jweinercpas.com Open in urlscan Pro
2606:4700:3032::6815:30db Public Scan

Go To Rescan
Add Verdict Report

URL:
https://jweinercpas.com/
Submission: On December 10 via api (December 10th 2023, 1:07:39 am UTC) from US — Scanned from US

Summary HTTP 98 Redirects Links 40 Behaviour Indicators

Summary

This website contacted 39 IPs in 7 countries across 50 domains to perform 98 HTTP transactions. The main IP is 2606:4700:3032::6815:30db, located in United States and belongs to CLOUDFLARENET, US. The main domain is jweinercpas.com.
TLS certificate: Issued by E1 on December 5th 2023. Valid for: 3 months.

This is the only time jweinercpas.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
23	2606:4700:303... 2606:4700:3032::6815:30db	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	104.22.62.110 104.22.62.110	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	172.67.36.70 172.67.36.70	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2607:f8b0:400... 2607:f8b0:4006:80f::2008	15169 (GOOGLE) (GOOGLE)
1	185.167.164.45 185.167.164.45	198622 (ADFORM) (ADFORM)
5	2001:4860:480... 2001:4860:4802:32::178	15169 (GOOGLE) (GOOGLE)
2 17	185.167.164.49 185.167.164.49	198622 (ADFORM) (ADFORM)
2	2607:f8b0:400... 2607:f8b0:4006:81c::200e	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c06::9b	15169 (GOOGLE) (GOOGLE)
5 5	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1 2	69.173.151.100 69.173.151.100	26667 (RUBICONPR...) (RUBICONPROJECT)
4 5	68.67.160.26 68.67.160.26	29990 (ASN-APPNEX) (ASN-APPNEX)
4 4	142.250.65.162 142.250.65.162	15169 (GOOGLE) (GOOGLE)
3 3	34.200.65.202 34.200.65.202	14618 (AMAZON-AES) (AMAZON-AES)
1	23.204.152.18 23.204.152.18	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 4	44.205.111.229 44.205.111.229	14618 (AMAZON-AES) (AMAZON-AES)
1	23.215.41.148 23.215.41.148	16625 (AKAMAI-AS) (AKAMAI-AS)
1	35.156.237.51 35.156.237.51	16509 (AMAZON-02) (AMAZON-02)
1 1	216.22.16.40 216.22.16.40	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
1	63.251.28.134 63.251.28.134	13789 (INTERNAP-...) (INTERNAP-BLK3)
2 2	35.211.178.172 35.211.178.172	15169 (GOOGLE) (GOOGLE)
1 2	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	50.57.31.206 50.57.31.206	19994 (RACKSPACE) (RACKSPACE)
1 2	50.16.174.192 50.16.174.192	14618 (AMAZON-AES) (AMAZON-AES)
2 2	50.16.197.56 50.16.197.56	14618 (AMAZON-AES) (AMAZON-AES)
1	2a02:6ea0:c40... 2a02:6ea0:c400::11	60068 (CDN77 ^_^) (CDN77 ^_^)
2 2	35.244.154.8 35.244.154.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	107.178.254.65 107.178.254.65	15169 (GOOGLE) (GOOGLE)
1 2	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	34.230.211.254 34.230.211.254	14618 (AMAZON-AES) (AMAZON-AES)
2	23.47.69.85 23.47.69.85	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	99.81.243.254 99.81.243.254	16509 (AMAZON-02) (AMAZON-02)
1	52.92.18.160 52.92.18.160	16509 (AMAZON-02) (AMAZON-02)
1	34.196.200.49 34.196.200.49	14618 (AMAZON-AES) (AMAZON-AES)
1	8.28.7.83 8.28.7.83	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	13.224.214.63 13.224.214.63	16509 (AMAZON-02) (AMAZON-02)
2 3	34.251.97.118 34.251.97.118	16509 (AMAZON-02) (AMAZON-02)
2 2	34.192.38.112 34.192.38.112	14618 (AMAZON-AES) (AMAZON-AES)
1 1	13.224.214.59 13.224.214.59	16509 (AMAZON-02) (AMAZON-02)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	54.157.11.141 54.157.11.141	14618 (AMAZON-AES) (AMAZON-AES)
1 1	64.58.232.176 64.58.232.176	13649 (ASN-FLEXE...) (ASN-FLEXENTIAL)
1	64.58.232.177 64.58.232.177	13649 (ASN-FLEXE...) (ASN-FLEXENTIAL)
3 4	162.19.138.119 162.19.138.119	16276 (OVH) (OVH)
2 2	35.190.24.218 35.190.24.218	15169 (GOOGLE) (GOOGLE)
1	23.51.53.155 23.51.53.155	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	2600:9000:25c... 2600:9000:25c8:da00:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	52.46.155.104 52.46.155.104	16509 (AMAZON-02) (AMAZON-02)
1	46.19.11.36 46.19.11.36	51790 (SIEL) (SIEL)
1	52.205.93.66 52.205.93.66	14618 (AMAZON-AES) (AMAZON-AES)
1 2	52.223.22.214 52.223.22.214	16509 (AMAZON-02) (AMAZON-02)
1	3.210.56.21 3.210.56.21	14618 (AMAZON-AES) (AMAZON-AES)
1	2607:f8b0:400... 2607:f8b0:4006:806::2004	15169 (GOOGLE) (GOOGLE)
98	39

23 2606:4700:3032::6815:30db (United States)

ASN13335 (CLOUDFLARENET, US)

jweinercpas.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.22.62.110 (None, )

ASN13335 (CLOUDFLARENET, US)

lift.opensnow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 172.67.36.70 (United States)

ASN13335 (CLOUDFLARENET, US)

blizzard.opensnow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80f::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.167.164.45 (Denmark)

ASN198622 (ADFORM, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2001:4860:4802:32::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 185.167.164.49 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

a2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a1.seadform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81c::200e (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c06::9b (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 15.197.193.217 (Seattle, United States) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.151.100 (United States) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 68.67.160.26 (Jersey City, United States) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.65.162 (Plainview, United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s71-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.200.65.202 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-65-202.compute-1.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.204.152.18 (Edison, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-204-152-18.deploy.static.akamaitechnologies.com

hb.yahoo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 44.205.111.229 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-205-111-229.compute-1.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ice.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.215.41.148 (McAllen, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-215-41-148.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.156.237.51 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-237-51.eu-central-1.compute.amazonaws.com

ih.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.22.16.40 (Manassas, United States) 1 redirects

ASN30633 (LEASEWEB-USA-WDC, US)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.251.28.134 (Secaucus, United States)

ASN13789 (INTERNAP-BLK3, US)

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.211.178.172 (North Charleston, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.36.155 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 50.57.31.206 (United States) 1 redirects

ASN19994 (RACKSPACE, US)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 50.16.174.192 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-174-192.compute-1.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 50.16.197.56 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-197-56.compute-1.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c400::11 (New York, United States)

ASN60068 (CDN77 ^_^, GB)

load77.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.154.8 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.154.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.178.254.65 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com

pippio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.230.211.254 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-230-211-254.compute-1.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.47.69.85 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-47-69-85.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.81.243.254 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-243-254.eu-west-1.compute.amazonaws.com

api.adrtx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.92.18.160 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1.amazonaws.com

s3-eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.196.200.49 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-196-200-49.compute-1.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.214.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-63.phl50.r.cloudfront.net

pdw-adf.userreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.251.97.118 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-97-118.eu-west-1.compute.amazonaws.com

a.audrte.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.192.38.112 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-192-38-112.compute-1.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.214.59 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-59.phl50.r.cloudfront.net

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Loerrach, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.157.11.141 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-157-11-141.compute-1.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.58.232.176 (Canada) 1 redirects

ASN13649 (ASN-FLEXENTIAL, US)

global.ib-ibi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.58.232.177 (Canada)

ASN13649 (ASN-FLEXENTIAL, US)
PTR: be31-199.crrt01.las04.flexential.net

ib.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 162.19.138.119 (Frankfurt am Main, Germany) 3 redirects

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.24.218 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 218.24.190.35.bc.googleusercontent.com

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.51.53.155 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-51-53-155.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:25c8:da00:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.46.155.104 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.19.11.36 (Slovenia)

ASN51790 (SIEL, SI)
PTR: ilog.vsn.si

match.contentexchange.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.205.93.66 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-93-66.compute-1.amazonaws.com

bpi.rtactivate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.22.214 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.210.56.21 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-210-56-21.compute-1.amazonaws.com

e1.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:806::2004 (United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	jweinercpas.com jweinercpas.com	1011 KB
17	adform.net 2 redirects s2.adform.net — Cisco Umbrella Rank: 6115 a2.adform.net — Cisco Umbrella Rank: 8098 c1.adform.net — Cisco Umbrella Rank: 560 dmp.adform.net — Cisco Umbrella Rank: 2870	43 KB
16	opensnow.com lift.opensnow.com — Cisco Umbrella Rank: 276864 blizzard.opensnow.com — Cisco Umbrella Rank: 264178	3 MB
6	doubleclick.net 4 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 75 cm.g.doubleclick.net — Cisco Umbrella Rank: 219	2 KB
5	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 229 secure.adnxs.com — Cisco Umbrella Rank: 478	4 KB
5	adsrvr.org 5 redirects insight.adsrvr.org — Cisco Umbrella Rank: 557 match.adsrvr.org — Cisco Umbrella Rank: 331	2 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	72 KB
4	id5-sync.com 3 redirects id5-sync.com — Cisco Umbrella Rank: 425	5 KB
4	360yield.com 2 redirects ad.360yield.com — Cisco Umbrella Rank: 666 ice.360yield.com — Cisco Umbrella Rank: 1817	2 KB
3	audrte.com 2 redirects a.audrte.com — Cisco Umbrella Rank: 2112	2 KB
3	exelator.com 2 redirects loadm.exelator.com — Cisco Umbrella Rank: 1661 load77.exelator.com — Cisco Umbrella Rank: 3503	2 KB
3	yahoo.com 3 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 307	877 B
3	google.com analytics.google.com — Cisco Umbrella Rank: 152 www.google.com — Cisco Umbrella Rank: 2	707 B
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	159 KB
2	3lift.com 1 redirects eb2.3lift.com — Cisco Umbrella Rank: 372	720 B
2	amazon-adsystem.com 1 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 285	2 KB
2	weborama.fr 2 redirects redirect.frontend.weborama.fr — Cisco Umbrella Rank: 12816	629 B
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 818	1 KB
2	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 208	1 KB
2	openx.net 1 redirects eu-u.openx.net — Cisco Umbrella Rank: 2473	491 B
2	bluekai.com tags.bluekai.com — Cisco Umbrella Rank: 638	790 B
2	crwdcntrl.net 1 redirects sync.crwdcntrl.net — Cisco Umbrella Rank: 799	839 B
2	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 327	893 B
2	rlcdn.com 2 redirects idsync.rlcdn.com — Cisco Umbrella Rank: 408	817 B
2	eyeota.net 1 redirects ps.eyeota.net — Cisco Umbrella Rank: 981	1 KB
2	semasio.net 1 redirects uipglob.semasio.net — Cisco Umbrella Rank: 1234	1 KB
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578	1 KB
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 336	1 KB
2	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 339 token.rubiconproject.com — Cisco Umbrella Rank: 461	2 KB
1	emxdgt.com e1.emxdgt.com — Cisco Umbrella Rank: 1855	120 B
1	rtactivate.com bpi.rtactivate.com — Cisco Umbrella Rank: 1491	109 B
1	contentexchange.me match.contentexchange.me — Cisco Umbrella Rank: 23748	49 B
1	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 674	544 B
1	teads.tv sync.teads.tv — Cisco Umbrella Rank: 1299	278 B
1	mookie1.com ib.mookie1.com — Cisco Umbrella Rank: 2579	421 B
1	ib-ibi.com 1 redirects global.ib-ibi.com — Cisco Umbrella Rank: 1812	500 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1428	456 B
1	agkn.com 1 redirects aa.agkn.com — Cisco Umbrella Rank: 499	647 B
1	userreport.com pdw-adf.userreport.com — Cisco Umbrella Rank: 20737	444 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 723	473 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 699	338 B
1	amazonaws.com s3-eu-west-1.amazonaws.com	390 B
1	adrtx.net 1 redirects api.adrtx.net — Cisco Umbrella Rank: 23648	407 B
1	pippio.com 1 redirects pippio.com — Cisco Umbrella Rank: 777	633 B
1	stickyadstv.com ads.stickyadstv.com — Cisco Umbrella Rank: 526	638 B
1	smartadserver.com 1 redirects rtb-csync.smartadserver.com — Cisco Umbrella Rank: 622	669 B
1	adscale.de ih.adscale.de — Cisco Umbrella Rank: 4608	38 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 4166	400 B
1	yahoo.net hb.yahoo.net — Cisco Umbrella Rank: 866	658 B
1	seadform.net a1.seadform.net — Cisco Umbrella Rank: 20484	467 B
98	50

	Domain	Requested by
23	jweinercpas.com	jweinercpas.com
11	blizzard.opensnow.com	jweinercpas.com
9	c1.adform.net	1 redirects a2.adform.net c1.adform.net
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com jweinercpas.com
5	lift.opensnow.com	jweinercpas.com
4	id5-sync.com	3 redirects c1.adform.net
4	dmp.adform.net	c1.adform.net
4	cm.g.doubleclick.net	4 redirects
4	match.adsrvr.org	4 redirects
3	a.audrte.com	2 redirects c1.adform.net
3	ad.360yield.com	1 redirects c1.adform.net
3	ups.analytics.yahoo.com	3 redirects
3	ib.adnxs.com	3 redirects
3	a2.adform.net	1 redirects jweinercpas.com s2.adform.net
3	www.googletagmanager.com	jweinercpas.com www.googletagmanager.com
2	eb2.3lift.com	1 redirects c1.adform.net
2	s.amazon-adsystem.com	1 redirects c1.adform.net
2	redirect.frontend.weborama.fr	2 redirects
2	pm.w55c.net	2 redirects
2	dpm.demdex.net	2 redirects
2	secure.adnxs.com	1 redirects c1.adform.net
2	eu-u.openx.net	1 redirects c1.adform.net
2	tags.bluekai.com	c1.adform.net
2	sync.crwdcntrl.net	1 redirects c1.adform.net
2	px.ads.linkedin.com	1 redirects c1.adform.net
2	idsync.rlcdn.com	2 redirects
2	loadm.exelator.com	2 redirects
2	ps.eyeota.net	1 redirects c1.adform.net
2	uipglob.semasio.net	1 redirects c1.adform.net
2	dsum-sec.casalemedia.com	1 redirects c1.adform.net
2	x.bidswitch.net	2 redirects
2	stats.g.doubleclick.net	www.googletagmanager.com jweinercpas.com
2	analytics.google.com	www.googletagmanager.com
1	www.google.com	jweinercpas.com
1	e1.emxdgt.com	c1.adform.net
1	bpi.rtactivate.com	c1.adform.net
1	match.contentexchange.me	c1.adform.net
1	s.ad.smaato.net	1 redirects
1	sync.teads.tv	c1.adform.net
1	ice.360yield.com	1 redirects
1	ib.mookie1.com	c1.adform.net
1	global.ib-ibi.com	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	aa.agkn.com	1 redirects
1	pdw-adf.userreport.com	c1.adform.net
1	simage2.pubmatic.com	c1.adform.net
1	beacon.krxd.net	c1.adform.net
1	s3-eu-west-1.amazonaws.com	c1.adform.net
1	api.adrtx.net	1 redirects
1	pippio.com	1 redirects
1	load77.exelator.com	c1.adform.net
1	ads.stickyadstv.com	c1.adform.net
1	rtb-csync.smartadserver.com	1 redirects
1	ih.adscale.de	c1.adform.net
1	token.rubiconproject.com	c1.adform.net
1	ad.yieldlab.net	c1.adform.net
1	hb.yahoo.net	a2.adform.net
1	pixel.rubiconproject.com	1 redirects
1	insight.adsrvr.org	1 redirects
1	a1.seadform.net	jweinercpas.com
1	s2.adform.net	jweinercpas.com
98	61

This site contains links to these domains. Also see Links.

Domain
support.opensnow.com
lift.opensnow.com
open.spotify.com
opensnow.com
shop.opensnow.com
itunes.apple.com
play.google.com
www.facebook.com
www.instagram.com
x.com
www.youtube.com

Subject Issuer	Validity	Valid
jweinercpas.com E1	`2023-12-05` - `2024-03-04`	3 months	crt.sh
lift.opensnow.com E1	`2023-11-13` - `2024-02-11`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-28` - `2024-04-27`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
track.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-06` - `2024-09-19`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.seadform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-23` - `2024-11-08`	a year	crt.sh
*.yieldlab.net DigiCert TLS RSA SHA256 2020 CA1	`2023-09-17` - `2024-09-17`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.adscale.de Amazon RSA 2048 M02	`2023-07-18` - `2024-08-15`	a year	crt.sh
*.ads.stickyadstv.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-19` - `2024-05-19`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-07` - `2024-02-08`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2023-04-14` - `2024-04-12`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.userreport.com Amazon RSA 2048 M02	`2023-11-20` - `2024-12-17`	a year	crt.sh
teads.tv R3	`2023-11-03` - `2024-02-01`	3 months	crt.sh
*.contentexchange.me Sectigo RSA Domain Validation Secure Server CA	`2023-05-29` - `2024-06-04`	a year	crt.sh
rtactivate.com Amazon RSA 2048 M01	`2023-03-14` - `2024-04-11`	a year	crt.sh
*.emxdgt.com Go Daddy Secure Certificate Authority - G2	`2023-06-14` - `2024-06-14`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://jweinercpas.com/
Frame ID: 311378E7A6742F4A87F5EEBC4C52631D
Requests: 56 HTTP requests in this frame

Frame: https://a2.adform.net/serving/container/?pm=3104993&lid=137965036&ctype=0&media=0&PageName=Retargeting&rnd=1746399995&cpref=&loc=https%3a%2f%2fjweinercpas.com%2f
Frame ID: 723BFE0471D81EF7BE01E478FD3455A8
Requests: 2 HTTP requests in this frame

Frame: https://c1.adform.net/imatch/pixels?uid=6859813466597183067&agencyId=6276&advertiserId=2170899&src=tp&rnd=929595
Frame ID: 5E6F65CEF41AC093A6FFC20453832435
Requests: 41 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

OpenSnow: Weather Forecasts & Snow Reports | OpenSnow

Detected technologies

Nuxt.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

/_nuxt/

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

98
Requests

73 %
HTTPS

17 %
IPv6

50
Domains

61
Subdomains

39
IPs

7
Countries

4344 kB
Transfer

6972 kB
Size

78
Cookies

40 Outgoing links

These are links going to different origins than the main page.

URL: https://support.opensnow.com/
Title: Help

Search URL Search Domain Scan URL

URL: https://lift.opensnow.com/hosted-files/16385681189a83e00ab16be8cb1008e67fdbdbfeb4.png
Title: Email Storm Updates

Search URL Search Domain Scan URL

URL: https://lift.opensnow.com/hosted-files/16385683119a83e00ab16be8cb1008e67fdbdbfeb4.png
Title: Favorite Ski Resort List

Search URL Search Domain Scan URL

URL: https://lift.opensnow.com/hosted-files/1638569439626994d88c643b194c5f1f55e17d141c.png
Title: Full Daily Snow Forecast

Search URL Search Domain Scan URL

URL: https://lift.opensnow.com/hosted-files/1639055555626994d88c643b194c5f1f55e17d141c.png
Title: 10-Day Snow Forecasts

Search URL Search Domain Scan URL

URL: https://lift.opensnow.com/hosted-files/16713760949a83e00ab16be8cb1008e67fdbdbfeb4.png
Title: Save Forecasts Anywhere on Earth

Search URL Search Domain Scan URL

URL: https://lift.opensnow.com/hosted-files/16385698009a83e00ab16be8cb1008e67fdbdbfeb4.png
Title: 5-Day Hourly Forecasts

Search URL Search Domain Scan URL

URL: https://lift.opensnow.com/hosted-files/16385683999a83e00ab16be8cb1008e67fdbdbfeb4.png
Title: Compare Favorite Forecasts

Search URL Search Domain Scan URL

URL: https://lift.opensnow.com/hosted-files/16385690709a83e00ab16be8cb1008e67fdbdbfeb4.png
Title: High-Resolution Weather Maps

Search URL Search Domain Scan URL

URL: https://lift.opensnow.com/hosted-files/16811662459a83e00ab16be8cb1008e67fdbdbfeb4.png
Title: 10-Day Historical Weather

Search URL Search Domain Scan URL

URL: https://lift.opensnow.com/hosted-files/16385699198266e4bfeda1bd42d8f9794eb4ea0a13.png
Title: Custom Powder Alerts

Search URL Search Domain Scan URL

URL: https://lift.opensnow.com/hosted-files/16385700479a83e00ab16be8cb1008e67fdbdbfeb4.png
Title: Favorite & Offline Trail Maps

Search URL Search Domain Scan URL

URL: https://lift.opensnow.com/hosted-files/16811665129a83e00ab16be8cb1008e67fdbdbfeb4.png
Title: Season Snowfall

Search URL Search Domain Scan URL

URL: https://lift.opensnow.com/hosted-files/16390567909a83e00ab16be8cb1008e67fdbdbfeb4.png
Title: Favorite & Timelapse Cams

Search URL Search Domain Scan URL

URL: https://lift.opensnow.com/hosted-files/16385705249a83e00ab16be8cb1008e67fdbdbfeb4.png
Title: Snowpack Graphs

Search URL Search Domain Scan URL

URL: https://lift.opensnow.com/hosted-files/1638570541626994d88c643b194c5f1f55e17d141c.png
Title: Historical Snow Reports

Search URL Search Domain Scan URL

URL: https://lift.opensnow.com/hosted-files/16811663859a83e00ab16be8cb1008e67fdbdbfeb4.png
Title: Estimated Trail Conditions

Search URL Search Domain Scan URL

URL: https://lift.opensnow.com/hosted-files/16717348999a83e00ab16be8cb1008e67fdbdbfeb4.png
Title: Offline Satellite & Terrain Maps

Search URL Search Domain Scan URL

URL: https://lift.opensnow.com/hosted-files/16385679979a83e00ab16be8cb1008e67fdbdbfeb4.png
Title: Hourly Forecasts

Search URL Search Domain Scan URL

URL: https://lift.opensnow.com/hosted-files/16385685089a83e00ab16be8cb1008e67fdbdbfeb4.png
Title: Forecasts for Mountains

Search URL Search Domain Scan URL

URL: https://lift.opensnow.com/hosted-files/16385686049a83e00ab16be8cb1008e67fdbdbfeb4.png
Title: Expert Forecasters

Search URL Search Domain Scan URL

URL: https://lift.opensnow.com/hosted-files/16385688349a83e00ab16be8cb1008e67fdbdbfeb4.png
Title: Day & Night Snow Forecast

Search URL Search Domain Scan URL

URL: https://lift.opensnow.com/hosted-files/16385711709a83e00ab16be8cb1008e67fdbdbfeb4.png
Title: Backcountry Snow Reports

Search URL Search Domain Scan URL

URL: https://lift.opensnow.com/hosted-files/16385708499a83e00ab16be8cb1008e67fdbdbfeb4.png
Title: Forecast & Report Alerts

Search URL Search Domain Scan URL

URL: https://lift.opensnow.com/hosted-files/16385695689a83e00ab16be8cb1008e67fdbdbfeb4.png
Title: Compare Nearby Ski Resorts

Search URL Search Domain Scan URL

URL: https://lift.opensnow.com/hosted-files/16385695089a83e00ab16be8cb1008e67fdbdbfeb4.png
Title: Compare Season Passes

Search URL Search Domain Scan URL

URL: https://lift.opensnow.com/hosted-files/16390568869a83e00ab16be8cb1008e67fdbdbfeb4.png
Title: Compare Snow Stake Cams

Search URL Search Domain Scan URL

URL: https://lift.opensnow.com/hosted-files/16385682079a83e00ab16be8cb1008e67fdbdbfeb4.png
Title: Offline Trail Maps

Search URL Search Domain Scan URL

URL: https://support.opensnow.com/getting-started
Title: Getting Started

Search URL Search Domain Scan URL

URL: https://support.opensnow.com/feature-guides
Title: Feature Guides

Search URL Search Domain Scan URL

URL: https://open.spotify.com/show/2hDI6YOg6PLXUKYoOrWV1s?si=dVM_oEi6TfmqlyHmzLEqVw&nd=1
Title: Flakes Podcast

Search URL Search Domain Scan URL

URL: https://opensnow.com/news/post/opensnow-electricity-usage-100-renewable
Title: Climate

Search URL Search Domain Scan URL

URL: https://shop.opensnow.com/
Title: Shop

Search URL Search Domain Scan URL

URL: https://support.opensnow.com/contact-us/advertising-on-opensnow
Title: Advertise

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/us/app/opensnow-ski-forecasts-reports/id780890907?ls=1&mt=8

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.opensnow.android

Search URL Search Domain Scan URL

URL: https://www.facebook.com/OpenSnow

Search URL Search Domain Scan URL

URL: https://www.instagram.com/opensnow/

Search URL Search Domain Scan URL

URL: https://x.com/OpenSnow

Search URL Search Domain Scan URL

URL: https://www.youtube.com/@Open-Snow

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39

https://a2.adform.net/Serving/TrackPoint/?pm=3104993&ADFPageName=Retargeting&ADFdivider=%7C&ord=158601943963&ADFtpmode=2&loc=https%3A%2F%2Fjweinercpas.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24 HTTP 302
https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=3104993&ADFPageName=Retargeting&ADFdivider=%7C&ord=158601943963&ADFtpmode=2&loc=https%3A%2F%2Fjweinercpas.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24

Request Chain 52

https://insight.adsrvr.org/track/pxl/?adv=s0gqw47&ct=0:md2k8zv&fmt=3 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=ff094ad5-1b6e-4eef-a7a6-6ea4e8e14307&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon HTTP 302
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0 HTTP 302
https://ib.adnxs.com/getuid?https%3a%2f%2fmatch.adsrvr.org%2ftrack%2fcmf%2fappnexus%3fttd%3d1%26anid%3d%24UID&ttd_tdid=ff094ad5-1b6e-4eef-a7a6-6ea4e8e14307 HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fmatch.adsrvr.org%252ftrack%252fcmf%252fappnexus%253fttd%253d1%2526anid%253d%2524UID%26ttd_tdid%3Dff094ad5-1b6e-4eef-a7a6-6ea4e8e14307 HTTP 302
https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=4484452793607810155&ttd_tdid=ff094ad5-1b6e-4eef-a7a6-6ea4e8e14307 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=ZmYwOTRhZDUtMWI2ZS00ZWVmLWE3YTYtNmVhNGU4ZTE0MzA3&gdpr=0&gdpr_consent=&ttd_tdid=ff094ad5-1b6e-4eef-a7a6-6ea4e8e14307 HTTP 302
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=ff094ad5-1b6e-4eef-a7a6-6ea4e8e14307&google_gid=CAESEPtKI2irxf4D5ngvXHs8FIY&google_cver=1 HTTP 302
https://ups.analytics.yahoo.com/ups/55953/sync?uid=ff094ad5-1b6e-4eef-a7a6-6ea4e8e14307&_origin=1&redir=true&gdpr=0&gdpr_consent=&redir=true HTTP 302
https://ups.analytics.yahoo.com/ups/55953/sync?uid=ff094ad5-1b6e-4eef-a7a6-6ea4e8e14307&_origin=1&redir=true&gdpr=0&gdpr_consent=&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=55953&ovsid=ff094ad5-1b6e-4eef-a7a6-6ea4e8e14307&gdpr=0&redir=true HTTP 302
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1nWW8uWTg1RTJ1RUo5NG5VSGc3SGZORF9MY1EzWU5sMH5B&gdpr=0&ovsid=ff094ad5-1b6e-4eef-a7a6-6ea4e8e14307&dpid=55953

Request Chain 57

https://ad.360yield.com/match?publisher_dsp_id=42&external_user_id=6859813466597183067&Expiration=1703380053 HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=6859813466597183067&Expiration=1703380053

Request Chain 61

https://rtb-csync.smartadserver.com/redir/?partnerid=22&partneruserid=6859813466597183067&redirurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d10%26cid%3DSMART_USER_ID HTTP 302
https://c1.adform.net/serving/cookie/match?party=10&cid=4043832771957662571

Request Chain 63

https://x.bidswitch.net/sync?dsp_id=70&user_id=6859813466597183067 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=70&user_id=6859813466597183067 HTTP 302
https://ad.360yield.com/match?publisher_dsp_id=191&external_user_id=4ce94e8b-2a83-4b17-a9ad-580a0b63b7cd&gdpr=&gdpr_consent=

Request Chain 64

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=6859813466597183067&expiration=1703380053 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=6859813466597183067&expiration=1703380053&C=1

Request Chain 65

https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=6859813466597183067&sInitiator=external HTTP 302
https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=6859813466597183067&sInitiator=external

Request Chain 66

https://ps.eyeota.net/match?uid=6859813466597183067&bid=9gdtmu1 HTTP 302
https://ps.eyeota.net/match/bounce/?uid=6859813466597183067&bid=9gdtmu1

Request Chain 67

https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=6859813466597183067 HTTP 302
https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=6859813466597183067&xl8blockcheck=1 HTTP 302
https://load77.exelator.com/pixel.gif

Request Chain 68

https://idsync.rlcdn.com/398366.gif?partner_uid=6859813466597183067 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CJ6oGBIeChoIARCUdRoTNjg1OTgxMzQ2NjU5NzE4MzA2NxAAGg0I1Z7UqwYSBQjoBxAAQgBKAA HTTP 307
https://pippio.com/api/sync?pid=5324&it=1&iv=fd9856b2fa1c34fc405b43db6651d7597882466f411f9f43220f23d4962bc6f5791426b5417dce21&_=2 HTTP 307
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=fd9856b2fa1c34fc405b43db6651d7597882466f411f9f43220f23d4962bc6f5791426b5417dce21&rand=05540753 HTTP 302
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=fd9856b2fa1c34fc405b43db6651d7597882466f411f9f43220f23d4962bc6f5791426b5417dce21&rand=05540753&expected_cookie=8bb32ceb-d3b5-47fd-ad3e-7470766336c4

Request Chain 69

https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=6859813466597183067/gdpr=/gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=6859813466597183067/gdpr=/gdpr_consent=

Request Chain 71

https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6859813466597183067 HTTP 302
https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=6859813466597183067

Request Chain 72

https://api.adrtx.net/thirdparty/click?p=adfo HTTP 302
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif

Request Chain 74

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=Njg1OTgxMzQ2NjU5NzE4MzA2Nw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm=&google_ula=1641347&party=1&google_hm=Njg1OTgxMzQ2NjU5NzE4MzA2Nw&google_tc= HTTP 302
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEKa7aJjGd4vpAez0VeRKVPs&google_cver=1&google_ula=1641347,0

Request Chain 76

https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=3&id=4484452793607810155&redirect=1 HTTP 302
https://secure.adnxs.com/setuid?entity=91&code=6859813466597183067

Request Chain 79

https://a.audrte.com/a?adform_uid=6859813466597183067 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=MGw2MmdidXhTU2FTUm1mMjJJTmhSZU8zdw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
https://a.audrte.com/p

Request Chain 80

https://dpm.demdex.net/ibs:dpid=1586&dpuuid=6859813466597183067&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=6859813466597183067&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=1007&cid=14109943346109674224416279917144768776&noredirect=1

Request Chain 81

https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=6859813466597183067 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=212690604726000647614

Request Chain 82

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7310766432153958549

Request Chain 84

https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
https://c1.adform.net/serving/cookie/match?party=1084&cid=jaxpJmvf1Rc8ia5

Request Chain 85

https://match.adsrvr.org/track/cmf/generic?ttd_pid=71ei9rr&ttd_tpi=1 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=ff094ad5-1b6e-4eef-a7a6-6ea4e8e14307

Request Chain 86

https://global.ib-ibi.com/image.sbmx?go=302927&pid=567&xid=6859813466597183067 HTTP 302
https://ib.mookie1.com/image.sbmx?go=302927&pid=567&xid=6859813466597183067

Request Chain 87

https://id5-sync.com/s/10/0.gif?puid=6859813466597183067 HTTP 302
https://id5-sync.com/c/10/10/2/1.gif?puid=6859813466597183067&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-b907a52EJ3cfuAdHRt93pBayVfQJN3UkOs0yuz7MFQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F10%2F124%2F1%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/cq/10/124/1/2.gif?puid=f142ff9f-8a71-4277-9c5e-dc9b6cdb9899&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
https://ib.adnxs.com/getuid?https://id5-sync.com/c/10/2/0/3.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/10/2/0/3.gif?puid=4484452793607810155&gdpr=0&gdpr_consent=

Request Chain 88

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D HTTP 307
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=603661127 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=J2Bi3bN1QfffnvJJp993ZO

Request Chain 90

https://s.ad.smaato.net/c/?dspInit=1001213&dspCookie=6859813466597183067 HTTP 302
https://s.amazon-adsystem.com/dcm?pid=6c6fd2c8-c9f3-4a37-9a77-029dc3cc98b3&id=dff1a9d73f&gdpr=0&gdpr_consent= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=6c6fd2c8-c9f3-4a37-9a77-029dc3cc98b3&id=dff1a9d73f&gdpr=0&gdpr_consent=&dcc=t

Request Chain 93

https://eb2.3lift.com/xuid?mid=7354&xuid=6859813466597183067&dongle=AD20 HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=7354&xuid=6859813466597183067&dongle=AD20&gdpr=0&cmp_cs=&us_privacy=

98 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
jweinercpas.com/ 249 KB
42 KB 278ms
189ms Document
text/html 2606:4700:3032::6815:30db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jweinercpas.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:30db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a1e289c88271062a8795449bbd1271584a33681928e6880f17274212bc92b27

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8331976d8d414bbb-BUF
content-encoding: br
content-type: text/html; charset=utf-8
date: Sun, 10 Dec 2023 01:07:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W%2Bp0G48hf8Onut3WOm3pZZC3D5VRbYOiRAnrUP6DFlK9NM8exJMMwQTt8FizdEqNE27ezULGF5ayKFJM1ZquKtmRYb3YmW1R2xydNj1pYt8%2FjsQr9dXXCpGWRU7gJiB2rVnWe7GYTHYwxUnhN1M%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: User-Agent, Accept-Encoding

GET
H2 200 9dd2bc8.modern.js Show response
jweinercpas.com/_nuxt/ 7 KB
4 KB 56ms
50ms Script
application/javascript 2606:4700:3032::6815:30db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jweinercpas.com/_nuxt/9dd2bc8.modern.js
Requested by: Host: jweinercpas.com
URL: https://jweinercpas.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:30db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a5aeb8c8c0267952aab0edcdbcaca676f1e7fea4dc7494f61eed3187a3bd0cf0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://jweinercpas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 01:07:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 01 Dec 2023 19:33:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1a84-18c26def052"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oiSfaYx2bgT9mu2yM36m7GX78G4%2FQwUiUNhMQhwKs0NEcypt%2BBNU99FcFfqx4fo3Ocm65RtC6LzxnxyD8j%2BqL4k5wrnJ%2FpoZR1g%2FhzBPxKOuVZtk%2BhJMTbrDBT4sfeJoBk%2Fn8nlKGPqHGLCmWMo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 8331976ecdd34bbb-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 df01377.modern.js Show response
jweinercpas.com/_nuxt/ 238 KB
83 KB 98ms
92ms Script
application/javascript 2606:4700:3032::6815:30db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jweinercpas.com/_nuxt/df01377.modern.js
Requested by: Host: jweinercpas.com
URL: https://jweinercpas.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:30db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c51d4cce1b3d937dd07e5f0069956444009219cbcb84ce64c4e3f424129b37f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://jweinercpas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 01:07:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 01 Dec 2023 19:33:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"3b8de-18c26def02e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4JqbxS7BGt2Tv%2BifEkQplYsT7qyUQFRWkS%2B6b05JDAQREyfZcfzMnv08MzzPek6SE7K5NzIp9TuRLG%2F6OPhXgaUP4%2FZq0ohbhBm3svkY4YOSy1N2FwyRCPuyrHpMsT%2FoaCmVKMy6jdncrjtf0lQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 8331976ecdd44bbb-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 0c5590b.modern.js Show response
jweinercpas.com/_nuxt/ 2 MB
540 KB 97ms
91ms Script
application/javascript 2606:4700:3032::6815:30db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jweinercpas.com/_nuxt/0c5590b.modern.js
Requested by: Host: jweinercpas.com
URL: https://jweinercpas.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:30db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb1fc549c6d8e6989bf6f99b7f6d8c37ec37a308d56443916e32acac5b700d0a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://jweinercpas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 01:07:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 01 Dec 2023 19:33:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1d9598-18c26def052"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5e2yOuqPZ2KAnieZjMWJJu2iqyYBPUp%2F0m2hYJJYX09fIYufX8QfsGtltatWNIuexEmZ9urqvAo7bey00QqHHEES76i0R0xmCzf8VnUlKMMOgv3MxVQOcPJNAWJqo064LJTRlPaYkQbRt04AI94%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 8331976ecdd64bbb-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 2d5f4e5.modern.js Show response
jweinercpas.com/_nuxt/ 276 KB
68 KB 63ms
58ms Script
application/javascript 2606:4700:3032::6815:30db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jweinercpas.com/_nuxt/2d5f4e5.modern.js
Requested by: Host: jweinercpas.com
URL: https://jweinercpas.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:30db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a5315d79b321941d03af635d0245c1611641b3d340b4c209d2ee285656b59331

Request headers

accept-language: en-US,en;q=0.9
Referer: https://jweinercpas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 01:07:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 01 Dec 2023 19:33:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"450e4-18c26def02e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IgvQs%2FiJHAQm9gpUnBTw0nty6R9Qb6AmKxe46faf3GLUvXfK5u7GkaCNJQfL2WUFIx4YOVy48Yi6cmK3ILkXJ3Ws3CFvsFQpOYXl4qmRGvY6UEUf313eLXCsRRiQscbkV9ZZduJBzdj8CiRIhvM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 8331976ecdd74bbb-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 93f62bb.modern.js Show response
jweinercpas.com/_nuxt/ 601 B
711 B 56ms
51ms Script
application/javascript 2606:4700:3032::6815:30db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jweinercpas.com/_nuxt/93f62bb.modern.js
Requested by: Host: jweinercpas.com
URL: https://jweinercpas.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:30db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56f0e091355582c24408b588172b53b25fe4313597dd1b3ed12bdd912ecdd752

Request headers

accept-language: en-US,en;q=0.9
Referer: https://jweinercpas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 01:07:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 01 Dec 2023 19:33:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"259-18c26def042"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jXaKEPCEB5NZ7sFPwuJcamWyN%2FZPHVlz7HzFUgPd7G%2Bcp5ZFNs%2F1q6ZYI2NsaAuOmilmH%2F2IS%2Fvh4Ftofs2I%2BlNB4KRg23KM7lcZOAP9Cgy3cXSO621sVataMNuO74skQfh7JkJJO4t7OmFhmOs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 8331976ecdd84bbb-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 65e7b16.modern.js Show response
jweinercpas.com/_nuxt/ 15 KB
5 KB 56ms
51ms Script
application/javascript 2606:4700:3032::6815:30db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jweinercpas.com/_nuxt/65e7b16.modern.js
Requested by: Host: jweinercpas.com
URL: https://jweinercpas.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:30db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11ca0ce3e768c90fe2293f173d7b9194fb3c341c2054f4a14a211e0aec7a99dc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://jweinercpas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 01:07:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 01 Dec 2023 19:33:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"3d3c-18c26def02a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lC8NivoDicbOCb0AfwSh1V5qoKnnsL0eEBt7iveAYj2g5gS6h4m1IrPVGcOEbEcgGtLopPA%2BWzxNpY45cpPdNp1dYrKhCR2KNEfHNlPf3sP7JvXYqkY2jG1OnZunTq23ygmIiOQB9PddTTpJhNs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 8331976ecdd94bbb-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 badea62.modern.js Show response
jweinercpas.com/_nuxt/ 26 KB
7 KB 54ms
49ms Script
application/javascript 2606:4700:3032::6815:30db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jweinercpas.com/_nuxt/badea62.modern.js
Requested by: Host: jweinercpas.com
URL: https://jweinercpas.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:30db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 848f214321332e0760959f6238b9ae525b43efbbb86cd6b2ea8651a91314a0ee

Request headers

accept-language: en-US,en;q=0.9
Referer: https://jweinercpas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 01:07:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 01 Dec 2023 19:33:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"69e9-18c26def02a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kilBBVTS4WfZFrZpCQNPo%2BD1KFQ%2FJBse768rKJnQLHQ48SSGvAl%2FwNU1uE125yhMRcSUEAaUuh0ayyIX9gL8gAl8u5egrYtt8tPYGwFX%2BUsWqPJJIW%2FVMNKpsufLB3n3oSypXRl7vBn4%2BBiBw%2B4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 8331976ecdda4bbb-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 0450f27.modern.js Show response
jweinercpas.com/_nuxt/ 35 KB
10 KB 57ms
52ms Script
application/javascript 2606:4700:3032::6815:30db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jweinercpas.com/_nuxt/0450f27.modern.js
Requested by: Host: jweinercpas.com
URL: https://jweinercpas.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:30db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 403e2888f51e94d47e2036cecf5c185aa50e749f793860f6f1f9ec795babbca1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://jweinercpas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 01:07:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 01 Dec 2023 19:33:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"8a71-18c26def02a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5DkfsaqOeVF5W4GRbMT1tCrV2%2FCJe%2BwId9kVG8CLhp%2Fy%2FESTpvUuVDzaF71PmmrfU5I1HkUSe7LRx7DvZUXfblIDkQWQa%2BAT%2FwoBEF%2FmpnAtHBIRw9GWP1NMMw315wbZczF2l6T7lV9xtonC5Pw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 8331976ecddb4bbb-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 OpenSnowLogo.7fe2d19.png
jweinercpas.com/_nuxt/img/ 8 KB
8 KB 70ms
60ms Image
image/png 2606:4700:3032::6815:30db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jweinercpas.com/_nuxt/img/OpenSnowLogo.7fe2d19.png
Requested by: Host: jweinercpas.com
URL: https://jweinercpas.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:30db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01e11547653298afecff82a44a6a4e43c66a8d0ff42c95f4dfdb8506c593f360

Request headers

accept-language: en-US,en;q=0.9
Referer: https://jweinercpas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 01:07:32 GMT
cf-cache-status: HIT
last-modified: Fri, 01 Dec 2023 19:33:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"202b-18c26def026"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RECwyBDRjlEuDSjcKpRrdWROF6VzKXF8ATd%2BRuBOpdLO3M1L9dnVmrwGO59MOotZRUnCPvUsmHE3KJgGAfuM6ir7dBfdsgfoJWyonMTpbg09Yqw6FLw8zFzzXZWB75UrK4O9xDLUn6mHMY53GCs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8331976f2df74bbb-BUF
alt-svc: h3=":443"; ma=86400
content-length: 8235

GET
H2 200 16717374939a83e00ab16be8cb1008e67fdbdbfeb4.png
lift.opensnow.com/hosted-files/ 289 KB
289 KB 156ms
71ms Image
image/png 104.22.62.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lift.opensnow.com/hosted-files/16717374939a83e00ab16be8cb1008e67fdbdbfeb4.png

Requested by

Host: jweinercpas.com
URL: https://jweinercpas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.62.110 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

18fabf6388c12071b501c47d4fb577d69ebd92e4d2a366b597169326c568b4f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://jweinercpas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 01:07:32 GMT
strict-transport-security: max-age=5184000
cf-cache-status: REVALIDATED
x-amz-request-id: tx00000000000006e191114-0065659693-4d35fff7-nyc3b
cf-polished: origSize=301149, status=vary_header_present
x-envoy-upstream-healthchecked-cluster
alt-svc: h3=":443"; ma=86400
content-length: 295531
cf-bgj: imgq:85,h2pri
last-modified: Fri, 23 Dec 2022 14:38:32 GMT
server: cloudflare
etag: "ccd4da9799f7f8965fd27a0d73f4b58d"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: image/png
x-do-cdn-uuid: c6b28816-f904-4e9d-8046-a85ca3ad71b0
cache-control: max-age=3600
x-rgw-object-type: Normal
accept-ranges: bytes
cf-ray: 8331976fab1139fd-YYZ

GET
H2 200 16713760949a83e00ab16be8cb1008e67fdbdbfeb4-338x658.png
lift.opensnow.com/hosted-files/ 291 KB
292 KB 193ms
110ms Image
image/png 104.22.62.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lift.opensnow.com/hosted-files/16713760949a83e00ab16be8cb1008e67fdbdbfeb4-338x658.png

Requested by

Host: jweinercpas.com
URL: https://jweinercpas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.62.110 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65edc71d51741e0f98b68e5b2bcc4bd9b128e0c45b9a9261b8080246073700fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://jweinercpas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 01:07:32 GMT
strict-transport-security: max-age=5184000
cf-cache-status: REVALIDATED
x-amz-request-id: tx000000000000070351c6e-006567d02d-4d30364f-nyc3b
cf-polished: origSize=301187, status=vary_header_present
x-envoy-upstream-healthchecked-cluster
alt-svc: h3=":443"; ma=86400
content-length: 298272
cf-bgj: imgq:85,h2pri
last-modified: Fri, 23 Dec 2022 17:10:22 GMT
server: cloudflare
etag: "9b37da1eaf4d7c34b213a19f9f57383f"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: image/png
x-do-cdn-uuid: c6b28816-f904-4e9d-8046-a85ca3ad71b0
cache-control: max-age=3600
x-rgw-object-type: Normal
accept-ranges: bytes
cf-ray: 8331976fab1a39fd-YYZ

GET
H2 200 16714083499a83e00ab16be8cb1008e67fdbdbfeb4-338x658.png
lift.opensnow.com/hosted-files/ 127 KB
128 KB 191ms
108ms Image
image/png 104.22.62.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lift.opensnow.com/hosted-files/16714083499a83e00ab16be8cb1008e67fdbdbfeb4-338x658.png

Requested by

Host: jweinercpas.com
URL: https://jweinercpas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.62.110 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a4d63722cba32ac8477fc2fb6c1aee244f12e7909279473fce483885db65a4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://jweinercpas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 01:07:32 GMT
strict-transport-security: max-age=5184000
cf-cache-status: REVALIDATED
x-amz-request-id: tx00000000000006e39cecf-006565bd08-4d33653d-nyc3b
cf-polished: origSize=132818, status=vary_header_present
x-envoy-upstream-healthchecked-cluster
alt-svc: h3=":443"; ma=86400
content-length: 130529
cf-bgj: imgq:85,h2pri
last-modified: Fri, 23 Dec 2022 17:10:22 GMT
server: cloudflare
etag: "7144b711229a6fe3466039d62cce8591"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: image/png
x-do-cdn-uuid: c6b28816-f904-4e9d-8046-a85ca3ad71b0
cache-control: max-age=3600
x-rgw-object-type: Normal
accept-ranges: bytes
cf-ray: 8331976fab1739fd-YYZ

GET
H2 200 1671376244c6d6bd4a06053521455476923b6d6fe8-338x658.png
lift.opensnow.com/hosted-files/ 327 KB
327 KB 191ms
109ms Image
image/png 104.22.62.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lift.opensnow.com/hosted-files/1671376244c6d6bd4a06053521455476923b6d6fe8-338x658.png

Requested by

Host: jweinercpas.com
URL: https://jweinercpas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.62.110 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3aeaabf264d02ce7dae505d49c9f4c8d134957c665804414a27f017402846496

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://jweinercpas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 01:07:32 GMT
strict-transport-security: max-age=5184000
cf-cache-status: REVALIDATED
x-amz-request-id: tx0000000000000707477ad-00656830b0-4d303663-nyc3b
cf-polished: origSize=337308, status=vary_header_present
x-envoy-upstream-healthchecked-cluster
alt-svc: h3=":443"; ma=86400
content-length: 334432
cf-bgj: imgq:85,h2pri
last-modified: Fri, 23 Dec 2022 17:10:22 GMT
server: cloudflare
etag: "fb086090e69eb907a6ba14939472af91"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: image/png
x-do-cdn-uuid: c6b28816-f904-4e9d-8046-a85ca3ad71b0
cache-control: max-age=3600
x-rgw-object-type: Normal
accept-ranges: bytes
cf-ray: 8331976fab1439fd-YYZ

GET
H2 200 16714089119a83e00ab16be8cb1008e67fdbdbfeb4.png
lift.opensnow.com/hosted-files/ 297 KB
298 KB 192ms
109ms Image
image/png 104.22.62.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lift.opensnow.com/hosted-files/16714089119a83e00ab16be8cb1008e67fdbdbfeb4.png

Requested by

Host: jweinercpas.com
URL: https://jweinercpas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.62.110 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0fbbbb63ebb16a0a04a4124202d8a3a8171beab5091e7490771a0ed9ea8529d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://jweinercpas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 01:07:32 GMT
strict-transport-security: max-age=5184000
cf-cache-status: REVALIDATED
x-amz-request-id: tx00000000000006f5dc647-006566e2f7-4d33653d-nyc3b
cf-polished: origSize=309127, status=vary_header_present
x-envoy-upstream-healthchecked-cluster
alt-svc: h3=":443"; ma=86400
content-length: 304334
cf-bgj: imgq:85,h2pri
last-modified: Tue, 20 Dec 2022 22:08:59 GMT
server: cloudflare
etag: "c9593e720d5974a5fe457484118448a3"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: image/png
x-do-cdn-uuid: c6b28816-f904-4e9d-8046-a85ca3ad71b0
cache-control: max-age=3600
x-rgw-object-type: Normal
accept-ranges: bytes
cf-ray: 8331976fab1b39fd-YYZ

GET
H2 200 OpenSnowLogoMarkWhite.a8077ab.png
jweinercpas.com/_nuxt/img/ 3 KB
3 KB 65ms
58ms Image
image/png 2606:4700:3032::6815:30db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jweinercpas.com/_nuxt/img/OpenSnowLogoMarkWhite.a8077ab.png
Requested by: Host: jweinercpas.com
URL: https://jweinercpas.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:30db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a5885c19a11810454ba5fcd8b8aa48aab877177b59b9f9ee585d60edbb9a3a38

Request headers

accept-language: en-US,en;q=0.9
Referer: https://jweinercpas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 01:07:32 GMT
cf-cache-status: HIT
last-modified: Fri, 01 Dec 2023 19:33:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"bf1-18c26def026"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B%2FABIU6T1tuaqkOIAmMWQ%2FAFbG8rGcW00YZXXFkIIYtlAbTOMddNSe%2BsGXS7M2jkN6wh5gKHBAaOUGvcpyH0Wnewusij72ZDOOM%2BuDgfFZMF884Rs%2FCMsBpDrBx7aItNSfi3CurCJUANfUwKSmw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8331976f2df94bbb-BUF
alt-svc: h3=":443"; ma=86400
content-length: 3057

GET
H2 200 appstore_black.276d3bd.png
jweinercpas.com/_nuxt/img/ 22 KB
22 KB 66ms
60ms Image
image/png 2606:4700:3032::6815:30db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jweinercpas.com/_nuxt/img/appstore_black.276d3bd.png
Requested by: Host: jweinercpas.com
URL: https://jweinercpas.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:30db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 78ea22a13907d6b2b10444886948b9884ae0ebfaa61514ddddac28c8240eaa8a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://jweinercpas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 01:07:32 GMT
cf-cache-status: HIT
last-modified: Fri, 01 Dec 2023 19:33:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5648-18c26def026"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dMcvr3iG6kGeyqfL2FoZuKz83r4VnwN%2FIBj8oODY7kpHv7ILPrQCc5ULpsv7VCX68QthbFjZdMfkoZFvYtrziFnq6lca%2FzyePhpxo0Ch1Na0hpFxYMuvLpDMOeyY6ueaRqTKXUZWyO3i85X99%2Fk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8331976f2dfa4bbb-BUF
alt-svc: h3=":443"; ma=86400
content-length: 22088

GET
H2 200 play_store.63889ce.png
jweinercpas.com/_nuxt/img/ 36 KB
36 KB 61ms
59ms Image
image/png 2606:4700:3032::6815:30db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jweinercpas.com/_nuxt/img/play_store.63889ce.png
Requested by: Host: jweinercpas.com
URL: https://jweinercpas.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:30db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6fe05f92cebfacc6ef600f19789f5b69f91d97f7a5ad3e5fe650871daffd001

Request headers

accept-language: en-US,en;q=0.9
Referer: https://jweinercpas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 01:07:32 GMT
cf-cache-status: HIT
last-modified: Fri, 01 Dec 2023 19:33:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"8efe-18c26def026"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FKI8D%2FhBtD6wztKF3%2FWefPbSBrNV2xMplOCGAeoCV4GRw7VG1t6hVhs9j8gqePUezHJ62BnquuDYsk9MWjPJaI2Cuvspcb5ztKW6%2F7xEL84lRsIyCIkeoCbi2NSa8a2pa5GqZ4TT1VKqTdDsb%2FI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8331976f2dfb4bbb-BUF
alt-svc: h3=":443"; ma=86400
content-length: 36606

GET
H2 200 home-background-2018.jpg
blizzard.opensnow.com/images/home-page/ 353 KB
354 KB 233ms
137ms Image
image/jpeg 172.67.36.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blizzard.opensnow.com/images/home-page/home-background-2018.jpg

Requested by

Host: jweinercpas.com
URL: https://jweinercpas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.36.70 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3bf012ab5ca793d7fba90caba09df22549232f06fbc94f465e439c524e8f2b6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://jweinercpas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-fastly-request-id: dc00c7977484c4ead0c0ceada068cda53007d843
date: Sun, 10 Dec 2023 01:07:32 GMT
via: 1.1 varnish
cf-cache-status: REVALIDATED
strict-transport-security: max-age=5184000
x-proxy-cache: MISS
cf-polished: origSize=411297
x-cache: MISS
x-cache-hits: 0
alt-svc: h3=":443"; ma=86400
content-length: 361313
x-served-by: cache-ewr18182-EWR
cf-bgj: imgq:85,h2pri
last-modified: Fri, 10 Nov 2023 18:51:09 GMT
x-github-request-id: F366:37F9:20D433:2ABB35:65665819
x-timer: S1701206043.858958,VS0,VE32
server: cloudflare
etag: "654e7b9d-646a1"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
cf-ray: 8331976fbd174bc6-BUF
expires: Sun, 10 Dec 2023 01:17:32 GMT

GET
H2 200 forecast-anywhere.jpg
blizzard.opensnow.com/images/home-page/ 223 KB
223 KB 218ms
123ms Image
image/jpeg 172.67.36.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blizzard.opensnow.com/images/home-page/forecast-anywhere.jpg

Requested by

Host: jweinercpas.com
URL: https://jweinercpas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.36.70 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de99dc904811f66430b0fe92fd3ab948324c8a2193c57af4c22a8d17298f9c6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://jweinercpas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-fastly-request-id: 54fbb05e10ca5b2e442001508798940caa6f173e
date: Sun, 10 Dec 2023 01:07:32 GMT
via: 1.1 varnish
cf-cache-status: REVALIDATED
strict-transport-security: max-age=5184000
x-proxy-cache: MISS
cf-polished: origSize=246145
x-cache: MISS
x-cache-hits: 0
alt-svc: h3=":443"; ma=86400
content-length: 228360
x-served-by: cache-nyc-kteb1890036-NYC
cf-bgj: imgq:85,h2pri
last-modified: Fri, 10 Nov 2023 18:51:09 GMT
x-github-request-id: A8DC:6197:2285A3:2C5E30:65665819
x-timer: S1701206043.870370,VS0,VE45
server: cloudflare
etag: "654e7b9d-3c181"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
x-origin-cache: HIT
cf-ray: 8331976fbd184bc6-BUF
expires: Sun, 10 Dec 2023 01:17:32 GMT

GET
H2 200 daily-analysis.jpg
blizzard.opensnow.com/images/home-page/ 328 KB
328 KB 218ms
124ms Image
image/jpeg 172.67.36.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blizzard.opensnow.com/images/home-page/daily-analysis.jpg

Requested by

Host: jweinercpas.com
URL: https://jweinercpas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.36.70 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

52c81e8e5e007de22f35802bfb95296a8843c524b73e8d6f90c5970737d6e364

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://jweinercpas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-fastly-request-id: 6422a593cdc3b8e0e53c334f8b59f85654ba4a7c
date: Sun, 10 Dec 2023 01:07:32 GMT
via: 1.1 varnish
cf-cache-status: REVALIDATED
strict-transport-security: max-age=5184000
x-proxy-cache: MISS
cf-polished: origSize=359415
x-cache: MISS
x-cache-hits: 0
alt-svc: h3=":443"; ma=86400
content-length: 335620
x-served-by: cache-nyc-kteb1890049-NYC
cf-bgj: imgq:85,h2pri
last-modified: Fri, 10 Nov 2023 18:51:09 GMT
x-github-request-id: 0C6C:6197:2285D3:2C5E73:65665819
x-timer: S1701206043.372176,VS0,VE40
server: cloudflare
etag: "654e7b9d-57bf7"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
cf-ray: 8331976fcd194bc6-BUF
expires: Sun, 10 Dec 2023 01:17:32 GMT

GET
H2 200 track-storms.jpg
blizzard.opensnow.com/images/home-page/ 380 KB
380 KB 217ms
124ms Image
image/jpeg 172.67.36.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blizzard.opensnow.com/images/home-page/track-storms.jpg

Requested by

Host: jweinercpas.com
URL: https://jweinercpas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.36.70 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79308377b6156ba4937585153d3fe3e000df29c547b5d45125c870f408f36763

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://jweinercpas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-fastly-request-id: bff255dce8e24721780c52d59ac495ecac29b4c2
date: Sun, 10 Dec 2023 01:07:32 GMT
via: 1.1 varnish
cf-cache-status: REVALIDATED
strict-transport-security: max-age=5184000
x-proxy-cache: MISS
cf-polished: origSize=410640
x-cache: MISS
x-cache-hits: 0
alt-svc: h3=":443"; ma=86400
content-length: 388855
x-served-by: cache-nyc-kteb1890028-NYC
cf-bgj: imgq:85,h2pri
last-modified: Fri, 10 Nov 2023 18:51:09 GMT
x-github-request-id: F192:0ED2:212710:2B0227:65665817
x-timer: S1701206043.428551,VS0,VE26
server: cloudflare
etag: "654e7b9d-64410"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
cf-ray: 8331976fcd1a4bc6-BUF
expires: Sun, 10 Dec 2023 01:17:32 GMT

GET
H2 200 powder-chasing-tools.jpg
blizzard.opensnow.com/images/home-page/ 251 KB
252 KB 218ms
125ms Image
image/jpeg 172.67.36.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blizzard.opensnow.com/images/home-page/powder-chasing-tools.jpg

Requested by

Host: jweinercpas.com
URL: https://jweinercpas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.36.70 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c121c6af027b91be0707e2264a87b4bb49f6fffde5f754d8fe1c55288c3bae86

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://jweinercpas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-fastly-request-id: eb0648e9501c7897b634e6d929f024bed5bea1d4
date: Sun, 10 Dec 2023 01:07:32 GMT
via: 1.1 varnish
cf-cache-status: REVALIDATED
strict-transport-security: max-age=5184000
x-proxy-cache: MISS
cf-polished: origSize=274476
x-cache: MISS
x-cache-hits: 0
alt-svc: h3=":443"; ma=86400
content-length: 257081
x-served-by: cache-nyc-kteb1890036-NYC
cf-bgj: imgq:85,h2pri
last-modified: Fri, 10 Nov 2023 18:51:09 GMT
x-github-request-id: D4B2:6AF9:1FAAAA:2985D7:6566581A
x-timer: S1701206044.672986,VS0,VE51
server: cloudflare
etag: "654e7b9d-4302c"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
cf-ray: 8331976fcd1b4bc6-BUF
expires: Sun, 10 Dec 2023 01:17:32 GMT

GET
H2 200 trusted-by-millions.jpg
blizzard.opensnow.com/images/home-page/ 92 KB
92 KB 101ms
100ms Image
image/jpeg 172.67.36.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blizzard.opensnow.com/images/home-page/trusted-by-millions.jpg

Requested by

Host: jweinercpas.com
URL: https://jweinercpas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.36.70 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57a0da6d8bbfc52263c09655649815704e199ea274f956bbda66da5a0592463d

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://jweinercpas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-fastly-request-id: a9fcbc812ddfe389b7f9cf35a944d5ac881ff52c
date: Sun, 10 Dec 2023 01:07:32 GMT
via: 1.1 varnish
cf-cache-status: REVALIDATED
strict-transport-security: max-age=5184000
x-proxy-cache: MISS
cf-polished: origSize=109927
x-cache: MISS
x-cache-hits: 0
alt-svc: h3=":443"; ma=86400
content-length: 93848
x-served-by: cache-ewr18154-EWR
cf-bgj: imgq:85,h2pri
last-modified: Fri, 10 Nov 2023 18:51:09 GMT
x-github-request-id: 8486:57E2:1FEB2E:29C127:65665811
x-timer: S1701206044.765456,VS0,VE19
server: cloudflare
etag: "654e7b9d-1ad67"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
x-origin-cache: HIT
cf-ray: 8331976fcd1e4bc6-BUF
expires: Sun, 10 Dec 2023 01:17:32 GMT

GET
H2 200 climate-change.jpg
blizzard.opensnow.com/images/home-page/ 80 KB
81 KB 119ms
118ms Image
image/jpeg 172.67.36.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blizzard.opensnow.com/images/home-page/climate-change.jpg

Requested by

Host: jweinercpas.com
URL: https://jweinercpas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.36.70 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e0872831509d835f8410fe0bc8dece319409869f4016cf2444d9960d94cc07e

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://jweinercpas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-fastly-request-id: cf5adf5c4ce112188a2662deeb493a6e32a5d538
date: Sun, 10 Dec 2023 01:07:32 GMT
via: 1.1 varnish
cf-cache-status: REVALIDATED
strict-transport-security: max-age=5184000
x-proxy-cache: MISS
cf-polished: degrade=85, origSize=85027
x-cache: MISS
x-cache-hits: 0
alt-svc: h3=":443"; ma=86400
content-length: 82390
x-served-by: cache-nyc-kteb1890024-NYC
cf-bgj: imgq:85,h2pri
last-modified: Fri, 10 Nov 2023 18:51:09 GMT
x-github-request-id: D4B2:6AF9:1FAAC2:2985F3:6566581B
x-timer: S1701206044.886172,VS0,VE18
server: cloudflare
etag: "654e7b9d-14c23"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
x-origin-cache: HIT
cf-ray: 8331976fcd1f4bc6-BUF
expires: Sun, 10 Dec 2023 01:17:32 GMT

GET
H2 200 facebook.svg
blizzard.opensnow.com/icons/fa/brands/ 512 B
806 B 122ms
76ms Image
image/svg+xml 172.67.36.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blizzard.opensnow.com/icons/fa/brands/facebook.svg

Requested by

Host: jweinercpas.com
URL: https://jweinercpas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.36.70 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad3f6a7546902b413908a7a4601703a4f9fa87a2798a7c8c1a1731c0d9b520d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000

Request headers

Referer: https://jweinercpas.com/
Origin: https://jweinercpas.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-fastly-request-id: bb060f5afb6d24d87b13e98088bd294becbdd011
date: Sun, 10 Dec 2023 01:07:32 GMT
via: 1.1 varnish
content-encoding: br
expires: Sun, 10 Dec 2023 01:17:32 GMT
cf-cache-status: MISS
strict-transport-security: max-age=5184000
x-proxy-cache: MISS
x-cache: MISS
alt-svc: h3=":443"; ma=86400
x-served-by: cache-nyc-kteb1890031-NYC
last-modified: Fri, 10 Nov 2023 18:51:08 GMT
server: cloudflare
x-github-request-id: 1C58:6527:ED9E79:13CF1B5:65750F52
x-timer: S1702170453.531430,VS0,VE14
etag: W/"654e7b9c-200"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=3600
x-origin-cache: HIT
cf-ray: 833197701bc06aed-BUF
x-cache-hits: 0

GET
H2 200 instagram.svg
blizzard.opensnow.com/icons/fa/brands/ 1 KB
772 B 128ms
82ms Image
image/svg+xml 172.67.36.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blizzard.opensnow.com/icons/fa/brands/instagram.svg

Requested by

Host: jweinercpas.com
URL: https://jweinercpas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.36.70 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

544f45ef277797fbfd606b6793db6826dc8bf61612aedf3dfc0f5320d2c18be4

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000

Request headers

Referer: https://jweinercpas.com/
Origin: https://jweinercpas.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-fastly-request-id: f01577f3e6b9d2e8a02fa087fd874705a7d10b74
date: Sun, 10 Dec 2023 01:07:32 GMT
via: 1.1 varnish
content-encoding: br
expires: Sun, 10 Dec 2023 01:17:32 GMT
cf-cache-status: MISS
strict-transport-security: max-age=5184000
x-proxy-cache: MISS
x-cache: MISS
alt-svc: h3=":443"; ma=86400
x-served-by: cache-ewr18168-EWR
last-modified: Fri, 10 Nov 2023 18:51:08 GMT
server: cloudflare
x-github-request-id: 9180:177F:DB936A:11FF599:65750F54
x-timer: S1702170453.534247,VS0,VE17
etag: W/"654e7b9c-492"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=3600
x-origin-cache: HIT
cf-ray: 833197701bc46aed-BUF
x-cache-hits: 0

GET
H2 200 x-twitter.svg
blizzard.opensnow.com/icons/fa/brands/ 404 B
453 B 129ms
84ms Image
image/svg+xml 172.67.36.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blizzard.opensnow.com/icons/fa/brands/x-twitter.svg

Requested by

Host: jweinercpas.com
URL: https://jweinercpas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.36.70 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8f35a67f2129d433d9a690160ea7f637686033f5055199a7788f1bb500fe0e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000

Request headers

Referer: https://jweinercpas.com/
Origin: https://jweinercpas.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-fastly-request-id: 79a8a0e07f3a01aa1a5531bfa2f6ae18d4034d10
date: Sun, 10 Dec 2023 01:07:32 GMT
via: 1.1 varnish
content-encoding: br
expires: Sun, 10 Dec 2023 01:17:32 GMT
cf-cache-status: MISS
strict-transport-security: max-age=5184000
x-proxy-cache: MISS
x-cache: MISS
alt-svc: h3=":443"; ma=86400
x-served-by: cache-nyc-kteb1890039-NYC
last-modified: Fri, 10 Nov 2023 18:51:08 GMT
server: cloudflare
x-github-request-id: 889C:649D:EE17F4:13D3BE6:65750F52
x-timer: S1702170453.533350,VS0,VE20
etag: W/"654e7b9c-194"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=3600
x-origin-cache: HIT
cf-ray: 833197701bc16aed-BUF
x-cache-hits: 0

GET
H2 200 youtube.svg
blizzard.opensnow.com/icons/fa/brands/ 718 B
591 B 123ms
77ms Image
image/svg+xml 172.67.36.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blizzard.opensnow.com/icons/fa/brands/youtube.svg

Requested by

Host: jweinercpas.com
URL: https://jweinercpas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.36.70 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f03c1bf1b4b726d09b8d6babd5fbe3703d14bf9eaed7d0c23f9ee4d2a1dc9e84

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000

Request headers

Referer: https://jweinercpas.com/
Origin: https://jweinercpas.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-fastly-request-id: 45841d4083710e1db013b1593918dccabeee98ec
date: Sun, 10 Dec 2023 01:07:32 GMT
via: 1.1 varnish
content-encoding: br
expires: Sun, 10 Dec 2023 01:17:32 GMT
cf-cache-status: MISS
strict-transport-security: max-age=5184000
x-proxy-cache: MISS
x-cache: MISS
alt-svc: h3=":443"; ma=86400
x-served-by: cache-ewr18171-EWR
last-modified: Fri, 10 Nov 2023 18:51:08 GMT
server: cloudflare
x-github-request-id: EF6C:4D57:F00396:1343574:65750F53
x-timer: S1702170453.533671,VS0,VE13
etag: W/"654e7b9c-2ce"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=3600
x-origin-cache: HIT
cf-ray: 833197701bc26aed-BUF
x-cache-hits: 0

GET
H3 200 ClearSans-Regular-webfont.c806cea.woff
jweinercpas.com/_nuxt/fonts/ 22 KB
23 KB 95ms
91ms Font
font/woff 2606:4700:3032::6815:30db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jweinercpas.com/_nuxt/fonts/ClearSans-Regular-webfont.c806cea.woff
Requested by: Host: jweinercpas.com
URL: https://jweinercpas.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:30db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ad16100f60b85bc3154054e1f1a6631ddfb001f1dd3df8bd3940973b441c8f1

Request headers

Referer: https://jweinercpas.com/
Origin: https://jweinercpas.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 01:07:32 GMT
cf-cache-status: MISS
last-modified: Fri, 01 Dec 2023 19:33:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5958-18c26def02a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7IX0F32c3sQUg8GrsWslhqAoHBcNeBuvU6wpBML9AleiDXGlJQ5m7f4IwEhl%2BYcZ%2Fh2nZQvloJ2dJ89pGTd2J57aRQKC7sZEsRAY1W19bt%2FZDZZ4utfatmdUvweBaqIaK0hkRKQ9qgkIBdmc3yQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8331976f3e084bcd-BUF
alt-svc: h3=":443"; ma=86400
content-length: 22872

GET
H3 200 ClearSans-Bold-webfont.0eb2724.woff
jweinercpas.com/_nuxt/fonts/ 23 KB
23 KB 136ms
132ms Font
font/woff 2606:4700:3032::6815:30db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jweinercpas.com/_nuxt/fonts/ClearSans-Bold-webfont.0eb2724.woff
Requested by: Host: jweinercpas.com
URL: https://jweinercpas.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:30db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f46e73a4a5fb0ea80b932d1aaff9a0d7150e713d670d6e51a354ccdf49e73fdb

Request headers

Referer: https://jweinercpas.com/
Origin: https://jweinercpas.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 01:07:32 GMT
cf-cache-status: MISS
last-modified: Fri, 01 Dec 2023 19:33:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5aac-18c26def02a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f%2FyRXh1o%2BN8MS3MevT6tPtA42JVfJdUE67gJ0tGYpo4UHH%2BnNcfadhR0rzcQdQ93NU4JHEitPYcPnGBaNtGXVc26hmR1CZ7bD9pXcGEUl8ApHKdwKB2s07G3gXrohAB8yubmge1JInI42dceKks%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8331976f3e094bcd-BUF
alt-svc: h3=":443"; ma=86400
content-length: 23212

GET
H3 200 ClearSans-Light-webfont.1244ed9.woff
jweinercpas.com/_nuxt/fonts/ 24 KB
25 KB 67ms
63ms Font
font/woff 2606:4700:3032::6815:30db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jweinercpas.com/_nuxt/fonts/ClearSans-Light-webfont.1244ed9.woff
Requested by: Host: jweinercpas.com
URL: https://jweinercpas.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:30db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ba25ccb4fb517b87d4962892d074383d41e8d6f19a590a2ebbc380587261ffd

Request headers

Referer: https://jweinercpas.com/
Origin: https://jweinercpas.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 01:07:32 GMT
cf-cache-status: MISS
last-modified: Fri, 01 Dec 2023 19:33:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6160-18c26def02a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bw%2Fn3tMUeBIncpkWtLb%2Fgwo87gdkBjXVRotp426c8hjTzB4hfaaWHJxTJMoHyYoU%2BPDY7K7qzDuAsQdLkHDF2KBmuZA2QoV7Q2mCwx2PPFJR8GtJSpnABXUlH6Ea2jNLSxyPK9yKz5Lf6gt%2BUTM%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8331976f3e0a4bcd-BUF
alt-svc: h3=":443"; ma=86400
content-length: 24928

GET
H3 200 ClearSans-Medium-webfont.72ee158.woff
jweinercpas.com/_nuxt/fonts/ 25 KB
25 KB 150ms
146ms Font
font/woff 2606:4700:3032::6815:30db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jweinercpas.com/_nuxt/fonts/ClearSans-Medium-webfont.72ee158.woff
Requested by: Host: jweinercpas.com
URL: https://jweinercpas.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:30db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be05b718089dda8278a8627a2a2b5ee63f84f8f59202e9cfa52d2e171dc9602c

Request headers

Referer: https://jweinercpas.com/
Origin: https://jweinercpas.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 01:07:32 GMT
cf-cache-status: MISS
last-modified: Fri, 01 Dec 2023 19:33:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6238-18c26def02a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MAAn1181h3g6B0%2FYUlb32funkgpyohDROPwKvMoO3cn4XCAtNMobK8jDzPPWmLM0FU5FExg%2BiiUD3MTvFKTCzaUVENQubPhIDfgVeD7pI3heAz3PFbfsZ2SOGNG7dJe736rbz2MOdGs7H9I2N%2BQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8331976f3e0b4bcd-BUF
alt-svc: h3=":443"; ma=86400
content-length: 25144

GET
DATA 200
OK truncated
/ 38 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 187 KB
68 KB 99ms
38ms Script
application/javascript 2607:f8b0:4006:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-26524288-1&l=dataLayer

Requested by

Host: jweinercpas.com
URL: https://jweinercpas.com/_nuxt/0c5590b.modern.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3ab7fffd9e45801d33ea9fa8f92342bd8934fd9b98d7b896c248fba75ef7191f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://jweinercpas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 01:07:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 68982
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 10 Dec 2023 01:07:32 GMT

GET
H2 200 trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/ 81 KB
31 KB 200ms
31ms Script
application/javascript 185.167.164.45
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: jweinercpas.com
URL: https://jweinercpas.com/_nuxt/2d5f4e5.modern.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.167.164.45 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 99c28ba77690124b83aea8cdbbb17ab1145ba247c791aeb4bad747b4248ac459

Request headers

accept-language: en-US,en;q=0.9
Referer: https://jweinercpas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 01:07:32 GMT
content-encoding: gzip
last-modified: Tue, 23 May 2023 09:56:34 GMT
server: nginx
x-amz-request-id: tx000002c3f35d322d138ac-00646c8ee1-32950a49-default
etag: W/"f937ab3eef01c118930b200e5087d00d"
x-cache-status: HIT, HIT, HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H3 200 c3061eb.modern.js Show response
jweinercpas.com/_nuxt/ 139 KB
41 KB 61ms
60ms Script
application/javascript 2606:4700:3032::6815:30db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jweinercpas.com/_nuxt/c3061eb.modern.js
Requested by: Host: jweinercpas.com
URL: https://jweinercpas.com/_nuxt/9dd2bc8.modern.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:30db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e2592720dee70d19701db6fc0999a468f2ec7b0a04159993d0dcdbd4bae65a8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://jweinercpas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 01:07:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 01 Dec 2023 19:33:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"22db1-18c26def052"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MPbIfnSSbarOoakX9pSezoXbBHsZVk5IIdCDIxP6AUSU6oYeTYm%2Bjf2g45IaDIZzQrd1bMn8gR8Ki6C7FqkY6ZxqJiaBsFkP8SsMsi2iSwidMv8m6oj1G9dJT7jnohAdXSt5iV4O1eqTg2jSJnk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 833197728ef34bcd-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 275 KB
91 KB 52ms
50ms Script
application/javascript 2607:f8b0:4006:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Z6F2F1ZKRY&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-26524288-1&l=dataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3c7fc0ba60f1cdd95e4510e644c2e0ee99d2ae4246ca1d0bf06cb27568455f61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://jweinercpas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 01:07:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92888
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 10 Dec 2023 01:07:33 GMT

GET
H2 404 js
www.googletagmanager.com/gtag/ 0
0 39ms
38ms Script
text/html 2607:f8b0:4006:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.googletagmanager.com/gtag/js?id=G-GW6B21GDJ7&l=dataLayer&cx=c
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-26524288-1&l=dataLayer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:80f::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://jweinercpas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 83ms
24ms Script
text/javascript 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-26524288-1&l=dataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://jweinercpas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 09 Dec 2023 23:49:04 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 4709
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 10 Dec 2023 01:49:04 GMT

GET
H2

200

/ Show response
a2.adform.net/Serving/TrackPoint/
Redirect Chain

https://a2.adform.net/Serving/TrackPoint/?pm=3104993&ADFPageName=Retargeting&ADFdivider=%7C&ord=158601943963&ADFtpmode=2&loc=https%3A%2F%2Fjweinercpas.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24
https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=3104993&ADFPageName=Retargeting&ADFdivider=%7C&ord=158601943963&ADFtpmode=2&loc=https%3A%2F%2Fjweinercpas.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24

1 KB
1 KB

34ms
33ms

Script
text/javascript

185.167.164.49
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=3104993&ADFPageName=Retargeting&ADFdivider=%7C&ord=158601943963&ADFtpmode=2&loc=https%3A%2F%2Fjweinercpas.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24

Requested by

Host: jweinercpas.com
URL: https://jweinercpas.com/

Protocol

Server

185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

47ad7c669af8a0a1097dff22761d6b61bb76412be9c40e6fd62a28dc2123be60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://jweinercpas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 01:07:33 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 790
expires: -1

Redirect headers

pragma: no-cache
date: Sun, 10 Dec 2023 01:07:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
content-type: text/html; charset=utf-8
location: https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=3104993&ADFPageName=Retargeting&ADFdivider=%7C&ord=158601943963&ADFtpmode=2&loc=https%3A%2F%2Fjweinercpas.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

GET
H3 200 94db150.modern.js Show response
jweinercpas.com/_nuxt/ 26 KB
9 KB 52ms
52ms Script
application/javascript 2606:4700:3032::6815:30db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jweinercpas.com/_nuxt/94db150.modern.js
Requested by: Host: jweinercpas.com
URL: https://jweinercpas.com/_nuxt/9dd2bc8.modern.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:30db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 526f2d8bfa0b9c2c3cefdcbf04b3ea9c3a7e9ecaa9f5883c0a4445e0108c635e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://jweinercpas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 01:07:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 01 Dec 2023 19:33:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"67cf-18c26def02a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XNyQ4jXRzQNZE%2FAJEYn%2F8mYGIeck0iOqtnVphkx87Y2k86meJY30YL82zkLejx8KYyVvTHEySmSmryiofXTS3fsPqSp4yzbhWVHHmxBqfcq8VJ26sE5T7cRkADoObQ4KeTLx232h8EW0DXXKlGU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 83319773ff4a4bcd-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 11fefe9.modern.js Show response
jweinercpas.com/_nuxt/ 34 KB
9 KB 50ms
50ms Script
application/javascript 2606:4700:3032::6815:30db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jweinercpas.com/_nuxt/11fefe9.modern.js
Requested by: Host: jweinercpas.com
URL: https://jweinercpas.com/_nuxt/9dd2bc8.modern.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:30db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8968245401605aa73e6fdfbfaba12f8a6148e51f2316f9a94431fb326cb6d2c9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://jweinercpas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 01:07:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 01 Dec 2023 19:33:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"895e-18c26def046"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VxG3AmgH2GvvBtNt9X94LnT%2FJiwhuKEuN%2F9OflR3Y6K5Fon35tsRgBMIEiF5v4dxGnLy1uoPdFnuaslvOLHcdbIoYCOOpQq7hvZm3s4sThpzlTtRTK7XVaN%2FUqmBbKBb1kziCAlY5G2KBVic%2BKk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 83319773ff4b4bcd-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 47c8d0c.modern.js Show response
jweinercpas.com/_nuxt/ 33 KB
10 KB 53ms
53ms Script
application/javascript 2606:4700:3032::6815:30db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jweinercpas.com/_nuxt/47c8d0c.modern.js
Requested by: Host: jweinercpas.com
URL: https://jweinercpas.com/_nuxt/9dd2bc8.modern.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:30db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d73313356fb474f170c5fa28a221202137522806c6d1d1fb5b522c8037608f6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://jweinercpas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 01:07:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 01 Dec 2023 19:33:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"834c-18c26def046"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dUlSVmaVAx9pkyD3Gg%2Fy9ijVGPQgg5V%2BNqtOpsxbHlQUmERc%2F%2Bir70gaZVQi3Ug3oSlTetor1%2FNDpI2CtS7fQCWcxvHKb1fC2jnftNyd8shQNTTv%2BQqgF39DJdEpZn8UWINAEet7YWE8NA7dyX4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 83319773ff4c4bcd-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 ad410e4.modern.js Show response
jweinercpas.com/_nuxt/ 28 KB
8 KB 55ms
55ms Script
application/javascript 2606:4700:3032::6815:30db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jweinercpas.com/_nuxt/ad410e4.modern.js
Requested by: Host: jweinercpas.com
URL: https://jweinercpas.com/_nuxt/9dd2bc8.modern.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:30db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51e9a448efae3d151d8e5322e52f2bcdcc42032849447389a25605b82bf2fbd5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://jweinercpas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 01:07:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 01 Dec 2023 19:33:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"709c-18c26def046"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R7k7ptdy20bRXl8VA15xc9EDo0G7O9msewqbEdeTuefZs%2BIY5UH4zR%2FhKzLwW4AHw%2Bw%2FynXuYf1MRKvpzzsOYvcTL%2BuuOTVM3W27k%2Fety9Wl0QXAx3AraY85H1kwD0SF3a5fJWiskpFiaXzr%2Bjw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 83319773ff4d4bcd-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 09a1eff.modern.js Show response
jweinercpas.com/_nuxt/ 37 KB
11 KB 53ms
52ms Script
application/javascript 2606:4700:3032::6815:30db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jweinercpas.com/_nuxt/09a1eff.modern.js
Requested by: Host: jweinercpas.com
URL: https://jweinercpas.com/_nuxt/9dd2bc8.modern.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:30db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d41adf3bf5eeafa510fb30f0a6e2ada66e8f00a743cc44970563a33d03d99728

Request headers

accept-language: en-US,en;q=0.9
Referer: https://jweinercpas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 01:07:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 01 Dec 2023 19:33:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"9546-18c26def046"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tYrjYFE7AS1rnFHXxGoIoc8%2FF2jGhyRPAhnjAdYPqsC%2F3MDU22DWXIrOd6jqqjbvQF99dd2myvrhChJsL3U2Wl%2BCad0EoLsfFeuI6o0LkAUfPRGDeK%2BX4hfW%2FAXkSomNlp3XW5FU%2BZj798ilNqU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 833197741f544bcd-BUF
alt-svc: h3=":443"; ma=86400

POST
H2 204 collect
analytics.google.com/g/ 0
254 B 94ms
37ms Ping
text/plain 2607:f8b0:4006:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-Z6F2F1ZKRY&gtm=45je3bt0v881476004&_p=1702170452774&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=898558583.1702170453&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1702170453&sct=1&seg=0&dl=https%3A%2F%2Fjweinercpas.com%2F&dt=OpenSnow%3A%20Weather%20Forecasts%20%26%20Snow%20Reports%20%7C%20OpenSnow&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1224
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z6F2F1ZKRY&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:81c::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://jweinercpas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 01:07:33 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://jweinercpas.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
254 B 107ms
41ms Ping
text/plain 2607:f8b0:4004:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-Z6F2F1ZKRY&cid=898558583.1702170453&gtm=45je3bt0v881476004&aip=1&dma=0&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z6F2F1ZKRY&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c06::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://jweinercpas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 01:07:33 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://jweinercpas.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1 KB 25ms
24ms Script
text/javascript 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://jweinercpas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 00:34:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1983
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 697
x-xss-protection: 0
last-modified: Fri, 30 Jun 2023 18:58:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 10 Dec 2023 01:34:30 GMT

GET
H2 200 js Show response
www.google-analytics.com/gtm/ 128 KB
50 KB 39ms
38ms Script
application/javascript 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-KRNGQMN&t=gtag_UA_26524288_1&cid=898558583.1702170453

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c460a744e20d6bd4e1cd6b6c00c53915cbdeaf890f4685801695345190bbbb1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://jweinercpas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 01:07:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50746
x-xss-protection: 0
last-modified: Sun, 10 Dec 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 10 Dec 2023 01:07:33 GMT

GET
H2 200 / Show response
a2.adform.net/serving/container/ Frame 723B 892 B
980 B 35ms
34ms Document
text/html 185.167.164.49
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://a2.adform.net/serving/container/?pm=3104993&lid=137965036&ctype=0&media=0&PageName=Retargeting&rnd=1746399995&cpref=&loc=https%3a%2f%2fjweinercpas.com%2f

Requested by

Host: s2.adform.net
URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

88d4f4dc05591eea703f919f96b9d2ac572952ca4f873a1d67fdd3047cb76435

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://jweinercpas.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 10 Dec 2023 01:07:33 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding

GET
H2 200 pixels Show response
c1.adform.net/imatch/ Frame 5E6F 4 KB
2 KB 177ms
36ms Document
text/html 185.167.164.49
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/imatch/pixels?uid=6859813466597183067&agencyId=6276&advertiserId=2170899&src=tp&rnd=929595

Requested by

Host: a2.adform.net
URL: https://a2.adform.net/Serving/TrackPoint/?pm=3104993&ADFPageName=Retargeting&ADFdivider=%7C&ord=158601943963&ADFtpmode=2&loc=https%3A%2F%2Fjweinercpas.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

499ba09a3b2f4ac85b613f8f8e68f9a34126c3856782c4e358dd41cffdb8ad22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://jweinercpas.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 10 Dec 2023 01:07:33 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding

GET
H2 200 /
a1.seadform.net/serving/cookie/sync/ 35 B
467 B 267ms
33ms Image
image/gif 185.167.164.49
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a1.seadform.net/serving/cookie/sync/?uid=6859813466597183067&stamp=DQSnS1bT7eEDvP-67D9Y4w2

Requested by

Host: jweinercpas.com
URL: https://jweinercpas.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://jweinercpas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 01:07:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
content-type: image/gif
cache-control: private

GET
H2

200

cksync
hb.yahoo.net/ Frame 723B
Redirect Chain

https://insight.adsrvr.org/track/pxl/?adv=s0gqw47&ct=0:md2k8zv&fmt=3
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=ff094ad5-1b6e-4eef-a7a6-6ea4e8e14307&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
https://ib.adnxs.com/getuid?https%3a%2f%2fmatch.adsrvr.org%2ftrack%2fcmf%2fappnexus%3fttd%3d1%26anid%3d%24UID&ttd_tdid=ff094ad5-1b6e-4eef-a7a6-6ea4e8e14307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fmatch.adsrvr.org%252ftrack%252fcmf%252fappnexus%253fttd%253d1%2526anid%253d%2524UID%26ttd_tdid%3Dff094ad5-1b6e-4eef-a7a6-6ea4e8e14307
https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=4484452793607810155&ttd_tdid=ff094ad5-1b6e-4eef-a7a6-6ea4e8e14307
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=ZmYwOTRhZDUtMWI2ZS00ZWVmLWE3YTYtNmVhNGU4ZTE0MzA3&gdpr=0&gdpr_consent=&ttd_tdid=ff094ad5-1b6e-4eef-a7a6-6ea4e...
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=ff094ad5-1b6e-4eef-a7a6-6ea4e8e14307&google_gid=CAESEPtKI2irxf4D5ngvXHs8FIY&google_cver=1
https://ups.analytics.yahoo.com/ups/55953/sync?uid=ff094ad5-1b6e-4eef-a7a6-6ea4e8e14307&_origin=1&redir=true&gdpr=0&gdpr_consent=&redir=true
https://ups.analytics.yahoo.com/ups/55953/sync?uid=ff094ad5-1b6e-4eef-a7a6-6ea4e8e14307&_origin=1&redir=true&gdpr=0&gdpr_consent=&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=55953&ovsid=ff094ad5-1b6e-4eef-a7a6-6ea4e8e14307&gdpr=0&redir=true
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1nWW8uWTg1RTJ1RUo5NG5VSGc3SGZORF9MY1EzWU5sMH5B&gdpr=0&ovsid=ff094ad5-1b6e-4eef-a7a6-6ea4e8e14307&dpid=55953

53 B
658 B

177ms
77ms

Image
image/gif

23.204.152.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hb.yahoo.net/cksync?cs=63&axid_e=eS1nWW8uWTg1RTJ1RUo5NG5VSGc3SGZORF9MY1EzWU5sMH5B&gdpr=0&ovsid=ff094ad5-1b6e-4eef-a7a6-6ea4e8e14307&dpid=55953

Requested by

Host: a2.adform.net
URL: https://a2.adform.net/serving/container/?pm=3104993&lid=137965036&ctype=0&media=0&PageName=Retargeting&rnd=1746399995&cpref=&loc=https%3a%2f%2fjweinercpas.com%2f

Protocol

Server

23.204.152.18 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-204-152-18.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://a2.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=86400 ; includeSubDomains, max-age=604800
date: Sun, 10 Dec 2023 01:07:34 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 53
x-mnet-hl2: E
expires: Sun, 10 Dec 2023 01:07:34 GMT

Redirect headers

location: https://hb.yahoo.net/cksync?cs=63&axid_e=eS1nWW8uWTg1RTJ1RUo5NG5VSGc3SGZORF9MY1EzWU5sMH5B&gdpr=0&ovsid=ff094ad5-1b6e-4eef-a7a6-6ea4e8e14307&dpid=55953
date: Sun, 10 Dec 2023 01:07:34 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 41ms
40ms XHR
text/plain 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1116393677&t=event&_s=1&dl=https%3A%2F%2Fjweinercpas.com%2F&ul=en-us&de=UTF-8&dt=OpenSnow%3A%20Weather%20Forecasts%20%26%20Snow%20Reports%20%7C%20OpenSnow&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=general&ea=status_dimension&_u=6CDAAUIjQAAAACAAI~&jid=821198533&gjid=413487042&cid=898558583.1702170453&tid=UA-26524288-1&_gid=1655403199.1702170453&_r=1&gtm=457e3bt0&gcd=11l1l1l1l1&dma=0&cd2=n&jsscut=1&z=22119922

Requested by

Host: jweinercpas.com
URL: https://jweinercpas.com/_nuxt/c3061eb.modern.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://jweinercpas.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 01:07:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://jweinercpas.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 30ms
29ms Image
image/gif 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1116393677&t=pageview&_s=2&dl=https%3A%2F%2Fjweinercpas.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=index&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=6CDAAUIjQAAAACgCI~&jid=&gjid=&cid=898558583.1702170453&tid=UA-26524288-1&_gid=1655403199.1702170453&gtm=457e3bt0&gcd=11l1l1l1l1&dma=0&jsscut=1&z=2105767711

Requested by

Host: jweinercpas.com
URL: https://jweinercpas.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://jweinercpas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 23:45:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 4900
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
149 B 42ms
37ms XHR
text/plain 2607:f8b0:4004:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-26524288-1&cid=898558583.1702170453&jid=821198533&gjid=413487042&_gid=1655403199.1702170453&_u=6CDAAUIiQAAAACAAI~&z=1406506230

Requested by

Host: jweinercpas.com
URL: https://jweinercpas.com/_nuxt/c3061eb.modern.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://jweinercpas.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 10 Dec 2023 01:07:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://jweinercpas.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 plf
c1.adform.net/imatch/ Frame 5E6F 0
384 B 46ms
45ms Image
text/plain 185.167.164.49
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plff

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6859813466597183067&agencyId=6276&advertiserId=2170899&src=tp&rnd=929595

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=6859813466597183067&agencyId=6276&advertiserId=2170899&src=tp&rnd=929595
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 01:07:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame 5E6F
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=42&external_user_id=6859813466597183067&Expiration=1703380053
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=6859813466597183067&Expiration=1703380053

43 B
422 B

42ms
41ms

Image
image/gif

44.205.111.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=6859813466597183067&Expiration=1703380053
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6859813466597183067&agencyId=6276&advertiserId=2170899&src=tp&rnd=929595
Protocol: H2
Server: 44.205.111.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-205-111-229.compute-1.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 10 Dec 2023 01:07:33 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=6859813466597183067&Expiration=1703380053
access-control-allow-origin: *
date: Sun, 10 Dec 2023 01:07:33 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame 5E6F 0
400 B 507ms
195ms Image
text/plain 23.215.41.148
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.yieldlab.net/m?dt_id=4879&ext_id=6859813466597183067
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6859813466597183067&agencyId=6276&advertiserId=2170899&src=tp&rnd=929595
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.215.41.148 McAllen, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-215-41-148.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 10 Dec 2023 01:07:34 GMT
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
Expires: Sat, 09 Dec 2023 01:07:34 GMT

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame 5E6F 0
661 B 147ms
30ms Image
text/plain 69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=5232&puid=6859813466597183067
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6859813466597183067&agencyId=6276&advertiserId=2170899&src=tp&rnd=929595
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 0228ab361cece0438ff9eb16e4e5890e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 tpui
ih.adscale.de/adscale-ih/ Frame 5E6F 0
38 B 431ms
113ms Image
text/plain 35.156.237.51
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=6859813466597183067&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6859813466597183067&agencyId=6276&advertiserId=2170899&src=tp&rnd=929595
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.237.51 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-237-51.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 01:07:33 GMT
content-length: 0

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 5E6F
Redirect Chain

https://rtb-csync.smartadserver.com/redir/?partnerid=22&partneruserid=6859813466597183067&redirurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d10%26cid%3DSMART_USER_ID
https://c1.adform.net/serving/cookie/match?party=10&cid=4043832771957662571

35 B
600 B

32ms
32ms

Image
image/gif

185.167.164.49
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=10&cid=4043832771957662571

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6859813466597183067&agencyId=6276&advertiserId=2170899&src=tp&rnd=929595

Protocol

Server

185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 01:07:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

location: https://c1.adform.net/serving/cookie/match?party=10&cid=4043832771957662571
pragma: no-cache
date: Sun, 10 Dec 2023 01:07:33 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H/1.1 200 user-registering
ads.stickyadstv.com/ Frame 5E6F 43 B
638 B 172ms
34ms Image
image/gif 63.251.28.134
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=6859813466597183067
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6859813466597183067&agencyId=6276&advertiserId=2170899&src=tp&rnd=929595
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 63.251.28.134 Secaucus, United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 10 Dec 2023 01:07:33 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
x-sticky-vk: 1702170453756051-1200

GET
H2

200

match
ad.360yield.com/ Frame 5E6F
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=70&user_id=6859813466597183067
https://x.bidswitch.net/ul_cb/sync?dsp_id=70&user_id=6859813466597183067
https://ad.360yield.com/match?publisher_dsp_id=191&external_user_id=4ce94e8b-2a83-4b17-a9ad-580a0b63b7cd&gdpr=&gdpr_consent=

43 B
505 B

43ms
42ms

Image
image/gif

44.205.111.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/match?publisher_dsp_id=191&external_user_id=4ce94e8b-2a83-4b17-a9ad-580a0b63b7cd&gdpr=&gdpr_consent=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6859813466597183067&agencyId=6276&advertiserId=2170899&src=tp&rnd=929595
Protocol: H2
Server: 44.205.111.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-205-111-229.compute-1.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 10 Dec 2023 01:07:33 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

Location: //ad.360yield.com/match?publisher_dsp_id=191&external_user_id=4ce94e8b-2a83-4b17-a9ad-580a0b63b7cd&gdpr=&gdpr_consent=
Date: Sun, 10 Dec 2023 01:07:33 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 5E6F
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=6859813466597183067&expiration=1703380053
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=6859813466597183067&expiration=1703380053&C=1

43 B
342 B

53ms
52ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=6859813466597183067&expiration=1703380053&C=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6859813466597183067&agencyId=6276&advertiserId=2170899&src=tp&rnd=929595
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 01:07:33 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g7kOVOscVg1%2B79W%2BK6HhO2a0494G4v16TrnBZ4%2B9vZVmkKsNdR6gVdNl%2BUQDMSBo8KOkH5jnXojEEVg9GrGB3DLsJ3slU9Pqb2AfTz7D%2BMTTvsvkTP1wWvULCxEPwQhgowgGLxXgf%2FHnUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83319777cc84a1ed-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 10 Dec 2023 01:07:33 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PI9EhPwCZPFe%2B%2F1ZFgN9YQJmV8txc3IHy4s3rCq2Y8N4D1j955nr5W5%2FkiEYwv%2BlR4aGJ74gbkopbzeZYT0j2ZP7eIN3zM8xsK7l93JE5DSTHn%2FmXBLza9EyyQhqcbGelbOPLFfR%2BYmIIw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=111&external_user_id=6859813466597183067&expiration=1703380053&C=1
cache-control: no-cache
cf-ray: 833197777c1aa1ed-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H/1.1

200
OK

info2
uipglob.semasio.net/adform/1/ Frame 5E6F
Redirect Chain

https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=6859813466597183067&sInitiator=external
https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=6859813466597183067&sInitiator=external

42 B
604 B

34ms
34ms

Image
image/gif

50.57.31.206
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=6859813466597183067&sInitiator=external
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6859813466597183067&agencyId=6276&advertiserId=2170899&src=tp&rnd=929595
Protocol: HTTP/1.1
Server: 50.57.31.206 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 10 Dec 2023 01:07:33 GMT
Frontend-ID: 13
P3P: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Content-Type: image/gif
UIP-Response-Status: Ok
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Origin: *
Content-Length: 42
Routing-Server-ID: -1
Expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 10 Dec 2023 01:07:33 GMT
Frontend-ID: 10
P3P: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Location: /adform/1/info2?sType=sync&sExtCookieId=6859813466597183067&sInitiator=external
UIP-Response-Status: Ok
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Content-Length: 0
Routing-Server-ID: -1
Expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H/1.1

200
OK

/
ps.eyeota.net/match/bounce/ Frame 5E6F
Redirect Chain

https://ps.eyeota.net/match?uid=6859813466597183067&bid=9gdtmu1
https://ps.eyeota.net/match/bounce/?uid=6859813466597183067&bid=9gdtmu1

70 B
440 B

43ms
43ms

Image
image/gif

50.16.174.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match/bounce/?uid=6859813466597183067&bid=9gdtmu1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6859813466597183067&agencyId=6276&advertiserId=2170899&src=tp&rnd=929595
Protocol: HTTP/1.1
Server: 50.16.174.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-174-192.compute-1.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/gif
Date: Sun, 10 Dec 2023 01:07:33 GMT
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location: /match/bounce/?uid=6859813466597183067&bid=9gdtmu1
Date: Sun, 10 Dec 2023 01:07:33 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2

200

pixel.gif
load77.exelator.com/ Frame 5E6F
Redirect Chain

https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=6859813466597183067
https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=6859813466597183067&xl8blockcheck=1
https://load77.exelator.com/pixel.gif

43 B
385 B

117ms
27ms

Image
image/gif

2a02:6ea0:c400::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://load77.exelator.com/pixel.gif
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6859813466597183067&agencyId=6276&advertiserId=2170899&src=tp&rnd=929595
Protocol: H2
Server: 2a02:6ea0:c400::11 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-77-pop: newyorkUSNY
date: Sun, 10 Dec 2023 01:07:34 GMT
x-age-lb: 312759
x-77-cache: HIT
x-accel-date: 1701857695
content-length: 43
x-77-nzt: EQwBnJIkFgH3t8UEAA
x-accel-expires: @1702894495
x-77-age: 312759
x-cache-lb: HIT
last-modified: Wed, 25 Oct 2017 17:03:56 GMT
server: CDN77-Turbo
etag: "59f0c3fc-2b"
x-77-nzt-ray: 1e192d082b759ad5560f7565d564c806
content-type: image/gif
access-control-allow-origin: *
accept-ranges: bytes

Redirect headers

date: Sun, 10 Dec 2023 01:07:33 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://load77.exelator.com/pixel.gif
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
content-length: 0

GET
H2

200

db_sync
px.ads.linkedin.com/ Frame 5E6F
Redirect Chain

https://idsync.rlcdn.com/398366.gif?partner_uid=6859813466597183067
https://idsync.rlcdn.com/1000.gif?memo=CJ6oGBIeChoIARCUdRoTNjg1OTgxMzQ2NjU5NzE4MzA2NxAAGg0I1Z7UqwYSBQjoBxAAQgBKAA
https://pippio.com/api/sync?pid=5324&it=1&iv=fd9856b2fa1c34fc405b43db6651d7597882466f411f9f43220f23d4962bc6f5791426b5417dce21&_=2
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=fd9856b2fa1c34fc405b43db6651d7597882466f411f9f43220f23d4962bc6f5791426b5417dce21&rand=05540753
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=fd9856b2fa1c34fc405b43db6651d7597882466f411f9f43220f23d4962bc6f5791426b5417dce21&rand=05540753&expected_cookie=8bb32ceb-d3b5-47fd-ad3e-7470766336c4

0
142 B

53ms
53ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=10339&puuid=fd9856b2fa1c34fc405b43db6651d7597882466f411f9f43220f23d4962bc6f5791426b5417dce21&rand=05540753&expected_cookie=8bb32ceb-d3b5-47fd-ad3e-7470766336c4
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6859813466597183067&agencyId=6276&advertiserId=2170899&src=tp&rnd=929595
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 01:07:33 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 5A44B1C1AE67446AADA4CA046DA3EE1F Ref B: NYCEDGE1309 Ref C: 2023-12-10T01:07:34Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYMHXFHN/CurmYElBDu1g==

Redirect headers

date: Sun, 10 Dec 2023 01:07:33 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 38D88470E0E24E58B5E3A5DF6D9B0136 Ref B: NYCEDGE1309 Ref C: 2023-12-10T01:07:34Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: /db_sync?pid=10339&puuid=fd9856b2fa1c34fc405b43db6651d7597882466f411f9f43220f23d4962bc6f5791426b5417dce21&rand=05540753&expected_cookie=8bb32ceb-d3b5-47fd-ad3e-7470766336c4
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYMHXFGUfBSHNK+R6Famw==

GET
H2

200

gdpr_consent=
sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=6859813466597183067/gdpr=/ Frame 5E6F
Redirect Chain

https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=6859813466597183067/gdpr=/gdpr_consent=
https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=6859813466597183067/gdpr=/gdpr_consent=

49 B
545 B

50ms
50ms

Image
image/gif

34.230.211.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=6859813466597183067/gdpr=/gdpr_consent=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6859813466597183067&agencyId=6276&advertiserId=2170899&src=tp&rnd=929595
Protocol: H2
Server: 34.230.211.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-230-211-254.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 01:07:34 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.11.72
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 10 Dec 2023 01:07:33 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=6859813466597183067/gdpr=/gdpr_consent=
cache-control: no-cache
x-server: 10.40.4.249
content-length: 0
expires: 0

GET
H2 200 29729
tags.bluekai.com/site/ Frame 5E6F 62 B
431 B 293ms
149ms Image
image/gif 23.47.69.85
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/29729?id=6859813466597183067
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6859813466597183067&agencyId=6276&advertiserId=2170899&src=tp&rnd=929595
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.47.69.85 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-47-69-85.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Sun, 10 Dec 2023 01:07:34 GMT
content-length: 62
content-type: image/gif

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 5E6F
Redirect Chain

https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6859813466597183067
https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=6859813466597183067

43 B
171 B

46ms
46ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=6859813466597183067
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6859813466597183067&agencyId=6276&advertiserId=2170899&src=tp&rnd=929595
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 01:07:34 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=6859813466597183067
date: Sun, 10 Dec 2023 01:07:33 GMT
via: 1.1 google
server: OXGW/0.0.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H/1.1

200
OK

pixel.gif
s3-eu-west-1.amazonaws.com/adality-cdn-content/ Frame 5E6F
Redirect Chain

https://api.adrtx.net/thirdparty/click?p=adfo
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif

35 B
390 B

335ms
115ms

Image
image/gif

52.92.18.160
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6859813466597183067&agencyId=6276&advertiserId=2170899&src=tp&rnd=929595
Protocol: HTTP/1.1
Server: 52.92.18.160 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sun, 10 Dec 2023 01:07:35 GMT
Last-Modified: Thu, 29 Oct 2015 16:41:57 GMT
Server: AmazonS3
x-amz-request-id: YNQS08SCBZ9AXYDC
ETag: "c2196de8ba412c60c22ab491af7b1409"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 35
x-amz-id-2: cZvl4Rk/4xjdikZ1APL2dAPzsqOL8tyUtwv/cUzxHAcquOFMkW4ze2PCnVvfsRihw8ye5UPiMck=

Redirect headers

X-Error-Reason: Missing UserId
Date: Sun, 10 Dec 2023 01:07:33 GMT
Server: akka-http/10.2.10
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 137

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 5E6F 0
338 B 132ms
42ms Image
text/plain 34.196.200.49
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=adform&partner_uid=6859813466597183067
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6859813466597183067&agencyId=6276&advertiserId=2170899&src=tp&rnd=929595
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.196.200.49 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-196-200-49.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-served-by: beacon-n015-ash-prod.krxd.net
date: Sun, 10 Dec 2023 01:07:33 GMT
cache-control: private, no-cache, no-store
x-request-time: D=37 t=1702170453
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

/
c1.adform.net/serving/cookie/match/ Frame 5E6F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=Njg1OTgxMzQ2NjU5NzE4MzA2Nw
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm=&google_ula=1641347&party=1&google_hm=Njg1OTgxMzQ2NjU5NzE4MzA2Nw&google_tc=
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEKa7aJjGd4vpAez0VeRKVPs&google_cver=1&google_ula=1641347,0

35 B
591 B

33ms
33ms

Image
image/gif

185.167.164.49
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEKa7aJjGd4vpAez0VeRKVPs&google_cver=1&google_ula=1641347,0

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6859813466597183067&agencyId=6276&advertiserId=2170899&src=tp&rnd=929595

Protocol

Server

185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 01:07:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Sun, 10 Dec 2023 01:07:34 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEKa7aJjGd4vpAez0VeRKVPs&google_cver=1&google_ula=1641347,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 334
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 plf
c1.adform.net/imatch/ Frame 5E6F 0
384 B 35ms
35ms Image
text/plain 185.167.164.49
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plfm

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6859813466597183067&agencyId=6276&advertiserId=2170899&src=tp&rnd=929595

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=6859813466597183067&agencyId=6276&advertiserId=2170899&src=tp&rnd=929595
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 01:07:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2

200

setuid
secure.adnxs.com/ Frame 5E6F
Redirect Chain

https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1
https://c1.adform.net/serving/cookie/match?party=3&id=4484452793607810155&redirect=1
https://secure.adnxs.com/setuid?entity=91&code=6859813466597183067

43 B
830 B

33ms
33ms

Image
image/gif

68.67.160.26
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/setuid?entity=91&code=6859813466597183067

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6859813466597183067&agencyId=6276&advertiserId=2170899&src=tp&rnd=929595

Protocol

Server

68.67.160.26 Jersey City, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 01:07:34 GMT
an-x-request-uuid: a889e498-5111-4e81-90fc-90ef2bbc7825
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 96.9.249.35; 96.9.249.35; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 10 Dec 2023 01:07:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://secure.adnxs.com/setuid?entity=91&code=6859813466597183067
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 5E6F 42 B
473 B 105ms
29ms Image
image/gif 8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6859813466597183067
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6859813466597183067&agencyId=6276&advertiserId=2170899&src=tp&rnd=929595
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sat, 09 Dec 2023 15:29:18 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 200
OK cs
pdw-adf.userreport.com/ Frame 5E6F 43 B
444 B 160ms
32ms Image
image/gif 13.224.214.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pdw-adf.userreport.com/cs
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6859813466597183067&agencyId=6276&advertiserId=2170899&src=tp&rnd=929595
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-63.phl50.r.cloudfront.net
Software: nginx/1.22.0 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 06:07:22 GMT
Via: 1.1 677c6e9af68514f698151642c19f6c8e.cloudfront.net (CloudFront)
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx/1.22.0
X-Amz-Cf-Pop: PHL50-C1
Age: 68412
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Content-Length: 43
X-Amz-Cf-Id: m6n1qt-ONG9VF6Ph__IYRK8tmCmQCHYdYZddNjjwkS5X_AYTqObHPw==

GET
H/1.1

200

p
a.audrte.com/ Frame 5E6F
Redirect Chain

https://a.audrte.com/a?adform_uid=6859813466597183067
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=MGw2MmdidXhTU2FTUm1mMjJJTmhSZU8zdw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
https://a.audrte.com/p

68 B
424 B

106ms
106ms

Image
image/png

34.251.97.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.audrte.com/p
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6859813466597183067&agencyId=6276&advertiserId=2170899&src=tp&rnd=929595
Protocol: HTTP/1.1
Server: 34.251.97.118 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-97-118.eu-west-1.compute.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sun, 10 Dec 2023 01:07:34 GMT
Server: nginx/1.22.1
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 68

Redirect headers

Date: Sun, 10 Dec 2023 01:07:34 GMT
Server: nginx/1.22.1
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: *
Location: https://a.audrte.com:443/p
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 5E6F
Redirect Chain

https://dpm.demdex.net/ibs:dpid=1586&dpuuid=6859813466597183067&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=6859813466597183067&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredire...
https://c1.adform.net/serving/cookie/match?party=1007&cid=14109943346109674224416279917144768776&noredirect=1

35 B
591 B

33ms
33ms

Image
image/gif

185.167.164.49
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1007&cid=14109943346109674224416279917144768776&noredirect=1

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6859813466597183067&agencyId=6276&advertiserId=2170899&src=tp&rnd=929595

Protocol

Server

185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 01:07:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

dcs: dcs-prod-va6-1-v053-0153aa08c.edge-va6.demdex.com 2 ms
pragma: no-cache
date: Sun, 10 Dec 2023 01:07:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: phbpH6+nRQc=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://c1.adform.net/serving/cookie/match?party=1007&cid=14109943346109674224416279917144768776&noredirect=1
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 5E6F
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=6859813466597183067
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=212690604726000647614

35 B
591 B

32ms
32ms

Image
image/gif

185.167.164.49
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1014&cid=212690604726000647614

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6859813466597183067&agencyId=6276&advertiserId=2170899&src=tp&rnd=929595

Protocol

Server

185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 01:07:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Sun, 10 Dec 2023 01:07:34 GMT
via: 1.1 3a9f76e15ac64134cc339fc4f9fb6a4c.cloudfront.net (CloudFront)
server: AAWebServer
x-amz-cf-pop: PHL50-C1
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://dmp.adform.net/serving/cookie/match/?party=1014&cid=212690604726000647614
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-cache: Miss from cloudfront
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
x-amz-cf-id: SVPqVoIjKuX3L10XHZknMXqbTmaijSYXqNSG4i8LRECLQGkX_qnhHA==
expires: 0

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 5E6F
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7310766432153958549

35 B
600 B

34ms
32ms

Image
image/gif

185.167.164.49
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7310766432153958549

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6859813466597183067&agencyId=6276&advertiserId=2170899&src=tp&rnd=929595

Protocol

Server

185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 01:07:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Location: https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7310766432153958549
Date: Sun, 10 Dec 2023 01:07:34 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2 200 33302
tags.bluekai.com/site/ Frame 5E6F 62 B
359 B 153ms
152ms Image
image/gif 23.47.69.85
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/33302?id=6859813466597183067
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6859813466597183067&agencyId=6276&advertiserId=2170899&src=tp&rnd=929595
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.47.69.85 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-47-69-85.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Sun, 10 Dec 2023 01:07:34 GMT
content-length: 62
content-type: image/gif

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 5E6F
Redirect Chain

https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
https://c1.adform.net/serving/cookie/match?party=1084&cid=jaxpJmvf1Rc8ia5

35 B
600 B

33ms
33ms

Image
image/gif

185.167.164.49
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1084&cid=jaxpJmvf1Rc8ia5

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6859813466597183067&agencyId=6276&advertiserId=2170899&src=tp&rnd=929595

Protocol

Server

185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 01:07:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Pragma: no-cache
Date: Sun, 10 Dec 2023 01:07:33 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-0f0dfade8743333e3@us-east-1d@dxedge-app-us-east-1-prod-asg
Location: https://c1.adform.net/serving/cookie/match?party=1084&cid=jaxpJmvf1Rc8ia5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 5E6F
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=71ei9rr&ttd_tpi=1
https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=ff094ad5-1b6e-4eef-a7a6-6ea4e8e14307

35 B
591 B

37ms
34ms

Image
image/gif

185.167.164.49
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=ff094ad5-1b6e-4eef-a7a6-6ea4e8e14307

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6859813466597183067&agencyId=6276&advertiserId=2170899&src=tp&rnd=929595

Protocol

Server

185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 01:07:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

location: https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=ff094ad5-1b6e-4eef-a7a6-6ea4e8e14307
date: Sun, 10 Dec 2023 01:07:34 GMT
server: Kestrel
content-length: 225

GET
H/1.1

200
OK

image.sbmx
ib.mookie1.com/ Frame 5E6F
Redirect Chain

https://global.ib-ibi.com/image.sbmx?go=302927&pid=567&xid=6859813466597183067
https://ib.mookie1.com/image.sbmx?go=302927&pid=567&xid=6859813466597183067

0
421 B

374ms
88ms

Image
image/png

64.58.232.177
ASN-FLEXENTIAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.mookie1.com/image.sbmx?go=302927&pid=567&xid=6859813466597183067
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6859813466597183067&agencyId=6276&advertiserId=2170899&src=tp&rnd=929595
Protocol: HTTP/1.1
Server: 64.58.232.177 , Canada, ASN13649 (ASN-FLEXENTIAL, US),
Reverse DNS: be31-199.crrt01.las04.flexential.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 10 Dec 2023 01:07:34 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: image/png
Access-Control-Allow-Origin: *
p3p: CP="DSP COR ADM DEV PSA PSD OUR"
Cache-Control: no-cache
X-Server: LAS14
Content-Length: 0
Expires: -1

Redirect headers

Date: Sun, 10 Dec 2023 01:07:34 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: text/html; charset=utf-8
Location: https://ib.mookie1.com:443/image.sbmx?go=302927&pid=567&xid=6859813466597183067
Access-Control-Allow-Origin: *
p3p: CP="DSP COR ADM DEV PSA PSD OUR"
Cache-Control: private
X-Server: LAS16
Content-Length: 204

GET
H2

200

3.gif
id5-sync.com/c/10/2/0/ Frame 5E6F
Redirect Chain

https://id5-sync.com/s/10/0.gif?puid=6859813466597183067
https://id5-sync.com/c/10/10/2/1.gif?puid=6859813466597183067&gdpr=0&gdpr_consent=&us_privacy=
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-b907a52EJ3cfuAdHRt93pBayVfQJN3UkOs0yuz7MFQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F10%2F124%2F1%2F2.gif%3Fpuid%3D%...
https://id5-sync.com/cq/10/124/1/2.gif?puid=f142ff9f-8a71-4277-9c5e-dc9b6cdb9899&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
https://ib.adnxs.com/getuid?https://id5-sync.com/c/10/2/0/3.gif?puid=$UID&gdpr=0&gdpr_consent=
https://id5-sync.com/c/10/2/0/3.gif?puid=4484452793607810155&gdpr=0&gdpr_consent=

43 B
1 KB

117ms
117ms

Image
image/gif

162.19.138.119
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/c/10/2/0/3.gif?puid=4484452793607810155&gdpr=0&gdpr_consent=

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6859813466597183067&agencyId=6276&advertiserId=2170899&src=tp&rnd=929595

Protocol

Server

162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533570.ip-162-19-138.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Sun, 10 Dec 2023 01:07:34 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"

Redirect headers

pragma: no-cache
date: Sun, 10 Dec 2023 01:07:34 GMT
an-x-request-uuid: 7b319621-4798-41af-a85f-2d9103771cd0
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://id5-sync.com/c/10/2/0/3.gif?puid=4484452793607810155&gdpr=0&gdpr_consent=
x-proxy-origin: 96.9.249.35; 96.9.249.35; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 5E6F
Redirect Chain

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=603661127
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=J2Bi3bN1QfffnvJJp993ZO

35 B
591 B

34ms
34ms

Image
image/gif

185.167.164.49
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1145&cid=J2Bi3bN1QfffnvJJp993ZO

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6859813466597183067&agencyId=6276&advertiserId=2170899&src=tp&rnd=929595

Protocol

Server

185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 01:07:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Sun, 10 Dec 2023 01:07:33 GMT
via: 1.1 google
last-modified: Sun, 10 Dec 2023 01:07:34 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location: https://dmp.adform.net/serving/cookie/match/?party=1145&cid=J2Bi3bN1QfffnvJJp993ZO
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 5E6F 23 B
278 B 155ms
38ms Image
image/gif 23.51.53.155
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=119&uid=6859813466597183067
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6859813466597183067&agencyId=6276&advertiserId=2170899&src=tp&rnd=929595
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.51.53.155 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-53-155.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires: Sun, 10 Dec 2023 01:07:34 GMT
pragma: no-cache
date: Sun, 10 Dec 2023 01:07:34 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 5E6F
Redirect Chain

https://s.ad.smaato.net/c/?dspInit=1001213&dspCookie=6859813466597183067
https://s.amazon-adsystem.com/dcm?pid=6c6fd2c8-c9f3-4a37-9a77-029dc3cc98b3&id=dff1a9d73f&gdpr=0&gdpr_consent=
https://s.amazon-adsystem.com/dcm?pid=6c6fd2c8-c9f3-4a37-9a77-029dc3cc98b3&id=dff1a9d73f&gdpr=0&gdpr_consent=&dcc=t

43 B
855 B

67ms
66ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=6c6fd2c8-c9f3-4a37-9a77-029dc3cc98b3&id=dff1a9d73f&gdpr=0&gdpr_consent=&dcc=t

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6859813466597183067&agencyId=6276&advertiserId=2170899&src=tp&rnd=929595

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 10 Dec 2023 01:07:34 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 4NYPMFT4X16CNS5ME17M
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 10 Dec 2023 01:07:34 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: EY1KC24CGMCH2CDYFHWD
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=6c6fd2c8-c9f3-4a37-9a77-029dc3cc98b3&id=dff1a9d73f&gdpr=0&gdpr_consent=&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 6859813466597183067
match.contentexchange.me/adform/ Frame 5E6F 0
49 B 404ms
129ms Image
text/plain 46.19.11.36
SIEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.contentexchange.me/adform/6859813466597183067?redirect_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1219
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6859813466597183067&agencyId=6276&advertiserId=2170899&src=tp&rnd=929595
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.19.11.36 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: ilog.vsn.si
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 01:07:34 GMT
content-length: 0
server: nginx/1.16.1

GET
H2 200 /
bpi.rtactivate.com/tag/ Frame 5E6F 43 B
109 B 196ms
78ms Image
image/gif 52.205.93.66
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bpi.rtactivate.com/tag/?id=16974&user_id=6859813466597183067
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6859813466597183067&agencyId=6276&advertiserId=2170899&src=tp&rnd=929595
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.205.93.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-93-66.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 01:07:34 GMT
server: awselb/2.0
content-length: 43
content-type: image/gif

GET
H2

200

xuid
eb2.3lift.com/ Frame 5E6F
Redirect Chain

https://eb2.3lift.com/xuid?mid=7354&xuid=6859813466597183067&dongle=AD20
https://eb2.3lift.com/xuid?ld=1&mid=7354&xuid=6859813466597183067&dongle=AD20&gdpr=0&cmp_cs=&us_privacy=

37 B
354 B

49ms
48ms

Image
image/gif

52.223.22.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=7354&xuid=6859813466597183067&dongle=AD20&gdpr=0&cmp_cs=&us_privacy=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6859813466597183067&agencyId=6276&advertiserId=2170899&src=tp&rnd=929595
Protocol: H2
Server: 52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type: image/gif
date: Sun, 10 Dec 2023 01:07:34 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=7354&xuid=6859813466597183067&dongle=AD20&gdpr=0&cmp_cs=&us_privacy=
date: Sun, 10 Dec 2023 01:07:34 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 put
e1.emxdgt.com/ Frame 5E6F 43 B
120 B 173ms
38ms Image
image/gif 3.210.56.21
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d52&uid=6859813466597183067
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6859813466597183067&agencyId=6276&advertiserId=2170899&src=tp&rnd=929595
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.210.56.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-210-56-21.compute-1.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 01:07:33 GMT
content-length: 43
x-nosync: emp
content-type: image/gif

GET
H2 200 plf
c1.adform.net/imatch/ Frame 5E6F 0
384 B 34ms
32ms Image
text/plain 185.167.164.49
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plfl

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6859813466597183067&agencyId=6276&advertiserId=2170899&src=tp&rnd=929595

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=6859813466597183067&agencyId=6276&advertiserId=2170899&src=tp&rnd=929595
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 01:07:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 99ms
41ms Image
image/gif 2607:f8b0:4006:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-26524288-1&cid=898558583.1702170453&jid=821198533&_u=6CDAAUIiQAAAACAAI~&z=102185627

Requested by

Host: jweinercpas.com
URL: https://jweinercpas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://jweinercpas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 01:07:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
45 B 41ms
40ms Ping
text/plain 2607:f8b0:4006:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-Z6F2F1ZKRY&gtm=45je3bt0v881476004&_p=1702170452774&gcd=11l1l1l1l1&dma=0&cid=898558583.1702170453&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&sid=1702170453&sct=1&seg=0&dl=https%3A%2F%2Fjweinercpas.com%2F&dt=OpenSnow%3A%20Weather%20Forecasts%20%26%20Snow%20Reports%20%7C%20OpenSnow&_s=2&tfd=6583
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z6F2F1ZKRY&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:81c::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://jweinercpas.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 01:07:38 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://jweinercpas.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

78 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.jweinercpas.com/	1970-01-21 02:25:30	Name: _ga Value: GA1.2.898558583.1702170453
.jweinercpas.com/	1970-01-20 16:50:56	Name: _gid Value: GA1.2.1655403199.1702170453
.adform.net/	1970-01-20 17:34:08	Name: C Value: 1
.adform.net/	1970-01-20 18:15:54	Name: receive-cookie-deprecation Value: 1
.adform.net/	1970-01-20 18:15:54	Name: uid Value: 6859813466597183067
.adform.net/	1970-01-20 16:50:56	Name: CM Value: 1\|1
.jweinercpas.com/	1970-01-20 16:49:30	Name: _gat_gtag_UA_26524288_1 Value: 1
.jweinercpas.com/	1970-01-21 02:25:30	Name: _ga_Z6F2F1ZKRY Value: GS1.1.1702170453.1.1.1702170453.60.0.0
.adform.net/	1970-01-20 17:09:40	Name: CM14 Value: 1702256853_1702170453_1_Hu7u4e4e4R7u4e4REREeEREREQ
.adsrvr.org/	1970-01-21 01:36:32	Name: TDID Value: ff094ad5-1b6e-4eef-a7a6-6ea4e8e14307
.seadform.net/	1970-01-20 18:15:54	Name: uid Value: 6859813466597183067
.casalemedia.com/	1970-01-21 01:35:06	Name: CMID Value: ZXUPVYPabxO3d-btwtQrfgAA
.casalemedia.com/	1970-01-20 18:59:06	Name: CMPS Value: 151
.casalemedia.com/	1970-01-20 18:59:06	Name: CMPRO Value: 151
.smartadserver.com/	1970-01-21 02:19:44	Name: pid Value: 4043832771957662571
.smartadserver.com/	1970-01-21 02:19:44	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-21 01:36:32	Name: csync Value: 22:6859813466597183067
.360yield.com/	1970-01-20 18:59:06	Name: tuuid Value: f142ff9f-8a71-4277-9c5e-dc9b6cdb9899
.360yield.com/	1970-01-20 18:59:06	Name: tuuid_lu Value: 1702170453
.bidswitch.net/	1970-01-21 01:35:06	Name: tuuid Value: 4ce94e8b-2a83-4b17-a9ad-580a0b63b7cd
.bidswitch.net/	1970-01-21 01:35:06	Name: c Value: 1702170453
.bidswitch.net/	1970-01-21 01:35:06	Name: tuuid_lu Value: 1702170453
.semasio.net/	1970-01-21 01:35:06	Name: SEUNCY Value: D9E00216D8DFEDD0
.rubiconproject.com/	1970-01-21 01:35:06	Name: khaos Value: LPYSC7WM-1X-9ND
.rubiconproject.com/	1970-01-21 01:35:06	Name: audit Value: 1\|bnKf459A4A02Cp8bTRvq/Jf2/f0f7n3/r7/IydcgqNZ+xL8LlrcUaPqXCwH8dITuhrNUg9IJUVeM1KxoLazIt9i2Wk5FrGos0XY24Ec+XLtYzydOrhYXVpFMWyJgJYjJJE4Qm5tF/1YktF8s1dxKKJHDNo7CVXi2J2BxkTD4SS1bOz6AjJtUa8ZnH3r7x5VAdeodiyl5GGjkt77VmXBK7kiCfUmSYXqD+ohH/uuQN8oOr/S07bYDcYQkZmofZQkSVSwKu1RXSJT0/fhu8/pkBO4VeIulq+4M1TRwmTZWV3Xc6UO785F0Pw==
.ads.stickyadstv.com/	1970-01-20 18:15:54	Name: uid-bp-617 Value: 6859813466597183067
.ads.stickyadstv.com/	1970-01-20 17:32:42	Name: UID Value: 229e8bd4c7ec29113fd12b6c239cd
.eyeota.net/	1970-01-21 01:36:32	Name: mako_uid Value: 18c5143e743-96b0000010a416f
.eyeota.net/	1970-01-20 16:49:31	Name: SERVERID Value: 16751~DM
.adnxs.com/	1970-01-20 18:59:06	Name: uuid2 Value: 4484452793607810155
.exelator.com/	1970-01-20 19:42:18	Name: EE Value: "061c9e6ccc01080d11471459e8ab4a59"
.openx.net/	1970-01-21 01:35:06	Name: i Value: be9e765a-d011-47ad-8544-0b0a3e13b8e7\|1702170453
.krxd.net/	1970-01-20 21:08:42	Name: _kuid_ Value: P9yuDD8b
.exelator.com/	1970-01-20 19:42:18	Name: ud Value: "eJxrXxzq6XKLQcHAzDDZMtUsOTnZwNDAwiDF0NDE3NDE1DLVIjHJJNHUcnFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDIYEl%252BUWb6otDgxUUpaQyLSopPBR%252FTWAQAfpsp1g%253D%253D"
.crwdcntrl.net/	1970-01-20 23:18:18	Name: _cc_dc Value: 0
.crwdcntrl.net/	1970-01-20 23:18:18	Name: _cc_id Value: 86fa3493eb4394a1188176125f484ec3
.doubleclick.net/	1970-01-21 02:25:30	Name: IDE Value: AHWqTUkLiG0-YjIxjB30d1bpBrfnQnCpnCxZwy2sec3J0fwKs7Fidsq7fSkoWbkkI9U
.rlcdn.com/	1970-01-21 01:35:06	Name: rlas3 Value: cW5bTOz3u7rHu83WYAptqpyxNNs+rp6fn2Pll1AUYjs=
.rlcdn.com/	1970-01-20 18:15:54	Name: pxrc Value: CNae1KsGEgUI6AcQABIFCOhHEAA=
.bluekai.com/	1970-01-20 21:13:01	Name: bku Value: /Ux99aDw5VU91OAZ
.adnxs.com/	1970-01-20 18:59:06	Name: anj Value: dTM7k!M4/YD>6NRF']wIg2GTxrz%Is!]tbPl1M66+q([OUezr6[QT@F_(.r>[QV2!OxC5xaaTYzA(z^!3If)y3KL9D3I?+PVPvoi
.pubmatic.com/	1970-01-20 17:32:42	Name: KRTBCOOKIE_391 Value: 22924-6859813466597183067&KRTB&23263-6859813466597183067&KRTB&23481-6859813466597183067
.pubmatic.com/	1970-01-20 17:32:42	Name: PugT Value: 1702135758
.adsrvr.org/	1970-01-21 01:36:32	Name: TDCPM Value: CAESFgoHcnViaWNvbhILCOCXssXNybw8EAUSFwoIYXBwbmV4dXMSCwigjr3Jzcm8PBAFEhUKBmdvb2dsZRILCIyx6eHtm7o8EAUYASABKAIyCwjg-eP348m8PBAFOAFaBzcxZWk5cnJgAg..
.pippio.com/	1970-01-21 01:35:06	Name: did Value: 6vfqumtCIi4aOtqn
.pippio.com/	1970-01-21 01:35:06	Name: didts Value: 1702170454
.pippio.com/	1970-01-20 18:15:54	Name: nnls Value:
.pippio.com/	1970-01-20 18:15:54	Name: pxrc Value: CNae1KsGEgYIgr0rEAA=
.agkn.com/	1970-01-21 01:35:06	Name: ab Value: 0001%3ABDJNHeIK2qnJRYL9MwlEhB9cliz5aqdO
.demdex.net/	1970-01-20 21:08:42	Name: demdex Value: 14109943346109674224416279917144768776
.dpm.demdex.net/	1970-01-20 21:08:42	Name: dpm Value: 14109943346109674224416279917144768776
.yahoo.com/	1970-01-21 01:35:28	Name: A3 Value: d=AQABBFYPdWUCEAqUCkCXCei2YUyIE0quL0QFEgEBAQFgdmV-ZdxH0iMA_eMAAA&S=AQAAAngLvX2GnGIVkgTveTAcXqM
.linkedin.com/	1970-01-20 18:59:06	Name: li_sugr Value: 8bb32ceb-d3b5-47fd-ad3e-7470766336c4
.linkedin.com/	1970-01-21 01:35:06	Name: bcookie Value: "v=2&4e473fa3-e671-4924-85b1-dc2251ef2be8"
.linkedin.com/	1970-01-20 16:50:56	Name: lidc Value: "b=VGST09:s=V:r=V:a=V:p=V:g=2735:u=1:x=1:i=1702170454:t=1702256854:v=2:sig=AQHZtwEXR1YyBUZeqBMOKAXVOm-soT51"
.w55c.net/	1970-01-21 02:21:11	Name: wfivefivec Value: jaxpJmvf1Rc8ia5
.w55c.net/	1970-01-20 17:32:42	Name: matchadform Value: 5
.analytics.yahoo.com/	1970-01-21 01:35:06	Name: IDSYNC Value: "1769~2fip:19e0~2fip"
.weborama.fr/	1970-01-21 02:15:25	Name: AFFICHE_W Value: LgvSMKuTkiYu35
.teads.tv/	1970-01-21 01:33:40	Name: tt_viewer Value: 3d48327b-15f4-4133-aa76-43c2acc265ff
.adfarm1.adition.com/	1970-01-20 18:59:06	Name: UserID1 Value: 7310766432153958549
.smaato.net/	1970-01-20 17:19:44	Name: SCM Value: dff1a9d73f
.smaato.net/	1970-01-20 17:19:44	Name: SCMaps Value: dff1a9d73f
.smaato.net/	1970-01-20 17:19:44	Name: SCM1001213 Value: dff1a9d73f
.audrte.com/	1970-01-20 17:11:06	Name: arcki2 Value: 0l62gbuxSSaSRmf22INhReO3w!20220908!1702170454434!ip#96.9.249.35
.audrte.com/	1970-01-20 17:11:06	Name: arcki2_adform Value: 6859813466597183067!20220908!1702170454434
global.ib-ibi.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: 43idsvtdmbhvn0dxqmgndymw
.3lift.com/	1970-01-20 18:59:06	Name: tluid Value: 390209385673174772884
.hb.yahoo.net/	1970-01-20 21:08:42	Name: visitor-id Value: 3451720546633946000V10
.hb.yahoo.net/	1970-01-20 17:09:40	Name: data-ttd Value: ff094ad5-1b6e-4eef-a7a6-6ea4e8e14307~~63
.audrte.com/	1970-01-20 17:11:06	Name: arcki2_ddp2 Value: 0l62gbuxSSaSRmf22INhReO3w!20220908!1702170454591
.amazon-adsystem.com/	1970-01-20 21:43:16	Name: ad-id Value: A3jQiQSJgktCn1YAXfPQ9f8
.amazon-adsystem.com/	1970-01-21 02:25:30	Name: ad-privacy Value: 0
.id5-sync.com/	1970-01-20 18:59:06	Name: id5 Value: ac7ae3db-74e9-7055-99a0-a7695d62d097#1702170454512#2
.360yield.com/	1970-01-20 18:59:06	Name: um Value: !42,e.n-4eoT3CKQgHolWR150vtzGrL94jsJ2lcEGRbdJuOo,1703380053!79,DKN7zlhR24.9KiAqXzXmrWfQdYIeIEOf1.nQn-41OPrEZY-LTb1bzOwPWVTouVgIqwOr.hsyJevcNB5-,1709946454!191,TRRuGOeroHHPKvkLpUBz0G80ovDRZNht8g9tpH-noXRdFCSGZAe5qXoyLzKKN4F1Riw,1709946453
.360yield.com/	1970-01-20 18:59:06	Name: umeh Value: !42,0,1764378453,-1!79,0,1764378454,-1!191,0,1764378453,-1
ib.mookie1.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: ltd4wrbyptrduggajx42hh5z
.id5-sync.com/	1970-01-20 18:59:06	Name: 3pi Value: 2#1702170454943#-1119231301#4484452793607810155\|10#1702170454627#-1116932968#6859813466597183067\|124#1702170454785#1560952361

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.googletagmanager.com/gtag/js?id=G-GW6B21GDJ7&l=dataLayer&cx=c Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
a1.seadform.net
a2.adform.net
aa.agkn.com
ad.360yield.com
ad.yieldlab.net
ads.stickyadstv.com
analytics.google.com
api.adrtx.net
beacon.krxd.net
blizzard.opensnow.com
bpi.rtactivate.com
c1.adform.net
cm.g.doubleclick.net
dmp.adform.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
e1.emxdgt.com
eb2.3lift.com
eu-u.openx.net
global.ib-ibi.com
hb.yahoo.net
ib.adnxs.com
ib.mookie1.com
ice.360yield.com
id5-sync.com
idsync.rlcdn.com
ih.adscale.de
insight.adsrvr.org
jweinercpas.com
lift.opensnow.com
load77.exelator.com
loadm.exelator.com
match.adsrvr.org
match.contentexchange.me
pdw-adf.userreport.com
pippio.com
pixel.rubiconproject.com
pm.w55c.net
ps.eyeota.net
px.ads.linkedin.com
redirect.frontend.weborama.fr
rtb-csync.smartadserver.com
s.ad.smaato.net
s.amazon-adsystem.com
s2.adform.net
s3-eu-west-1.amazonaws.com
secure.adnxs.com
simage2.pubmatic.com
stats.g.doubleclick.net
sync.crwdcntrl.net
sync.teads.tv
tags.bluekai.com
token.rubiconproject.com
uipglob.semasio.net
ups.analytics.yahoo.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
x.bidswitch.net
104.18.36.155
104.22.62.110
107.178.254.65
13.224.214.59
13.224.214.63
142.250.65.162
15.197.193.217
162.19.138.119
172.67.36.70
185.167.164.45
185.167.164.49
2001:4860:4802:32::178
216.22.16.40
23.204.152.18
23.215.41.148
23.47.69.85
23.51.53.155
2600:9000:25c8:da00:1b:5138:8a40:93a1
2606:4700:3032::6815:30db
2607:f8b0:4004:c06::9b
2607:f8b0:4006:806::2004
2607:f8b0:4006:80f::2008
2607:f8b0:4006:81c::200e
2620:1ec:21::14
2a02:6ea0:c400::11
3.210.56.21
34.192.38.112
34.196.200.49
34.200.65.202
34.230.211.254
34.251.97.118
34.98.64.218
35.156.237.51
35.190.24.218
35.211.178.172
35.244.154.8
44.205.111.229
46.19.11.36
50.16.174.192
50.16.197.56
50.57.31.206
52.205.93.66
52.223.22.214
52.46.155.104
52.92.18.160
54.157.11.141
63.251.28.134
64.58.232.176
64.58.232.177
68.67.160.26
69.173.151.100
8.28.7.83
85.114.159.93
99.81.243.254
01e11547653298afecff82a44a6a4e43c66a8d0ff42c95f4dfdb8506c593f360
05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9
0a1e289c88271062a8795449bbd1271584a33681928e6880f17274212bc92b27
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0fbbbb63ebb16a0a04a4124202d8a3a8171beab5091e7490771a0ed9ea8529d0
11ca0ce3e768c90fe2293f173d7b9194fb3c341c2054f4a14a211e0aec7a99dc
18fabf6388c12071b501c47d4fb577d69ebd92e4d2a366b597169326c568b4f9
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2ad16100f60b85bc3154054e1f1a6631ddfb001f1dd3df8bd3940973b441c8f1
2ba25ccb4fb517b87d4962892d074383d41e8d6f19a590a2ebbc380587261ffd
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3ab7fffd9e45801d33ea9fa8f92342bd8934fd9b98d7b896c248fba75ef7191f
3aeaabf264d02ce7dae505d49c9f4c8d134957c665804414a27f017402846496
3bf012ab5ca793d7fba90caba09df22549232f06fbc94f465e439c524e8f2b6a
3c7fc0ba60f1cdd95e4510e644c2e0ee99d2ae4246ca1d0bf06cb27568455f61
403e2888f51e94d47e2036cecf5c185aa50e749f793860f6f1f9ec795babbca1
47ad7c669af8a0a1097dff22761d6b61bb76412be9c40e6fd62a28dc2123be60
499ba09a3b2f4ac85b613f8f8e68f9a34126c3856782c4e358dd41cffdb8ad22
4a4d63722cba32ac8477fc2fb6c1aee244f12e7909279473fce483885db65a4a
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d73313356fb474f170c5fa28a221202137522806c6d1d1fb5b522c8037608f6
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
51e9a448efae3d151d8e5322e52f2bcdcc42032849447389a25605b82bf2fbd5
526f2d8bfa0b9c2c3cefdcbf04b3ea9c3a7e9ecaa9f5883c0a4445e0108c635e
52c81e8e5e007de22f35802bfb95296a8843c524b73e8d6f90c5970737d6e364
544f45ef277797fbfd606b6793db6826dc8bf61612aedf3dfc0f5320d2c18be4
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
56f0e091355582c24408b588172b53b25fe4313597dd1b3ed12bdd912ecdd752
57a0da6d8bbfc52263c09655649815704e199ea274f956bbda66da5a0592463d
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
65edc71d51741e0f98b68e5b2bcc4bd9b128e0c45b9a9261b8080246073700fb
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
78ea22a13907d6b2b10444886948b9884ae0ebfaa61514ddddac28c8240eaa8a
79308377b6156ba4937585153d3fe3e000df29c547b5d45125c870f408f36763
7e0872831509d835f8410fe0bc8dece319409869f4016cf2444d9960d94cc07e
7e2592720dee70d19701db6fc0999a468f2ec7b0a04159993d0dcdbd4bae65a8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
848f214321332e0760959f6238b9ae525b43efbbb86cd6b2ea8651a91314a0ee
88d4f4dc05591eea703f919f96b9d2ac572952ca4f873a1d67fdd3047cb76435
8968245401605aa73e6fdfbfaba12f8a6148e51f2316f9a94431fb326cb6d2c9
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
99c28ba77690124b83aea8cdbbb17ab1145ba247c791aeb4bad747b4248ac459
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9c51d4cce1b3d937dd07e5f0069956444009219cbcb84ce64c4e3f424129b37f
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a5315d79b321941d03af635d0245c1611641b3d340b4c209d2ee285656b59331
a5885c19a11810454ba5fcd8b8aa48aab877177b59b9f9ee585d60edbb9a3a38
a5aeb8c8c0267952aab0edcdbcaca676f1e7fea4dc7494f61eed3187a3bd0cf0
ad3f6a7546902b413908a7a4601703a4f9fa87a2798a7c8c1a1731c0d9b520d3
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
be05b718089dda8278a8627a2a2b5ee63f84f8f59202e9cfa52d2e171dc9602c
c121c6af027b91be0707e2264a87b4bb49f6fffde5f754d8fe1c55288c3bae86
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c460a744e20d6bd4e1cd6b6c00c53915cbdeaf890f4685801695345190bbbb1b
c6fe05f92cebfacc6ef600f19789f5b69f91d97f7a5ad3e5fe650871daffd001
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d41adf3bf5eeafa510fb30f0a6e2ada66e8f00a743cc44970563a33d03d99728
d8f35a67f2129d433d9a690160ea7f637686033f5055199a7788f1bb500fe0e6
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de99dc904811f66430b0fe92fd3ab948324c8a2193c57af4c22a8d17298f9c6e
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb1fc549c6d8e6989bf6f99b7f6d8c37ec37a308d56443916e32acac5b700d0a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f03c1bf1b4b726d09b8d6babd5fbe3703d14bf9eaed7d0c23f9ee4d2a1dc9e84
f46e73a4a5fb0ea80b932d1aaff9a0d7150e713d670d6e51a354ccdf49e73fdb

jweinercpas.com Open in urlscan Pro 2606:4700:3032::6815:30db Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

98 Requests

73 %HTTPS

17 %IPv6

50 Domains

61 Subdomains

39 IPs

7 Countries

4344 kBTransfer

6972 kBSize

78 Cookies

40 Outgoing links

Redirected requests

98 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

jweinercpas.com Open in urlscan Pro
2606:4700:3032::6815:30db Public Scan

Screenshot
Live screenshot

Full Image

98
Requests

73 %
HTTPS

17 %
IPv6

50
Domains

61
Subdomains

39
IPs

7
Countries

4344 kB
Transfer

6972 kB
Size

78
Cookies

98 HTTP transactions
1 data transactions