provce.ck.ua Open in urlscan Pro
178.20.157.46  Public Scan

6 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25

• https://px.adhigh.net/p/tracking.js?site_id=5304&trk=&product_id=&product_price=&category_id=&user_data=&pixel_id=partiya_track&scr=1600x1200x24&uit=1700796784454&ifr=0&tz=-60&url=https%3A%2F%2Fprovce.ck.ua%2Fwp-c&rf=&pl=443304750 HTTP 302
• https://px.adhigh.net/p/tracking.js?site_id=5304&trk=&product_id=&product_price=&category_id=&user_data=&pixel_id=partiya_track&scr=1600x1200x24&uit=1700796784454&ifr=0&tz=-60&url=https%3A%2F%2Fprovce.ck.ua%2Fwp-c&rf=&pl=443304750&bounced=1

Request Chain 40

• https://f33d35f3c4854e9fbeb8b00a848ea73a.ops.beeline.ru/?id=u8R2OsDZZ5FY.AikABlGL_2Nfxw HTTP 307
• https://d4fa8c8360457c809f77e787ef434d-f33d35f3c4854e9fbeb8b00a848ea73a.ops.beeline.ru/?id=u8R2OsDZZ5FY.AikABlGL_2Nfxw

Request Chain 41

• https://tms.dmp.wi-fi.ru/?dmpkit_cid=81460eb5-647b-4d9b-a3e3-7863f294c3da&dmpkit_evid=fafb6b76-fede-405c-b6ee-e5fb99e1d004&gi_id=u8R2OsDZZ5FY.AikABlGL_2Nfxw&ru=https%3A%2F%2Fpx.adhigh.net%2Fp%2Fcm%2Fqvntstr%3Fu%3D[UID] HTTP 302
• https://px.adhigh.net/p/cm/qvntstr?u=E5eXz5JcSSKtQgZQwzIbtw

Request Chain 45

• https://id.uma.media/return?to=https://tms.dmp.wi-fi.ru/?dmpkit_cid=81460eb5-647b-4d9b-a3e3-7863f294c3da&dmpkit_evid=fafb6b76-fede-405c-b6ee-e5fb99e1d004&gi_id=u8R2OsDZZ5FY.AikABlGL_2Nfxw HTTP 302
• https://tms.dmp.wi-fi.ru/?dmpkit_cid=81460eb5-647b-4d9b-a3e3-7863f294c3da&dmpkit_evid=fafb6b76-fede-405c-b6ee-e5fb99e1d004&gi_id=u8R2OsDZZ5FY.AikABlGL_2Nfxw&_uma_cid=oZfoAXEZYGUP0XtmfmGUHw

Request Chain 47

• https://x01.aidata.io/0.gif?pid=GETINTENT&id=u8R2OsDZZ5FY.AikABlGL_2Nfxw HTTP 302
• https://x01.aidata.io/0.gif?pid=GETINTENT&id=u8R2OsDZZ5FY.AikABlGL_2Nfxw&bounce=1

Request Chain 48

• https://exchange.buzzoola.com/cookiesync/redirect/getintent?redirect_url=https://px.adhigh.net/p/cm/buzzoola?u=u8R2OsDZZ5FY.AikABlGL_2Nfxw HTTP 301
• https://px.adhigh.net/p/cm/buzzoola?u=u8R2OsDZZ5FY.AikABlGL_2Nfxw

Request Chain 50

• https://dmg.digitaltarget.ru/1/3164/i/i?a=164&e=u8R2OsDZZ5FY.AikABlGL_2Nfxw&i=1700796784992 HTTP 307
• https://dmg.digitaltarget.ru/awg/custom/3164/i/i?call_source=awg&ts=1700796785298&a=164&e=u8R2OsDZZ5FY.AikABlGL_2Nfxw&i=1700796784992

Request Chain 55

• https://ads.betweendigital.com/match?bidder_id=37&external_user_id=u8R2OsDZZ5FY.AikABlGL_2Nfxw HTTP 302
• https://ads.betweendigital.com/match?bidder_id=37&external_user_id=u8R2OsDZZ5FY.AikABlGL_2Nfxw&crf=1&rts=-2068580333402786732

Request Chain 58

• https://kimberlite.io/rtb/sync/getintent?u=u8R2OsDZZ5FY.AikABlGL_2Nfxw HTTP 307
• https://sm.rtb.mts.ru/p?ssp=toptraffic&id=ZWAZcQP_xWM HTTP 301
• https://vma.mts.ru/match/second?ssp=59&exu=ZWAZcQP_xWM HTTP 301
• https://tech.rtb.mts.ru/?dsp_uid=fdf6aa04-e741-4992-a559-f00ab5af08f5&return_url=https%3A%2F%2Fmts-dsp-sync.rutarget.ru%2Fsync%3Fcallback_url%3Dhttps%253A%252F%252Fvma.mts.ru%252Fem%253Fnext%253D59%2526em%253D3%2526ssp%253Dsegmento%2526id%253D%2524%257BRUTARGET_VISITOR_ID%257D HTTP 302
• https://mts-dsp-sync.rutarget.ru/sync?callback_url=https%3A%2F%2Fvma.mts.ru%2Fem%3Fnext%3D59%26em%3D3%26ssp%3Dsegmento%26id%3D%24%7BRUTARGET_VISITOR_ID%7D HTTP 302
• https://vma.mts.ru/em?next=59&em=3&ssp=segmento&id=EGq4MSXJHaer HTTP 301
• https://kimberlite.io/rtb/sync/mts?u=fdf6aa04-e741-4992-a559-f00ab5af08f5 HTTP 307
• https://a.qvol.tv/sync?ssp=83&id=ZWAZcQP_xWM

Request Chain 59

• https://acint.net/match?dp=17&euid=u8R2OsDZZ5FY.AikABlGL_2Nfxw HTTP 302
• https://acint.net/match?dp=17&tc=1&euid=u8R2OsDZZ5FY.AikABlGL_2Nfxw HTTP 302
• https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D&dp=14 HTTP 302
• https://acint.net/match?dp=14&euid=3A03420A711960650501159E0217C6AC

Request Chain 62

• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=113&external_user_id=u8R2OsDZZ5FY.AikABlGL_2Nfxw HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=113&external_user_id=u8R2OsDZZ5FY.AikABlGL_2Nfxw&C=1

Request Chain 63

• https://id.uma.media/return?to=https://px.adhigh.net/p/cm/uma_cid_store?a=b&b=c&z= HTTP 302
• https://px.adhigh.net/p/cm/uma_cid_store?a=b&b=c&z=&_uma_cid=oZfoAXEZYGVHuLOSlSojnw HTTP 302
• https://tms.dmp.wi-fi.ru/?dmpkit_cid=81460eb5-647b-4d9b-a3e3-7863f294c3da&d_evid=fafb6b76-fede-405c-b6ee-e5fb99e1d004&gi_id=u8R2OsDZZ5FY.AikABlGL_2Nfxw&ru=https%3A%2F%2Fpx.adhit%2Fp%2Fcm%2Fqvntstr%3Fu%3D[UID] HTTP 302
• https://px.adhit/p/cm/qvntstr?u=E5eXz5JcSSKtQgZQwzIbtw

Request Chain 64

• https://an.yandex.ru/mapuid/getintentis/u8R2OsDZZ5FY.AikABlGL_2Nfxw HTTP 302
• https://an.yandex.ru/mapuid/getintentis/u8R2OsDZZ5FY.AikABlGL_2Nfxw?redir-setuniq=1

79 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	404	Primary Request wp-c Show response provce.ck.ua/	26 KB 9 KB	741ms 448ms	Document text/html	178.20.157.46 FREEHOST
General Check archive.org Show headers Download Go to Full URL https://provce.ck.ua/wp-c Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.20.157.46 Kyiv, Ukraine, ASN42331 (FREEHOST, UA), Reverse DNS cf1297459.freehost.com.ua Software nginx / Resource Hash f1fc3d45352672f50e86931ec08bca60e8caa7adaf26c65a826b3074fce3a9b2 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control no-cache, must-revalidate, max-age=0 content-encoding gzip content-type text/html; charset=UTF-8 date Fri, 24 Nov 2023 03:33:03 GMT expires Wed, 11 Jan 1984 05:00:00 GMT link <https://provce.ck.ua/wp-json/>; rel="https://api.w.org/" server nginx vary Accept-Encoding Accept-Encoding,Cookie
GET H2	200	autoptimize_0a4cdd9c5900e921cebeb7a6c40e2e83.css provce.ck.ua/wp-content/cache/autoptimize/css/	228 KB 35 KB	241ms 0ms	Stylesheet text/css	178.20.157.46 FREEHOST
General Check archive.org Show headers Download Go to Full URL https://provce.ck.ua/wp-content/cache/autoptimize/css/autoptimize_0a4cdd9c5900e921cebeb7a6c40e2e83.css Requested by Host: provce.ck.ua URL: https://provce.ck.ua/wp-c Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.20.157.46 Kyiv, Ukraine, ASN42331 (FREEHOST, UA), Reverse DNS cf1297459.freehost.com.ua Software nginx / Resource Hash e52db27b87fe6a37f2e94a6a9935ddee3e49b751a0aac11977534846170f1d50 Request headers accept-language de-DE,de;q=0.9 Referer https://provce.ck.ua/wp-c User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 24 Nov 2023 03:33:03 GMT content-encoding gzip last-modified Tue, 21 Nov 2023 13:23:14 GMT server nginx etag W/"655caf42-39095" vary Accept-Encoding content-type text/css cache-control max-age=315360000 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	page.js Show response static.addtoany.com/menu/	3 KB 2 KB	282ms 0ms	Script application/javascript	2606:4700:10::6816:47c5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.addtoany.com/menu/page.js Requested by Host: provce.ck.ua URL: https://provce.ck.ua/wp-c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:47c5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 042a9121e1c7bcdc3bfc48ed5e23b8dd1f64f375ef5872a5984e5d5096444702 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://provce.ck.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 24 Nov 2023 03:33:03 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 20420 content-encoding br alt-svc h3=":443"; ma=86400 referrer-policy strict-origin-when-cross-origin server cloudflare etag W/"03396a6543cd35a0e73d2b4de150841b" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6DZt8JVeQNrTQOrtTCzBEvFwjMVO2n1jpqSnHQPwSYZ95ZIyBfawrEhUJ0I1BKvFi2j7zaArWS0OKZ5YsytdWCDyP6qcd67HMzbmtcJ7u8sTgcUOnJmNnsvUibzxsD7WguSbN95N"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control max-age=86400, stale-while-revalidate=30, public cf-ray 82ae96992db08fd6-FRA
GET H2	200	jquery.min.js Show response provce.ck.ua/wp-includes/js/jquery/	85 KB 30 KB	277ms 36ms	Script application/javascript	178.20.157.46 FREEHOST
General Check archive.org Show headers Download Go to Full URL https://provce.ck.ua/wp-includes/js/jquery/jquery.min.js Requested by Host: provce.ck.ua URL: https://provce.ck.ua/wp-c Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.20.157.46 Kyiv, Ukraine, ASN42331 (FREEHOST, UA), Reverse DNS cf1297459.freehost.com.ua Software nginx / Resource Hash 5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164 Request headers accept-language de-DE,de;q=0.9 Referer https://provce.ck.ua/wp-c User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 24 Nov 2023 03:33:03 GMT content-encoding gzip last-modified Wed, 04 Oct 2023 19:44:09 GMT server nginx etag W/"651dc089-155ba" vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control max-age=315360000 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	150 KB 52 KB	362ms 0ms	Script text/javascript	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Requested by Host: provce.ck.ua URL: https://provce.ck.ua/wp-c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 20c4b0f41d3e9001c0133b79845e557c4fbd69082d1e116efd2ff648c198ae20 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://provce.ck.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 24 Nov 2023 03:33:03 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 52642 x-xss-protection 0 server cafe etag 6666393361395212313 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=3600 timing-allow-origin * expires Fri, 24 Nov 2023 03:33:03 GMT
GET H2	200	lazysizes.min.js Show response provce.ck.ua/wp-content/plugins/autoptimize/classes/external/js/	10 KB 4 KB	106ms 1ms	Script application/javascript	178.20.157.46 FREEHOST
General Check archive.org Show headers Download Go to Full URL https://provce.ck.ua/wp-content/plugins/autoptimize/classes/external/js/lazysizes.min.js?ao_version=3.1.9 Requested by Host: provce.ck.ua URL: https://provce.ck.ua/wp-c Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.20.157.46 Kyiv, Ukraine, ASN42331 (FREEHOST, UA), Reverse DNS cf1297459.freehost.com.ua Software nginx / Resource Hash c4fada4accfa24704b54248bc5ce84acac50b6a059828b7714fe3006786c80c1 Request headers accept-language de-DE,de;q=0.9 Referer https://provce.ck.ua/wp-c User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 24 Nov 2023 03:33:03 GMT content-encoding gzip last-modified Fri, 20 Oct 2023 06:47:23 GMT server nginx etag W/"6532227b-2655" vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control max-age=315360000 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	api.js Show response www.google.com/recaptcha/	1 KB 1 KB	389ms 0ms	Script text/javascript	2a00:1450:4001:82b::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js?render=explicit Requested by Host: provce.ck.ua URL: https://provce.ck.ua/wp-c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 3573b8bc8ed0307395d1b8b24e27e040fdcbd7ded5f5041c4c40e91803805905 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://provce.ck.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 24 Nov 2023 03:33:04 GMT content-encoding gzip x-content-type-options nosniff content-security-policy frame-ancestors 'self' server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=utf-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 1; mode=block expires Fri, 24 Nov 2023 03:33:04 GMT
GET H2	200	autoptimize_c3bdee96711ad9a0c1effb80838f02f2.js Show response provce.ck.ua/wp-content/cache/autoptimize/js/	208 KB 64 KB	144ms 0ms	Script application/javascript	178.20.157.46 FREEHOST
General Check archive.org Show headers Download Go to Full URL https://provce.ck.ua/wp-content/cache/autoptimize/js/autoptimize_c3bdee96711ad9a0c1effb80838f02f2.js Requested by Host: provce.ck.ua URL: https://provce.ck.ua/wp-c Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.20.157.46 Kyiv, Ukraine, ASN42331 (FREEHOST, UA), Reverse DNS cf1297459.freehost.com.ua Software nginx / Resource Hash 48e83c30f9526a2dbd9e2edb0a732800bd965c688abdace3a16b1b6cd4caffaf Request headers accept-language de-DE,de;q=0.9 Referer https://provce.ck.ua/wp-c User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 24 Nov 2023 03:33:03 GMT content-encoding gzip last-modified Tue, 21 Nov 2023 13:23:22 GMT server nginx etag W/"655caf4a-340df" vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control max-age=315360000 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	p.js Show response px.adhigh.net/	10 KB 11 KB	668ms 0ms	Script application/javascript	194.190.76.45 UMA-TECH-AS
General Check archive.org Show headers Download Go to Full URL https://px.adhigh.net/p.js Requested by Host: provce.ck.ua URL: https://provce.ck.ua/wp-c Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 194.190.76.45 , Russian Federation, ASN48061 (UMA-TECH-AS, RU), Reverse DNS hosting.adhigh.net Software nginx / Resource Hash 3e89103ce88d672cda9ea90f4ed75bb46f28f0c1bdfee1d1e064fd14ea15b607 Request headers accept-language de-DE,de;q=0.9 Referer https://provce.ck.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 24 Nov 2023 03:33:04 GMT last-modified Tue, 14 Nov 2023 16:13:40 GMT server nginx etag "65539cb4-29e4" content-type application/javascript access-control-allow-origin * access-control-allow-credentials true accept-ranges bytes content-length 10724
GET H2	200	sm.24.html Show response static.addtoany.com/menu/ Frame DC26	677 B 744 B	100ms 0ms	Document text/html	2606:4700:10::6816:47c5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.addtoany.com/menu/sm.24.html Requested by Host: static.addtoany.com URL: https://static.addtoany.com/menu/page.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:47c5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5a4192e762a449dfd6e63bee835e0941627223c9159e8219acdd01881a1ac175 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://provce.ck.ua/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-origin * age 6326 alt-svc h3=":443"; ma=86400 cache-control max-age=315360000, immutable cf-cache-status HIT cf-ray 82ae969a7e558fd6-FRA content-encoding br content-type text/html; charset=utf-8 date Fri, 24 Nov 2023 03:33:03 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} referrer-policy strict-origin-when-cross-origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FCc2Z%2Fcdqzcy%2BxIa7O%2FivcNJedawEMZ5FaE34vIC81dG3L73EuIfojbHw9Yb4XJ0%2BC%2Bx1vCa2pEf44%2FXY8sJLgKk4%2FP2O%2BXLSyU%2BeBMR2%2FQDvtRlmz11DUtSy2h8Bi8T%2BzZ7g65xea5OFt6FVicDU3Q8"}],"group":"cf-nel","max_age":604800} server cloudflare strict-transport-security max-age=31536000; includeSubDomains; preload vary Accept-Encoding x-content-type-options nosniff
GET H3	200	core.11bfb520.js Show response static.addtoany.com/menu/modules/	70 KB 26 KB	144ms 67ms	Script application/javascript	2606:4700:10::6816:47c5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.addtoany.com/menu/modules/core.11bfb520.js Requested by Host: static.addtoany.com URL: https://static.addtoany.com/menu/page.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::6816:47c5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 77fd2e01fe7322b437084ad512b3c3df777ce7d092b975eb8b29ecb4fb612187 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://provce.ck.ua/ Origin https://provce.ck.ua accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 24 Nov 2023 03:33:03 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 8251 content-encoding br alt-svc h3=":443"; ma=86400 referrer-policy strict-origin-when-cross-origin server cloudflare etag W/"a34c5f06f67d42236ec124345ba1b81c" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=llhTxYlk0JRpNZoaK6j1Kn1fbJXo%2FfU4IIc4ycWudi32hu9lgYMMtKAHyyHwYEtvt6AiiZb9GO4eHtjC5mYjJgcl6Rtb9nwIlfZ%2F2w9%2BDyLv5QD2tHRrxas2tJkQZR29IE5Cjuk2"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control max-age=315360000, immutable cf-ray 82ae969a7ddd9b82-FRA
GET BLOB	200 OK	5ee8ecb6-32c9-4571-a314-d4ba6f9a36a8 https://provce.ck.ua/	1 KB 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://provce.ck.ua/5ee8ecb6-32c9-4571-a314-d4ba6f9a36a8 Requested by Host: provce.ck.ua URL: https://provce.ck.ua/wp-c Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Content-Length 1245 Content-Type text/javascript
GET H2	200	s r.i.ua/	2 KB 3 KB	241ms 0ms	Image image/png	104.18.2.81 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://r.i.ua/s?u222728&p65&n0.6423205687686877&c1&d24&w1600&h1200&rprovce.ck.ua/wp-c Requested by Host: provce.ck.ua URL: https://provce.ck.ua/wp-c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.2.81 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e39438e13f2d4ca018e5dca85de615536a64451ef71aa9dbdfae8d5dced44446 Request headers accept-language de-DE,de;q=0.9 Referer https://provce.ck.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Fri, 24 Nov 2023 03:33:03 GMT cf-cache-status DYNAMIC server cloudflare content-type image/png p3p policyref="http://i.i.ua/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA" cache-control no-cache, must-revalidate cf-ray 82ae969b2bf74d37-FRA alt-svc h3=":443"; ma=86400 expires 0
GET H2	200	fontawesome-webfont.woff2 provce.ck.ua/wp-content/themes/provce/fonts/	75 KB 76 KB	108ms 0ms	Font font/woff2	178.20.157.46 FREEHOST
General Check archive.org Show headers Download Go to Full URL https://provce.ck.ua/wp-content/themes/provce/fonts/fontawesome-webfont.woff2?v=4.7.0 Requested by Host: provce.ck.ua URL: https://provce.ck.ua/wp-content/cache/autoptimize/css/autoptimize_0a4cdd9c5900e921cebeb7a6c40e2e83.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.20.157.46 Kyiv, Ukraine, ASN42331 (FREEHOST, UA), Reverse DNS cf1297459.freehost.com.ua Software nginx / Resource Hash 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe Request headers Referer https://provce.ck.ua/wp-content/cache/autoptimize/css/autoptimize_0a4cdd9c5900e921cebeb7a6c40e2e83.css Origin https://provce.ck.ua accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 24 Nov 2023 03:33:03 GMT last-modified Sat, 17 Sep 2022 08:49:39 GMT server nginx accept-ranges bytes etag "12d68-5e8db8f145318" content-length 77160 content-type font/woff2
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	634ms 0ms	Script text/javascript	2a00:1450:4001:812::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: provce.ck.ua URL: https://provce.ck.ua/wp-c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://provce.ck.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Fri, 24 Nov 2023 03:19:54 GMT last-modified Mon, 12 Jun 2023 18:23:07 GMT server Golfe2 age 790 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Fri, 24 Nov 2023 05:19:54 GMT
GET H2	200	ff.png provce.ck.ua/wp-content/themes/provce/images/	15 KB 15 KB	120ms 38ms	Image image/png	178.20.157.46 FREEHOST
General Check archive.org Show headers Download Go to Show image Full URL https://provce.ck.ua/wp-content/themes/provce/images/ff.png Requested by Host: provce.ck.ua URL: https://provce.ck.ua/wp-content/cache/autoptimize/css/autoptimize_0a4cdd9c5900e921cebeb7a6c40e2e83.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.20.157.46 Kyiv, Ukraine, ASN42331 (FREEHOST, UA), Reverse DNS cf1297459.freehost.com.ua Software nginx / Resource Hash a1762aa749458cc13cce88ec99b9ddb7da00fdca515f1d4b5cd408dd87c21548 Request headers accept-language de-DE,de;q=0.9 Referer https://provce.ck.ua/wp-content/cache/autoptimize/css/autoptimize_0a4cdd9c5900e921cebeb7a6c40e2e83.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 24 Nov 2023 03:33:03 GMT last-modified Sat, 17 Sep 2022 08:49:39 GMT server nginx etag "63258a23-3b48" content-type image/png cache-control max-age=315360000 accept-ranges bytes content-length 15176 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	op.png provce.ck.ua/wp-content/themes/provce/images/	5 KB 5 KB	121ms 39ms	Image image/png	178.20.157.46 FREEHOST
General Check archive.org Show headers Download Go to Show image Full URL https://provce.ck.ua/wp-content/themes/provce/images/op.png Requested by Host: provce.ck.ua URL: https://provce.ck.ua/wp-content/cache/autoptimize/css/autoptimize_0a4cdd9c5900e921cebeb7a6c40e2e83.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.20.157.46 Kyiv, Ukraine, ASN42331 (FREEHOST, UA), Reverse DNS cf1297459.freehost.com.ua Software nginx / Resource Hash 6d494da8ce6f6b9b5d5a3716ccfa1339262e33da13319e97d71dcbb9a998e00a Request headers accept-language de-DE,de;q=0.9 Referer https://provce.ck.ua/wp-content/cache/autoptimize/css/autoptimize_0a4cdd9c5900e921cebeb7a6c40e2e83.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 24 Nov 2023 03:33:03 GMT last-modified Sat, 17 Sep 2022 08:49:39 GMT server nginx etag "63258a23-1492" content-type image/png cache-control max-age=315360000 accept-ranges bytes content-length 5266 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	ch.png provce.ck.ua/wp-content/themes/provce/images/	8 KB 8 KB	121ms 39ms	Image image/png	178.20.157.46 FREEHOST
General Check archive.org Show headers Download Go to Show image Full URL https://provce.ck.ua/wp-content/themes/provce/images/ch.png Requested by Host: provce.ck.ua URL: https://provce.ck.ua/wp-content/cache/autoptimize/css/autoptimize_0a4cdd9c5900e921cebeb7a6c40e2e83.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.20.157.46 Kyiv, Ukraine, ASN42331 (FREEHOST, UA), Reverse DNS cf1297459.freehost.com.ua Software nginx / Resource Hash 7870d5d67a3ad13afed995323bb6a54208a6bc8454aa4f4c9186a0e5d674de0a Request headers accept-language de-DE,de;q=0.9 Referer https://provce.ck.ua/wp-content/cache/autoptimize/css/autoptimize_0a4cdd9c5900e921cebeb7a6c40e2e83.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 24 Nov 2023 03:33:03 GMT last-modified Sat, 17 Sep 2022 08:49:39 GMT server nginx etag "63258a23-1e17" content-type image/png cache-control max-age=315360000 accept-ranges bytes content-length 7703 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	ie.png provce.ck.ua/wp-content/themes/provce/images/	7 KB 8 KB	121ms 40ms	Image image/png	178.20.157.46 FREEHOST
General Check archive.org Show headers Download Go to Show image Full URL https://provce.ck.ua/wp-content/themes/provce/images/ie.png Requested by Host: provce.ck.ua URL: https://provce.ck.ua/wp-content/cache/autoptimize/css/autoptimize_0a4cdd9c5900e921cebeb7a6c40e2e83.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.20.157.46 Kyiv, Ukraine, ASN42331 (FREEHOST, UA), Reverse DNS cf1297459.freehost.com.ua Software nginx / Resource Hash da0693243964d2de4046d6eeeff8d450ea0b09847c0ee762be07440c5c3d26ef Request headers accept-language de-DE,de;q=0.9 Referer https://provce.ck.ua/wp-content/cache/autoptimize/css/autoptimize_0a4cdd9c5900e921cebeb7a6c40e2e83.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 24 Nov 2023 03:33:03 GMT last-modified Sat, 17 Sep 2022 08:49:39 GMT server nginx etag "63258a23-1d9e" content-type image/png cache-control max-age=315360000 accept-ranges bytes content-length 7582 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H3	200	facebook.js Show response static.addtoany.com/menu/svg/icons/	430 B 833 B	206ms 114ms	Script application/javascript	2606:4700:10::6816:47c5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.addtoany.com/menu/svg/icons/facebook.js Requested by Host: static.addtoany.com URL: https://static.addtoany.com/menu/modules/core.11bfb520.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::6816:47c5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9ee1397f4da0e0c981a979bc1ea43be1d0c28bf3619636df8ab9dc09fa770aaf Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://static.addtoany.com/menu/modules/core.11bfb520.js Origin https://provce.ck.ua accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 24 Nov 2023 03:33:04 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 20545 content-encoding br alt-svc h3=":443"; ma=86400 referrer-policy strict-origin-when-cross-origin server cloudflare etag W/"3c6ccaafe275b5b477d0400b5847bbce" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=84veb5pQqokPs%2FkEqpqBlXCYdJITJ5ldjEw9rF5uSgPxdPjLPY8mkdRvik4IJPpbTK%2B1hzrdoA%2FQumzZrHRWT6Nie0HP%2BpPIgosNXZU%2BryOgMcdKJ8eHlokaglo37XsG6EMFy7GgQCJFpH9JtCAwbzkY"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control max-age=7776000, stale-while-revalidate=30, public cf-ray 82ae969c0efa9b82-FRA
GET H3	200	telegram.js Show response static.addtoany.com/menu/svg/icons/	360 B 796 B	203ms 111ms	Script application/javascript	2606:4700:10::6816:47c5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.addtoany.com/menu/svg/icons/telegram.js Requested by Host: static.addtoany.com URL: https://static.addtoany.com/menu/modules/core.11bfb520.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::6816:47c5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6415561e892cf9d614e7179f71353af4ceadfd641d71c42fe54c9420eb0d0138 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://static.addtoany.com/menu/modules/core.11bfb520.js Origin https://provce.ck.ua accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 24 Nov 2023 03:33:04 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 25038 content-encoding br alt-svc h3=":443"; ma=86400 referrer-policy strict-origin-when-cross-origin server cloudflare etag W/"fb47b4f6548b6499923a1beed7472419" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nd6u01VQ0wzTtOlz4ZtYnjfeyrJwlYKk6vLWOXRL85bqkAwQ2WP59B%2Bx%2Bs26qQFaq0Xy50cuAwLKZs02AGOWc0QOW%2FxHTyzyyXLFXhmYt9EhGLoK3dP6V70oJj3mZDAx4MF8fHfjxT1KZimDY%2B%2B6%2BCks"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control max-age=7776000, stale-while-revalidate=30, public cf-ray 82ae969c0efd9b82-FRA
GET H2	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/	468 KB 188 KB	514ms 30ms	Script text/javascript	2a00:1450:4001:830::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js?render=explicit Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 983871cac9e719263fcecaa540c4e1597c8ece1805845830ec21fef0e71d9f88 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://provce.ck.ua/ Origin https://provce.ck.ua accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Thu, 23 Nov 2023 08:55:04 GMT content-encoding gzip x-content-type-options nosniff age 67080 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 192016 x-xss-protection 0 last-modified Tue, 14 Nov 2023 05:42:11 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 22 Nov 2024 08:55:04 GMT
GET H2	200	wp-emoji-release.min.js Show response provce.ck.ua/wp-includes/js/	18 KB 5 KB	204ms 7ms	Script application/javascript	178.20.157.46 FREEHOST
General Check archive.org Show headers Download Go to Full URL https://provce.ck.ua/wp-includes/js/wp-emoji-release.min.js Requested by Host: provce.ck.ua URL: https://provce.ck.ua/wp-c Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.20.157.46 Kyiv, Ukraine, ASN42331 (FREEHOST, UA), Reverse DNS cf1297459.freehost.com.ua Software nginx / Resource Hash 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230 Request headers accept-language de-DE,de;q=0.9 Referer https://provce.ck.ua/wp-c User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 24 Nov 2023 03:33:04 GMT content-encoding gzip last-modified Wed, 04 Oct 2023 19:44:09 GMT server nginx etag W/"651dc089-4904" vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control max-age=315360000 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H3	200	sm.24.html Show response static.addtoany.com/menu/ Frame BADE	677 B 929 B	173ms 58ms	Document text/html	2606:4700:10::6816:47c5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.addtoany.com/menu/sm.24.html Requested by Host: provce.ck.ua URL: https://provce.ck.ua/wp-content/cache/autoptimize/js/autoptimize_c3bdee96711ad9a0c1effb80838f02f2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::6816:47c5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5a4192e762a449dfd6e63bee835e0941627223c9159e8219acdd01881a1ac175 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://provce.ck.ua/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-origin * age 24065 alt-svc h3=":443"; ma=86400 cache-control max-age=315360000, immutable cf-cache-status HIT cf-ray 82ae969e8bc66aea-FRA content-encoding br content-type text/html; charset=utf-8 date Fri, 24 Nov 2023 03:33:04 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} referrer-policy strict-origin-when-cross-origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dVtfPG0gTQkowAP2ouniOfqOfOFpRGb3yV0A5SJKtEGb3YC8yYkFgIcUAyf%2F9Vn%2BuPsu8urjL78DHbEL1y%2FN4v5a%2BhoIUOUd2NFGcETkTDGfTxC4SV7u7KbwvO4VYs%2BgGW%2Fa9FRc"}],"group":"cf-nel","max_age":604800} server cloudflare strict-transport-security max-age=31536000; includeSubDomains; preload vary Accept-Encoding x-content-type-options nosniff
GET H2	200	show_ads_impl_with_ama_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/	397 KB 134 KB	171ms 50ms	Script text/javascript	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9868541834033166&plah=provce.ck.ua&bust=31079654 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 102a0b94c5ca9c59af9350da5de3d1d86f431033dec3036436ad858821005593 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://provce.ck.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 24 Nov 2023 03:33:04 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 137189 x-xss-protection 0 server cafe etag 6571918571470148045 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Fri, 24 Nov 2023 03:33:04 GMT
GET H2	200	zrt_lookup_fy2021.html Show response googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/ Frame 4C4C	9 KB 4 KB	333ms 14ms	Document text/html	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://provce.ck.ua/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 20144 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4118 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 23 Nov 2023 21:57:20 GMT etag 16674218716276178799 expires Thu, 07 Dec 2023 21:57:20 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	tracking.js Show response px.adhigh.net/p/ Redirect Chain https://px.adhigh.net/p/tracking.js?site_id=5304&trk=&product_id=&product_price=&category_id=&user_data=&pixel_id=partiya_track&scr=1600x1200x24&uit=1700796784454&ifr=0&tz=-60&url=https%3A%2F%2Fpro... https://px.adhigh.net/p/tracking.js?site_id=5304&trk=&product_id=&product_price=&category_id=&user_data=&pixel_id=partiya_track&scr=1600x1200x24&uit=1700796784454&ifr=0&tz=-60&url=https%3A%2F%2Fpro...	636 B 748 B	218ms 136ms	Script text/javascript	194.190.76.45 UMA-TECH-AS
General Check archive.org Show headers Download Go to Full URL https://px.adhigh.net/p/tracking.js?site_id=5304&trk=&product_id=&product_price=&category_id=&user_data=&pixel_id=partiya_track&scr=1600x1200x24&uit=1700796784454&ifr=0&tz=-60&url=https%3A%2F%2Fprovce.ck.ua%2Fwp-c&rf=&pl=443304750&bounced=1 Requested by Host: provce.ck.ua URL: https://provce.ck.ua/wp-c Protocol H2 Server 194.190.76.45 , Russian Federation, ASN48061 (UMA-TECH-AS, RU), Reverse DNS hosting.adhigh.net Software nginx / Resource Hash 37369807da8cbf29a6dc2d96dcc954969b864f6c1554ec9ded471020e881ae6a Request headers accept-language de-DE,de;q=0.9 Referer https://provce.ck.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Fri, 24 Nov 2023 03:33:04 GMT content-encoding gzip server nginx x-backend-id f23-ru p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" access-control-allow-origin * content-type text/javascript;charset=utf-8 cache-control no-cache, no-store access-control-allow-credentials true content-length 439 expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers pragma no-cache date Fri, 24 Nov 2023 03:33:04 GMT server nginx x-backend-id f23-ru p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" access-control-allow-origin * location https://px.adhigh.net/p/tracking.js?site_id=5304&trk=&product_id=&product_price=&category_id=&user_data=&pixel_id=partiya_track&scr=1600x1200x24&uit=1700796784454&ifr=0&tz=-60&url=https%3A%2F%2Fprovce.ck.ua%2Fwp-c&rf=&pl=443304750&bounced=1 cache-control no-cache, no-store access-control-allow-credentials true content-length 0 expires Thu, 01 Jan 1970 00:00:00 GMT
POST H2	200	collect Show response www.google-analytics.com/j/	16 B 220 B	127ms 26ms	XHR text/plain	2a00:1450:4001:812::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1064253867&t=pageview&_s=1&dl=https%3A%2F%2Fprovce.ck.ua%2Fwp-c&ul=en-us&de=UTF-8&dt=%D0%A1%D1%82%D0%BE%D1%80%D1%96%D0%BD%D0%BA%D1%83%20%D0%BD%D0%B5%20%D0%B7%D0%BD%D0%B0%D0%B9%D0%B4%D0%B5%D0%BD%D0%BE&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=803767906&gjid=735891318&cid=1246306718.1700796784&tid=UA-91419956-1&_gid=548804443.1700796784&_r=1&_slc=1&z=833435660 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 1d1027bebfb9e442f773c864e0edcdea4058e0cc97450370282db7ed957e03c9 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://provce.ck.ua/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Fri, 24 Nov 2023 03:33:04 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://provce.ck.ua cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 16 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 347 B	306ms 39ms	XHR text/plain	2a00:1450:400c:c00::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-91419956-1&cid=1246306718.1700796784&jid=803767906&gjid=735891318&_gid=548804443.1700796784&_u=IEBAAEAAAAAAACAAI~&z=964442490 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://provce.ck.ua/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload date Fri, 24 Nov 2023 03:33:04 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://provce.ck.ua cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	230 KB 82 KB	332ms 50ms	Script application/javascript	2a00:1450:4001:828::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-X70YZZ6J6R&cx=c&_slc=1 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 15cca66a528171d240cd17338d09e670239c5654fafb5eb02bb686216de80aa4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://provce.ck.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 24 Nov 2023 03:33:04 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 83256 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Fri, 24 Nov 2023 03:33:04 GMT
GET H2	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 0DE3	603 B 245 B	96ms 65ms	Document text/html	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9868541834033166&output=html&adk=1812271804&adf=3025194257&lmt=1700796784&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x810_l%7C212x810_r&format=0x0&url=https%3A%2F%2Fprovce.ck.ua%2Fwp-c&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700796784387&bpp=7&bdt=1150&idt=501&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7835380282111&frm=20&pv=2&ga_vid=1246306718.1700796784&ga_sid=1700796785&ga_hid=1064253867&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078297%2C31079654%2C44806139%2C44807763%2C44808149%2C44808284%2C44809053%2C44809072%2C318512601&oid=2&pvsid=461263822566519&tmod=1279930786&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=548 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9868541834033166&plah=provce.ck.ua&bust=31079654 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://provce.ck.ua/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 46 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 24 Nov 2023 03:33:05 GMT expires Fri, 24 Nov 2023 03:33:05 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	ga-audiences www.google.com/ads/	42 B 296 B	82ms 60ms	Image image/gif	2a00:1450:4001:82b::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-91419956-1&cid=1246306718.1700796784&jid=803767906&_u=IEBAAEAAAAAAACAAI~&z=679282293 Requested by Host: provce.ck.ua URL: https://provce.ck.ua/wp-c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://provce.ck.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Fri, 24 Nov 2023 03:33:04 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 408 B	238ms 64ms	Image image/gif	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-91419956-1&cid=1246306718.1700796784&jid=803767906&_u=IEBAAEAAAAAAACAAI~&z=679282293 Requested by Host: provce.ck.ua URL: https://provce.ck.ua/wp-c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://provce.ck.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Fri, 24 Nov 2023 03:33:05 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	sync.html Show response px.adhigh.net/p/ Frame 989F	5 KB 4 KB	65ms 47ms	Document text/html	194.190.76.45 UMA-TECH-AS
General Check archive.org Show headers Download Go to Full URL https://px.adhigh.net/p/sync.html?u=u8R2OsDZZ5FY.AikABlGL_2Nfxw&l=bidvol,adriver,quiet_media,vibevideo,ohmybid,gpmdata_stid3,traffaret,gpmdata_stid4,qvnt,adstreamer,gpmdata_stid1,gpmdata_stid2,gpmdata,otm_video,aidata,buzzoola,punchmedia,amberdata,umg,paradocs,skyadvert,videonow,btw,moevideo,adspend,solta,sape,adlook,xapads,indexexchange,uma_cid_init,yandexssp,quiet_media_2&site_id=5304 Requested by Host: px.adhigh.net URL: https://px.adhigh.net/p/tracking.js?site_id=5304&trk=&product_id=&product_price=&category_id=&user_data=&pixel_id=partiya_track&scr=1600x1200x24&uit=1700796784454&ifr=0&tz=-60&url=https%3A%2F%2Fprovce.ck.ua%2Fwp-c&rf=&pl=443304750 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 194.190.76.45 , Russian Federation, ASN48061 (UMA-TECH-AS, RU), Reverse DNS hosting.adhigh.net Software nginx / Resource Hash 298d044834c289fa84d9b9623bb3bd3881f536f7e3d14716d3d2cdf2e72f4e8c Request headers Referer https://provce.ck.ua/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-credentials true access-control-allow-origin * cache-control no-cache no-store content-encoding gzip content-length 1094 content-type text/html;charset=utf-8 date Fri, 24 Nov 2023 03:33:04 GMT expires Thu, 01 Jan 1970 00:00:00 GMT p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" pragma no-cache server nginx x-backend-id f23-ru
GET H2	200	usersync ssp.bidvol.com/ Frame 989F	0 443 B	188ms 29ms	Image text/plain	65.109.65.187 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ssp.bidvol.com/usersync?id=u8R2OsDZZ5FY.AikABlGL_2Nfxw&dspcsid=142 Requested by Host: px.adhigh.net URL: https://px.adhigh.net/p/sync.html?u=u8R2OsDZZ5FY.AikABlGL_2Nfxw&l=bidvol,adriver,quiet_media,vibevideo,ohmybid,gpmdata_stid3,traffaret,gpmdata_stid4,qvnt,adstreamer,gpmdata_stid1,gpmdata_stid2,gpmdata,otm_video,aidata,buzzoola,punchmedia,amberdata,umg,paradocs,skyadvert,videonow,btw,moevideo,adspend,solta,sape,adlook,xapads,indexexchange,uma_cid_init,yandexssp,quiet_media_2&site_id=5304 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 65.109.65.187 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS static.187.65.109.65.clients.your-server.de Software nginx/1.22.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://px.adhigh.net/p/sync.html?u=u8R2OsDZZ5FY.AikABlGL_2Nfxw&l=bidvol,adriver,quiet_media,vibevideo,ohmybid,gpmdata_stid3,traffaret,gpmdata_stid4,qvnt,adstreamer,gpmdata_stid1,gpmdata_stid2,gpmdata,otm_video,aidata,buzzoola,punchmedia,amberdata,umg,paradocs,skyadvert,videonow,btw,moevideo,adspend,solta,sape,adlook,xapads,indexexchange,uma_cid_init,yandexssp,quiet_media_2&site_id=5304 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Fri, 24 Nov 2023 03:33:05 GMT server nginx/1.22.0 surrogate-control no-store vary Origin access-control-allow-origin * cache-control no-store, no-cache, must-revalidate, proxy-revalidate access-control-allow-credentials true x-request-id fc322d8a-3a54-42fe-964f-c7411033588c expires 0
GET H/1.1	200 OK	sync.cgi ssp.adriver.ru/cgi-bin/ Frame 989F	42 B 201 B	346ms 66ms	Image image/gif	81.222.128.214 ELTEL-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=112&external_id=u8R2OsDZZ5FY.AikABlGL_2Nfxw Requested by Host: px.adhigh.net URL: https://px.adhigh.net/p/sync.html?u=u8R2OsDZZ5FY.AikABlGL_2Nfxw&l=bidvol,adriver,quiet_media,vibevideo,ohmybid,gpmdata_stid3,traffaret,gpmdata_stid4,qvnt,adstreamer,gpmdata_stid1,gpmdata_stid2,gpmdata,otm_video,aidata,buzzoola,punchmedia,amberdata,umg,paradocs,skyadvert,videonow,btw,moevideo,adspend,solta,sape,adlook,xapads,indexexchange,uma_cid_init,yandexssp,quiet_media_2&site_id=5304 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 81.222.128.214 , Russian Federation, ASN20597 (ELTEL-AS, RU), Reverse DNS ad14.adriver.ru Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language de-DE,de;q=0.9 Referer https://px.adhigh.net/p/sync.html?u=u8R2OsDZZ5FY.AikABlGL_2Nfxw&l=bidvol,adriver,quiet_media,vibevideo,ohmybid,gpmdata_stid3,traffaret,gpmdata_stid4,qvnt,adstreamer,gpmdata_stid1,gpmdata_stid2,gpmdata,otm_video,aidata,buzzoola,punchmedia,amberdata,umg,paradocs,skyadvert,videonow,btw,moevideo,adspend,solta,sape,adlook,xapads,indexexchange,uma_cid_init,yandexssp,quiet_media_2&site_id=5304 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Fri, 24 Nov 2023 03:33:05 GMT Server nginx Connection keep-alive Transfer-Encoding chunked Content-Type image/gif
GET		p.gif matching.mobilebanner.ru/ Frame 989F	0 0
GET H2	200	sync sync.viavideo.digital/tools/ Frame 989F	43 B 461 B	189ms 2ms	Image image/gif	141.94.202.176 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://sync.viavideo.digital/tools/sync?dsp=5&uid=u8R2OsDZZ5FY.AikABlGL_2Nfxw Requested by Host: px.adhigh.net URL: https://px.adhigh.net/p/sync.html?u=u8R2OsDZZ5FY.AikABlGL_2Nfxw&l=bidvol,adriver,quiet_media,vibevideo,ohmybid,gpmdata_stid3,traffaret,gpmdata_stid4,qvnt,adstreamer,gpmdata_stid1,gpmdata_stid2,gpmdata,otm_video,aidata,buzzoola,punchmedia,amberdata,umg,paradocs,skyadvert,videonow,btw,moevideo,adspend,solta,sape,adlook,xapads,indexexchange,uma_cid_init,yandexssp,quiet_media_2&site_id=5304 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 141.94.202.176 , France, ASN16276 (OVH, FR), Reverse DNS ns31491888.ip-141-94-202.eu Software nginx / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers accept-language de-DE,de;q=0.9 Referer https://px.adhigh.net/p/sync.html?u=u8R2OsDZZ5FY.AikABlGL_2Nfxw&l=bidvol,adriver,quiet_media,vibevideo,ohmybid,gpmdata_stid3,traffaret,gpmdata_stid4,qvnt,adstreamer,gpmdata_stid1,gpmdata_stid2,gpmdata,otm_video,aidata,buzzoola,punchmedia,amberdata,umg,paradocs,skyadvert,videonow,btw,moevideo,adspend,solta,sape,adlook,xapads,indexexchange,uma_cid_init,yandexssp,quiet_media_2&site_id=5304 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Fri, 24 Nov 2023 03:33:05 GMT last-modified Fri, 24 Nov 2023 03:33:05 GMT server nginx access-control-allow-methods GET, POST content-type image/gif access-control-allow-origin * cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 access-control-allow-credentials true access-control-allow-headers Content-Type, Accept content-length 43 expires Wed, 11 Nov 1998 11:11:11 GMT
GET H2	200	cm match.ohmy.bid/ Frame 989F	44 B 302 B	123ms 14ms	Image image/gif	167.235.14.51 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://match.ohmy.bid/cm?dsp_id=49&uid=u8R2OsDZZ5FY.AikABlGL_2Nfxw Requested by Host: px.adhigh.net URL: https://px.adhigh.net/p/sync.html?u=u8R2OsDZZ5FY.AikABlGL_2Nfxw&l=bidvol,adriver,quiet_media,vibevideo,ohmybid,gpmdata_stid3,traffaret,gpmdata_stid4,qvnt,adstreamer,gpmdata_stid1,gpmdata_stid2,gpmdata,otm_video,aidata,buzzoola,punchmedia,amberdata,umg,paradocs,skyadvert,videonow,btw,moevideo,adspend,solta,sape,adlook,xapads,indexexchange,uma_cid_init,yandexssp,quiet_media_2&site_id=5304 Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 167.235.14.51 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.51.14.235.167.clients.your-server.de Software nginx / Resource Hash 82cb517a8f80c91dfcec543c6d140deb3baaf463ea9e77655475096eba7bc7d9 Request headers accept-language de-DE,de;q=0.9 Referer https://px.adhigh.net/p/sync.html?u=u8R2OsDZZ5FY.AikABlGL_2Nfxw&l=bidvol,adriver,quiet_media,vibevideo,ohmybid,gpmdata_stid3,traffaret,gpmdata_stid4,qvnt,adstreamer,gpmdata_stid1,gpmdata_stid2,gpmdata,otm_video,aidata,buzzoola,punchmedia,amberdata,umg,paradocs,skyadvert,videonow,btw,moevideo,adspend,solta,sape,adlook,xapads,indexexchange,uma_cid_init,yandexssp,quiet_media_2&site_id=5304 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 24 Nov 2023 03:33:05 GMT content-encoding gzip access-control-allow-credentials true server nginx bidder bid-25 content-length 58 content-type image/gif
GET		/ u8r2osdzz5fy.aikablgl_2nfxw.analytics.tele2.ru/ Frame 989F	0 0
GET H2	200	match.gif instreamvideo.ru/core/ Frame 989F	43 B 412 B	213ms 23ms	Image image/gif	2a02:2d8:0:1025::29 RETN-AS
General Check archive.org Show headers Download Go to Show image Full URL https://instreamvideo.ru/core/match.gif?s=7&id=u8R2OsDZZ5FY.AikABlGL_2Nfxw Requested by Host: px.adhigh.net URL: https://px.adhigh.net/p/sync.html?u=u8R2OsDZZ5FY.AikABlGL_2Nfxw&l=bidvol,adriver,quiet_media,vibevideo,ohmybid,gpmdata_stid3,traffaret,gpmdata_stid4,qvnt,adstreamer,gpmdata_stid1,gpmdata_stid2,gpmdata,otm_video,aidata,buzzoola,punchmedia,amberdata,umg,paradocs,skyadvert,videonow,btw,moevideo,adspend,solta,sape,adlook,xapads,indexexchange,uma_cid_init,yandexssp,quiet_media_2&site_id=5304 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:2d8:0:1025::29 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx/1.24.0 / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://px.adhigh.net/p/sync.html?u=u8R2OsDZZ5FY.AikABlGL_2Nfxw&l=bidvol,adriver,quiet_media,vibevideo,ohmybid,gpmdata_stid3,traffaret,gpmdata_stid4,qvnt,adstreamer,gpmdata_stid1,gpmdata_stid2,gpmdata,otm_video,aidata,buzzoola,punchmedia,amberdata,umg,paradocs,skyadvert,videonow,btw,moevideo,adspend,solta,sape,adlook,xapads,indexexchange,uma_cid_init,yandexssp,quiet_media_2&site_id=5304 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Fri, 24 Nov 2023 03:33:05 GMT server nginx/1.24.0 p3p policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA content-type image/gif cache-control no-cache, max-age=0, must-revalidate, no-store alt-svc h3=":443"; ma=86400,h3-29=":443"; ma=86400 content-length 43 expires Thursday, 01-Jan-1970 00:00:00 GMT
GET H2	204	/ d4fa8c8360457c809f77e787ef434d-f33d35f3c4854e9fbeb8b00a848ea73a.ops.beeline.ru/ Frame 989F Redirect Chain https://f33d35f3c4854e9fbeb8b00a848ea73a.ops.beeline.ru/?id=u8R2OsDZZ5FY.AikABlGL_2Nfxw https://d4fa8c8360457c809f77e787ef434d-f33d35f3c4854e9fbeb8b00a848ea73a.ops.beeline.ru/?id=u8R2OsDZZ5FY.AikABlGL_2Nfxw	0 259 B	134ms 80ms	Image text/plain	37.9.245.57 BEE-AS Russia
General Check archive.org Show headers Download Go to Show image Full URL https://d4fa8c8360457c809f77e787ef434d-f33d35f3c4854e9fbeb8b00a848ea73a.ops.beeline.ru/?id=u8R2OsDZZ5FY.AikABlGL_2Nfxw Requested by Host: px.adhigh.net URL: https://px.adhigh.net/p/sync.html?u=u8R2OsDZZ5FY.AikABlGL_2Nfxw&l=bidvol,adriver,quiet_media,vibevideo,ohmybid,gpmdata_stid3,traffaret,gpmdata_stid4,qvnt,adstreamer,gpmdata_stid1,gpmdata_stid2,gpmdata,otm_video,aidata,buzzoola,punchmedia,amberdata,umg,paradocs,skyadvert,videonow,btw,moevideo,adspend,solta,sape,adlook,xapads,indexexchange,uma_cid_init,yandexssp,quiet_media_2&site_id=5304 Protocol H2 Server 37.9.245.57 , Russian Federation, ASN16345 (BEE-AS Russia, RU), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://px.adhigh.net/p/sync.html?u=u8R2OsDZZ5FY.AikABlGL_2Nfxw&l=bidvol,adriver,quiet_media,vibevideo,ohmybid,gpmdata_stid3,traffaret,gpmdata_stid4,qvnt,adstreamer,gpmdata_stid1,gpmdata_stid2,gpmdata,otm_video,aidata,buzzoola,punchmedia,amberdata,umg,paradocs,skyadvert,videonow,btw,moevideo,adspend,solta,sape,adlook,xapads,indexexchange,uma_cid_init,yandexssp,quiet_media_2&site_id=5304 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 24 Nov 2023 03:33:05 GMT x-route http://upstream_ops_beeline3 access-control-allow-credentials true x-host 192.168.152.31 server nginx access-control-allow-headers Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT access-control-allow-methods GET, HEAD, POST, OPTIONS, PUT, DELETE Redirect headers date Fri, 24 Nov 2023 03:33:05 GMT x-route http://upstream_ops_beeline3 server nginx access-control-allow-methods GET, HEAD, POST, OPTIONS, PUT, DELETE location https://d4fa8c8360457c809f77e787ef434d-f33d35f3c4854e9fbeb8b00a848ea73a.ops.beeline.ru/?id=u8R2OsDZZ5FY.AikABlGL_2Nfxw access-control-allow-credentials true x-host 192.168.152.31 access-control-allow-headers Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT content-length 0
GET H2	200	qvntstr px.adhigh.net/p/cm/ Frame 989F Redirect Chain https://tms.dmp.wi-fi.ru/?dmpkit_cid=81460eb5-647b-4d9b-a3e3-7863f294c3da&dmpkit_evid=fafb6b76-fede-405c-b6ee-e5fb99e1d004&gi_id=u8R2OsDZZ5FY.AikABlGL_2Nfxw&ru=https%3A%2F%2Fpx.adhigh.net%2Fp%2Fcm%... https://px.adhigh.net/p/cm/qvntstr?u=E5eXz5JcSSKtQgZQwzIbtw	49 B 326 B	73ms 71ms	Image image/gif	194.190.76.45 UMA-TECH-AS
General Check archive.org Show headers Download Go to Show image Full URL https://px.adhigh.net/p/cm/qvntstr?u=E5eXz5JcSSKtQgZQwzIbtw Requested by Host: px.adhigh.net URL: https://px.adhigh.net/p/sync.html?u=u8R2OsDZZ5FY.AikABlGL_2Nfxw&l=bidvol,adriver,quiet_media,vibevideo,ohmybid,gpmdata_stid3,traffaret,gpmdata_stid4,qvnt,adstreamer,gpmdata_stid1,gpmdata_stid2,gpmdata,otm_video,aidata,buzzoola,punchmedia,amberdata,umg,paradocs,skyadvert,videonow,btw,moevideo,adspend,solta,sape,adlook,xapads,indexexchange,uma_cid_init,yandexssp,quiet_media_2&site_id=5304 Protocol H2 Server 194.190.76.45 , Russian Federation, ASN48061 (UMA-TECH-AS, RU), Reverse DNS hosting.adhigh.net Software nginx / Resource Hash d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32 Request headers accept-language de-DE,de;q=0.9 Referer https://px.adhigh.net/p/sync.html?u=u8R2OsDZZ5FY.AikABlGL_2Nfxw&l=bidvol,adriver,quiet_media,vibevideo,ohmybid,gpmdata_stid3,traffaret,gpmdata_stid4,qvnt,adstreamer,gpmdata_stid1,gpmdata_stid2,gpmdata,otm_video,aidata,buzzoola,punchmedia,amberdata,umg,paradocs,skyadvert,videonow,btw,moevideo,adspend,solta,sape,adlook,xapads,indexexchange,uma_cid_init,yandexssp,quiet_media_2&site_id=5304 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Fri, 24 Nov 2023 03:33:05 GMT server nginx x-backend-id f23-ru p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" access-control-allow-origin * content-type image/gif cache-control no-cache, no-store access-control-allow-credentials true content-length 49 expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers pragma no-cache, no-cache date Fri, 24 Nov 2023 03:33:05 GMT server nginx access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS, HEAD location https://px.adhigh.net/p/cm/qvntstr?u=E5eXz5JcSSKtQgZQwzIbtw cache-control private, no-cache, no-cache=Set-Cookie, proxy-revalidate, private, no-cache, no-cache=Set-Cookie, proxy-revalidate access-control-allow-credentials true access-control-allow-headers Accept,Authorization,Cache-Control,Content-Type,DNT,If-None-Match,Last-Modified,If-Modified-Since,Keep-Alive,Origin,User-Agent,Vary,X-Mx-ReqToken,X-Requested-With content-length 0 expires 0
GET H2	200	91 svr.adstreamer.ru/v.php/ Frame 989F	0 375 B	264ms 48ms	Image text/plain	91.107.86.116 NETRACK-AS
General Check archive.org Show headers Download Go to Show image Full URL https://svr.adstreamer.ru/v.php/91?a=e&u=u8R2OsDZZ5FY.AikABlGL_2Nfxw Requested by Host: px.adhigh.net URL: https://px.adhigh.net/p/sync.html?u=u8R2OsDZZ5FY.AikABlGL_2Nfxw&l=bidvol,adriver,quiet_media,vibevideo,ohmybid,gpmdata_stid3,traffaret,gpmdata_stid4,qvnt,adstreamer,gpmdata_stid1,gpmdata_stid2,gpmdata,otm_video,aidata,buzzoola,punchmedia,amberdata,umg,paradocs,skyadvert,videonow,btw,moevideo,adspend,solta,sape,adlook,xapads,indexexchange,uma_cid_init,yandexssp,quiet_media_2&site_id=5304 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 91.107.86.116 , Canada, ASN61400 (NETRACK-AS, RU), Reverse DNS Software nginx/1.23.3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://px.adhigh.net/p/sync.html?u=u8R2OsDZZ5FY.AikABlGL_2Nfxw&l=bidvol,adriver,quiet_media,vibevideo,ohmybid,gpmdata_stid3,traffaret,gpmdata_stid4,qvnt,adstreamer,gpmdata_stid1,gpmdata_stid2,gpmdata,otm_video,aidata,buzzoola,punchmedia,amberdata,umg,paradocs,skyadvert,videonow,btw,moevideo,adspend,solta,sape,adlook,xapads,indexexchange,uma_cid_init,yandexssp,quiet_media_2&site_id=5304 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers access-control-allow-origin date Fri, 24 Nov 2023 03:33:05 GMT access-control-allow-credentials true server nginx/1.23.3 content-length 0 vary Origin
GET H/1.1	204 No Content	p.gif const.uno/ Frame 989F	0 143 B	207ms 50ms	Image text/plain	95.163.84.7 DINET-AS
General Check archive.org Show headers Download Go to Show image Full URL https://const.uno/p.gif?p=32&r=2&id=u8R2OsDZZ5FY.AikABlGL_2Nfxw Requested by Host: px.adhigh.net URL: https://px.adhigh.net/p/sync.html?u=u8R2OsDZZ5FY.AikABlGL_2Nfxw&l=bidvol,adriver,quiet_media,vibevideo,ohmybid,gpmdata_stid3,traffaret,gpmdata_stid4,qvnt,adstreamer,gpmdata_stid1,gpmdata_stid2,gpmdata,otm_video,aidata,buzzoola,punchmedia,amberdata,umg,paradocs,skyadvert,videonow,btw,moevideo,adspend,solta,sape,adlook,xapads,indexexchange,uma_cid_init,yandexssp,quiet_media_2&site_id=5304 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 95.163.84.7 , Russian Federation, ASN12695 (DINET-AS, RU), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://px.adhigh.net/p/sync.html?u=u8R2OsDZZ5FY.AikABlGL_2Nfxw&l=bidvol,adriver,quiet_media,vibevideo,ohmybid,gpmdata_stid3,traffaret,gpmdata_stid4,qvnt,adstreamer,gpmdata_stid1,gpmdata_stid2,gpmdata,otm_video,aidata,buzzoola,punchmedia,amberdata,umg,paradocs,skyadvert,videonow,btw,moevideo,adspend,solta,sape,adlook,xapads,indexexchange,uma_cid_init,yandexssp,quiet_media_2&site_id=5304 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Fri, 24 Nov 2023 03:33:05 GMT Access-Control-Allow-Credentials true Server nginx Connection keep-alive
GET H2	200	/ 1017--u8r2osdzz5fy.aikablgl_2nfxw.stbid.ru/ Frame 989F	43 B 197 B	503ms 56ms	Image image/gif	92.63.98.236 RU-JSCIOT
General Check archive.org Show headers Download Go to Show image Full URL https://1017--u8r2osdzz5fy.aikablgl_2nfxw.stbid.ru/ Requested by Host: px.adhigh.net URL: https://px.adhigh.net/p/sync.html?u=u8R2OsDZZ5FY.AikABlGL_2Nfxw&l=bidvol,adriver,quiet_media,vibevideo,ohmybid,gpmdata_stid3,traffaret,gpmdata_stid4,qvnt,adstreamer,gpmdata_stid1,gpmdata_stid2,gpmdata,otm_video,aidata,buzzoola,punchmedia,amberdata,umg,paradocs,skyadvert,videonow,btw,moevideo,adspend,solta,sape,adlook,xapads,indexexchange,uma_cid_init,yandexssp,quiet_media_2&site_id=5304 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 92.63.98.236 Moscow, Russian Federation, ASN29182 (RU-JSCIOT, RU), Reverse DNS sync11.stbid.ru Software nginx/1.24.0 / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers accept-language de-DE,de;q=0.9 Referer https://px.adhigh.net/p/sync.html?u=u8R2OsDZZ5FY.AikABlGL_2Nfxw&l=bidvol,adriver,quiet_media,vibevideo,ohmybid,gpmdata_stid3,traffaret,gpmdata_stid4,qvnt,adstreamer,gpmdata_stid1,gpmdata_stid2,gpmdata,otm_video,aidata,buzzoola,punchmedia,amberdata,umg,paradocs,skyadvert,videonow,btw,moevideo,adspend,solta,sape,adlook,xapads,indexexchange,uma_cid_init,yandexssp,quiet_media_2&site_id=5304 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers access-control-allow-origin * date Fri, 24 Nov 2023 03:33:05 GMT last-modified Mon, 28 Sep 1970 06:00:00 GMT server nginx/1.24.0 content-length 43 access-control-allow-methods GET, POST, OPTIONS content-type image/gif
GET H2	200	/ tms.dmp.wi-fi.ru/ Frame 989F Redirect Chain https://id.uma.media/return?to=https://tms.dmp.wi-fi.ru/?dmpkit_cid=81460eb5-647b-4d9b-a3e3-7863f294c3da&dmpkit_evid=fafb6b76-fede-405c-b6ee-e5fb99e1d004&gi_id=u8R2OsDZZ5FY.AikABlGL_2Nfxw https://tms.dmp.wi-fi.ru/?dmpkit_cid=81460eb5-647b-4d9b-a3e3-7863f294c3da&dmpkit_evid=fafb6b76-fede-405c-b6ee-e5fb99e1d004&gi_id=u8R2OsDZZ5FY.AikABlGL_2Nfxw&_uma_cid=oZfoAXEZYGUP0XtmfmGUHw	35 B 606 B	80ms 75ms	Image image/gif	91.220.120.9 MAXIMATELECOM
General Check archive.org Show headers Download Go to Show image Full URL https://tms.dmp.wi-fi.ru/?dmpkit_cid=81460eb5-647b-4d9b-a3e3-7863f294c3da&dmpkit_evid=fafb6b76-fede-405c-b6ee-e5fb99e1d004&gi_id=u8R2OsDZZ5FY.AikABlGL_2Nfxw&_uma_cid=oZfoAXEZYGUP0XtmfmGUHw Requested by Host: px.adhigh.net URL: https://px.adhigh.net/p/sync.html?u=u8R2OsDZZ5FY.AikABlGL_2Nfxw&l=bidvol,adriver,quiet_media,vibevideo,ohmybid,gpmdata_stid3,traffaret,gpmdata_stid4,qvnt,adstreamer,gpmdata_stid1,gpmdata_stid2,gpmdata,otm_video,aidata,buzzoola,punchmedia,amberdata,umg,paradocs,skyadvert,videonow,btw,moevideo,adspend,solta,sape,adlook,xapads,indexexchange,uma_cid_init,yandexssp,quiet_media_2&site_id=5304 Protocol H2 Server 91.220.120.9 , Russian Federation, ASN202173 (MAXIMATELECOM, RU), Reverse DNS Software nginx / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Request headers accept-language de-DE,de;q=0.9 Referer https://px.adhigh.net/p/sync.html?u=u8R2OsDZZ5FY.AikABlGL_2Nfxw&l=bidvol,adriver,quiet_media,vibevideo,ohmybid,gpmdata_stid3,traffaret,gpmdata_stid4,qvnt,adstreamer,gpmdata_stid1,gpmdata_stid2,gpmdata,otm_video,aidata,buzzoola,punchmedia,amberdata,umg,paradocs,skyadvert,videonow,btw,moevideo,adspend,solta,sape,adlook,xapads,indexexchange,uma_cid_init,yandexssp,quiet_media_2&site_id=5304 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Fri, 24 Nov 2023 03:33:05 GMT server nginx access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS, HEAD content-type image/gif cache-control private, no-cache, no-cache=Set-Cookie, proxy-revalidate access-control-allow-credentials true access-control-allow-headers Accept,Authorization,Cache-Control,Content-Type,DNT,If-None-Match,Last-Modified,If-Modified-Since,Keep-Alive,Origin,User-Agent,Vary,X-Mx-ReqToken,X-Requested-With content-length 35 expires 0 Redirect headers Date Fri, 24 Nov 2023 03:33:05 GMT X-Uma-Cid oZfoAXEZYGUP0XtmfmGUHw Server nginx Access-Control-Max-Age 86400 Access-Control-Allow-Methods GET, OPTIONS Content-Type text/html Location https://tms.dmp.wi-fi.ru/?dmpkit_cid=81460eb5-647b-4d9b-a3e3-7863f294c3da&dmpkit_evid=fafb6b76-fede-405c-b6ee-e5fb99e1d004&gi_id=u8R2OsDZZ5FY.AikABlGL_2Nfxw&_uma_cid=oZfoAXEZYGUP0XtmfmGUHw Access-Control-Allow-Credentials true Connection keep-alive Content-Length 138
GET H2	204	getintent sync.dmp.otm-r.com/match/ Frame 989F	0 69 B	88ms 15ms	Image text/plain	148.251.4.142 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://sync.dmp.otm-r.com/match/getintent?id=u8R2OsDZZ5FY.AikABlGL_2Nfxw Requested by Host: px.adhigh.net URL: https://px.adhigh.net/p/sync.html?u=u8R2OsDZZ5FY.AikABlGL_2Nfxw&l=bidvol,adriver,quiet_media,vibevideo,ohmybid,gpmdata_stid3,traffaret,gpmdata_stid4,qvnt,adstreamer,gpmdata_stid1,gpmdata_stid2,gpmdata,otm_video,aidata,buzzoola,punchmedia,amberdata,umg,paradocs,skyadvert,videonow,btw,moevideo,adspend,solta,sape,adlook,xapads,indexexchange,uma_cid_init,yandexssp,quiet_media_2&site_id=5304 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 148.251.4.142 Wernigerode, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.142.4.251.148.clients.your-server.de Software nginx/1.17.6 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://px.adhigh.net/p/sync.html?u=u8R2OsDZZ5FY.AikABlGL_2Nfxw&l=bidvol,adriver,quiet_media,vibevideo,ohmybid,gpmdata_stid3,traffaret,gpmdata_stid4,qvnt,adstreamer,gpmdata_stid1,gpmdata_stid2,gpmdata,otm_video,aidata,buzzoola,punchmedia,amberdata,umg,paradocs,skyadvert,videonow,btw,moevideo,adspend,solta,sape,adlook,xapads,indexexchange,uma_cid_init,yandexssp,quiet_media_2&site_id=5304 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers access-control-allow-origin * date Fri, 24 Nov 2023 03:33:05 GMT server nginx/1.17.6
GET H2	204	0.gif x01.aidata.io/ Frame 989F Redirect Chain https://x01.aidata.io/0.gif?pid=GETINTENT&id=u8R2OsDZZ5FY.AikABlGL_2Nfxw https://x01.aidata.io/0.gif?pid=GETINTENT&id=u8R2OsDZZ5FY.AikABlGL_2Nfxw&bounce=1	0 433 B	53ms 51ms	Image text/plain	89.108.119.43 AS-REG
General Check archive.org Show headers Download Go to Show image Full URL https://x01.aidata.io/0.gif?pid=GETINTENT&id=u8R2OsDZZ5FY.AikABlGL_2Nfxw&bounce=1 Requested by Host: px.adhigh.net URL: https://px.adhigh.net/p/sync.html?u=u8R2OsDZZ5FY.AikABlGL_2Nfxw&l=bidvol,adriver,quiet_media,vibevideo,ohmybid,gpmdata_stid3,traffaret,gpmdata_stid4,qvnt,adstreamer,gpmdata_stid1,gpmdata_stid2,gpmdata,otm_video,aidata,buzzoola,punchmedia,amberdata,umg,paradocs,skyadvert,videonow,btw,moevideo,adspend,solta,sape,adlook,xapads,indexexchange,uma_cid_init,yandexssp,quiet_media_2&site_id=5304 Protocol H2 Server 89.108.119.43 , Russian Federation, ASN197695 (AS-REG, RU), Reverse DNS d51370.reg.regrucolo.ru Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://px.adhigh.net/p/sync.html?u=u8R2OsDZZ5FY.AikABlGL_2Nfxw&l=bidvol,adriver,quiet_media,vibevideo,ohmybid,gpmdata_stid3,traffaret,gpmdata_stid4,qvnt,adstreamer,gpmdata_stid1,gpmdata_stid2,gpmdata,otm_video,aidata,buzzoola,punchmedia,amberdata,umg,paradocs,skyadvert,videonow,btw,moevideo,adspend,solta,sape,adlook,xapads,indexexchange,uma_cid_init,yandexssp,quiet_media_2&site_id=5304 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Fri, 24 Nov 2023 03:33:05 GMT last-modified Fri, 24 Nov 2023 03:33:04 GMT server nginx access-control-allow-methods GET, POST p3p CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA' cache-control no-cache, no-store, must-revalidate, post-check=0, pre-check=0 expires Fri, 24 Nov 2023 03:33:04 GMT Redirect headers pragma no-cache date Fri, 24 Nov 2023 03:33:05 GMT last-modified Fri, 24 Nov 2023 03:33:04 GMT server nginx access-control-allow-methods GET, POST p3p CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA' location https://x01.aidata.io/0.gif?pid=GETINTENT&id=u8R2OsDZZ5FY.AikABlGL_2Nfxw&bounce=1 cache-control no-cache, no-store, must-revalidate, post-check=0, pre-check=0 content-length 0 expires Fri, 24 Nov 2023 03:33:04 GMT
GET H2	200	buzzoola px.adhigh.net/p/cm/ Frame 989F Redirect Chain https://exchange.buzzoola.com/cookiesync/redirect/getintent?redirect_url=https://px.adhigh.net/p/cm/buzzoola?u=u8R2OsDZZ5FY.AikABlGL_2Nfxw https://px.adhigh.net/p/cm/buzzoola?u=u8R2OsDZZ5FY.AikABlGL_2Nfxw	49 B 326 B	60ms 44ms	Image image/gif	194.190.76.45 UMA-TECH-AS
General Check archive.org Show headers Download Go to Show image Full URL https://px.adhigh.net/p/cm/buzzoola?u=u8R2OsDZZ5FY.AikABlGL_2Nfxw Requested by Host: px.adhigh.net URL: https://px.adhigh.net/p/sync.html?u=u8R2OsDZZ5FY.AikABlGL_2Nfxw&l=bidvol,adriver,quiet_media,vibevideo,ohmybid,gpmdata_stid3,traffaret,gpmdata_stid4,qvnt,adstreamer,gpmdata_stid1,gpmdata_stid2,gpmdata,otm_video,aidata,buzzoola,punchmedia,amberdata,umg,paradocs,skyadvert,videonow,btw,moevideo,adspend,solta,sape,adlook,xapads,indexexchange,uma_cid_init,yandexssp,quiet_media_2&site_id=5304 Protocol H2 Server 194.190.76.45 , Russian Federation, ASN48061 (UMA-TECH-AS, RU), Reverse DNS hosting.adhigh.net Software nginx / Resource Hash d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32 Request headers accept-language de-DE,de;q=0.9 Referer https://px.adhigh.net/p/sync.html?u=u8R2OsDZZ5FY.AikABlGL_2Nfxw&l=bidvol,adriver,quiet_media,vibevideo,ohmybid,gpmdata_stid3,traffaret,gpmdata_stid4,qvnt,adstreamer,gpmdata_stid1,gpmdata_stid2,gpmdata,otm_video,aidata,buzzoola,punchmedia,amberdata,umg,paradocs,skyadvert,videonow,btw,moevideo,adspend,solta,sape,adlook,xapads,indexexchange,uma_cid_init,yandexssp,quiet_media_2&site_id=5304 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Fri, 24 Nov 2023 03:33:05 GMT server nginx x-backend-id f23-ru p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" access-control-allow-origin * content-type image/gif cache-control no-cache, no-store access-control-allow-credentials true content-length 49 expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers location https://px.adhigh.net/p/cm/buzzoola?u=u8R2OsDZZ5FY.AikABlGL_2Nfxw date Fri, 24 Nov 2023 03:33:05 GMT server nginx content-length 100 serverid TODO content-type text/html; charset=utf-8
GET H/1.1	200 OK	/ tech.punchmedia.ru/sync/ Frame 989F	0 0	225ms 57ms	Image application/json	45.141.77.10 BEGET-AS
General Check archive.org Show headers Download Go to Show image Full URL https://tech.punchmedia.ru/sync/?ps=getintent&pn=s02&pu=u8R2OsDZZ5FY.AikABlGL_2Nfxw Requested by Host: px.adhigh.net URL: https://px.adhigh.net/p/sync.html?u=u8R2OsDZZ5FY.AikABlGL_2Nfxw&l=bidvol,adriver,quiet_media,vibevideo,ohmybid,gpmdata_stid3,traffaret,gpmdata_stid4,qvnt,adstreamer,gpmdata_stid1,gpmdata_stid2,gpmdata,otm_video,aidata,buzzoola,punchmedia,amberdata,umg,paradocs,skyadvert,videonow,btw,moevideo,adspend,solta,sape,adlook,xapads,indexexchange,uma_cid_init,yandexssp,quiet_media_2&site_id=5304 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 45.141.77.10 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://px.adhigh.net/p/sync.html?u=u8R2OsDZZ5FY.AikABlGL_2Nfxw&l=bidvol,adriver,quiet_media,vibevideo,ohmybid,gpmdata_stid3,traffaret,gpmdata_stid4,qvnt,adstreamer,gpmdata_stid1,gpmdata_stid2,gpmdata,otm_video,aidata,buzzoola,punchmedia,amberdata,umg,paradocs,skyadvert,videonow,btw,moevideo,adspend,solta,sape,adlook,xapads,indexexchange,uma_cid_init,yandexssp,quiet_media_2&site_id=5304 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers
GET H/1.1	200 OK	i dmg.digitaltarget.ru/awg/custom/3164/i/ Frame 989F Redirect Chain https://dmg.digitaltarget.ru/1/3164/i/i?a=164&e=u8R2OsDZZ5FY.AikABlGL_2Nfxw&i=1700796784992 https://dmg.digitaltarget.ru/awg/custom/3164/i/i?call_source=awg&ts=1700796785298&a=164&e=u8R2OsDZZ5FY.AikABlGL_2Nfxw&i=1700796784992	49 B 523 B	46ms 45ms	Image image/gif	185.15.175.146 SAFEDATA Uplinks
General Check archive.org Show headers Download Go to Show image Full URL https://dmg.digitaltarget.ru/awg/custom/3164/i/i?call_source=awg&ts=1700796785298&a=164&e=u8R2OsDZZ5FY.AikABlGL_2Nfxw&i=1700796784992 Requested by Host: px.adhigh.net URL: https://px.adhigh.net/p/sync.html?u=u8R2OsDZZ5FY.AikABlGL_2Nfxw&l=bidvol,adriver,quiet_media,vibevideo,ohmybid,gpmdata_stid3,traffaret,gpmdata_stid4,qvnt,adstreamer,gpmdata_stid1,gpmdata_stid2,gpmdata,otm_video,aidata,buzzoola,punchmedia,amberdata,umg,paradocs,skyadvert,videonow,btw,moevideo,adspend,solta,sape,adlook,xapads,indexexchange,uma_cid_init,yandexssp,quiet_media_2&site_id=5304 Protocol HTTP/1.1 Server 185.15.175.146 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU), Reverse DNS Software nginx / Resource Hash 8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://px.adhigh.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Fri, 24 Nov 2023 03:33:05 GMT Referrer-Policy origin-when-cross-origin, strict-origin-when-cross-origin X-Content-Type-Options nosniff Server nginx X-Permitted-Cross-Domain-Policies master-only X-Frame-Options DENY Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type image/gif Access-Control-Max-Age 86400 Access-Control-Allow-Credentials true Connection keep-alive Content-Length 49 X-XSS-Protection 1; mode=block Redirect headers Date Fri, 24 Nov 2023 03:33:05 GMT Referrer-Policy origin-when-cross-origin, strict-origin-when-cross-origin X-Content-Type-Options nosniff Server nginx X-Permitted-Cross-Domain-Policies master-only X-Frame-Options DENY Access-Control-Allow-Methods GET, POST, OPTIONS Access-Control-Max-Age 86400 Location https://dmg.digitaltarget.ru/awg/custom/3164/i/i?call_source=awg&ts=1700796785298&a=164&e=u8R2OsDZZ5FY.AikABlGL_2Nfxw&i=1700796784992 Access-Control-Allow-Credentials true Connection keep-alive Content-Length 0 X-XSS-Protection 1; mode=block
GET H2	204	sync a.utraff.com/ Frame 989F	0 771 B	81ms 20ms	Image text/plain	2606:4700:3037::ac43:c087 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://a.utraff.com/sync?dsp=getintent&buyerid=u8R2OsDZZ5FY.AikABlGL_2Nfxw Requested by Host: px.adhigh.net URL: https://px.adhigh.net/p/sync.html?u=u8R2OsDZZ5FY.AikABlGL_2Nfxw&l=bidvol,adriver,quiet_media,vibevideo,ohmybid,gpmdata_stid3,traffaret,gpmdata_stid4,qvnt,adstreamer,gpmdata_stid1,gpmdata_stid2,gpmdata,otm_video,aidata,buzzoola,punchmedia,amberdata,umg,paradocs,skyadvert,videonow,btw,moevideo,adspend,solta,sape,adlook,xapads,indexexchange,uma_cid_init,yandexssp,quiet_media_2&site_id=5304 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:c087 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://px.adhigh.net/p/sync.html?u=u8R2OsDZZ5FY.AikABlGL_2Nfxw&l=bidvol,adriver,quiet_media,vibevideo,ohmybid,gpmdata_stid3,traffaret,gpmdata_stid4,qvnt,adstreamer,gpmdata_stid1,gpmdata_stid2,gpmdata,otm_video,aidata,buzzoola,punchmedia,amberdata,umg,paradocs,skyadvert,videonow,btw,moevideo,adspend,solta,sape,adlook,xapads,indexexchange,uma_cid_init,yandexssp,quiet_media_2&site_id=5304 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 24 Nov 2023 03:33:05 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Origin access-control-allow-methods GET, POST, OPTIONS content-type text/plain report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2M1RATwJOfkMVRKPMmNmefajsznCTefrBLQ7GZYWD9C9%2BlxWe%2BGP1mwG2%2BCCT6fxqn68X%2F5Ph6amJdcsJMr9Ef7OLYl7pVWqR5fe4P17xNCB2ELizSeet5PDmcc8PE9UHo2%2B3fx1t4DcLQk%3D"}],"group":"cf-nel","max_age":604800} access-control-expose-headers Content-Length,Content-Range access-control-allow-credentials true cf-ray 82ae96a34866bbe5-FRA access-control-allow-headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization alt-svc h3=":443"; ma=86400
GET H/1.1	200 OK	pixel sync.paradocs.ru/ Frame 989F	35 B 339 B	233ms 61ms	Image image/gif	185.191.196.69 ESERVER
General Check archive.org Show headers Download Go to Show image Full URL https://sync.paradocs.ru/pixel?source=getintent&id=u8R2OsDZZ5FY.AikABlGL_2Nfxw Requested by Host: px.adhigh.net URL: https://px.adhigh.net/p/sync.html?u=u8R2OsDZZ5FY.AikABlGL_2Nfxw&l=bidvol,adriver,quiet_media,vibevideo,ohmybid,gpmdata_stid3,traffaret,gpmdata_stid4,qvnt,adstreamer,gpmdata_stid1,gpmdata_stid2,gpmdata,otm_video,aidata,buzzoola,punchmedia,amberdata,umg,paradocs,skyadvert,videonow,btw,moevideo,adspend,solta,sape,adlook,xapads,indexexchange,uma_cid_init,yandexssp,quiet_media_2&site_id=5304 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 185.191.196.69 , Russian Federation, ASN42244 (ESERVER, SK), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Request headers accept-language de-DE,de;q=0.9 Referer https://px.adhigh.net/p/sync.html?u=u8R2OsDZZ5FY.AikABlGL_2Nfxw&l=bidvol,adriver,quiet_media,vibevideo,ohmybid,gpmdata_stid3,traffaret,gpmdata_stid4,qvnt,adstreamer,gpmdata_stid1,gpmdata_stid2,gpmdata,otm_video,aidata,buzzoola,punchmedia,amberdata,umg,paradocs,skyadvert,videonow,btw,moevideo,adspend,solta,sape,adlook,xapads,indexexchange,uma_cid_init,yandexssp,quiet_media_2&site_id=5304 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Fri, 24 Nov 2023 03:33:05 GMT Server nginx/1.18.0 (Ubuntu) Connection keep-alive Content-Length 35 Content-Type image/gif
GET H2	200	csync code.moviead55.ru/go/ Frame 989F	0 149 B	81ms 11ms	Image image/jpeg	193.200.65.151 GIVEME-CLOUD
General Check archive.org Show headers Download Go to Show image Full URL https://code.moviead55.ru/go/csync?cn=gtnt&bid=u8R2OsDZZ5FY.AikABlGL_2Nfxw Requested by Host: px.adhigh.net URL: https://px.adhigh.net/p/sync.html?u=u8R2OsDZZ5FY.AikABlGL_2Nfxw&l=bidvol,adriver,quiet_media,vibevideo,ohmybid,gpmdata_stid3,traffaret,gpmdata_stid4,qvnt,adstreamer,gpmdata_stid1,gpmdata_stid2,gpmdata,otm_video,aidata,buzzoola,punchmedia,amberdata,umg,paradocs,skyadvert,videonow,btw,moevideo,adspend,solta,sape,adlook,xapads,indexexchange,uma_cid_init,yandexssp,quiet_media_2&site_id=5304 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.200.65.151 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL), Reverse DNS unallocated.giveme.network Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://px.adhigh.net/p/sync.html?u=u8R2OsDZZ5FY.AikABlGL_2Nfxw&l=bidvol,adriver,quiet_media,vibevideo,ohmybid,gpmdata_stid3,traffaret,gpmdata_stid4,qvnt,adstreamer,gpmdata_stid1,gpmdata_stid2,gpmdata,otm_video,aidata,buzzoola,punchmedia,amberdata,umg,paradocs,skyadvert,videonow,btw,moevideo,adspend,solta,sape,adlook,xapads,indexexchange,uma_cid_init,yandexssp,quiet_media_2&site_id=5304 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 24 Nov 2023 03:33:05 GMT x-movieads-country DE server nginx content-length 0 content-type image/jpeg
GET H2	200	ssp sync.videonow.ru/ Frame 989F	35 B 460 B	218ms 47ms	Image image/gif	212.76.131.50 MNOGOBYTE-AS Moscow
General Check archive.org Show headers Download Go to Show image Full URL https://sync.videonow.ru/ssp?dsp=3&uuid=u8R2OsDZZ5FY.AikABlGL_2Nfxw Requested by Host: px.adhigh.net URL: https://px.adhigh.net/p/sync.html?u=u8R2OsDZZ5FY.AikABlGL_2Nfxw&l=bidvol,adriver,quiet_media,vibevideo,ohmybid,gpmdata_stid3,traffaret,gpmdata_stid4,qvnt,adstreamer,gpmdata_stid1,gpmdata_stid2,gpmdata,otm_video,aidata,buzzoola,punchmedia,amberdata,umg,paradocs,skyadvert,videonow,btw,moevideo,adspend,solta,sape,adlook,xapads,indexexchange,uma_cid_init,yandexssp,quiet_media_2&site_id=5304 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 212.76.131.50 , Russian Federation, ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU), Reverse DNS vs25.videonow.ru Software nginx / Resource Hash 90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f Request headers accept-language de-DE,de;q=0.9 Referer https://px.adhigh.net/p/sync.html?u=u8R2OsDZZ5FY.AikABlGL_2Nfxw&l=bidvol,adriver,quiet_media,vibevideo,ohmybid,gpmdata_stid3,traffaret,gpmdata_stid4,qvnt,adstreamer,gpmdata_stid1,gpmdata_stid2,gpmdata,otm_video,aidata,buzzoola,punchmedia,amberdata,umg,paradocs,skyadvert,videonow,btw,moevideo,adspend,solta,sape,adlook,xapads,indexexchange,uma_cid_init,yandexssp,quiet_media_2&site_id=5304 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 24 Nov 2023 03:33:05 GMT server nginx x-conn-req 1 vary Origin content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true x-conn-id 4217034 content-length 35
GET H2	200	match ads.betweendigital.com/ Frame 989F Redirect Chain https://ads.betweendigital.com/match?bidder_id=37&external_user_id=u8R2OsDZZ5FY.AikABlGL_2Nfxw https://ads.betweendigital.com/match?bidder_id=37&external_user_id=u8R2OsDZZ5FY.AikABlGL_2Nfxw&crf=1&rts=-2068580333402786732	68 B 598 B	258ms 211ms	Image image/png	203.195.121.142 SERVERS-COM
General Check archive.org Show headers Download Go to Show image Full URL https://ads.betweendigital.com/match?bidder_id=37&external_user_id=u8R2OsDZZ5FY.AikABlGL_2Nfxw&crf=1&rts=-2068580333402786732 Requested by Host: px.adhigh.net URL: https://px.adhigh.net/p/sync.html?u=u8R2OsDZZ5FY.AikABlGL_2Nfxw&l=bidvol,adriver,quiet_media,vibevideo,ohmybid,gpmdata_stid3,traffaret,gpmdata_stid4,qvnt,adstreamer,gpmdata_stid1,gpmdata_stid2,gpmdata,otm_video,aidata,buzzoola,punchmedia,amberdata,umg,paradocs,skyadvert,videonow,btw,moevideo,adspend,solta,sape,adlook,xapads,indexexchange,uma_cid_init,yandexssp,quiet_media_2&site_id=5304 Protocol H2 Server 203.195.121.142 , Singapore, ASN7979 (SERVERS-COM, US), Reverse DNS Software / Resource Hash 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11 Request headers accept-language de-DE,de;q=0.9 Referer https://px.adhigh.net/p/sync.html?u=u8R2OsDZZ5FY.AikABlGL_2Nfxw&l=bidvol,adriver,quiet_media,vibevideo,ohmybid,gpmdata_stid3,traffaret,gpmdata_stid4,qvnt,adstreamer,gpmdata_stid1,gpmdata_stid2,gpmdata,otm_video,aidata,buzzoola,punchmedia,amberdata,umg,paradocs,skyadvert,videonow,btw,moevideo,adspend,solta,sape,adlook,xapads,indexexchange,uma_cid_init,yandexssp,quiet_media_2&site_id=5304 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers cache-control no-cache, no-store, max-age=0, must-revalidate content-length 68 content-type image/png Redirect headers location /match?bidder_id=37&external_user_id=u8R2OsDZZ5FY.AikABlGL_2Nfxw&crf=1&rts=-2068580333402786732 cache-control no-cache, no-store, max-age=0, must-revalidate content-length 0
GET H2	200	cs rtb.moe.video/ Frame 989F	0 190 B	220ms 45ms	Image text/plain	188.124.47.43 SELECTEL
General Check archive.org Show headers Download Go to Show image Full URL https://rtb.moe.video/cs?d=9&b=u8R2OsDZZ5FY.AikABlGL_2Nfxw Requested by Host: px.adhigh.net URL: https://px.adhigh.net/p/sync.html?u=u8R2OsDZZ5FY.AikABlGL_2Nfxw&l=bidvol,adriver,quiet_media,vibevideo,ohmybid,gpmdata_stid3,traffaret,gpmdata_stid4,qvnt,adstreamer,gpmdata_stid1,gpmdata_stid2,gpmdata,otm_video,aidata,buzzoola,punchmedia,amberdata,umg,paradocs,skyadvert,videonow,btw,moevideo,adspend,solta,sape,adlook,xapads,indexexchange,uma_cid_init,yandexssp,quiet_media_2&site_id=5304 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 188.124.47.43 Moscow, Russian Federation, ASN49505 (SELECTEL, RU), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://px.adhigh.net/p/sync.html?u=u8R2OsDZZ5FY.AikABlGL_2Nfxw&l=bidvol,adriver,quiet_media,vibevideo,ohmybid,gpmdata_stid3,traffaret,gpmdata_stid4,qvnt,adstreamer,gpmdata_stid1,gpmdata_stid2,gpmdata,otm_video,aidata,buzzoola,punchmedia,amberdata,umg,paradocs,skyadvert,videonow,btw,moevideo,adspend,solta,sape,adlook,xapads,indexexchange,uma_cid_init,yandexssp,quiet_media_2&site_id=5304 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 24 Nov 2023 03:33:05 GMT strict-transport-security max-age=15724800; includeSubDomains content-length 0 version v1.2.2
GET H2	200	getIntent prodmp.ru/ Frame 989F	0 230 B	232ms 56ms	Image text/html	193.106.92.202 ITSOFT-AS
General Check archive.org Show headers Download Go to Show image Full URL https://prodmp.ru/getIntent?uid=u8R2OsDZZ5FY.AikABlGL_2Nfxw Requested by Host: px.adhigh.net URL: https://px.adhigh.net/p/sync.html?u=u8R2OsDZZ5FY.AikABlGL_2Nfxw&l=bidvol,adriver,quiet_media,vibevideo,ohmybid,gpmdata_stid3,traffaret,gpmdata_stid4,qvnt,adstreamer,gpmdata_stid1,gpmdata_stid2,gpmdata,otm_video,aidata,buzzoola,punchmedia,amberdata,umg,paradocs,skyadvert,videonow,btw,moevideo,adspend,solta,sape,adlook,xapads,indexexchange,uma_cid_init,yandexssp,quiet_media_2&site_id=5304 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 193.106.92.202 , Russian Federation, ASN48614 (ITSOFT-AS, RU), Reverse DNS rav4ever.ru Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://px.adhigh.net/p/sync.html?u=u8R2OsDZZ5FY.AikABlGL_2Nfxw&l=bidvol,adriver,quiet_media,vibevideo,ohmybid,gpmdata_stid3,traffaret,gpmdata_stid4,qvnt,adstreamer,gpmdata_stid1,gpmdata_stid2,gpmdata,otm_video,aidata,buzzoola,punchmedia,amberdata,umg,paradocs,skyadvert,videonow,btw,moevideo,adspend,solta,sape,adlook,xapads,indexexchange,uma_cid_init,yandexssp,quiet_media_2&site_id=5304 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers content-type text/html;charset=utf-8 date Fri, 24 Nov 2023 03:33:05 GMT access-control-allow-credentials true server nginx content-length 0 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	400	sync a.qvol.tv/ Frame 989F Redirect Chain https://kimberlite.io/rtb/sync/getintent?u=u8R2OsDZZ5FY.AikABlGL_2Nfxw https://sm.rtb.mts.ru/p?ssp=toptraffic&id=ZWAZcQP_xWM https://vma.mts.ru/match/second?ssp=59&exu=ZWAZcQP_xWM https://tech.rtb.mts.ru/?dsp_uid=fdf6aa04-e741-4992-a559-f00ab5af08f5&return_url=https%3A%2F%2Fmts-dsp-sync.rutarget.ru%2Fsync%3Fcallback_url%3Dhttps%253A%252F%252Fvma.mts.ru%252Fem%253Fnext%253D59... https://mts-dsp-sync.rutarget.ru/sync?callback_url=https%3A%2F%2Fvma.mts.ru%2Fem%3Fnext%3D59%26em%3D3%26ssp%3Dsegmento%26id%3D%24%7BRUTARGET_VISITOR_ID%7D https://vma.mts.ru/em?next=59&em=3&ssp=segmento&id=EGq4MSXJHaer https://kimberlite.io/rtb/sync/mts?u=fdf6aa04-e741-4992-a559-f00ab5af08f5 https://a.qvol.tv/sync?ssp=83&id=ZWAZcQP_xWM	0 633 B	212ms 0ms	Image text/plain	2606:4700:3032::ac43:df5b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://a.qvol.tv/sync?ssp=83&id=ZWAZcQP_xWM Requested by Host: px.adhigh.net URL: https://px.adhigh.net/p/sync.html?u=u8R2OsDZZ5FY.AikABlGL_2Nfxw&l=bidvol,adriver,quiet_media,vibevideo,ohmybid,gpmdata_stid3,traffaret,gpmdata_stid4,qvnt,adstreamer,gpmdata_stid1,gpmdata_stid2,gpmdata,otm_video,aidata,buzzoola,punchmedia,amberdata,umg,paradocs,skyadvert,videonow,btw,moevideo,adspend,solta,sape,adlook,xapads,indexexchange,uma_cid_init,yandexssp,quiet_media_2&site_id=5304 Protocol H2 Server 2606:4700:3032::ac43:df5b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 24 Nov 2023 03:33:06 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare access-control-allow-methods GET, POST, OPTIONS content-type text/plain report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Str0RFuSXMb5dM2sL67dIjTidISznWNARr7aOotJ5v%2BYQLLrXbsjKRU2z4LDd9Uv20uwLb4kDIOCuh4Z2sDFRQQl6NCGE%2Bk9dGTUWoCmuptsd4l1%2F4YVWeKokFYv56VtkscG9kq19O4%3D"}],"group":"cf-nel","max_age":604800} access-control-expose-headers Content-Length,Content-Range access-control-allow-credentials true x-error unknown ssp cf-ray 82ae96aeada92c7d-FRA access-control-allow-headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization alt-svc h3=":443"; ma=86400 Redirect headers Date Fri, 24 Nov 2023 03:33:06 GMT referrer-policy no-referrer Server nginx access-control-allow-origin * location https://a.qvol.tv/sync?ssp=83&id=ZWAZcQP_xWM cache-control no-store access-control-allow-credentials true Connection keep-alive server-timing app;srv=6;dur=0.0002 Content-Length 0
GET H2	200	match acint.net/ Frame 989F Redirect Chain https://acint.net/match?dp=17&euid=u8R2OsDZZ5FY.AikABlGL_2Nfxw https://acint.net/match?dp=17&tc=1&euid=u8R2OsDZZ5FY.AikABlGL_2Nfxw https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D&dp=14 https://acint.net/match?dp=14&euid=3A03420A711960650501159E0217C6AC	43 B 269 B	50ms 48ms	Image image/gif	193.3.184.135 QWARTA
General Check archive.org Show headers Download Go to Show image Full URL https://acint.net/match?dp=14&euid=3A03420A711960650501159E0217C6AC Requested by Host: px.adhigh.net URL: https://px.adhigh.net/p/sync.html?u=u8R2OsDZZ5FY.AikABlGL_2Nfxw&l=bidvol,adriver,quiet_media,vibevideo,ohmybid,gpmdata_stid3,traffaret,gpmdata_stid4,qvnt,adstreamer,gpmdata_stid1,gpmdata_stid2,gpmdata,otm_video,aidata,buzzoola,punchmedia,amberdata,umg,paradocs,skyadvert,videonow,btw,moevideo,adspend,solta,sape,adlook,xapads,indexexchange,uma_cid_init,yandexssp,quiet_media_2&site_id=5304 Protocol H2 Server 193.3.184.135 , Russian Federation, ASN50214 (QWARTA, RU), Reverse DNS asrv319.qwarta.ru Software openresty / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers accept-language de-DE,de;q=0.9 Referer https://px.adhigh.net/p/sync.html?u=u8R2OsDZZ5FY.AikABlGL_2Nfxw&l=bidvol,adriver,quiet_media,vibevideo,ohmybid,gpmdata_stid3,traffaret,gpmdata_stid4,qvnt,adstreamer,gpmdata_stid1,gpmdata_stid2,gpmdata,otm_video,aidata,buzzoola,punchmedia,amberdata,umg,paradocs,skyadvert,videonow,btw,moevideo,adspend,solta,sape,adlook,xapads,indexexchange,uma_cid_init,yandexssp,quiet_media_2&site_id=5304 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 24 Nov 2023 03:33:05 GMT last-modified Mon, 28 Sep 1970 06:00:00 GMT server openresty p3p CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL" content-type image/gif cache-control private, no-cache, no-store, must-revalidate, max-age=0 content-length 43 expires Wed, 19 Apr 2000 11:43:00 GMT Redirect headers Date Fri, 24 Nov 2023 03:33:05 GMT Server openresty Access-Control-Allow-Methods GET P3P CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL" Access-Control-Allow-Origin * Location https://acint.net/match?dp=14&euid=3A03420A711960650501159E0217C6AC Content-Type text/html Cache-Control private, no-cache, no-store, must-revalidate, max-age=0 Connection keep-alive Content-Length 142 Expires Wed, 19 Apr 2000 11:43:00 GMT
GET H2	200	csync ads.adlook.me/ Frame 989F	43 B 43 B	216ms 45ms	Image application/json	5.200.44.122 ITGRAD
General Check archive.org Show headers Download Go to Show image Full URL https://ads.adlook.me/csync?pid=gi&uid=u8R2OsDZZ5FY.AikABlGL_2Nfxw Requested by Host: px.adhigh.net URL: https://px.adhigh.net/p/sync.html?u=u8R2OsDZZ5FY.AikABlGL_2Nfxw&l=bidvol,adriver,quiet_media,vibevideo,ohmybid,gpmdata_stid3,traffaret,gpmdata_stid4,qvnt,adstreamer,gpmdata_stid1,gpmdata_stid2,gpmdata,otm_video,aidata,buzzoola,punchmedia,amberdata,umg,paradocs,skyadvert,videonow,btw,moevideo,adspend,solta,sape,adlook,xapads,indexexchange,uma_cid_init,yandexssp,quiet_media_2&site_id=5304 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 5.200.44.122 , Russian Federation, ASN48096 (ITGRAD, RU), Reverse DNS Software Microsoft-IIS/10.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://px.adhigh.net/p/sync.html?u=u8R2OsDZZ5FY.AikABlGL_2Nfxw&l=bidvol,adriver,quiet_media,vibevideo,ohmybid,gpmdata_stid3,traffaret,gpmdata_stid4,qvnt,adstreamer,gpmdata_stid1,gpmdata_stid2,gpmdata,otm_video,aidata,buzzoola,punchmedia,amberdata,umg,paradocs,skyadvert,videonow,btw,moevideo,adspend,solta,sape,adlook,xapads,indexexchange,uma_cid_init,yandexssp,quiet_media_2&site_id=5304 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 24 Nov 2023 03:33:05 GMT server Microsoft-IIS/10.0 content-length 43 content-type application/json
GET H/1.1	200 OK	user-sync sync.adkernel.com/ Frame 989F	42 B 228 B	78ms 17ms	Image image/gif	77.245.57.72 WEBAIR-INTERNET-MTL
General Check archive.org Show headers Download Go to Show image Full URL https://sync.adkernel.com/user-sync?dsp=37&t=image&uid=u8R2OsDZZ5FY.AikABlGL_2Nfxw Requested by Host: px.adhigh.net URL: https://px.adhigh.net/p/sync.html?u=u8R2OsDZZ5FY.AikABlGL_2Nfxw&l=bidvol,adriver,quiet_media,vibevideo,ohmybid,gpmdata_stid3,traffaret,gpmdata_stid4,qvnt,adstreamer,gpmdata_stid1,gpmdata_stid2,gpmdata,otm_video,aidata,buzzoola,punchmedia,amberdata,umg,paradocs,skyadvert,videonow,btw,moevideo,adspend,solta,sape,adlook,xapads,indexexchange,uma_cid_init,yandexssp,quiet_media_2&site_id=5304 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US), Reverse DNS Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language de-DE,de;q=0.9 Referer https://px.adhigh.net/p/sync.html?u=u8R2OsDZZ5FY.AikABlGL_2Nfxw&l=bidvol,adriver,quiet_media,vibevideo,ohmybid,gpmdata_stid3,traffaret,gpmdata_stid4,qvnt,adstreamer,gpmdata_stid1,gpmdata_stid2,gpmdata,otm_video,aidata,buzzoola,punchmedia,amberdata,umg,paradocs,skyadvert,videonow,btw,moevideo,adspend,solta,sape,adlook,xapads,indexexchange,uma_cid_init,yandexssp,quiet_media_2&site_id=5304 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Pragma no-cache Date Fri, 24 Nov 2023 03:33:05 GMT Server nginx Age 0 Content-Type image/gif Cache-Control no-store Connection close Content-Length 42
GET H2	200	rum dsum-sec.casalemedia.com/ Frame 989F Redirect Chain https://dsum-sec.casalemedia.com/rum?cm_dsp_id=113&external_user_id=u8R2OsDZZ5FY.AikABlGL_2Nfxw https://dsum-sec.casalemedia.com/rum?cm_dsp_id=113&external_user_id=u8R2OsDZZ5FY.AikABlGL_2Nfxw&C=1	43 B 333 B	36ms 17ms	Image image/gif	104.18.36.155 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=113&external_user_id=u8R2OsDZZ5FY.AikABlGL_2Nfxw&C=1 Requested by Host: px.adhigh.net URL: https://px.adhigh.net/p/sync.html?u=u8R2OsDZZ5FY.AikABlGL_2Nfxw&l=bidvol,adriver,quiet_media,vibevideo,ohmybid,gpmdata_stid3,traffaret,gpmdata_stid4,qvnt,adstreamer,gpmdata_stid1,gpmdata_stid2,gpmdata,otm_video,aidata,buzzoola,punchmedia,amberdata,umg,paradocs,skyadvert,videonow,btw,moevideo,adspend,solta,sape,adlook,xapads,indexexchange,uma_cid_init,yandexssp,quiet_media_2&site_id=5304 Protocol H2 Server 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://px.adhigh.net/p/sync.html?u=u8R2OsDZZ5FY.AikABlGL_2Nfxw&l=bidvol,adriver,quiet_media,vibevideo,ohmybid,gpmdata_stid3,traffaret,gpmdata_stid4,qvnt,adstreamer,gpmdata_stid1,gpmdata_stid2,gpmdata,otm_video,aidata,buzzoola,punchmedia,amberdata,umg,paradocs,skyadvert,videonow,btw,moevideo,adspend,solta,sape,adlook,xapads,indexexchange,uma_cid_init,yandexssp,quiet_media_2&site_id=5304 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Fri, 24 Nov 2023 03:33:05 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aSx0JB0eb1nt02R1g1kiFeBzYsibSqSi7THlhBXi69fix3bZxUz5Va5wNFZ%2F2d1RNax3DeyiUVQ3%2FkmpREttRjozJUSxiXKd8XXCeggyVNDBRl2HzP0Up15bfbbmrpp6FiI3LS6MpNM3ew%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 82ae96a38b2535e1-FRA alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Fri, 24 Nov 2023 03:33:05 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jsw%2B5%2BK3D2dJZujY52cBH%2BfeGDzkcHVuDMkdZotDlw2DV2N7bKNqjKpMZHHBQ7VnAjgfuBcbQzmMZbaACoBF0SLB8sQdUE0Lrl9O2GX6NioezY2v2vzUarwJjlwd%2Bvt1lRAcxW6GyZI9pA%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" location /rum?cm_dsp_id=113&external_user_id=u8R2OsDZZ5FY.AikABlGL_2Nfxw&C=1 cache-control no-cache cf-ray 82ae96a34aee35e1-FRA alt-svc h3=":443"; ma=86400 content-length 0 expires 0
GET		qvntstr px.adhit/p/cm/ Frame 989F Redirect Chain https://id.uma.media/return?to=https://px.adhigh.net/p/cm/uma_cid_store?a=b&b=c&z= https://px.adhigh.net/p/cm/uma_cid_store?a=b&b=c&z=&_uma_cid=oZfoAXEZYGVHuLOSlSojnw https://tms.dmp.wi-fi.ru/?dmpkit_cid=81460eb5-647b-4d9b-a3e3-7863f294c3da&d_evid=fafb6b76-fede-405c-b6ee-e5fb99e1d004&gi_id=u8R2OsDZZ5FY.AikABlGL_2Nfxw&ru=https%3A%2F%2Fpx.adhit%2Fp%2Fcm%2Fqvntstr%... https://px.adhit/p/cm/qvntstr?u=E5eXz5JcSSKtQgZQwzIbtw	0 0
GET H2	200	u8R2OsDZZ5FY.AikABlGL_2Nfxw an.yandex.ru/mapuid/getintentis/ Frame 989F Redirect Chain https://an.yandex.ru/mapuid/getintentis/u8R2OsDZZ5FY.AikABlGL_2Nfxw https://an.yandex.ru/mapuid/getintentis/u8R2OsDZZ5FY.AikABlGL_2Nfxw?redir-setuniq=1	43 B 108 B	63ms 62ms	Image image/gif	2a02:6b8::90 GLOBAL_DC
General Check archive.org Show headers Download Go to Show image Full URL https://an.yandex.ru/mapuid/getintentis/u8R2OsDZZ5FY.AikABlGL_2Nfxw?redir-setuniq=1 Requested by Host: px.adhigh.net URL: https://px.adhigh.net/p/sync.html?u=u8R2OsDZZ5FY.AikABlGL_2Nfxw&l=bidvol,adriver,quiet_media,vibevideo,ohmybid,gpmdata_stid3,traffaret,gpmdata_stid4,qvnt,adstreamer,gpmdata_stid1,gpmdata_stid2,gpmdata,otm_video,aidata,buzzoola,punchmedia,amberdata,umg,paradocs,skyadvert,videonow,btw,moevideo,adspend,solta,sape,adlook,xapads,indexexchange,uma_cid_init,yandexssp,quiet_media_2&site_id=5304 Protocol H2 Server 2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://px.adhigh.net/p/sync.html?u=u8R2OsDZZ5FY.AikABlGL_2Nfxw&l=bidvol,adriver,quiet_media,vibevideo,ohmybid,gpmdata_stid3,traffaret,gpmdata_stid4,qvnt,adstreamer,gpmdata_stid1,gpmdata_stid2,gpmdata,otm_video,aidata,buzzoola,punchmedia,amberdata,umg,paradocs,skyadvert,videonow,btw,moevideo,adspend,solta,sape,adlook,xapads,indexexchange,uma_cid_init,yandexssp,quiet_media_2&site_id=5304 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Fri, 24 Nov 2023 03:33:05 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Fri, 24 Nov 2023 03:33:05 GMT p3p CP="NOI DEVa TAIa OUR BUS UNI STA" content-type image/gif; charset=utf-8 cache-control private, no-cache, no-store, must-revalidate, max-age=0 timing-allow-origin * x-xss-protection 1; mode=block expires Fri, 24 Nov 2023 03:33:05 GMT Redirect headers pragma no-cache date Fri, 24 Nov 2023 03:33:05 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Fri, 24 Nov 2023 03:33:05 GMT p3p CP="NOI DEVa TAIa OUR BUS UNI STA" location https://an.yandex.ru/mapuid/getintentis/u8R2OsDZZ5FY.AikABlGL_2Nfxw?redir-setuniq=1 cache-control private, no-cache, no-store, must-revalidate, max-age=0 timing-allow-origin * x-xss-protection 1; mode=block expires Fri, 24 Nov 2023 03:33:05 GMT
GET H/1.1	204 No Content	p.gif const.uno/ Frame 989F	0 143 B	209ms 51ms	Image text/plain	95.163.84.7 DINET-AS
General Check archive.org Show headers Download Go to Show image Full URL https://const.uno/p.gif?p=38&r=2&id=u8R2OsDZZ5FY.AikABlGL_2Nfxw Requested by Host: px.adhigh.net URL: https://px.adhigh.net/p/sync.html?u=u8R2OsDZZ5FY.AikABlGL_2Nfxw&l=bidvol,adriver,quiet_media,vibevideo,ohmybid,gpmdata_stid3,traffaret,gpmdata_stid4,qvnt,adstreamer,gpmdata_stid1,gpmdata_stid2,gpmdata,otm_video,aidata,buzzoola,punchmedia,amberdata,umg,paradocs,skyadvert,videonow,btw,moevideo,adspend,solta,sape,adlook,xapads,indexexchange,uma_cid_init,yandexssp,quiet_media_2&site_id=5304 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 95.163.84.7 , Russian Federation, ASN12695 (DINET-AS, RU), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://px.adhigh.net/p/sync.html?u=u8R2OsDZZ5FY.AikABlGL_2Nfxw&l=bidvol,adriver,quiet_media,vibevideo,ohmybid,gpmdata_stid3,traffaret,gpmdata_stid4,qvnt,adstreamer,gpmdata_stid1,gpmdata_stid2,gpmdata,otm_video,aidata,buzzoola,punchmedia,amberdata,umg,paradocs,skyadvert,videonow,btw,moevideo,adspend,solta,sape,adlook,xapads,indexexchange,uma_cid_init,yandexssp,quiet_media_2&site_id=5304 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Fri, 24 Nov 2023 03:33:05 GMT Access-Control-Allow-Credentials true Server nginx Connection keep-alive
POST H2	204	collect region1.analytics.google.com/g/	0 252 B	154ms 34ms	Ping text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-X70YZZ6J6R&gtm=45je3b81v9135343403&_p=1700796784623&_gaz=1&gcd=11l1l1l1l2&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=1246306718.1700796784&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fprovce.ck.ua%2Fwp-c&dt=%D0%A1%D1%82%D0%BE%D1%80%D1%96%D0%BD%D0%BA%D1%83%20%D0%BD%D0%B5%20%D0%B7%D0%BD%D0%B0%D0%B9%D0%B4%D0%B5%D0%BD%D0%BE&sid=1700796785&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=2663 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-X70YZZ6J6R&cx=c&_slc=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://provce.ck.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Fri, 24 Nov 2023 03:33:05 GMT server Golfe2 content-type text/plain access-control-allow-origin https://provce.ck.ua cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect stats.g.doubleclick.net/g/	0 56 B	62ms 52ms	Ping text/plain	2a00:1450:400c:c00::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-X70YZZ6J6R&cid=1246306718.1700796784&gtm=45je3b81v9135343403&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l2 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-X70YZZ6J6R&cx=c&_slc=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://provce.ck.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Fri, 24 Nov 2023 03:33:05 GMT server Golfe2 content-type text/plain access-control-allow-origin https://provce.ck.ua cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 107 B	77ms 69ms	Image image/gif	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-X70YZZ6J6R&cid=1246306718.1700796784&gtm=45je3b81v9135343403&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l2&z=279696569 Requested by Host: provce.ck.ua URL: https://provce.ck.ua/wp-c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://provce.ck.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Fri, 24 Nov 2023 03:33:05 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	anchor Show response www.google.com/recaptcha/api2/ Frame F119	61 KB 34 KB	109ms 95ms	Document text/html	2a00:1450:4001:82b::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfywhQUAAAAAKP9kTHnlDZeS2tEf4RmBQS1wpQm&co=aHR0cHM6Ly9wcm92Y2UuY2sudWE6NDQz&hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&theme=light&size=normal&cb=z1ezyppy77qa Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__de.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 145f99f013372fc3cce2858aa492c1c531cb707e34145fea955953c75d9903af Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-BOydmR4Iyf9fz5lP989tkA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://provce.ck.ua/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-BOydmR4Iyf9fz5lP989tkA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Fri, 24 Nov 2023 03:33:05 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	200	styles__ltr.css www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame F119	55 KB 24 KB	183ms 57ms	Stylesheet text/css	2a00:1450:4001:830::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfywhQUAAAAAKP9kTHnlDZeS2tEf4RmBQS1wpQm&co=aHR0cHM6Ly9wcm92Y2UuY2sudWE6NDQz&hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&theme=light&size=normal&cb=z1ezyppy77qa Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 24 Nov 2023 01:21:00 GMT content-encoding gzip x-content-type-options nosniff age 7925 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 24606 x-xss-protection 0 last-modified Tue, 14 Nov 2023 05:42:11 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 23 Nov 2024 01:21:00 GMT
GET H3	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame F119	468 KB 188 KB	178ms 54ms	Script text/javascript	2a00:1450:4001:830::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfywhQUAAAAAKP9kTHnlDZeS2tEf4RmBQS1wpQm&co=aHR0cHM6Ly9wcm92Y2UuY2sudWE6NDQz&hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&theme=light&size=normal&cb=z1ezyppy77qa Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 983871cac9e719263fcecaa540c4e1597c8ece1805845830ec21fef0e71d9f88 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Thu, 23 Nov 2023 08:55:04 GMT content-encoding gzip x-content-type-options nosniff age 67081 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 192016 x-xss-protection 0 last-modified Tue, 14 Nov 2023 05:42:11 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 22 Nov 2024 08:55:04 GMT
GET DATA	200 OK	truncated / Frame F119	14 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame F119	2 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Content-Type image/png
GET H3	200	logo_48.png www.gstatic.com/recaptcha/api2/ Frame F119	2 KB 2 KB	104ms 94ms	Image image/png	2a00:1450:4001:830::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/recaptcha/api2/logo_48.png Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 20 Nov 2023 20:04:28 GMT x-content-type-options nosniff age 286117 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2228 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type image/png cache-control public, max-age=604800 accept-ranges bytes expires Mon, 27 Nov 2023 20:04:28 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v18/ Frame F119	15 KB 16 KB	342ms 12ms	Font font/woff2	2a00:1450:4001:81c::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfywhQUAAAAAKP9kTHnlDZeS2tEf4RmBQS1wpQm&co=aHR0cHM6Ly9wcm92Y2UuY2sudWE6NDQz&hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&theme=light&size=normal&cb=z1ezyppy77qa Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ Origin https://www.google.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Thu, 23 Nov 2023 23:26:56 GMT x-content-type-options nosniff age 14770 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15344 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:32:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 22 Nov 2024 23:26:56 GMT
GET H3	200	webworker.js www.google.com/recaptcha/api2/ Frame F119	102 B 135 B	152ms 122ms	Other text/javascript	2a00:1450:4001:82b::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfywhQUAAAAAKP9kTHnlDZeS2tEf4RmBQS1wpQm&co=aHR0cHM6Ly9wcm92Y2UuY2sudWE6NDQz&hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&theme=light&size=normal&cb=z1ezyppy77qa Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash f3706dd9e175fdadc2a564238f1ddc64afea19e67aefd5b922f33040d5f94540 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfywhQUAAAAAKP9kTHnlDZeS2tEf4RmBQS1wpQm&co=aHR0cHM6Ly9wcm92Y2UuY2sudWE6NDQz&hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&theme=light&size=normal&cb=z1ezyppy77qa User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 24 Nov 2023 03:33:06 GMT content-encoding gzip x-content-type-options nosniff content-security-policy frame-ancestors 'self' server GSE cross-origin-embedder-policy require-corp x-frame-options SAMEORIGIN report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript; charset=utf-8 cache-control private, max-age=300 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 1; mode=block expires Fri, 24 Nov 2023 03:33:06 GMT
GET H3	200	bframe Show response www.google.com/recaptcha/api2/ Frame 6877	7 KB 1 KB	123ms 79ms	Document text/html	2a00:1450:4001:82b::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/bframe?hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6LfywhQUAAAAAKP9kTHnlDZeS2tEf4RmBQS1wpQm Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__de.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash d5c5d67d7ea0c25eb440ca1f32921275a48ef6186947a2d7fc930b02561bb6f7 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-K0218jKQfACRzU6lg8wFtQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://provce.ck.ua/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-K0218jKQfACRzU6lg8wFtQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Fri, 24 Nov 2023 03:33:06 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	200	styles__ltr.css www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame 6877	55 KB 24 KB	137ms 98ms	Stylesheet text/css	2a00:1450:4001:830::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6LfywhQUAAAAAKP9kTHnlDZeS2tEf4RmBQS1wpQm Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 24 Nov 2023 01:21:00 GMT content-encoding gzip x-content-type-options nosniff age 7927 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 24606 x-xss-protection 0 last-modified Tue, 14 Nov 2023 05:42:11 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 23 Nov 2024 01:21:00 GMT
GET H3	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame 6877	468 KB 188 KB	138ms 99ms	Script text/javascript	2a00:1450:4001:830::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6LfywhQUAAAAAKP9kTHnlDZeS2tEf4RmBQS1wpQm Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 983871cac9e719263fcecaa540c4e1597c8ece1805845830ec21fef0e71d9f88 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Thu, 23 Nov 2023 08:55:04 GMT content-encoding gzip x-content-type-options nosniff age 67083 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 192016 x-xss-protection 0 last-modified Tue, 14 Nov 2023 05:42:11 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 22 Nov 2024 08:55:04 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

matching.mobilebanner.ru

URL

https://matching.mobilebanner.ru/p.gif?pid=getintent-qm&id=u8R2OsDZZ5FY.AikABlGL_2Nfxw

Domain

u8r2osdzz5fy.aikablgl_2nfxw.analytics.tele2.ru

URL

https://u8r2osdzz5fy.aikablgl_2nfxw.analytics.tele2.ru/

Domain

px.adhit

URL

https://px.adhit/p/cm/qvntstr?u=E5eXz5JcSSKtQgZQwzIbtw