361&cid=9MhQKoDjAstvR8ybr1dgTZCfYTih72yK%2BS41iYitP1U%3D
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:10 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 772fec7e1d2e7743-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Fri, 02 Dec 2022 00:25:10 GMT
server: AAWebServer
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=GBR&zdid=1361&cid=9MhQKoDjAstvR8ybr1dgTZCfYTih72yK%2BS41iYitP1U%3D
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires: 0

GET
H2 200 v2
odr.mookie1.com/t/ Frame DBE8 43 B
356 B 145ms
45ms Image
image/gif 34.98.67.61
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=4afbfe1a-6e19-44c7-6553-04cd5581b608&gdpr=0&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4afbfe1a-6e19-44c7-6553-04cd5581b608&reqId=583c220e-32cb-441a-4615-024fde474210&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 00:25:10 GMT
via: 1.1 google
server: Apache
content-type: image/gif;charset=UTF-8
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame DBE8 0
338 B 178ms
42ms Image
text/plain 52.209.49.216
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4afbfe1a-6e19-44c7-6553-04cd5581b608&reqId=583c220e-32cb-441a-4615-024fde474210&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.49.216 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-49-216.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-served-by: beacon-n014-dub-prod.krxd.net
date: Fri, 02 Dec 2022 00:25:10 GMT
cache-control: private, no-cache, no-store
x-request-time: D=41 t=1669940710
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 /
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame DBE8 95 B
359 B 176ms
54ms Image
image/png 162.55.236.224
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=4afbfe1a-6e19-44c7-6553-04cd5581b608&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4afbfe1a-6e19-44c7-6553-04cd5581b608&reqId=583c220e-32cb-441a-4615-024fde474210&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.55.236.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.224.236.55.162.clients.your-server.de
Software: nginx/1.14.2 /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/png
date: Fri, 02 Dec 2022 00:25:10 GMT
server: nginx/1.14.2
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2

200

mw
mwzeom.zeotap.com/ Frame DBE8
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=Y4lF4wAAAI5sjQAF&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4afbfe1a-6e19-44c7-6553-04cd5581b608&reqId=583c220e-32cb-441a-4615-024...

95 B
152 B

57ms
48ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=Y4lF4wAAAI5sjQAF&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4afbfe1a-6e19-44c7-6553-04cd5581b608&reqId=583c220e-32cb-441a-4615-024fde474210&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:09 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 772fec7c7aec7743-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

x-served-by: cache-lcy-eglc8600058-LCY
pragma: no-cache
date: Fri, 02 Dec 2022 00:25:09 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1669940710.678417,VS0,VE78
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=Y4lF4wAAAI5sjQAF&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4afbfe1a-6e19-44c7-6553-04cd5581b608&reqId=583c220e-32cb-441a-4615-024fde474210&zdid=1361
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2 204 v1
engine.widespace.com/map/ext/api/trackingcallback/ Frame DBE8 0
208 B 240ms
136ms Image
text/plain 13.32.99.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://engine.widespace.com/map/ext/api/trackingcallback/v1?accessToken=zeotap-user-sync&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4afbfe1a-6e19-44c7-6553-04cd5581b608&reqId=583c220e-32cb-441a-4615-024fde474210&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-18.fra60.r.cloudfront.net
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:10 GMT
via: 1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
server: nginx/1.20.1
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: BdkINxY21hSmvAWR9Akl6oy2gVeWIpsOGRcmqlEHhyNz-PFmQnwAsw==
x-cache: Miss from cloudfront

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame DBE8
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4afbfe1a-6e19-44c7-6553-04cd5581b608&reqId=583c220e-32cb-441a-4615-024fde474210&zdid=1361
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4afbfe1a-6e19-44c7-6553-04cd5581b608&reqId=583c220e-32cb-441a-4615-024fde47...

0
337 B

43ms
43ms

Image
text/plain

52.209.49.216
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4afbfe1a-6e19-44c7-6553-04cd5581b608&reqId=583c220e-32cb-441a-4615-024fde474210&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 52.209.49.216 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-49-216.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-served-by: beacon-n020-dub-prod.krxd.net
date: Fri, 02 Dec 2022 00:25:10 GMT
cache-control: private, no-cache, no-store
x-request-time: D=49 t=1669940710
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4afbfe1a-6e19-44c7-6553-04cd5581b608&reqId=583c220e-32cb-441a-4615-024fde474210&zdid=1361
date: Fri, 02 Dec 2022 00:25:10 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a008-ash-prod.krxd.net

GET
H/1.1

200
OK

dcm
aax-eu.amazon-adsystem.com/s/ Frame DBE8
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=4afbfe1a-6e19-44c7-6553-04cd5581b608&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4afbfe1a-6e19-44c7-655...
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=4afbfe1a-6e19-44c7-6553-04cd5581b608&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4afbfe1a-6e19-44c7-655...

43 B
568 B

115ms
115ms

Image
image/gif

52.95.125.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=4afbfe1a-6e19-44c7-6553-04cd5581b608&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4afbfe1a-6e19-44c7-6553-04cd5581b608&reqId=583c220e-32cb-441a-4615-024fde474210&zdid=1361&dcc=t

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

HTTP/1.1

Server

52.95.125.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 00:25:10 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: M4HM6XC4RGQFEG5FSZCK
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 00:25:10 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: RKFD2XQER9RGT7M1DCZF
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=4afbfe1a-6e19-44c7-6553-04cd5581b608&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4afbfe1a-6e19-44c7-6553-04cd5581b608&reqId=583c220e-32cb-441a-4615-024fde474210&zdid=1361&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 400 87734
tags.bluekai.com/site/ Frame DBE8 0
145 B 361ms
227ms Image
text/plain 23.3.108.242
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/87734?id=4afbfe1a-6e19-44c7-6553-04cd5581b608&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4afbfe1a-6e19-44c7-6553-04cd5581b608&reqId=583c220e-32cb-441a-4615-024fde474210&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.3.108.242 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-3-108-242.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:10 GMT
content-length: 0
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H2

200

mw
mwzeom.zeotap.com/ Frame DBE8
Redirect Chain

https://obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D4afbf...
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4afbfe1a-6e19-44c7-6553-04cd5581b608&reqId=583c220e-32cb-441a-4615-024fde474210&zdid=1361

95 B
152 B

48ms
47ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4afbfe1a-6e19-44c7-6553-04cd5581b608&reqId=583c220e-32cb-441a-4615-024fde474210&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:10 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 772fec80581c7743-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

location: https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4afbfe1a-6e19-44c7-6553-04cd5581b608&reqId=583c220e-32cb-441a-4615-024fde474210&zdid=1361
date: Fri, 02 Dec 2022 00:25:10 GMT
cross-origin-resource-policy: cross-origin
content-length: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame DBE8
Redirect Chain

https://pixel.rubiconproject.com/token?pid=41544&puid=4afbfe1a-6e19-44c7-6553-04cd5581b608&gdpr=0&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4afbfe1a-6e19-44c7-6553-04cd5581...
https://mwzeom.zeotap.com/mw?cid=LB5RKVJ8-23-44X2&env=mWeb&zpartnerid=1770&gdpr=0

95 B
152 B

102ms
100ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=LB5RKVJ8-23-44X2&env=mWeb&zpartnerid=1770&gdpr=0
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:10 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 772fec7f2e9a7743-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

Location: https://mwzeom.zeotap.com/mw?cid=LB5RKVJ8-23-44X2&env=mWeb&zpartnerid=1770&gdpr=0
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

mw
mwzeom.zeotap.com/ Frame DBE8
Redirect Chain

https://x.bidswitch.net/syncd?dsp_id=461&user_group=1&expires=5&user_id=4afbfe1a-6e19-44c7-6553-04cd5581b608&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BBSW_UID%7D%26env%3DmWeb%26zpart...
https://mwzeom.zeotap.com/mw?cid=82ef57d0-280c-47d2-bf64-69bb409e1ca1&env=mWeb&zpartnerid=1771&gdpr=1&gdpr_consent={consent_string}&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4afbfe1a-6e1...

95 B
180 B

60ms
49ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=82ef57d0-280c-47d2-bf64-69bb409e1ca1&env=mWeb&zpartnerid=1771&gdpr=1&gdpr_consent={consent_string}&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4afbfe1a-6e19-44c7-6553-04cd5581b608&reqId=583c220e-32cb-441a-4615-024fde474210&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:09 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 772fec7bd9f57743-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

location: https://mwzeom.zeotap.com/mw?cid=82ef57d0-280c-47d2-bf64-69bb409e1ca1&env=mWeb&zpartnerid=1771&gdpr=1&gdpr_consent={consent_string}&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4afbfe1a-6e19-44c7-6553-04cd5581b608&reqId=583c220e-32cb-441a-4615-024fde474210&zdid=1361
date: Fri, 02 Dec 2022 00:25:09 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 mw
mwzeom.zeotap.com/ Frame DBE8 95 B
152 B 46ms
46ms Image
image/png 2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1353&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4afbfe1a-6e19-44c7-6553-04cd5581b608&reqId=583c220e-32cb-441a-4615-024fde474210&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:10 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 772fec7ede177743-LHR
access-control-allow-headers: *
content-length: 95

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame DBD7 34 KB
10 KB 48ms
47ms Script
text/html 23.203.77.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.203.77.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-77-3.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 1dd030e2797f617856d7eddb0af5a43b2de17251b4b5480305ea96078f8999bc

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?gdpr=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 00:25:09 GMT
Content-Encoding: gzip
Last-Modified: Thu, 01 Dec 2022 20:10:05 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=71065
Connection: keep-alive
Content-Length: 10067
Expires: Fri, 02 Dec 2022 20:09:34 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame B5EF 5 KB
6 KB 106ms
33ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=33102253&p=156813&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: c8126360c418d4176fc30c65b2b8f6049b058de30e93781ee8a0242ec40b2515

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Fri, 02 Dec 2022 00:25:09 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 186ms
39ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Fri, 02 Dec 2022 00:25:09 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 240052
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

POST
H/1.1 200 692.json Show response
id5-sync.com/g/v2/ 216 B
619 B 137ms
45ms XHR
application/json 162.19.138.82
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/692.json

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19328/hb_298309_4139.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.82 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31532337.ip-162-19-138.eu

Software

Resource Hash

10bac39a1620e27d595891dd662e2e953d70d5354ad0e40dd2dc85bee59bd1de

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://1plus1.ua
date: Fri, 02 Dec 2022 00:25:09 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H2 200 match Show response
c1.adform.net/serving/cookie/ Frame 2667 35 B
468 B 54ms
53ms Document
image/gif 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?party=14&cid=A023427D-3228-4944-A5FB-0AC132CF716F&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
date: Fri, 02 Dec 2022 00:25:09 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame C5B9
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:6f7c6389-45e6-4600-9ebf-9777e54faf22&gdpr=0&gdpr_consent=

42 B
327 B

36ms
34ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:6f7c6389-45e6-4600-9ebf-9777e54faf22&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Fri, 02 Dec 2022 00:25:10 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Content-Type: image/gif
Date: Fri, 02 Dec 2022 00:25:10 GMT
Expires: Fri, 02 Dec 2022 00:25:09 GMT
Keep-Alive: timeout=360
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 180 1fd3e2d master hkg-pixel-x19 config:1.0.0
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:6f7c6389-45e6-4600-9ebf-9777e54faf22&gdpr=0&gdpr_consent=

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 8BD4
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8061416846806079050

42 B
274 B

35ms
33ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8061416846806079050
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Fri, 02 Dec 2022 00:25:10 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8061416846806079050
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame 0B2C 43 B
363 B 137ms
41ms Document
image/gif 178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-cache
content-type: image/gif
cross-origin-resource-policy: cross-origin
date: Fri, 02 Dec 2022 00:25:09 GMT
expires: Fri, 02 Dec 2022 00:00:00 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 672591
strict-transport-security: max-age=31536000; preload;
x-errorlevel: 0

GET
H/1.1

200
OK

dcm Show response
aax-eu.amazon-adsystem.com/s/ Frame 9DDA
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=A023427D-3228-4944-A5FB-0AC132CF716F&redir=true&gdpr=0&gdpr_consent=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=A023427D-3228-4944-A5FB-0AC132CF716F&redir=true&gdpr=0&gdpr_consent=&dcc=t

43 B
855 B

199ms
198ms

Document
image/gif

52.95.125.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=A023427D-3228-4944-A5FB-0AC132CF716F&redir=true&gdpr=0&gdpr_consent=&dcc=t

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.95.125.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Fri, 02 Dec 2022 00:25:10 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: Q39BWMQZK7E5G0NQ6FDF

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Fri, 02 Dec 2022 00:25:09 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=A023427D-3228-4944-A5FB-0AC132CF716F&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: DPV1C5SZRRJAKK38VA64

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 0A48
Redirect Chain

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4315024596449037830&gdpr=0&gdpr_consent=

42 B
218 B

34ms
33ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4315024596449037830&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Fri, 02 Dec 2022 00:25:09 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

AN-X-Request-Uuid: c8de48be-b0d2-47f3-9fa0-fa888ab439a7
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=utf-8
Date: Fri, 02 Dec 2022 00:25:09 GMT
Expires: Sat, 15 Nov 2008 16:00:00 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4315024596449037830&gdpr=0&gdpr_consent=
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma: no-cache
Server: nginx/1.21.3
X-Proxy-Origin: 217.138.196.106; 217.138.196.106; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 510A
Redirect Chain

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=ZHCqWWZ291V_IaZZYHW_WWYg81N_eqIEZnXSF7Xw

42 B
575 B

106ms
33ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=ZHCqWWZ291V_IaZZYHW_WWYg81N_eqIEZnXSF7Xw
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Fri, 02 Dec 2022 00:25:09 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
date: Fri, 02 Dec 2022 00:25:09 GMT
expires: Fri, 04 Aug 1978 12:00:00 GMT
location: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=ZHCqWWZ291V_IaZZYHW_WWYg81N_eqIEZnXSF7Xw
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
strict-transport-security: max-age=86400

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame E27E
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7172340731432269973&gdpr=0&gdpr_consent=

42 B
219 B

88ms
34ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7172340731432269973&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Fri, 02 Dec 2022 00:25:09 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Date: Fri, 02 Dec 2022 00:25:09 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7172340731432269973&gdpr=0&gdpr_consent=
Server: nginx
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 688A
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=YgfOmiPyT-NRJ6UO_zX2ftmKxGo

42 B
378 B

37ms
34ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=YgfOmiPyT-NRJ6UO_zX2ftmKxGo
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Fri, 02 Dec 2022 00:25:10 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Content-Length: 159
Content-Type: text/html; charset=utf-8
Date: Fri, 02 Dec 2022 00:25:10 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=YgfOmiPyT-NRJ6UO_zX2ftmKxGo

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 4431
Redirect Chain

https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEMTJrN0hFb3dBQUNES3FKVGxrdw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_syn...
https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAD12k7HEowAACDKqJTlkw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee...
https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=5231574121756514718&gdpr=0&gdpr_consent=
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAD12k7HEowAACDKqJTlkw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D5231574121756514718%26gdpr%3D0%26gdpr_consen...
https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=5231574121756514718&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAD12k7...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAD12k7HEowAACDKqJTlkw&gdpr=0&gdpr_consent=

42 B
199 B

34ms
34ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAD12k7HEowAACDKqJTlkw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Fri, 02 Dec 2022 00:25:10 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Content-Length: 0
Date: Fri, 02 Dec 2022 00:25:10 GMT
Server: gunicorn
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAD12k7HEowAACDKqJTlkw&gdpr=0&gdpr_consent=
strict-transport-security: max-age=2592000; includeSubDomains

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 331D
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y4lF4wAAAI5sjQAF&gdpr=0&gdpr_consent=

1 B
450 B

119ms
33ms

Document
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y4lF4wAAAI5sjQAF&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 1
content-type: text/html; charset=utf-8
date: Fri, 02 Dec 2022 00:25:09 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

accept-ranges: bytes
cache-control: no-cache
content-length: 0
date: Fri, 02 Dec 2022 00:25:09 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y4lF4wAAAI5sjQAF&gdpr=0&gdpr_consent=
pragma: no-cache
retry-after: 0
server: Varnish
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-lcy-eglc8600058-LCY
x-timer: S1669940710.813781,VS0,VE0

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 3505
Redirect Chain

https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={viewer_token}&gdpr=0

0
74 B

35ms
34ms

Document
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={viewer_token}&gdpr=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 02 Dec 2022 00:25:09 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
date: Fri, 02 Dec 2022 00:25:09 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={viewer_token}&gdpr=0
server: _

GET
H2

200

i.match Show response
s.tribalfusion.com/z/ Frame 770A
Redirect Chain

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...

43 B
424 B

260ms
249ms

Document
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache private
cf-cache-status: DYNAMIC
cf-ray: 772fec7e1d1275b1-LHR
content-length: 43
content-type: image/gif; charset=utf-8
date: Fri, 02 Dec 2022 00:25:10 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
x-function: 302

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache private
cf-cache-status: DYNAMIC
cf-ray: 772fec7cebdd75b1-LHR
content-type: text/html
date: Fri, 02 Dec 2022 00:25:10 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
x-function: 206
x-reuse-index: 1234

GET
H/1.1 200
OK cookiesync Show response
core.iprom.net/ Frame D78F 43 B
277 B 261ms
64ms Document
image/gif 195.5.165.20
IPROM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Connection: close
Content-Length: 43
Content-Type: image/gif
Date: Fri, 02 Dec 2022 00:25:10 GMT
Vary: Accept-Encoding
X-adserver-worker: avatar-cb47308e89ef@version_1.531
X-core-time: 1ms
X-server-arch: v2

GET
H2

200

generic Show response
match.adsrvr.org/track/cmf/ Frame BEC8
Redirect Chain

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1669940709907
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7740149536

70 B
264 B

58ms
57ms

Document
image/gif

52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7740149536
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-length: 70
content-type: image/gif
date: Fri, 02 Dec 2022 00:25:09 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

Redirect headers

cache-control: no-store, no-cache, must-revalidate
content-type: text/html
date: Fri, 02 Dec 2022 00:25:09 GMT
etag: RX910ab48047dc4aeebf6fc4160b889e04003
expires: 0
location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7740149536
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma: no-cache

GET
H/1.1 204
No Content pub
matching.truffle.bid/sync/ Frame B645 0
0 353ms
110ms Document
text/plain 5.161.54.172
HETZNER-CLOUD2-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

5.161.54.172 , Germany, ASN213230 (HETZNER-CLOUD2-AS, DE),

Reverse DNS

static.172.54.161.5.clients.your-server.de

Software

nginx/1.23.1 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Connection: keep-alive
Date: Fri, 02 Dec 2022 00:25:10 GMT
Server: nginx/1.23.1
Strict-Transport-Security: max-age=15768000

GET
H2

404

gdpr_consent= Show response
sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=012e89385aac39d1/gdpr=0/ Frame 3039
Redirect Chain

https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=012e89385aac39d1/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%...

49 B
265 B

55ms
45ms

Document
image/gif

52.49.181.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=012e89385aac39d1/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253D39puKE4JabXnSRYSVggjYRQb
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.181.242 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-181-242.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-cache
content-length: 49
content-type: image/gif
date: Fri, 02 Dec 2022 00:25:10 GMT
expires: 0
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma: no-cache
server: Jetty(9.4.38.v20210224)
x-server: 10.45.25.112

Redirect headers

content-length: 0
location: https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=012e89385aac39d1/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253D39puKE4JabXnSRYSVggjYRQb

GET
H2 200 bridge Show response
cm.adgrx.com/ Frame F12C 43 B
283 B 175ms
53ms Document
image/gif 72.251.241.206
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.251.241.206 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, proxy-revalidate
content-length: 43
content-type: image/gif
date: Fri, 02 Dec 2022 00:25:09 GMT
expires: Thu, 23 Sep 2004 17:42:04 GMT
p3p: CP="NOI OTC OTP OUR NOR"
pragma: no-cache
server: Cowboy
x-realserver-nx: ams-delivery-4

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B5EF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=oCNCfTIoSUSl-wrBMs9xbw%3D%3D&gdpr=0&gdpr_consent=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

15 KB
15 KB

49ms
48ms

Image
text/html

88.221.168.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Server: 88.221.168.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-168-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:09 GMT
content-encoding: gzip
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
server: Apache
etag: "1300708-3de4-5d6ef246ef4cf"
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=35734
accept-ranges: bytes
content-length: 5549
expires: Fri, 02 Dec 2022 10:20:43 GMT

Redirect headers

pragma: no-cache
date: Fri, 02 Dec 2022 00:25:09 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame B5EF
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=ea826389-45e6-4100-b681-37312860ea11

0
48 B

38ms
35ms

Image
text/plain

185.64.190.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=ea826389-45e6-4100-b681-37312860ea11
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Server: 185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:10 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Fri, 02 Dec 2022 00:25:10 GMT
Server: MT3 180 1fd3e2d master hkg-pixel-x11 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=ea826389-45e6-4100-b681-37312860ea11
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 02 Dec 2022 00:25:09 GMT

GET
H2

200

generic
match.adsrvr.org/track/cmf/ Frame B5EF
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=A023427D-3228-4944-A5FB-0AC132CF716F&gdpr=0&gdpr_consent=
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=6c9d3a7c43f9ca98ed044a4d899aeb16&gdpr=0
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0

70 B
264 B

45ms
44ms

Image
image/gif

52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 02 Dec 2022 00:25:10 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
content-length: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame B5EF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QTAyMzQyN0QtMzIyOC00OTQ0LUE1RkItMEFDMTMyQ0Y3MTZG&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
95 B

83ms
33ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Fri, 02 Dec 2022 00:25:09 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 02 Dec 2022 00:25:09 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame B5EF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELl4IgrQ1Lt1qm36sC_nB1g&google_cver=1

42 B
295 B

83ms
34ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELl4IgrQ1Lt1qm36sC_nB1g&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Fri, 02 Dec 2022 00:25:09 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 02 Dec 2022 00:25:09 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELl4IgrQ1Lt1qm36sC_nB1g&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame B5EF 43 B
409 B 53ms
40ms Image
image/gif 35.204.158.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

49.158.204.35.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:09 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Thu, 01 Dec 2022 00:25:09 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame B5EF
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4273096086686370319

42 B
237 B

78ms
34ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4273096086686370319
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Fri, 02 Dec 2022 00:25:09 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 02 Dec 2022 00:25:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4273096086686370319
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame B5EF 70 B
264 B 55ms
43ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 02 Dec 2022 00:25:09 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame B5EF
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=82ef57d0-280c-47d2-bf64-69bb409e1ca1
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=82ef57d0-280c-47d2-bf64-69bb409e1ca1
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=3ebe5a5f-d8a1-43e7-b6ec-5c3049378157&user_group=1&ssp=pubmatic&bsw_param=82ef57d0-280c-47d2-bf64-69bb409e1ca1
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=82ef57d0-280c-47d2-bf64-69bb409e1ca1&gdpr=&gdpr_consent=&gdpr_pd=

1 B
165 B

34ms
34ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=82ef57d0-280c-47d2-bf64-69bb409e1ca1&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Fri, 02 Dec 2022 00:25:10 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=82ef57d0-280c-47d2-bf64-69bb409e1ca1&gdpr=&gdpr_consent=&gdpr_pd=
date: Fri, 02 Dec 2022 00:25:10 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 A023427D-3228-4944-A5FB-0AC132CF716F
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame B5EF 43 B
426 B 188ms
61ms Image
image/gif 2a05:d018:d29:3605:2eda:8ed6:2a73:2027
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/A023427D-3228-4944-A5FB-0AC132CF716F?gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3605:2eda:8ed6:2a73:2027 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:09 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame B5EF
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=A023427D-3228-4944-A5FB-0AC132CF716F&redir=true&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=A023427D-3228-4944-A5FB-0AC132CF716F&redir=true&gdpr=0&gdpr_consent=&verify=true
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-v.Tx1JxE2uXckjPFGJuRmiGWNXaE.uA-~A&gdpr=0&gdpr_consent=

0
260 B

116ms
34ms

Image
text/plain

185.64.190.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-v.Tx1JxE2uXckjPFGJuRmiGWNXaE.uA-~A&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Server: 185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:10 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-v.Tx1JxE2uXckjPFGJuRmiGWNXaE.uA-~A&gdpr=0&gdpr_consent=
date: Fri, 02 Dec 2022 00:25:10 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 204 current
pubmatic-match.dotomi.com/match/bounce/ Frame B5EF 0
104 B 213ms
90ms Image
text/plain 2a02:fa8:8806:20::2040
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=A023427D-3228-4944-A5FB-0AC132CF716F&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:20::2040 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 00:25:09 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame B5EF 0
191 B 123ms
36ms Image
text/plain 66.155.71.150
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Fri, 02 Dec 2022 00:25:09 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame B5EF
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8454689773244634111&gdpr=0&gdpr_consent=&us_privacy=

1 B
176 B

34ms
34ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8454689773244634111&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Fri, 02 Dec 2022 00:25:09 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8454689773244634111&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Fri, 02 Dec 2022 00:25:09 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame B5EF
Redirect Chain

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:3a5a6b47-db12-4cf3-b25f-ba3287173543&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

42 B
95 B

33ms
33ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:3a5a6b47-db12-4cf3-b25f-ba3287173543&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Fri, 02 Dec 2022 00:25:09 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:3a5a6b47-db12-4cf3-b25f-ba3287173543&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date: Fri, 02 Dec 2022 00:25:09 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame B5EF
Redirect Chain

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4315024596449037830

42 B
95 B

35ms
33ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4315024596449037830
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Fri, 02 Dec 2022 00:25:10 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 00:25:10 GMT
AN-X-Request-Uuid: 2e872dcf-1494-4751-a6f1-612f2e98437d
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4315024596449037830
Connection: keep-alive
X-Proxy-Origin: 217.138.196.106; 217.138.196.106; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame DBD7
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=MsdSBcd-Rpu93j7A0cNRQA&rk=usync-na&gdpr=0
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=MsdSBcd-Rpu93j7A0cNRQA&gdpr=0

43 B
479 B

124ms
124ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=MsdSBcd-Rpu93j7A0cNRQA&gdpr=0

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 00:25:10 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: ZC87HHVQ7Q5APW2XB940
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=MsdSBcd-Rpu93j7A0cNRQA&gdpr=0
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

setuid
px.ads.linkedin.com/ Frame DBD7
Redirect Chain

https://token.rubiconproject.com/token?pid=36584&gdpr=0
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LB5RKVJ8-23-44X2&gdpr=0

0
706 B

276ms
204ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LB5RKVJ8-23-44X2&gdpr=0
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:10 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 6C98638D01D543E0BCC7B10FE4E59D69 Ref B: LTSEDGE1907 Ref C: 2022-12-02T00:25:10Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXuzV7URHoKP1k6Z+ZshA==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LB5RKVJ8-23-44X2&gdpr=0
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 611afce88997db6fdd35eb213e662871
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame DBD7
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0
https://pr-bh.ybp.yahoo.com/sync/rubicon/x_hhYKvWeTY-ekrJ4JQBIsn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=0
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-2P.WH2JE2oLmjvzD07pHk22HYLr2VnUfLwYHoA--~A

0
239 B

48ms
48ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-2P.WH2JE2oLmjvzD07pHk22HYLr2VnUfLwYHoA--~A
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Fri, 02 Dec 2022 00:25:10 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-2P.WH2JE2oLmjvzD07pHk22HYLr2VnUfLwYHoA--~A
content-length: 0

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame DBD7 70 B
264 B 47ms
44ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 02 Dec 2022 00:25:09 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame DBD7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEB7eCifYytj57MUmU3mWKg8&google_cver=1

0
239 B

208ms
47ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEB7eCifYytj57MUmU3mWKg8&google_cver=1
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Fri, 02 Dec 2022 00:25:09 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEB7eCifYytj57MUmU3mWKg8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 337
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DBD7
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDA0M2Q2YzdlNzZmY2NlZjI5YjIzYzUwMmI0M2VkNWY3NzFhNDY2NQ&gdpr=0

170 B
188 B

58ms
56ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDA0M2Q2YzdlNzZmY2NlZjI5YjIzYzUwMmI0M2VkNWY3NzFhNDY2NQ&gdpr=0

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 00:25:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDA0M2Q2YzdlNzZmY2NlZjI5YjIzYzUwMmI0M2VkNWY3NzFhNDY2NQ&gdpr=0
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DBD7
Redirect Chain

https://token.rubiconproject.com/token?pid=25470&gdpr=0
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEI1UktWSjgtMjMtNDRYMg==&gdpr=0

170 B
188 B

59ms
57ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEI1UktWSjgtMjMtNDRYMg==&gdpr=0

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 00:25:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEI1UktWSjgtMjMtNDRYMg==&gdpr=0
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame DBD7
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=jfy_RALWSpCdFVtyv81GNg&rk=usync-other&gdpr=0
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=jfy_RALWSpCdFVtyv81GNg&gdpr=0

43 B
720 B

254ms
253ms

Image
image/gif

52.95.125.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=jfy_RALWSpCdFVtyv81GNg&gdpr=0

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/

Protocol

HTTP/1.1

Server

52.95.125.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 00:25:10 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: R2VYQ0VGTS55WGTXGCHX
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=jfy_RALWSpCdFVtyv81GNg&gdpr=0
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

POST
H2 200 PageStatEntry Show response
sslpagestat.mmi.bemobile.ua/pagestat/ 36 B
130 B 82ms
81ms XHR
application/json 194.247.175.25
BEMOBILE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sslpagestat.mmi.bemobile.ua/pagestat/PageStatEntry
Requested by: Host: source.mmi.bemobile.ua
URL: https://source.mmi.bemobile.ua/cm/cm.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.247.175.25 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 147b1111edda7e2c2f9d672b5649de2f2dc5d5cb9dda7905198aa883a4273013

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 02 Dec 2022 00:25:10 GMT
server: nginx/1.18.0
content-length: 36
content-type: application/json

GET
H2 200 PageStatEntry Show response
sslpagestat.mmi.bemobile.ua/pagestat/ 36 B
130 B 82ms
81ms XHR
application/json 194.247.175.25
BEMOBILE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sslpagestat.mmi.bemobile.ua/pagestat/PageStatEntry?cookie=38BFAF59248F42449A96BCC567389BBE&time=1669940710743&location=https%3A%2F%2F1plus1.ua%2F&referrer=&is_flash=0&session_id=176620710&version=3.5.337_ua/1.83&sw=1600&sh=1200&scd=24&spd=24&tnscm_adn=inline_cm&param1=~cm_timer~&param2=5&param3=1200&param5=7&vt=d
Requested by: Host: source.mmi.bemobile.ua
URL: https://source.mmi.bemobile.ua/cm/cm.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.247.175.25 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 147b1111edda7e2c2f9d672b5649de2f2dc5d5cb9dda7905198aa883a4273013

Request headers

Accept: application/json
Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 02 Dec 2022 00:25:10 GMT
server: nginx/1.18.0
content-length: 36
content-type: application/json

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 60ms
59ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221110&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0685ad8b7ec99a3954dbbb5d86bf4d0fe509b78cd1a2e7b427645c93db62e2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:11 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11009
x-xss-protection: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 8237 15 KB
6 KB 41ms
41ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=1plus1.ua

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://1plus1.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 02 Dec 2022 00:25:10 GMT
server: Kestrel
server-processing-duration-in-ticks: 1018847
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H/1.1 200
OK E2fzXbha Show response
1plus1.video/video/embed/ Frame 2C8F 11 KB
6 KB 130ms
128ms Document
text/html 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://1plus1.video/video/embed/E2fzXbha?autoplay=0&l=ua
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: 9f2b34cab3b5a20bb1fc92b54477a0517f3deed99b766bdd40232e2b1c0ccd17

Request headers

Referer: https://1plus1.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Fri, 02 Dec 2022 00:25:11 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=15
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H2 200 52e43f15d2888e2bea1a412d1f3df3f4_755x500.jpg
images.1plus1.ua/uploads/gallery/000/861/427/ 34 KB
34 KB 78ms
76ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/gallery/000/861/427/52e43f15d2888e2bea1a412d1f3df3f4_755x500.jpg?v=1645557790
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/build/js/app.js?id=ff35a9d53833cf45c98e
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 1a1cbd003f02f0c1712e6de047260a8897034a6966acd5cccf3472fd1637ffb3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:11 GMT
last-modified: Tue, 22 Feb 2022 19:23:10 GMT
server: nginx
etag: "83a5e65aa6e0b9abe0e1d35df7ad25b8"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 35041
x-1p1-cdn: HIT; Thu, 01 Dec 2022 23:53:59 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 240de918a00b0e609c0e7b5c81bbf561_755x500.jpg
images.1plus1.ua/uploads/gallery/001/079/440/ 47 KB
47 KB 78ms
77ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/gallery/001/079/440/240de918a00b0e609c0e7b5c81bbf561_755x500.jpg?v=1661864391
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/build/js/app.js?id=ff35a9d53833cf45c98e
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: cde44a1b2c04c5994bfc3e877d8ddc4ab44760347955af9c8fd370b10bea35a0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:11 GMT
last-modified: Wed, 24 Aug 2022 13:50:30 GMT
server: nginx
etag: "9744b481d651c3f3984cba0f7a3e6af8"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 48053
x-1p1-cdn: HIT; Thu, 01 Dec 2022 23:53:59 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 61ms
61ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 02 Dec 2022 00:25:11 GMT

GET
H/1.1 200
OK ovva.0.3.0.css
1plus1.video/static/player/css/ Frame 2C8F 171 KB
26 KB 83ms
83ms Stylesheet
text/css 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://1plus1.video/static/player/css/ovva.0.3.0.css?v=704f1bf8100dcad41f29c14adca06bf8df2c5c76
Requested by: Host: 1plus1.video
URL: https://1plus1.video/video/embed/E2fzXbha?autoplay=0&l=ua
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: 3dac64a94fcc4eae3c54f1f12824e9b82bebbec1acb3cb8b908f4ecc1f90e578

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/video/embed/E2fzXbha?autoplay=0&l=ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 00:25:11 GMT
Content-Encoding: gzip
Last-Modified: Mon, 29 Nov 2021 13:08:40 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Sun, 01 Jan 2023 00:24:23 GMT

GET
H/1.1 200
OK ovva.0.3.0.js Show response
1plus1.video/static/player/js/ Frame 2C8F 198 KB
69 KB 85ms
84ms Script
application/javascript 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=704f1bf8100dcad41f29c14adca06bf8df2c5c76
Requested by: Host: 1plus1.video
URL: https://1plus1.video/video/embed/E2fzXbha?autoplay=0&l=ua
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: 517d4417f1918881abb8b87e7be918ca95b9eb50de3a5ef4a46e2e39626aba7b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/video/embed/E2fzXbha?autoplay=0&l=ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 00:25:11 GMT
Content-Encoding: gzip
Last-Modified: Wed, 12 Jan 2022 10:01:09 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Sun, 01 Jan 2023 00:22:48 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 2C8F 109 KB
43 KB 53ms
53ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-104502981-1

Requested by

Host: 1plus1.video
URL: https://1plus1.video/video/embed/E2fzXbha?autoplay=0&l=ua

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

852b1e2adbcc37f8bf6887291541285e1d0fa18b5c448d1cbc82b663ba7965fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:11 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43600
x-xss-protection: 0
last-modified: Fri, 02 Dec 2022 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 02 Dec 2022 00:25:11 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 8237
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=1plus1.ua&sn=ChromeSyncframe&so=3&topUrl=1plus1.ua&bundle=OiHLs19Bc2N6WlVTa3pGUmJwMmFsa0tNM2dEMmlnbjhPeG51dFdtemhyenZkJTJCWjhkYlpHV2JtMTJu...
https://mug.criteo.com/sid?cpp=SCwZf3xyQ3R3Z09xbGFWN0pBYUdlSlJ1dThYSXRJSmxpRGlpMCs0ZHBXblF4WVhBT2dMNHFwMUZMSmo3bzdXditBZWJvNis3SnhrZ2ZoVzdWR2NyUHNxWW5BdnN5MjRVQkEwSDJ4QzZOOGpSSWRHTnJVOXQ3UHJRMzR6aG...

436 B
656 B

42ms
42ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=SCwZf3xyQ3R3Z09xbGFWN0pBYUdlSlJ1dThYSXRJSmxpRGlpMCs0ZHBXblF4WVhBT2dMNHFwMUZMSmo3bzdXditBZWJvNis3SnhrZ2ZoVzdWR2NyUHNxWW5BdnN5MjRVQkEwSDJ4QzZOOGpSSWRHTnJVOXQ3UHJRMzR6aGlERXFaRzlVb2JtRTFUZWt4ay83RHVZdm56a2d6MngrSEJQQ0tHbW13WlI1VjFlZ0gwcnJGaXlTLy9BNjlqcGRuVm0zUDdzQ2lQSkdVNit6UGlwRkZRSkg2cUJwSTBVbklrajB1Ky9xWnNZOEpBQWw5cGU1MnR3MGlNUFA0QmV0WmsvK24xUVhqZlpvejZoUjVkNGFiMG9EU2cxanlNQT09fA&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

450fa9fda52847d1c5dc94cc8ac35c44ae8171ef805dc7c126aa93c66973bff3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 00:25:11 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2688538
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 02 Dec 2022 00:25:11 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=SCwZf3xyQ3R3Z09xbGFWN0pBYUdlSlJ1dThYSXRJSmxpRGlpMCs0ZHBXblF4WVhBT2dMNHFwMUZMSmo3bzdXditBZWJvNis3SnhrZ2ZoVzdWR2NyUHNxWW5BdnN5MjRVQkEwSDJ4QzZOOGpSSWRHTnJVOXQ3UHJRMzR6aGlERXFaRzlVb2JtRTFUZWt4ay83RHVZdm56a2d6MngrSEJQQ0tHbW13WlI1VjFlZ0gwcnJGaXlTLy9BNjlqcGRuVm0zUDdzQ2lQSkdVNit6UGlwRkZRSkg2cUJwSTBVbklrajB1Ky9xWnNZOEpBQWw5cGU1MnR3MGlNUFA0QmV0WmsvK24xUVhqZlpvejZoUjVkNGFiMG9EU2cxanlNQT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 540526
content-length: 0
expires: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2375 13 KB
5 KB 46ms
45ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1plus1.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 7651
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 01 Dec 2022 22:17:40 GMT
expires: Fri, 01 Dec 2023 22:17:40 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 9140 783 B
535 B 55ms
55ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d096e7098f19a3518243bcf854190678a29cfa83a924e96282cb5e5f09ae6ab6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-io0UjNFbLIlT31xhej7GFA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://1plus1.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-io0UjNFbLIlT31xhej7GFA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 02 Dec 2022 00:25:11 GMT
expires: Fri, 02 Dec 2022 00:25:11 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9140 0
0 79ms
78ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221110&jk=819107935438855&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js Show response
pagead2.googlesyndication.com/bg/ Frame 2375 36 KB
16 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 06:19:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65130
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16010
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 01 Dec 2023 06:19:41 GMT

GET
H/1.1 200
OK l.js Show response
api.1plus1.video/u/ Frame 2C8F 898 B
2 KB 105ms
104ms Script
application/javascript 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.1plus1.video/u/l.js?p=128902&l=ua&f=0&auth=1&login_profile=1&_t=1669940711787
Requested by: Host: 1plus1.video
URL: https://1plus1.video/video/embed/E2fzXbha?autoplay=0&l=ua
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: 38361c8b410874967f7e9c6f81d8c5e28328351f5e4e439f8352daed83289d34

Request headers

Referer: https://1plus1.video/
Origin: https://1plus1.video
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 00:25:11 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: https://1plus1.video
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame 2C8F 134 KB
50 KB 55ms
54ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WPC3Q76

Requested by

Host: 1plus1.video
URL: https://1plus1.video/video/embed/E2fzXbha?autoplay=0&l=ua

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5dc18001bb679cb69918ab50a8ad47c3eba194600c92981d9e89d4e460d0f350

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:11 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50959
x-xss-protection: 0
last-modified: Fri, 02 Dec 2022 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 02 Dec 2022 00:25:11 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 2C8F 49 KB
20 KB 34ms
33ms Script
text/javascript 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-104502981-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 02 Dec 2022 00:20:29 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 282
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Fri, 02 Dec 2022 02:20:29 GMT

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame B5EF 0
260 B 118ms
39ms Script
text/plain 198.47.127.20

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=156813&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.20 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:10 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 2375 0
10 B 45ms
44ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?5Wrg1g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:11 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H/1.1 200
OK api.auth.0.0.5.js Show response
api.1plus1.video/static/js/ Frame 2C8F 108 KB
33 KB 84ms
83ms Script
application/javascript 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.1plus1.video/static/js/api.auth.0.0.5.js?v=704f1bf8100dcad41f29c14adca06bf8df2c5c76
Requested by: Host: api.1plus1.video
URL: https://api.1plus1.video/u/l.js?p=128902&l=ua&f=0&auth=1&login_profile=1&_t=1669940711787
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: 792972a6b7f330144c0cf22b9c63f8efaff4665dfb2b43868d0cbbaff721d100

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 00:25:11 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Apr 2022 11:59:04 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Sun, 01 Jan 2023 00:24:01 GMT

GET
H/1.1 200
OK api.auth.css
api.1plus1.video/static/css/ Frame 2C8F 56 KB
9 KB 85ms
84ms Stylesheet
text/css 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.1plus1.video/static/css/api.auth.css?_t923126833470
Requested by: Host: client
URL: about:client
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: a691ce0fb054d5f2128394b9ad9c5961d7c0cdc1804bc83d6760df78ee304d7f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 00:25:12 GMT
Content-Encoding: gzip
Last-Modified: Mon, 03 Aug 2020 07:12:56 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Sun, 01 Jan 2023 00:25:12 GMT

GET
H3 200 api.js Show response
www.google.com/recaptcha/ Frame 2C8F 925 B
604 B 54ms
54ms Script
text/javascript 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=__api_auth_recaptcha_on_load__&render=explicit&hl=uk

Requested by

Host: api.1plus1.video
URL: https://api.1plus1.video/static/js/api.auth.0.0.5.js?v=704f1bf8100dcad41f29c14adca06bf8df2c5c76

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

48e0160532c6bbef842ff3f1fc3b75a0de690923cb23a66cc6726ac7af1b40c4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:25:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 583
x-xss-protection: 1; mode=block
expires: Fri, 02 Dec 2022 00:25:12 GMT

GET
H3 200 recaptcha__uk.js Show response
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/ Frame 2C8F 433 KB
163 KB 137ms
45ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__uk.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=__api_auth_recaptcha_on_load__&render=explicit&hl=uk

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e7cb45f857dee266e3e30474fe53581495d160fe7900d34423acb84ff6ea898

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1plus1.video/
Origin: https://1plus1.video
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 03:52:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 246770
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 167220
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 29 Nov 2023 03:52:22 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 2C8F 5 KB
667 B 53ms
53ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700&subset=cyrillic-ext,latin-ext

Requested by

Host: api.1plus1.video
URL: https://api.1plus1.video/static/css/api.auth.css?_t923126833470

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

910612fc65208677f4e2fff60558e0f1949138a3696402a17ed5582efe0d2649

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://api.1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 02 Dec 2022 00:25:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 23:50:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 02 Dec 2022 00:25:12 GMT

GET hls.light.min.js
1plus1.video/static/player/js/ Frame 2C8F 0
0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 82ms
81ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221110&jk=819107935438855&bg=!CgmlCU3NAAbvMpMzzzI7ACkAdvg8WrS44VyXN0HYMRAmB98bXKHTY0vCLGFOdplq5kUa6_XzESRk1AIAAABxUgAAAAJoAQcKANWTkR4dFko3F4eVVBnJAQ0bukntV1gTGQ5h1CvBjO0_jbtDoC8-Jgy4voXIeGhSJffxtzpeHleHclj6K62Bx1F4I0yZJHCMBUwwzy3AKtqSnIjJbDXK9jKplALGkBUPWVNS3A4NBBnecoI8sqn8VGcr4MuJ-W1YQTlG95vOdEOacjnE4i_YqtaKnLVXFFaIIgRpT1pbPbxgIq5Q5WvNWLy6YJetO6N7eWdSmcZiE_6dPMt8zxQPHH9myic_f_Q-vS8h5gC_2G1lYMCRrQwS8TjGlCpkAGqZApXxk9GwGRZI8_-f1NbI1xDja2B78RrsAzMGbiymv0BoQA-qWly8C2HiNB9f2ZtyqS7kfGuvIEOZ8qpI9S2fU2SI9ccDzOcJMR5UM0MBLEt9yqG01dnLI3CGAk8tS6VleEcIS69w-NrRt0DJPF0TRbPbe2Kevv6frTW4E1l6F62diVVQkX4uvwMpOwgQ7CkE7089cVPT1eYiIP1TApQWwG67q-FMBcR7j28q5mlXDY3gzmGQBCZ34H-cMQab57gAFce0w5Bs6zfHAegohngbT3cuuXbcXJTYM1QFlRfSiwgXBpsRUH-kvFnSruJtrEet2z0bZdMtfwhNFPrmcz5I7JX80ROvjjB3eMOlDj5NIT8ZoSA70hUjWk_p7owM_hyjSxSMwjg_YECVNl_eOJNxxJWbjIaFkuwYgpO-_lRCByjmb9n24f6HLCeCuQIFRoKIYaJZ9PGgO1KCGuKYWol4P7tmPFSn40ENk1sUMvTkL5xWiOdm5DG5jBsdiEYdKMxEf7hKyk8VPCURoHRAIcvocu4K8cRTH_-ycWzPozvd_9X667TpvsA5avLejgiGx0TaiO-GjL1X7J4DPdnzDsLhtOMiNX0xD7jsO_z-VcjbxUY2nx2qs0PrJBjA7ccNR_l-eM4DXPo6QhngUgpexQobzfQ5YUWB4MR2yfcQ70MYu-wzB_Krw9dFPoMChcMSLp6mr29lEShjhlej5fmhu7-P3BTbsbTgWWWJ3u-QPxfDM9_KRaVwJ6msgbizU0jJkTQf4_ZbfpNV8pZQAj9ptTcakzJ43b7dYpiK0SUZddCBifegQSZesRC3l8c3l-fqukLGlmZTMkS7KnvZlHFGDt7Sbkgw5tKfI9nO1VwITPB4bFwDMuc09RqU
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: 1plus1.video
URL: https://1plus1.video/static/player/js/hls.light.min.js

Verdicts & Comments Add Verdict or Comment

149 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

129 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.1plus1.video/	1970-01-20 17:28:20	Name: _opov_sid_ Value: 81parc3in00ljd5kcfc4m9llpj
1plus1.ua/	1970-01-20 17:28:20	Name: _opov_hid_l Value: 900eb643-8e52-563f-aad0-ba39e2e227c0
.1plus1.ua/	1970-01-20 17:28:20	Name: _opov_sid_ Value: 81parc3in00ljd5kcfc4m9llpj
1plus1.ua/	1970-01-20 17:18:15	Name: _pk_id.2.1c86 Value: 3c8e950a205689a8.1669940705.1.1669940705.1669940705.
1plus1.ua/	1970-01-20 07:52:22	Name: _pk_ses.2.1c86 Value: *
1plus1.video/	1970-01-20 17:28:20	Name: _opov_hid_l Value: 6970ee78-d31a-5149-bb9f-5cf9b6493087
1plus1.ua/	1969-12-31 23:59:59	Name: Value: store.test
a4p.adpartner.pro/	1970-01-20 09:18:44	Name: apuid Value: 2d171c45-91fe-48a7-a35a-c56388b8b76f
.1plus1.ua/	1970-01-20 17:21:08	Name: __gfp_64b Value: Ph2GlSDBDsnRIfhBJwxI2uHoZh7SgUjk6CZTMzQl6mz.f7\|1669940705
.1plus1.ua/	1970-01-20 17:28:20	Name: _ga Value: GA1.2.717394687.1669940705
.1plus1.ua/	1970-01-20 07:53:47	Name: _gid Value: GA1.2.918173851.1669940706
.1plus1.ua/	1970-01-20 07:52:20	Name: _gat_UA-22507043-9 Value: 1
.1plus1.ua/	1970-01-20 07:52:20	Name: _gat_UA-113262294-1 Value: 1
.1plus1.ua/	1970-01-20 17:13:56	Name: __gpi Value: UID=00000b8b58fe2c71:T=1669940705:RT=1669940705:S=ALNI_MbwnHswTwZxOcEXqSxv-DzNS9FOHQ
.1plus1.ua/	1970-01-20 16:37:56	Name: _hjSessionUser_1437498 Value: eyJpZCI6IjhjYjIxOTIzLTlkMjQtNTc2Yi05MWRmLTgyODZmYjZlNGFiNyIsImNyZWF0ZWQiOjE2Njk5NDA3MDU2NjAsImV4aXN0aW5nIjpmYWxzZX0=
.1plus1.ua/	1970-01-20 07:52:22	Name: _hjFirstSeen Value: 1
1plus1.ua/	1970-01-20 07:52:20	Name: _hjIncludedInSessionSample Value: 0
.1plus1.ua/	1970-01-20 07:52:22	Name: _hjSession_1437498 Value: eyJpZCI6IjcwZDNkYzJiLWFlN2EtNGQ4OS1hMmU1LTM0MDA0ZDM0ZTU4NCIsImNyZWF0ZWQiOjE2Njk5NDA3MDU3NDEsImluU2FtcGxlIjpmYWxzZX0=
.1plus1.ua/	1970-01-20 07:52:22	Name: _hjAbsoluteSessionInProgress Value: 0
1plus1.ua/	1970-01-20 08:35:32	Name: _pbjs_userid_consent_data Value: 2024371239917068
.1plus1.ua/	1970-01-20 16:37:56	Name: _pubcid Value: 21d9fa2c-cc25-4160-ad0d-9f6828ed618a
.adtelligent.com/	1970-01-20 09:21:37	Name: vmuid Value: 72b17cf5904544ef
.adtelligent.com/	1970-01-20 09:21:37	Name: a307558 Value: 2d171c45-91fe-48a7-a35a-c56388b8b76f
pbjs.e-planning.net/	1969-12-31 23:59:59	Name: CT Value: 1
.ads.adnuntius.delivery/	1970-01-20 08:35:32	Name: usi Value: lws1!adnfpb883819e32bec56e
.ads.adnuntius.delivery/	1969-12-31 23:59:59	Name: sessionId Value: 9bbc0cecdb1c7c216866d86ae0f9abe1
.ads.adnuntius.delivery/	1970-01-20 08:04:56	Name: i Value: 0AAAAAQAA
.ads.adnuntius.delivery/	1970-01-20 08:04:56	Name: r Value: 0AAAAAQAA
.ads.adnuntius.delivery/	1970-01-20 08:04:56	Name: s Value: 0AAAAAQAA
.ads.adnuntius.delivery/	1970-01-20 08:04:56	Name: v Value: 0AAAAAQAA
.ads.adnuntius.delivery/	1970-01-20 08:04:56	Name: c Value: 0AAAAAQAA
.prebid.a-mo.net/	1970-01-20 16:37:56	Name: __amc Value: 1_1669940706_1669940706
.admixer.net/	1970-01-20 10:01:56	Name: am-uid Value: c0fbd5ce43b84ce1b4e7f5c51ce565f0
.e-planning.net/	1970-01-20 17:28:20	Name: E Value: ALt4efUdMyA19w3R
.openx.net/	1970-01-20 16:37:56	Name: i Value: 21d9fa2c-cc25-4160-ad0d-9f6828ed618a\|1669940706
.doubleclick.net/	1970-01-20 17:13:56	Name: IDE Value: AHWqTUkO2Bb51u0qUhJQ0cfw46QiTo-C8yvGVD4bS-inNMCLaSpZUJNUD6_rrg8l6S4
.rubiconproject.com/	1970-01-20 16:37:56	Name: khaos Value: LB5RKVJ8-23-44X2
.rubiconproject.com/	1970-01-20 16:37:56	Name: audit Value: 1\|hLZGFuTafB3polwuES/U81qbBgMWySGKoH1GQZR6kuiZFDfMUUq5fnt3X/wI3a/5fr2w3YCIInLgcRgjl6EitUxkBIWMWoVW3OlDu/ORdD8=
.1plus1.ua/	1970-01-20 17:13:56	Name: __gads Value: ID=2ba2d3d13f65943b-2238541601d8003a:T=1669940705:S=ALNI_MYPh24nuwW7C3zx_3Byk4YLfiCjuw
.1plus1.video/	1970-01-20 17:21:08	Name: __gfp_s_64b Value: dY61Nr6ZaGa5MFdlR8nuDuO_hxJb4Db.NjDe5F6Ehqn.A7\|1669940706
.hit.gemius.pl/	1970-01-20 17:21:08	Name: Gdyn Value: KlG_VMXGQMQG1ThcEGLWHKMissGMm19cL6nxmG7RvQYGy0aiGsRP0QlGvGGp8M48SsL8RDcGFsCB0788MG..
.lijit.com/	1970-01-20 16:37:56	Name: ljt_reader Value: FvvZrGZHlGY41ZlVQxa737fP
.3lift.com/	1970-01-20 10:01:56	Name: tluid Value: 282185795131972461406
.casalemedia.com/	1970-01-20 16:37:56	Name: CMID Value: Y4lF4xJtJ9apRJP1LwFWoAAA
.casalemedia.com/	1970-01-20 10:01:56	Name: CMPS Value: 710
.casalemedia.com/	1970-01-20 10:01:56	Name: CMPRO Value: 710
.bidswitch.net/	1970-01-20 16:37:56	Name: tuuid Value: 82ef57d0-280c-47d2-bf64-69bb409e1ca1
.bidswitch.net/	1970-01-20 16:37:56	Name: c Value: 1669940707
.bidswitch.net/	1970-01-20 16:37:56	Name: tuuid_lu Value: 1669940707
.adform.net/	1970-01-20 08:36:59	Name: C Value: 1
.everesttech.net/	1970-01-20 16:37:56	Name: everest_g_v2 Value: g_surferid~Y4lF4wAAAI5sjQAF
.casalemedia.com/	1970-01-20 10:01:56	Name: CMTS Value: 4553
.adform.net/	1970-01-20 09:18:44	Name: uid Value: 4273096086686370319
.simpli.fi/	1970-01-20 16:39:23	Name: suid Value: 399D6E80F9B949FBB4C6CFFB23B25D71
.blismedia.com/	1970-01-20 16:38:00	Name: b Value: 638945E3D60FB7B7B480DC7BBLIS
.openx.net/	1970-01-20 08:13:56	Name: pd Value: v2\|1669940709\|gekin0vNiygu
.zeotap.com/	1970-01-20 16:37:56	Name: zc Value: 4afbfe1a-6e19-44c7-6553-04cd5581b608
.zeotap.com/	1970-01-20 07:53:47	Name: zsc Value: %F1%FC%C1%9E%EA%2B%26%BA2%02%8Fh%40%86~%23D.%06%A0%B7%A7%EB%DA%E5q3%D8%8A%80%28%BD%CFBZ%DF%3D%ED%A8O%FA%04%B9%28%98%AD%3A%A3%EC%C8nWb%03%29%BE%8A%E5%B5%FD%3F%7Cc%E7%DE%88%CBn%A9%097%5D%3C%04%1E%BE%9F%0B0MI%EC%BD3%89%1E%FA%00%13%CE9%185%CAL%C0%8Dv%F0%CAJ%C7%A8%5B%AE%85g%9C9%98%849%1B%B8w%E4%EC%3F3%C4%93%82%B5%FEs%BE%EE%B7%CD%93%23%3F%EA%0C%BD%3F%27%A4j%3E%F7V%8A%7D3%09%82%DF%FEX%94%A2%EC%A0%90%07h%90%FB%C1%DA%04%93d%91%EA%8F
.ads.pubmatic.com/	1970-01-20 07:53:47	Name: KCCH Value: YES
.quantserve.com/	1970-01-20 17:22:35	Name: mc Value: 638945e5-b4926-94ca3-90d46
.pubmatic.com/	1970-01-20 07:53:47	Name: KTPCACOOKIE Value: YES
.pubmatic.com/	1970-01-20 10:01:56	Name: KADUSERCOOKIE Value: A023427D-3228-4944-A5FB-0AC132CF716F
.pubmatic.com/	1970-01-20 10:01:56	Name: chkChromeAb67Sec Value: 1
.pubmatic.com/	1970-01-20 07:53:47	Name: pi Value: 156813:2
.pubmatic.com/	1970-01-20 10:01:56	Name: DPSync3 Value: 1671148800%3A201_197_219%7C1670025600%3A174
.pubmatic.com/	1970-01-20 10:01:56	Name: SyncRTB3 Value: 1670544000%3A223_15_2%7C1670803200%3A63%7C1671148800%3A7_54_81_220_13_56_8_243_21_161_71_238_99_251_3_166_55_234_233_176_88_22_204_165%7C1671235200%3A35%7C1672531200%3A203
.tapad.com/	1970-01-20 09:18:44	Name: TapAd_TS Value: 1669940709756
.tapad.com/	1970-01-20 09:18:44	Name: TapAd_DID Value: cf467396-d9c1-44b2-abe4-93e2ddf3b92d
.quantserve.com/	1970-01-20 10:01:56	Name: d Value: EKUBEQHbJ_ijCJiTAA
.adfarm1.adition.com/	1970-01-20 10:01:56	Name: UserID1 Value: 7172340731432269973
.demdex.net/	1970-01-20 12:11:32	Name: demdex Value: 84777943709590018511959855765117311712
.tapad.com/	1970-01-20 09:18:44	Name: TapAd_3WAY_SYNCS Value:
.weborama.fr/	1970-01-20 17:18:15	Name: AFFICHE_W Value: PAyDoPanzyg898
.adnxs.com/	1970-01-20 10:01:56	Name: uuid2 Value: 4315024596449037830
.dpm.demdex.net/	1970-01-20 12:11:32	Name: dpm Value: 84777943709590018511959855765117311712
.onaudience.com/	1970-01-20 16:37:56	Name: cookie Value: 012e89385aac39d1
.onaudience.com/	1970-01-20 07:53:47	Name: done_redirects161 Value: 1
.adsby.bidtheatre.com/	1970-01-20 08:02:25	Name: __kuid Value: 3a5a6b47-db12-4cf3-b25f-ba3287173543.439154709
ads.playground.xyz/	1970-01-20 08:02:18	Name: connect.sid Value: s%3Ah6vzWlVZSMJ0hXXzo-0N3LVCWnEBxjX_.wMLwWCq2kMbXxM5Xh4dPPOr6Rmh2DT8zB2ZEHysSEfc
.turn.com/	1970-01-20 12:11:32	Name: uid Value: 8454689773244634111
.pubmatic.com/	1970-01-20 10:01:56	Name: KRTBCOOKIE_218 Value: 4056-Y4lF4wAAAI5sjQAF&KRTB&22978-Y4lF4wAAAI5sjQAF&KRTB&23194-Y4lF4wAAAI5sjQAF&KRTB&23209-Y4lF4wAAAI5sjQAF
.pubmatic.com/	1970-01-20 08:35:32	Name: KRTBCOOKIE_391 Value: 22924-4273096086686370319&KRTB&23263-4273096086686370319
.pubmatic.com/	1970-01-20 08:35:32	Name: KRTBCOOKIE_1101 Value: 23040-7172340731432269973&KRTB&23369-7172340731432269973
.pubmatic.com/	1970-01-20 10:01:56	Name: KRTBCOOKIE_153 Value: 1923-ZHCqWWZ291V_IaZZYHW_WWYg81N_eqIEZnXSF7Xw&KRTB&19420-ZHCqWWZ291V_IaZZYHW_WWYg81N_eqIEZnXSF7Xw&KRTB&22979-ZHCqWWZ291V_IaZZYHW_WWYg81N_eqIEZnXSF7Xw&KRTB&23403-ZHCqWWZ291V_IaZZYHW_WWYg81N_eqIEZnXSF7Xw
.pubmatic.com/	1970-01-20 10:01:56	Name: KRTBCOOKIE_80 Value: 22987-CAESELl4IgrQ1Lt1qm36sC_nB1g&KRTB&16514-CAESELl4IgrQ1Lt1qm36sC_nB1g&KRTB&23025-CAESELl4IgrQ1Lt1qm36sC_nB1g&KRTB&23386-CAESELl4IgrQ1Lt1qm36sC_nB1g
.tidaltv.com/	1970-01-20 16:37:56	Name: tidal_ttid Value: 7ca7f275-5f2c-4967-ae67-c8da5b9edf1d
.csync.loopme.me/	1970-01-20 10:01:56	Name: viewer_token Value: 5552f4f5-8676-4949-8b24-377e4675fd11
.de17a.com/	1970-01-20 16:30:44	Name: guid Value: 1.8061416846806079050
.1rx.io/	1970-01-20 16:37:56	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-910ab480-47dc-4aee-bf6f-c4160b889e04-003%22%2C%22zdxidn%22%3A%221508%22%2C%22nxtrdr%22%3Afalse%7D
.pubmatic.com/	1970-01-20 08:35:32	Name: KRTBCOOKIE_22 Value: 14911-8454689773244634111&KRTB&23150-8454689773244634111
.pubmatic.com/	1970-01-20 10:01:56	Name: KRTBCOOKIE_57 Value: 22776-4315024596449037830&KRTB&23339-4315024596449037830
.yahoo.com/	1970-01-20 16:38:18	Name: A3 Value: d=AQABBOZFiWMCEFc5JkAYbCdowahMNehFb94FEgEBAQGXimOTYwAAAAAA_eMAAA&S=AQAAApS1_AkAqgQunJgwKMMflbY
.tidaltv.com/	1970-01-20 16:37:56	Name: sync-his Value: "H4sIAAAAAAAAADM0Nja0tDK0MAIAiF/qSwkAAAA="
.bidr.io/	1970-01-20 17:20:50	Name: bito Value: AAD12k7HEowAACDKqJTlkw
.bidr.io/	1970-01-20 17:20:50	Name: bitoIsSecure Value: ok
.1plus1.ua/	1970-01-20 17:13:56	Name: cto_bundle Value: OiHLs19Bc2N6WlVTa3pGUmJwMmFsa0tNM2dEMmlnbjhPeG51dFdtemhyenZkJTJCWjhkYlpHV2JtMTJuSmZiWWFCZXBzV20lMkI1YmpKSTRGcXBLV0xiQSUyRjJkWEM4S2RKUSUyQlhhMXRXSGZialptUEpvVEpQSE1BNnBweUdiSWlZOEtMeDFOUXhQ
.1plus1.ua/	1970-01-20 17:13:56	Name: cto_bidid Value: SZwJwF9OYTdQbXBWSXJKcHhwOE4wUklpRjJIanpYajc1blNtZmlqSnRwWFhtZUNlTFV1VDV2aTBFeHZ5NzFmdyUyRmFhVm5XUDRLQlRBRTJCJTJCZmttaGxWQzV2WkElM0QlM0Q
.pubmatic.com/	1970-01-20 08:35:32	Name: KRTBCOOKIE_336 Value: 5844-8061416846806079050
.pubmatic.com/	1970-01-20 08:35:32	Name: PugT Value: 1669940710
.agkn.com/	1970-01-20 16:37:56	Name: ab Value: 0001%3Ar462s8wEevdUJyD6yXsGDRIr0wXYMh0X
.onaudience.com/	1970-01-20 07:53:47	Name: done_redirects104 Value: 1
.analytics.yahoo.com/	1970-01-20 16:37:56	Name: IDSYNC Value: 19ah~28m0
.smartadserver.com/	1970-01-20 17:21:08	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-20 16:37:56	Name: pbw Value: %24b%3d16990%3b%24o%3d11100
.onaudience.com/	1970-01-20 07:53:47	Name: done_redirects147 Value: 1
.krxd.net/	1970-01-20 12:11:32	Name: _kuid_ Value: PO5Fzgo-
.amazon-adsystem.com/	1970-01-20 17:28:20	Name: ad-privacy Value: 0
.richaudience.com/	1970-01-20 10:01:56	Name: avcid-zeo-uid Value: 4afbfe1a-6e19-44c7-6553-04cd5581b608
.pubmatic.com/	1970-01-20 08:35:32	Name: SPugT Value: 1669940710
.fwmrm.net/	1970-01-20 12:11:32	Name: _uid Value: "e5deb_7172340735709224369"
.tribalfusion.com/	1970-01-20 10:01:56	Name: ANON_ID Value: aqnsIHmMZaE9DXqwmyCEZcG0Dh6Eo4wgEaXq59YgVTbUvUJVUo3ZbSRd0iU1hM7XuHjUS9G1rysJAGcjZbxWYHumJ8mb
sync.srv.stackadapt.com/	1970-01-20 16:37:56	Name: sa-user-id Value: s%3A0-6207ce9a-23f2-4fe3-5127-a50eff35f67e.T0os0YyvhNJ6MQeCpLgSZp9S0XAv%2FqlfY5ECB4p3dzE
.srv.stackadapt.com/	1970-01-20 16:37:56	Name: sa-user-id-v2 Value: s%3AYgfOmiPyT-NRJ6UO_zX2ftmKxGo.wa%2FjKvtLn1iGtdC%2Fhc%2FnBup7zEWPeLndSb%2BDPsab0x4
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 16:37:56	Name: bcookie Value: "v=2&2f085d7b-5751-4d55-803f-dade652c376e"
.linkedin.com/	1970-01-20 12:11:32	Name: li_gc Value: MTswOzE2Njk5NDA3MTA7MjswMjH1ZqizguEj6VpVn03Lnp8tjcqzwV47vgBkEIA5uW5m+w==
.linkedin.com/	1970-01-20 07:53:47	Name: lidc Value: "b=TGST08:s=T:r=T:a=T:p=T:g=2433:u=1:x=1:i=1669940710:t=1670027110:v=2:sig=AQHnoCKQMKrWF_YuhxvjYFj8BqO4rAuI"
.pubmatic.com/	1970-01-20 10:01:56	Name: KRTBCOOKIE_860 Value: 16335-YgfOmiPyT-NRJ6UO_zX2ftmKxGo&KRTB&23334-YgfOmiPyT-NRJ6UO_zX2ftmKxGo&KRTB&23417-YgfOmiPyT-NRJ6UO_zX2ftmKxGo&KRTB&23426-YgfOmiPyT-NRJ6UO_zX2ftmKxGo
.smartadserver.com/	1970-01-20 17:21:08	Name: pid Value: 5231574121756514718
.smartadserver.com/	1970-01-20 16:37:56	Name: csync Value: 127:AAD12k7HEowAACDKqJTlkw
pool.admedo.com/	1970-01-20 16:37:56	Name: tuuid Value: 3ebe5a5f-d8a1-43e7-b6ec-5c3049378157
pool.admedo.com/	1970-01-20 16:37:56	Name: c Value: 1669940710
pool.admedo.com/	1970-01-20 16:37:56	Name: tuuid_lu Value: 1669940710
.amazon-adsystem.com/	1970-01-20 12:56:11	Name: ad-id Value: AwIqDx0F60WZo-V5aOb7p1g
.pubmatic.com/	1970-01-20 10:01:56	Name: KRTBCOOKIE_466 Value: 16530-82ef57d0-280c-47d2-bf64-69bb409e1ca1
.pubmatic.com/	1970-01-20 10:01:56	Name: KRTBCOOKIE_27 Value: 16735-uid:6f7c6389-45e6-4600-9ebf-9777e54faf22&KRTB&16736-uid:6f7c6389-45e6-4600-9ebf-9777e54faf22&KRTB&23019-uid:6f7c6389-45e6-4600-9ebf-9777e54faf22&KRTB&23208-uid:6f7c6389-45e6-4600-9ebf-9777e54faf22
.mathtag.com/	1970-01-20 17:18:15	Name: uuid Value: ea826389-45e6-4100-b681-37312860ea11
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: eca8dc0fd21884db
.pubmatic.com/	1970-01-20 10:01:56	Name: KRTBCOOKIE_699 Value: 22727-AAD12k7HEowAACDKqJTlkw

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://1plus1.ua/(Line 2479) Message: Allow attribute will take precedence over 'allowfullscreen'.
other	warning	URL: https://f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
network	error	URL: https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4afbfe1a-6e19-44c7-6553-04cd5581b608&reqId=583c220e-32cb-441a-4615-024fde474210&zdid=1361 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4afbfe1a-6e19-44c7-6553-04cd5581b608&reqId=583c220e-32cb-441a-4615-024fde474210&zdid=1361 Message: Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network	error	URL: https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=4afbfe1a-6e19-44c7-6553-04cd5581b608?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4afbfe1a-6e19-44c7-6553-04cd5581b608&reqId=583c220e-32cb-441a-4615-024fde474210&zdid=1361 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=012e89385aac39d1/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253D39puKE4JabXnSRYSVggjYRQb Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://tags.bluekai.com/site/87734?id=4afbfe1a-6e19-44c7-6553-04cd5581b608&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4afbfe1a-6e19-44c7-6553-04cd5581b608&reqId=583c220e-32cb-441a-4615-024fde474210&zdid=1361 Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://cs.admanmedia.com/981e2a0ec1c40493e59b139b8db4f728.gif?puid=[UID]&redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D737612%26extuid%3D%5BUID%5D Message: Failed to load resource: the server responded with a status of 400 (Bad Request)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1plus1.ua
1plus1.video
a.tribalfusion.com
a4p.adpartner.pro
aa.agkn.com
aax-eu.amazon-adsystem.com
ad.turn.com
ads.adnuntius.delivery
ads.eu.criteo.com
ads.playground.xyz
ads.pubmatic.com
adservice.google.co.uk
adservice.google.com
adtelligent-d.openx.net
ap.lijit.com
api.1plus1.video
assay.1plus1.ua
bcp.crwdcntrl.net
beacon.krxd.net
bh.contextweb.com
bidder.criteo.com
c1.adform.net
cat.fr.eu.criteo.com
cdn.admixer.net
cdnjs.cloudflare.com
cm.adgrx.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
cms.quantserve.com
connect.facebook.net
core.iprom.net
cs.admanmedia.com
csm.eu.criteo.net
csync.loopme.me
d5p.de17a.com
dis.criteo.com
dmp.adform.net
dmp.v.fwmrm.net
dpm.demdex.net
dsp.adfarm1.adition.com
eb2.3lift.com
engine.widespace.com
eu-u.openx.net
eus.rubiconproject.com
f880cd8e7ed08230cffd7ac3c382615f.safeframe.googlesyndication.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
gaua.hit.gemius.pl
ghb.adtelligent.com
ghb1.adtelligent.com
ghb2.adtelligent.com
googleads.g.doubleclick.net
green.erne.co
gum.criteo.com
hb-api.omnitagjs.com
hbopenbid.pubmatic.com
ib.adnxs.com
id5-sync.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
images.1plus1.ua
images.1plus1.video
imasdk.googleapis.com
inv-nets.admixer.net
lb.eu-1-id5-sync.com
loada.exelator.com
loadeu.exelator.com
ls.hit.gemius.pl
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
matching.truffle.bid
mug.criteo.com
mwzeom.zeotap.com
obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com
odr.mookie1.com
onetag-sys.com
pa.tns-ua.com
pagead2.googlesyndication.com
partner.googleadservices.com
pbjs.e-planning.net
pix.eu.criteo.net
pixel-eu.onaudience.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.rubiconproject.com
pixel.tapad.com
player.adtelligent.com
pool.admedo.com
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prebid.a-mo.net
pubmatic-match.dotomi.com
px.ads.linkedin.com
rtb-csync.smartadserver.com
rtb.nl.eu.criteo.com
s.amazon-adsystem.com
s.tribalfusion.com
s0.2mdn.net
script.hotjar.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
source.mmi.bemobile.ua
spl.zeotap.com
ssbsync.smartadserver.com
sslpagestat.mmi.bemobile.ua
ssum-sec.casalemedia.com
static.criteo.net
static.hotjar.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.adtelligent.com
sync.crwdcntrl.net
sync.mathtag.com
sync.richaudience.com
sync.smartadserver.com
sync.srv.stackadapt.com
sync.tidaltv.com
tags.bluekai.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
trc.taboola.com
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usermatch.krxd.net
vars.hotjar.com
www.facebook.com
www.google-analytics.com
www.google.co.uk
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
1plus1.video
103.229.206.240
104.18.33.19
13.224.189.42
13.225.78.14
13.248.245.213
13.32.99.18
141.94.170.77
141.94.171.216
141.95.171.139
142.250.185.66
146.0.227.110
146.59.30.104
147.75.85.234
151.101.194.49
159.65.194.197
162.19.138.119
162.19.138.82
162.55.236.224
172.67.137.15
178.250.0.160
178.250.0.163
178.250.2.146
18.156.0.31
18.66.147.113
185.172.90.251
185.184.8.90
185.255.84.150
185.64.189.112
185.64.190.78
185.64.190.80
185.64.190.81
185.86.137.110
185.86.137.122
185.86.139.89
185.89.210.46
185.89.211.12
194.247.175.19
194.247.175.25
194.247.175.38
195.137.240.100
195.137.240.108
195.137.240.12
195.137.240.20
195.137.240.21
195.137.240.80
195.5.165.20
198.148.27.139
198.47.127.20
2001:4860:4802:34::178
2001:678:cb4:bbbb::11
212.82.100.182
213.155.156.166
213.19.147.44
23.203.77.3
23.3.108.242
2600:1f18:6593:f601:611c:90e2:c181:1fe2
2602:803:c004:200::140
2606:4700:10::6816:1857
2606:4700::6811:190e
2606:4700::6812:19ad
2620:116:800d:21:b314:a0ef:ab7c:d546
2620:1ec:21::14
2a00:1450:4001:802::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::200a
2a00:1450:4001:810::2002
2a00:1450:4001:811::2006
2a00:1450:4001:813::2002
2a00:1450:4001:827::2008
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2003
2a00:1450:4001:831::2004
2a00:1450:400c:c00::9c
2a02:2638:1::2
2a02:2638:1::3
2a02:2638::1c
2a02:2638::21
2a02:2638::24
2a02:2638::b
2a02:2638::c
2a02:fa8:8806:20::2040
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a03:90c0:41:2801::62
2a04:4e42:400::300
2a05:d018:24:b001:f5c1:a58:c5c6:d8ee
2a05:d018:d29:3605:2eda:8ed6:2a73:2027
2a0c:5c81:5142::2
3.248.125.109
3.67.122.202
34.102.253.54
34.111.131.239
34.253.40.180
34.96.105.8
34.98.64.218
34.98.67.61
35.204.158.49
35.210.53.219
35.214.223.115
35.227.248.159
35.244.159.8
37.157.4.29
44.194.228.115
45.133.44.3
5.161.54.172
51.75.86.98
51.83.220.94
52.1.76.118
52.209.49.216
52.223.40.198
52.30.188.40
52.46.128.147
52.49.181.242
52.95.125.22
54.154.7.193
54.37.238.28
54.78.254.47
62.149.1.122
66.155.71.150
69.173.144.138
69.173.144.139
72.251.241.206
72.251.249.9
80.77.87.163
85.114.159.93
88.221.168.201
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
02209cb2ab911af5902e32f2c095cde5ba4c17106dff335c3e3ea8a9b2d263f2
071fb74bf1e64747a6bc1e85e67ea9db7ecffa5cc08bd2a3b21242765157c198
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0830582068d5a42acc0dc534f7ad55138e0881454a96bfd3385ab75da0654cdc
08ca7467e21f1525635305d4048e0d9054b9d26b7c72ac9de64b01a66e57e0da
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ce213a8d1d2256cb4c1fafcab0414291123174212d60c637057dfe7e856380a
0d6693e6463d01ca864b923e65637d347b412258105ce4633cf195cc051db4d2
0e7cb45f857dee266e3e30474fe53581495d160fe7900d34423acb84ff6ea898
0fc2fc5d88d357fa83957e664039e6a19588081e55a215d8d077eed82d43beba
10bac39a1620e27d595891dd662e2e953d70d5354ad0e40dd2dc85bee59bd1de
12c187b803479c578230e20004e66c0def183755bb4701a9aaef42ccec8b13f4
147b1111edda7e2c2f9d672b5649de2f2dc5d5cb9dda7905198aa883a4273013
16aec55d227d15b95ca9a2297e928565f7563468e81b0f92cfaff43c2aede381
176cec0c0610df2346dd22066f273900fa263f1071814b001d07ffbd654b9eda
18490029527d0166564d08d77d15347f5c7604cb916606860eb0bf458565ba9f
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
197a48b7946b972c440104a8b4877a5cd5f99e807de5f6fd416ccdec610f35db
1a1cbd003f02f0c1712e6de047260a8897034a6966acd5cccf3472fd1637ffb3
1a262f8dc145427f322ea5645e201a2a13d56226a8ad6a2122936c24a8800c00
1c6e511afb1166f45bc6126b398a29f6254137bcb42367c1a3537dbded17bf9e
1d09013d3a41d98fb51611338090332b2513522dde37404c17e1c809878e97f3
1d34ec451023ff9ad1bdb5258132e86edd296d47c4d3c04522cfaf31028e2277
1dd030e2797f617856d7eddb0af5a43b2de17251b4b5480305ea96078f8999bc
1e2d0103e980ddf38d9edecca5828918e9bd3d6fd7d3802482649ca4395e0005
242abd0bf978a4bda9036b4697baa0da7087efdae875a50e812fca61531b3228
24e7aea27b4dff26bf745dbf3d8e68b4c27d0846008401b71796c2c2154a73bc
25b7e06ecde509f040d400051a2e39057e5e0810676edeaa88bdf0e988cc83c0
25df016532ac65ec7fd0c266bc6d26129f3a1129e93d50c4a0003c27c4c03e99
2b7f68582252a22f529528a5bcd334c5d727a7e972d2808677aaee4a4ba20259
2cdee42b7d068f78d131568b5f3eed1975a5d656ca3ab20a747e31439598f5f7
2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b
2d57562b09705f19403af6796a0638377219ecb109f5fe327a2ff5aa50e6ea68
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ee3cff8b2c0bd6784ceef8b280853d3d8d44f6880896b809132086302bf34fe
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
302e69dd5cd67c33a01a5d0308c1ead25d5967bd0810b0c073f9fe18124de7bd
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
330d587b01aef43ca12502db7813f0876381b0814579f11b69625032b5b841c9
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
36e764ba72de0f2e398100e2449d677b02ff15669733bf8a823f01da53af1c2d
38361c8b410874967f7e9c6f81d8c5e28328351f5e4e439f8352daed83289d34
3ab326af9dc6c82a2117248f99b169c68e64ef429ca3cfb75ddf9aa81e07c3a4
3aba672734930d62b3665183df1778f1e7c7673dda9e9a9a7dc9678159b970b2
3b0464081ea585a89a02303644ebb231f4cbf5ce95d349a3fcd277b15acbe9f6
3b6e46e197e535119ab46392b1e732d3fa5988845ea96b50bb0514736bfad801
3bacc2e49520c724c3cc3b1d5f228d7a3b581d838c9c98f36200cc7546e07391
3c0a3a7c452a54fef2cf13d365b259877a30895a6495b92bdd747a765d983595
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
3da7aaa6de24315ac994187cff4bea9a3683d0e11fd0e1942f6ba7c1734371b2
3dac64a94fcc4eae3c54f1f12824e9b82bebbec1acb3cb8b908f4ecc1f90e578
3dc32f4dd92e453688e95ab7b21d20906d11f4dd58287b36077f436c9ff2d45c
3e4059271d91a7b19b016da1c29859cfbf6ba5137f88c16ff6e02a42a5d46359
3e6ccae9d716d8a587a510818fc99653fcea5dded95f47782b61c76c7a4dabd5
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
3fdf445b8cfc96cac2dc15cf848136734465e421404c4af45aa2edf8aac271e1
450fa9fda52847d1c5dc94cc8ac35c44ae8171ef805dc7c126aa93c66973bff3
4596b3d166f6e8609c22c2c710e14944bf6dfdf65b6eb8f8e3106628d390385a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47548feea43cf88831b574cabfc5b7df371388a1e78856f9fb7ed81de4676d22
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48e0160532c6bbef842ff3f1fc3b75a0de690923cb23a66cc6726ac7af1b40c4
4bb0724887a6e02f3258b106c704ab082fe68b82cfd1a509d1fc7861037f0136
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e112a1e6eef1a5986c8b055651ef1febb6ecbe7026cf240d366f092adf1fd59
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
517d4417f1918881abb8b87e7be918ca95b9eb50de3a5ef4a46e2e39626aba7b
52e64c7e4a446c316d0e0e986ee9ba149fb9994785ac610ec7499cb49202e889
530040ebbfc1cd7a18f0537709371ccd55ec5ed96756cb4c121c2a56a33f8f19
53425062f9fbcabcb35c3b527eb87b32995860addde9c6a5830b25f486798bf6
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
552d8181c06487c3f5f649a7d20803a0b7ce62ff76430c926dc58af2da2a2a9e
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
578d39c8cc926851f5be1195f339d26cbbf239f2f7cac8b55b349276514b85fe
59bd288e64c57e034672999e33ebda6eb5ad1575945eb563dbfb5b44f226e1e1
5a4bf6765c70fc79d4a77d75bbd839f0054209a82412b838a05b070141ef0889
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5cb557ba0bbf7d32c030c14e975c5c67659ed9dc8b8c3a996cc71146ab563407
5d1b56a762d63b6e9bfb8a70552ce75c1c3938c782f8d9de971ecc960836c451
5dc18001bb679cb69918ab50a8ad47c3eba194600c92981d9e89d4e460d0f350
5f9ecc527406b9b72bc3a9f4527892dcf842584b7e6aeb7ce816a4c7c8803954
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99
623b8ed926c2eb6436ec5a876949f4986eea52ccb69a6a0064164dd9d6361179
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
67318e1c9ea0047b035276d21690ea657f781686c5fb857f4f80ba1084ea3671
680f6e9a0e9f9d8c145e11d6937f688ff4299215d44bf0a54368ffc6acdbfc51
6a444f75e21c8b900953619df3cbc2ecf9e2227416e07d774709adf722bcb415
6a7ef4d4e73e9f6efd594c826a571a6ba25c1d6db24ced0373ad8c4e5d238704
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
70b59bb9497e5e0c1e576f5efc2048b1135d82312ac4a023b82f5d93d06a0451
71415f5562403e75afa89b32a28fdc2c7d6d0a3019722c52ca468c929c94b93e
714576ef1d7b58980b7658ae9b8b4d74a223fba87934dc442db4098873e179a3
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
728e669b9c7cb9efcdc7fd22a9b2250ea2f9ea278392fd8f48cdc40f1946944e
75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070
7728946db189aa5afd0b17d585fd24521909793a688ec2ef72c019a8bf92dc97
77639b450a3179e657341017374b6b46eaa79cf1e02cd816c53feb97db03bf6c
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
792972a6b7f330144c0cf22b9c63f8efaff4665dfb2b43868d0cbbaff721d100
7c3ccd17975c100ed8bd397a164d2bc1daa66b6383ae09f1108bf7ec794e568f
7f4b62d09dc30ffd1f6943c722fc053199beca02c3a5962264608d05ec583484
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
851ab1d0997cc0dd8c000ccb7d04106aafa3d5586dd097a74a0805301b8ec95d
852b1e2adbcc37f8bf6887291541285e1d0fa18b5c448d1cbc82b663ba7965fc
85923b4233b4c7cc90a3f1d9c95e0a7209e46873bedb176f79d755ddcad4816a
866c1245aa992a1f895635f3205d94b8ac5489d00d5cff179a028818ea9a9422
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
87aef9fa327a66d58ed38a47d7a7f8bb4968d80ef3431d99bda7f84c8a2c6a40
8a224f5666106a0d1c78951d4dfb964ab63183d044119a68404f7c01c19f951d
8d03673bdb38cd2472faa49e77089961aacd346205a99d6007d2f0236563ed5b
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f9e71ad37578a2db5a8e702ba31316a65dc3f36b2883198adab4d8261631483
8fe0fdb2b9207a73e3ef2838107287c40fbe1257c485a07e7f9af8207c23ad24
90af1b8239e522439c1c988738f98deaf230e9471fca97553c2bb175ccd45971
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
910612fc65208677f4e2fff60558e0f1949138a3696402a17ed5582efe0d2649
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
92041182fcc3c5360775d050db26696d325f66110658bcf563a4d1046ba0125f
95641b80c335f12465b07d52f52f972b21a4176767a9ca5190a3042c1f468b0c
97422c479f71bd0454b5841b86dd72bda2da5afd339475df0a9db4cf01b69f79
983edd88a840cea7c1db04b4d552be5b8e57a4fffd14ae0e02f6219f7c2254f0
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b99450717649bd5715ae5cba0e064d8cc879abe705815792d66097163cfb576
9cf081450e54a76adead74a3519b80707e91d7cf5c08256bbb3ac82783868517
9cfc3a96cab0eb315783265b6db554e532e060952d409399cc7dd1d7e775b9a3
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9f2b34cab3b5a20bb1fc92b54477a0517f3deed99b766bdd40232e2b1c0ccd17
a054479604c0c8d2fd0d2c6fc476f71daac829c9ff283326172f4b578215984b
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2c2e26f2182feabc8d2237411f57a18d1b2044f6be56dee2f8674dff604ccbb
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5af34b74868f58da2483e0ad87af7bfb087d4fc23ee86139a4fba443bb66e5f
a691ce0fb054d5f2128394b9ad9c5961d7c0cdc1804bc83d6760df78ee304d7f
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a96c4d26f0a407e7287c2db1557b084ecfab703553d60a4f8980f711a5632750
abee2ab95491ef1e29b65b7c025f035fc075327c87817750d1149ed782780477
ace0b9c0aef69c0ec0c632381a21d9424c40efc9ff1c0f57aa819a7f3ddc281a
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
ae0b2fa6956c5bbeab3ebb80e69bc0d313506fbf6d9a75fdd41d3511d8aeb120
aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13
b026f1f9d66dcd8e5f63e9a0956d454197dd503454c9c4ffb5b5189e2ea20a3e
b19dc54f222d811d69cf373dbf3032c2e65ebc718fab2700f7ce64d894f350ec
b1dc34499d5b93f7f5cbdb8cf32bf8347c42820dc11377cde13213c81feba3d9
b378be3abacb8f5d9f5f3d00256f2b9f0342f97cac24b6f59eb9c9dfeb1bf1e3
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b49efd7b5ec993c650c6e20a2ef4471ff4e3803f39239c419b487e892f787954
b4e355f1d9980eee296cdea3d4464548165ed49ca437ec43302a037bc9b99061
b6a7e017d6531568e10980ab7baa2494d885f6bfea20d9ff62f2350fecb0e96e
b7c5240740768ec6e6a43987cf208d461e3810f7be185eedf4663a793abb8050
ba6cad67f29d3244d460712d68acf354eae643092ab34d7c65e5efded3528c0b
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbb05b94711d32b94bf45db19a44a6f68bc361a1374016744bfd911dc43c4e3c
bc612c0463c547f2d209aebf6d513fe30242194a0c14739ac81495248c0c4d66
bcd9de9f6256f24e16a041d004536161e02bab316b697ea1b0696d5c0a049a16
bd9072da49e87b2c3688527532eb51a54a6886366915be497e4e2de0c83e5859
bda7622ec772fb96ea5b3200a730601a3f51749850cf93d0030acaac24f7e729
be8e142a463eb19dec1798fb9abdd01e01a91b5d759625acba0a198463008f37
c0685ad8b7ec99a3954dbbb5d86bf4d0fe509b78cd1a2e7b427645c93db62e2e
c1e253200f916f76ff84eed9148f10f19670158475f152653d064f4c6127558d
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c3574dd2ed97ae8c6bbedd848ab0de559793581a095f15ade9090ab8147982b9
c389ecb0fc27eecbd0a6630ec11c657d1166692c028e2d281009e4cd7a11700b
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c7a6112e212afca9a176ac517561580f6de5d11b451ff6e599864a9d95959845
c8126360c418d4176fc30c65b2b8f6049b058de30e93781ee8a0242ec40b2515
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cbffce6f8642619af7ed7335e32750f7f2933765d32c113115da0710aa7deadc
cd2f3b9bc872e63fefa77e68f41c4da41c5bf626985f9a6a3f9d66e9895e2a04
cd66e57a46fc971d0a0325d01248012669c1388ab1dc6b7ffa3ca968a9769a94
cd97d28e3dfc583ddec299426f05790dd724a2a0b0cc301e63a4f4b9fd25a1b8
cde44a1b2c04c5994bfc3e877d8ddc4ab44760347955af9c8fd370b10bea35a0
ce7c4b304c61ab6f6bc5bc4d333177a66061d1b84c6ee3b0b322ec360f65dcc4
cf32eba3b260cbb1c5761c4a8ddcd9576a8d3e571ff6b0cd902f75353bb051b9
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf78db9ae428d32c1d7f8704bd9f3a48d20f97cb961c4558fc124ca7c91730f9
d096e7098f19a3518243bcf854190678a29cfa83a924e96282cb5e5f09ae6ab6
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0d6975975d297c9ac0463058ff449eaffdeb53e74dbafa250d0731016885a8f
d0f0279dc3f93ea0ccc5fc338721afef7b57c3c35a0030f3cd0f871542587b27
d1b3cdfe937a2b56099fd5d8533f7835bea5f096df97a0c796a16895c1a8fba4
d29861a86dc9d4d402d18daaeb2240ae671255778f7e7a86b559be20483b9726
d3031ee72a364aeaffd991044ce55281db1a614ef5fb84ec49fa991e9b547ca8
d4d4b08095d094be00aaa090c9f065a48336005f6a028c2cb170c878d2932e6e
d6b49756d33011a4890d6987aa02c915e192b7b241627bb179fb38154aa6f963
d807c12f029f4df6967f2f082f63eee8013a45f2125c9201b368bb4bb37f9361
d90b19869f4eba812106321c0d36dac002f47ee365fd576eddfbe30669b37542
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dfc09688914bc7228ac5c2740111b7de79125f73ac80855446cb6a99e6db720c
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
e1b22a98c373ea1ed25a67dfc1a0dc8c90e303c260bc45b9a75424b4932178bd
e2b2134adf52398755a5e6428ee95f6a6f99db6b82530f2b3e964c5be470cfe0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e52ce9aedd00c17de0baddbfc8112577c1a48f3d1c8aee25953a53feb7281d7c
e74d4841fe9f943f39974ca92cdeeb4ce3a0f1933b9bae31191d5113055f11a6
e839c6cc63b861d1bdad75ce13f3122bbea54d1896715655926f97a958db4dbe
e8ad1ed9aa315cd986650033dfe816eab16e05758464729b1cba116a820c52a6
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ecd2e45fcd6ed0f17eaefccd72cdb8253be8673636adcbf3f8902aeeed654fe2
eef8d0bfe9f8f5901665527a9ff12cf1717de3687006bf7e493b8d7bf1f1eafe
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1f3fd397b3a2fe331f7c691c53f0b577d2cbd2398b84e4c3fc8fcb653570a2a
f2a8720de45d6e2afa1037156d17e6b24e05d98b9f3ffb06ea6dbd8faafb3297
f341145b3025d881ad690fe7e7bc7d19035fafccc9550b7c39ecff633300973c
f3475bc89a225ba160bec8add5d60d75a411ea1c559423e19200146c18e301af
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f55b032b8ee2ad5218d33664d54f4a90f610a860add5e3c2d66ab33327d742ed
f7677e5ae3fe68bc5bf68e616917c6786d003a41f7e15c5170ed1d4e4a0bc702
f7d679ac3eacbeb4ab5801b3f1dd63d710fad1c3d44440be04f102adb53a6bcb
f8861dbc72f4364c06b16ee0c58bdcfa454c10e97b5a734551b1ebbd4117f061
f944cb5dc975f9f4234692996179e8b1d6ec838e972ab21459cda65a2a61b4af
f98c3b183a8834fa2303d8c358f62cc42785540dec4bcca3bf682dcd893874bb
f9c1e1da0c197ca101c6fd5ae899d10951dd43316c4ed6b3c9bd38877e79023a
fa1e91b87103157f908a9ee3b3c0eab74ab3c71026f7538071c715a009f73b7a
fb28e529eb48422c4f3150357d137cfa2fba6055291e5e75ad8239da66074888
ff3ae49d160812d67552eddd8cde0a5b4bae37c20ebdcf47784a74f6f23be809
ff86e2120748847e1fea3b9f96ce936576de9bd0e0de0e4179209f7668862ee3

1plus1.ua Open in urlscan Pro 195.137.240.80 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

399 Requests

86 %HTTPS

31 %IPv6

88 Domains

142 Subdomains

100 IPs

15 Countries

6830 kBTransfer

13396 kBSize

129 Cookies

32 Outgoing links

Page URL History

Redirected requests

399 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

1plus1.ua Open in urlscan Pro
195.137.240.80 Public Scan

Screenshot
Live screenshot

Full Image

399
Requests

86 %
HTTPS

31 %
IPv6

88
Domains

142
Subdomains

100
IPs

15
Countries

6830 kB
Transfer

13396 kB
Size

129
Cookies

399 HTTP transactions
3 data transactions