buhgalter.com.ua Open in urlscan Pro
136.144.183.196 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://buhgalter.com.ua/
Effective URL:
https://buhgalter.com.ua/
Submission: On April 01 via api (April 1st 2022, 3:04:34 am UTC) from GB — Scanned from GB

Summary HTTP 269 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 60 IPs in 8 countries across 47 domains to perform 269 HTTP transactions. The main IP is 136.144.183.196, located in Zoetermeer, Netherlands and belongs to TRANSIP-AS Amsterdam, the Netherlands, NL. The main domain is buhgalter.com.ua.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on November 8th 2021. Valid for: a year.

This is the only time buhgalter.com.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 53	136.144.183.196 136.144.183.196	20857 (TRANSIP-A...) (TRANSIP-AS Amsterdam)
7	45.133.44.3 45.133.44.3	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
3	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
2	84.17.46.53 84.17.46.53	60068 (CDN77 ^_^) (CDN77 ^_^)
4	45.133.44.4 45.133.44.4	7018 (ATT-INTER...) (ATT-INTERNET4)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
19	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	95.170.82.90 95.170.82.90	20857 (TRANSIP-A...) (TRANSIP-AS Amsterdam)
3	185.187.81.40 185.187.81.40	43332 (IDSTRATEG...) (IDSTRATEGY-AS)
7	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2600:3c01::f0... 2600:3c01::f03c:91ff:fe79:43b	63949 (LINODE-AP...) (LINODE-AP Linode)
4	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
2	2a06:98c1:312... 2a06:98c1:3121::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	2a02:6ea0:c70... 2a02:6ea0:c700::10	60068 (CDN77 ^_^) (CDN77 ^_^)
5	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400c:c04::9d	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
7	2a0c:5c81:514... 2a0c:5c81:5142::2	55081 (24SHELLS) (24SHELLS)
6	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1 2	23.227.139.243 23.227.139.243	55081 (24SHELLS) (24SHELLS)
1	193.200.65.5 193.200.65.5	6681 (GIVEME-CLOUD) (GIVEME-CLOUD)
1 1	137.74.6.209 137.74.6.209	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
1 3	185.33.221.52 185.33.221.52	29990 (ASN-APPNEX) (ASN-APPNEX)
1	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	23.32.59.34 23.32.59.34	16625 (AKAMAI-AS) (AKAMAI-AS)
10	2602:803:c003... 2602:803:c003:200::51	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	46.249.52.248 46.249.52.248	50673 (SERVERIUS-AS) (SERVERIUS-AS)
2	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	148.251.121.152 148.251.121.152	24940 (HETZNER-AS) (HETZNER-AS)
1	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	37.97.131.40 37.97.131.40	20857 (TRANSIP-A...) (TRANSIP-AS Amsterdam)
1	2a03:2880:f05... 2a03:2880:f058:f:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
11	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
5 16	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
3 5	23.35.236.247 23.35.236.247	16625 (AKAMAI-AS) (AKAMAI-AS)
2	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
2	104.111.242.245 104.111.242.245	16625 (AKAMAI-AS) (AKAMAI-AS)
11	2a00:1450:400... 2a00:1450:4001:829::2006	15169 (GOOGLE) (GOOGLE)
1	209.197.3.19 209.197.3.19	20446 (STACKPATH...) (STACKPATH-CDN)
2	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	2620:116:800d... 2620:116:800d:21:ee05:6a01:4b41:8c89	16509 (AMAZON-02) (AMAZON-02)
2 2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
4 4	198.47.127.19 198.47.127.19	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	141.94.242.148 141.94.242.148	16276 (OVH) (OVH)
2	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:fb:... 2a02:26f0:fb:5a4::1ec4	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 4	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
7	2.21.140.103 2.21.140.103	16625 (AKAMAI-AS) (AKAMAI-AS)
3	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	23.35.237.151 23.35.237.151	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	69.192.160.219 69.192.160.219	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8102:a946:f0fe:2301:5b7a	16509 (AMAZON-02) (AMAZON-02)
1	51.89.7.205 51.89.7.205	16276 (OVH) (OVH)
269	60

53 136.144.183.196 (Zoetermeer, Netherlands) 1 redirects

ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL)
PTR: 136-144-183-196.colo.transip.net

buhgalter.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 45.133.44.3 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

cdn.gravitec.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 84.17.46.53 (Amsterdam, Netherlands)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-84-17-46-53.cdn77.com

l.getsitecontrol.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 45.133.44.4 (Philadelphia, United States)

ASN7018 (ATT-INTERNET4, US)

player.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.170.82.90 (Amsterdam, Netherlands)

ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL)
PTR: 95-170-82-90.colo.transip.net

analytics.factor.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.187.81.40 (Kyiv, Ukraine)

ASN43332 (IDSTRATEGY-AS, UA)

s.zmctrack.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
loadercdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:3c01::f03c:91ff:fe79:43b (Fremont, United States)

ASN63949 (LINODE-AP Linode, LLC, US)

jsonip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3121::7 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::10 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

id.gravitec.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c04::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a0c:5c81:5142::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)

ghb.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ghb1.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.227.139.243 (Piscataway, United States) 1 redirects

ASN55081 (24SHELLS, US)

sync.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.200.65.5 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: t.trafmag.com

t.trafmag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 137.74.6.209 (Warsaw, Poland) 1 redirects

ASN16276 (OVH, FR)
PTR: app-ngx-pl-02.adpartner.pro

a4p.adpartner.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.221.52 (Amsterdam, Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.32.59.34 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-59-34.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2602:803:c003:200::51 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.249.52.248 (Amsterdam, Netherlands) 1 redirects

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net

pbjs.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 148.251.121.152 (Braunlage, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: egon

rtb.adxpremium.services	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.97.131.40 (Netherlands)

ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL)
PTR: 37-97-131-40.colo.transip.net

reactive.factor.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f058:f:face:b00c:0:3 (London, United Kingdom)

ASN32934 (FACEBOOK, US)

scontent-lhr8-1.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 216.58.212.130 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.35.236.247 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-247.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:829::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.197.3.19 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: vip0x013.map2.ssl.hwcdn.net

servedby.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:ee05:6a01:4b41:8c89 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 198.47.127.19 (United States) 4 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.165 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.94.242.148 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ns3210962.ip-141-94-242.eu

googlecm.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:fb:5a4::1ec4 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

secure.insightexpressai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638::1c (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2.21.140.103 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-140-103.deploy.static.akamaitechnologies.com

cdn.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.35.237.151 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-151.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.192.160.219 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8102:a946:f0fe:2301:5b7a (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.7.205 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: p28.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
53	buhgalter.com.ua 1 redirects buhgalter.com.ua	840 KB
34	doubleclick.net 5 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 stats.g.doubleclick.net — Cisco Umbrella Rank: 95 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 193 cm.g.doubleclick.net — Cisco Umbrella Rank: 206 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 274	205 KB
31	googlesyndication.com f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 98 tpc.googlesyndication.com — Cisco Umbrella Rank: 125	158 KB
15	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 585 scontent-lhr8-1.xx.fbcdn.net — Cisco Umbrella Rank: 9349	173 KB
13	adtelligent.com 1 redirects player.adtelligent.com — Cisco Umbrella Rank: 4490 ghb.adtelligent.com — Cisco Umbrella Rank: 5454 sync.adtelligent.com — Cisco Umbrella Rank: 3777 ghb1.adtelligent.com — Cisco Umbrella Rank: 6394	143 KB
12	rubiconproject.com 2 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 450 pixel.rubiconproject.com — Cisco Umbrella Rank: 348	12 KB
11	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 257	94 KB
10	google.com analytics.google.com — Cisco Umbrella Rank: 829 www.google.com — Cisco Umbrella Rank: 7 adservice.google.com — Cisco Umbrella Rank: 76	2 KB
8	flashtalking.com servedby.flashtalking.com — Cisco Umbrella Rank: 711 cdn.flashtalking.com — Cisco Umbrella Rank: 972 secure.flashtalking.com — Cisco Umbrella Rank: 2393	242 KB
8	criteo.com 2 redirects bidder.criteo.com — Cisco Umbrella Rank: 734 gum.criteo.com — Cisco Umbrella Rank: 389 mug.criteo.com — Cisco Umbrella Rank: 2685	8 KB
8	google.co.uk www.google.co.uk — Cisco Umbrella Rank: 3192 adservice.google.co.uk — Cisco Umbrella Rank: 5023	2 KB
8	gravitec.net cdn.gravitec.net — Cisco Umbrella Rank: 25164 id.gravitec.net — Cisco Umbrella Rank: 135497	62 KB
6	pubmatic.com 4 redirects hbopenbid.pubmatic.com — Cisco Umbrella Rank: 446 image6.pubmatic.com — Cisco Umbrella Rank: 610	2 KB
6	casalemedia.com 3 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 470 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 568	5 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 39	58 KB
5	facebook.com www.facebook.com — Cisco Umbrella Rank: 99	17 KB
5	facebook.net connect.facebook.net — Cisco Umbrella Rank: 136	200 KB
4	moatads.com z.moatads.com — Cisco Umbrella Rank: 374 px.moatads.com — Cisco Umbrella Rank: 395	102 KB
4	openx.net us-u.openx.net — Cisco Umbrella Rank: 399 rtb.openx.net — Cisco Umbrella Rank: 1485	834 B
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 169	136 KB
3	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 245	16 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 70	162 KB
2	addthis.com 2 redirects e.dlx.addthis.com — Cisco Umbrella Rank: 1776	1 KB
2	rlcdn.com 2 redirects id.rlcdn.com — Cisco Umbrella Rank: 599	890 B
2	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 1104	793 B
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 631	59 KB
2	teads.tv sync.teads.tv — Cisco Umbrella Rank: 1005	344 B
2	e-planning.net 1 redirects pbjs.e-planning.net — Cisco Umbrella Rank: 6033	1 KB
2	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 954	90 KB
2	zmctrack.net s.zmctrack.net — Cisco Umbrella Rank: 173556	24 KB
2	factor.ua analytics.factor.ua reactive.factor.ua	687 B
2	getsitecontrol.com l.getsitecontrol.com — Cisco Umbrella Rank: 20133	2 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 105	32 KB
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 607	534 B
1	innovid.com ag.innovid.com — Cisco Umbrella Rank: 1481	297 B
1	insightexpressai.com secure.insightexpressai.com — Cisco Umbrella Rank: 1086	2 KB
1	gemius.pl 1 redirects googlecm.hit.gemius.pl — Cisco Umbrella Rank: 7716	337 B
1	gstatic.com fonts.gstatic.com	16 KB
1	adxpremium.services rtb.adxpremium.services — Cisco Umbrella Rank: 6823	934 B
1	creativecdn.com prebid-eu.creativecdn.com — Cisco Umbrella Rank: 5802	178 B
1	adpartner.pro 1 redirects a4p.adpartner.pro — Cisco Umbrella Rank: 6183	258 B
1	trafmag.com t.trafmag.com — Cisco Umbrella Rank: 6602	351 B
1	loadercdn.net loadercdn.net — Cisco Umbrella Rank: 381661	169 B
1	jsonip.com jsonip.com — Cisco Umbrella Rank: 24062	453 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 45	1 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 431	12 KB
0	invamia.com Failed ad.invamia.com Failed
269	47

	Domain	Requested by
53	buhgalter.com.ua	1 redirects buhgalter.com.ua
17	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
16	cm.g.doubleclick.net	5 redirects googleads.g.doubleclick.net f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com
14	static.xx.fbcdn.net	www.facebook.com static.xx.fbcdn.net
11	s0.2mdn.net	buhgalter.com.ua s0.2mdn.net
11	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com googleads.g.doubleclick.net
10	fastlane.rubiconproject.com	player.adtelligent.com
7	www.google.com	buhgalter.com.ua tpc.googlesyndication.com f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com
7	cdn.gravitec.net	buhgalter.com.ua cdn.gravitec.net
6	cdn.flashtalking.com	servedby.flashtalking.com cdn.flashtalking.com f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com
6	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net buhgalter.com.ua
6	ghb.adtelligent.com	player.adtelligent.com
6	www.google.co.uk	buhgalter.com.ua
6	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com buhgalter.com.ua
6	googleads.g.doubleclick.net	www.googleadservices.com f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com buhgalter.com.ua
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	www.facebook.com	buhgalter.com.ua connect.facebook.net
5	connect.facebook.net	buhgalter.com.ua www.googletagmanager.com connect.facebook.net
4	gum.criteo.com	2 redirects static.criteo.net
4	image6.pubmatic.com	4 redirects
4	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
4	www.googletagservices.com	buhgalter.com.ua securepubads.g.doubleclick.net f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com
4	player.adtelligent.com	buhgalter.com.ua player.adtelligent.com
3	px.moatads.com	f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com
3	mug.criteo.com
3	ib.adnxs.com	1 redirects player.adtelligent.com googleads.g.doubleclick.net
3	f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	www.googletagmanager.com	buhgalter.com.ua www.googletagmanager.com
2	e.dlx.addthis.com	2 redirects
2	googleads4.g.doubleclick.net	buhgalter.com.ua
2	pixel.rubiconproject.com	2 redirects
2	rtb.openx.net	f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com
2	id.rlcdn.com	2 redirects
2	cms.quantserve.com	1 redirects f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com
2	static.criteo.net	player.adtelligent.com static.criteo.net
2	sync.teads.tv	googleads.g.doubleclick.net
2	us-u.openx.net	googleads.g.doubleclick.net
2	hbopenbid.pubmatic.com	player.adtelligent.com
2	pbjs.e-planning.net	1 redirects buhgalter.com.ua
2	adservice.google.com	securepubads.g.doubleclick.net
2	adservice.google.co.uk	securepubads.g.doubleclick.net
2	sync.adtelligent.com	1 redirects buhgalter.com.ua
2	use.fontawesome.com	buhgalter.com.ua
2	s.zmctrack.net	buhgalter.com.ua
2	l.getsitecontrol.com	buhgalter.com.ua l.getsitecontrol.com
2	www.googleadservices.com	buhgalter.com.ua www.googletagmanager.com
1	id5-sync.com	player.adtelligent.com
1	secure.flashtalking.com	f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com
1	ag.innovid.com	f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com
1	z.moatads.com	cdn.flashtalking.com
1	secure.insightexpressai.com	f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com
1	googlecm.hit.gemius.pl	1 redirects
1	servedby.flashtalking.com	f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com
1	scontent-lhr8-1.xx.fbcdn.net	www.facebook.com
1	reactive.factor.ua	cdn.jsdelivr.net
1	fonts.gstatic.com	fonts.googleapis.com
1	rtb.adxpremium.services	player.adtelligent.com
1	ghb1.adtelligent.com	player.adtelligent.com
1	prebid-eu.creativecdn.com	player.adtelligent.com
1	htlb.casalemedia.com	player.adtelligent.com
1	bidder.criteo.com	player.adtelligent.com
1	a4p.adpartner.pro	1 redirects
1	t.trafmag.com	buhgalter.com.ua
1	loadercdn.net	buhgalter.com.ua
1	analytics.google.com	www.googletagmanager.com
1	id.gravitec.net	cdn.gravitec.net
1	jsonip.com	buhgalter.com.ua
1	analytics.factor.ua	buhgalter.com.ua
1	fonts.googleapis.com	buhgalter.com.ua
1	cdn.jsdelivr.net	buhgalter.com.ua
0	ad.invamia.com Failed	securepubads.g.doubleclick.net
269	71

This site contains links to these domains. Also see Links.

Domain
i.factor.ua
factor.academy
buhgalter911.com
reklama.factor.ua
bit.ly
fit.com.ua
factor.media

Subject Issuer	Validity	Valid
buhgalter.com.ua Sectigo RSA Domain Validation Secure Server CA	`2021-11-08` - `2022-11-08`	a year	crt.sh
*.gravitec.net AlphaSSL CA - SHA256 - G2	`2022-03-22` - `2023-04-23`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-03` - `2022-07-02`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.getsitecontrol.com Go Daddy Secure Certificate Authority - G2	`2020-03-05` - `2022-05-04`	2 years	crt.sh
player.adtelligent.com R3	`2022-03-21` - `2022-06-19`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-01-08` - `2022-04-08`	3 months	crt.sh
*.factor.ua Sectigo RSA Domain Validation Secure Server CA	`2021-12-28` - `2022-12-28`	a year	crt.sh
s.zmctrack.net Sectigo RSA Domain Validation Secure Server CA	`2021-04-21` - `2022-04-25`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
jsonip.com R3	`2022-03-16` - `2022-06-14`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
www.google.co.uk GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
ghb.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2022-02-06` - `2022-05-07`	3 months	crt.sh
loadercdn.net R3	`2022-02-11` - `2022-05-12`	3 months	crt.sh
*.google.co.uk GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-04` - `2022-05-03`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-12-12` - `2022-12-13`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-17` - `2023-04-12`	a year	crt.sh
ghb1.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2022-02-09` - `2022-05-10`	3 months	crt.sh
*.adxpremium.services Sectigo RSA Domain Validation Secure Server CA	`2021-08-05` - `2022-09-05`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
teads.tv R3	`2022-03-23` - `2022-06-21`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
servedby.flashtalking.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-27` - `2023-02-24`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-02` - `2022-05-03`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.insightexpressai.com DigiCert SHA2 Secure Server CA	`2021-05-07` - `2022-05-12`	a year	crt.sh
cdn.flashtalking.com DigiCert SHA2 Secure Server CA	`2021-05-25` - `2022-06-02`	a year	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-11-27` - `2022-11-29`	a year	crt.sh
*.innovid.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-15` - `2023-04-15`	a year	crt.sh
*.id5-sync.com R3	`2022-03-08` - `2022-06-06`	3 months	crt.sh

This page contains 21 frames:

Primary Page: https://buhgalter.com.ua/
Frame ID: 8A57997E787ED66CF2F90BF6074E6597
Requests: 240 HTTP requests in this frame

Frame: https://s.zmctrack.net/z
Frame ID: 7DD94C8552FAE012BCA394D7A0CB7F94
Requests: 1 HTTP requests in this frame

Frame: https://id.gravitec.net/
Frame ID: E5AD291F635FB94707B542E56260B37F
Requests: 1 HTTP requests in this frame

Frame: https://f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 1B1FDBF31603E3E233FE0F8F645B6320
Requests: 1 HTTP requests in this frame

Frame: https://s.zmctrack.net/z
Frame ID: 2BC53458F7D73FEDD0DEAB3EF7C40157
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 6163B0973A7975910D0C56463CFA066E
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v3.2/plugins/group.php?app_id=1264355410382750&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df204d62dad21f34%26domain%3Dbuhgalter.com.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fbuhgalter.com.ua%252Ff1734d062b8e14c%26relation%3Dparent.parent&container_width=250&href=https%3A%2F%2Fwww.facebook.com%2Fgroups%2Fbuhgalter.com.ua%2F&locale=uk_UA&sdk=joey&show_metadata=false&show_social_context=true&width=250
Frame ID: 0AF6AA88685CCB24C923DD8C357B38A9
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9087745002617372A5204681316D5D21
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 143DFF695B3F343CC6D13D36F6A6F788
Requests: 2 HTTP requests in this frame

Frame: https://f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 69B29D85A2F8C2B24276F2A20C840C40
Requests: 16 HTTP requests in this frame

Frame: https://f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E7370914A1A6E64D4E17D82162D02869
Requests: 18 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst4BD39HVzc_KwCOsV9xfpe07JRdaIy6SapWLk5G3dcWdh3L14zvlrk-6y8-JNynIy1y7etwUc_K6LMRXEjW8e95dOwechAdNHO_m3mkLoS1_gnWODMCqdA0WQJRt8DsTbXtnRMQ79GpS_pCBcLmS34KOYERBWqQv2vzZLpvWSalfUWl7iOH-NR7OdBFvMw6e-sA6ifI1G05o5l2ErnSVgYoT0PM-DDiL0BVjub1oBoP0hIBgJ9ePxsyHCwxCtNpHADXTEdf-gLDmwStc2y1vS375KkgS1i3r34miSCMm4mk3wzru4EqbqIsODTaYSgZDklrtjgjpQ&sig=Cg0ArKJSzJ3SB8oABhY2EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: FA71DC1A2330722AA1B4C30058B26548
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJXmOhC6sWMYoOTswQEwAQ&v=APEucNVZqT3IY4VqhWxqFVd4DSHjLaXsLR049_GOxAfuVsKIktpN2Yl_GgX531HLfzADRmLwznjMTouUuXyOT3D-Z_9l2PtP-7hkEd4gm4q8px0PsgrWWyw31y_VllAUO5iBUAB6vQBm4BMW-8s4SZLCcyXyHjQhWyYmVJfKaRCBQhgTq97ZTqg
Frame ID: 8076455887B2A70150D73C535C717520
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPwBENm9sbICGJuaq8IBMAE&v=APEucNXHGKBFT7O-ag9ZdOY0g-uWfVqKm_GqJ3TvdwpA_vANSsAl7wMd9qYFkAkkLuB1tFM__QZmCFdORWEjyCNbo4qNLyKRbi8LD4tXSn-rSJXjJ57p9uJFbnMkRYhawMpLE-F3-2ZCOHLkGeeeLpH32gMmIGzuZicjH3d-bhxm3duq7IyrJA8
Frame ID: CB27034E47A5A2396DA6685E8B58C485
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: BCDBDF6F7BDFE1ECD7C861FB1D53BDF0
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8670EC17B8B07451BD12433FDF16F678
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 6AB1720F59CC5452B2F4EEF5F2A62778
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/6526861/1646909013501/index.html
Frame ID: 3F8493E8A980CD4A4B6C993C749ED557
Requests: 10 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=buhgalter.com.ua
Frame ID: 0D54ED539264F16ED84B0240815694D4
Requests: 2 HTTP requests in this frame

Frame: https://cdn.flashtalking.com/142462/3451573/index.html
Frame ID: AD996C4957A83A90444A87CD3BE964C8
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3AC25D81238EA1C6B76216F8084BF3A4
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Сайт для бухгалтерів бюджетних установ

Page URL History Show full URLs

http://buhgalter.com.ua/ HTTP 301
https://buhgalter.com.ua/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

269
Requests

91 %
HTTPS

46 %
IPv6

47
Domains

71
Subdomains

60
IPs

8
Countries

2876 kB
Transfer

7693 kB
Size

57
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://i.factor.ua/?utm_source=all-sites&utm_medium=top-menu&utm_campaign=from-top-menu
Title: Factor Електронні версії бухгалтерських журналів

Search URL Search Domain Scan URL

URL: https://factor.academy/?utm_source=all-sites&utm_medium=top-menu&utm_campaign=from-top-menu
Title: FactorAcademy Онлайн курси, вебінари для бухгалтера

Search URL Search Domain Scan URL

URL: https://buhgalter911.com/?utm_source=all-sites&utm_medium=top-menu&utm_campaign=from-top-menu
Title: Бухгалтер 911 Бухгалтерський облік, оподаткування, звітність

Search URL Search Domain Scan URL

URL: https://reklama.factor.ua/?utm_source=all-sites&utm_medium=top-menu&utm_campaign=from-top-menu
Title: РЕКЛАМОДАВЦЯМ

Search URL Search Domain Scan URL

URL: https://bit.ly/2Xc9ih4
Title: Відео

Search URL Search Domain Scan URL

URL: https://fit.com.ua/?utm_source=buhgalter.com.ua&utm_medium=top-menu&utm_campaign=fit-budget-2
Title: FIT-Бюджет

Search URL Search Domain Scan URL

URL: https://i.factor.ua/journals/bb/about.html
Title: Передплатити журнал

Search URL Search Domain Scan URL

URL: https://bit.ly/2TJ43qe
Title: Архів чату

Search URL Search Domain Scan URL

URL: https://factor.media/

Search URL Search Domain Scan URL

URL: https://i.factor.ua/ukr/journals/bb/

Search URL Search Domain Scan URL

URL: https://i.factor.ua/ukr/journals/ms/

Search URL Search Domain Scan URL

URL: https://i.factor.ua/ukr/journals/ot/

Search URL Search Domain Scan URL

URL: https://bit.ly/3eOTfff

Search URL Search Domain Scan URL

URL: https://bit.ly/2XoPSWH

Search URL Search Domain Scan URL

URL: https://bit.ly/2XonSCj

Search URL Search Domain Scan URL

URL: https://bit.ly/3f7scvI

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://buhgalter.com.ua/ HTTP 301
https://buhgalter.com.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 124

https://sync.adtelligent.com/csync?&redir=https%3A%2F%2Ft.trafmag.com%2Fimages%2Fimages%2F1px-matching-adtelligent.gif%3Fid%3D%7Buid%7D HTTP 302
https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=9f5d559d1786be6d

Request Chain 125

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=49030dc5-4be6-471b-bff7-26ccf201d0e9

Request Chain 141

https://pbjs.e-planning.net/pbjs/1/2e43c/1/buhgalter.com.ua/ROS?rnd=0.19515113201243262&e=728x90_0%3A728x90%2C970x90%2C1x1%2B468x60_0%3A468x60%2C610x90%2C620x90%2B160x600_0%3A160x600%2C250x600%2C250x500%2C250x250%2C240x400%2C240x500%2C250x400%2B160x600_1%3A160x600%2C250x600%2C250x500%2C250x250%2C240x400%2C240x500%2C250x400%2B970x90_0%3A970x90%2C1420x90%2C1420x180&ur=https%3A%2F%2Fbuhgalter.com.ua%2F&pbv=6.7.0-pre&ncb=1&vs=FFFFF&crs=UTF-8&fr=https%3A%2F%2Fbuhgalter.com.ua%2F&e_pubcid=f5afa93e-1b10-408c-8b14-f3a4a7634827 HTTP 302
https://pbjs.e-planning.net/hb/1/2e43c/1/buhgalter.com.ua/ROS?ct=1&r=pbjs&rnd=0.19515113201243262&e=728x90_0%3A728x90%2C970x90%2C1x1%2B468x60_0%3A468x60%2C610x90%2C620x90%2B160x600_0%3A160x600%2C250x600%2C250x500%2C250x250%2C240x400%2C240x500%2C250x400%2B160x600_1%3A160x600%2C250x600%2C250x500%2C250x250%2C240x400%2C240x500%2C250x400%2B970x90_0%3A970x90%2C1420x90%2C1420x180&ur=https%3A%2F%2Fbuhgalter.com.ua%2F&pbv=6.7.0-pre&ncb=1&vs=FFFFF&crs=UTF-8&fr=https%3A%2F%2Fbuhgalter.com.ua%2F&e_pubcid=f5afa93e-1b10-408c-8b14-f3a4a7634827

Request Chain 277

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHAm7xsh7QTqzlpLFqspUgk&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHAm7xsh7QTqzlpLFqspUgk&google_cver=1&C=1

Request Chain 278

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YkZrvuoYWiuewhWnCJ9fNQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHAm7xsh7QTqzlpLFqspUgk&google_cver=1

Request Chain 279

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEB1_XT7ALvnYtRC6Boj-gAk&google_cver=1

Request Chain 280

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTE2Njk2MzE2MjQ1NTc3OTE4Mw%3D%3D

Request Chain 281

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECRJ2aTlGcW1U6rHSgVEkRM&google_cver=1

Request Chain 283

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEPNUeR9Xdni0NEsGU-7lTGk&google_cver=1

Request Chain 299

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPJ5xp0LTbY71jKotfoLhNBBFpYYrr-xqcP06BZXukZcYifVfvnsBBieGVDNA1SK83URwxb7_Duxf9MBns_SsO0lOlni_qCW&google_gid=CAESEK2wbfU3q7unEuNsqd7AFEU&google_cver=1 HTTP 307
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCL7XmZIGEgUI6AcQAEIASnBnb29nbGVfcHVzaD1BWWc1cVBKNXhwMExUYlk3MWpLb3Rmb0xoTkJCRnBZWXJyLXhxY1AwNkJaWHVrWmNZaWZWZnZuc0JCaWVHVkROQTFTSzgzVVJ3eGI3X0R1eGY5TUJuc19Tc08wbE9sbmlfcUNX HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwdXdISjVZVGtsRTl1OEhaTms3Z3c3alBZbkxiTnRBS0xxMkU5bktUTXRmZw==&google_push

Request Chain 301

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEMBkv8rPACy1Pawq6spljXA&google_cver=1&google_push=AYg5qPJz1mIbVA1lKO9Hw_nPdrxYqxnPU7z2l17_N9IMI1kZNAqH-pJ58vCAFGxCYEmGEoCCefjORw16yr6zGK8mNlnODkCQGBFodw HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEMBkv8rPACy1Pawq6spljXA&google_cver=1&google_push=AYg5qPJz1mIbVA1lKO9Hw_nPdrxYqxnPU7z2l17_N9IMI1kZNAqH-pJ58vCAFGxCYEmGEoCCefjORw16yr6zGK8mNlnODkCQGBFodw&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=LYI1LKb2Q2GrTjk7fVpVOg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJz1mIbVA1lKO9Hw_nPdrxYqxnPU7z2l17_N9IMI1kZNAqH-pJ58vCAFGxCYEmGEoCCefjORw16yr6zGK8mNlnODkCQGBFodw

Request Chain 302

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEA7eX2GfwpkjPP9bv2t3F9I&google_cver=1&google_push=AYg5qPKjVtG6w8X4KlSQVO8jyYdnVplEOSOWDL59mTPfQOkh76n_OLLw84XBxoBuA24amYHzpyyScn8t-eWgKsmrzAuZsvh0LC_w2A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFGVUU0R0wtTC02VzA4&google_push=AYg5qPKjVtG6w8X4KlSQVO8jyYdnVplEOSOWDL59mTPfQOkh76n_OLLw84XBxoBuA24amYHzpyyScn8t-eWgKsmrzAuZsvh0LC_w2A

Request Chain 303

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEF89o8l59D4W8uBqGZl6jVY&google_cver=1&google_push=AYg5qPJPqcGxv_ahWoZ55rSvKu_m99LIB-m5zrTen0f1Vfo1PaXrW4IcpqS2mPDHDWxL7NbEHdmdbSHWUWt5dUa0q39TQc_UXXX6kg HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEF89o8l59D4W8uBqGZl6jVY&google_push=AYg5qPJPqcGxv_ahWoZ55rSvKu_m99LIB-m5zrTen0f1Vfo1PaXrW4IcpqS2mPDHDWxL7NbEHdmdbSHWUWt5dUa0q39TQc_UXXX6kg&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkZrvow8lSLu187KqcEwggAAAOgAAAIB&google_gid=CAESEF89o8l59D4W8uBqGZl6jVY&google_push=AYg5qPJPqcGxv_ahWoZ55rSvKu_m99LIB-m5zrTen0f1Vfo1PaXrW4IcpqS2mPDHDWxL7NbEHdmdbSHWUWt5dUa0q39TQc_UXXX6kg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkZrvow8lSLu187KqcEwggAAAOgAAAIB&google_gid=CAESEF89o8l59D4W8uBqGZl6jVY&google_push=AYg5qPJPqcGxv_ahWoZ55rSvKu_m99LIB-m5zrTen0f1Vfo1PaXrW4IcpqS2mPDHDWxL7NbEHdmdbSHWUWt5dUa0q39TQc_UXXX6kg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkZrvow8lSLu187KqcEwggAAAOgAAAIB&google_gid=CAESEF89o8l59D4W8uBqGZl6jVY&google_push=AYg5qPJPqcGxv_ahWoZ55rSvKu_m99LIB-m5zrTen0f1Vfo1PaXrW4IcpqS2mPDHDWxL7NbEHdmdbSHWUWt5dUa0q39TQc_UXXX6kg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkZrvow8lSLu187KqcEwggAAAOgAAAIB&google_gid=CAESEF89o8l59D4W8uBqGZl6jVY&google_push=AYg5qPJPqcGxv_ahWoZ55rSvKu_m99LIB-m5zrTen0f1Vfo1PaXrW4IcpqS2mPDHDWxL7NbEHdmdbSHWUWt5dUa0q39TQc_UXXX6kg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkZrvow8lSLu187KqcEwggAAAOgAAAIB&google_gid=CAESEF89o8l59D4W8uBqGZl6jVY&google_push=AYg5qPJPqcGxv_ahWoZ55rSvKu_m99LIB-m5zrTen0f1Vfo1PaXrW4IcpqS2mPDHDWxL7NbEHdmdbSHWUWt5dUa0q39TQc_UXXX6kg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkZrvow8lSLu187KqcEwggAAAOgAAAIB&google_gid=CAESEF89o8l59D4W8uBqGZl6jVY&google_push=AYg5qPJPqcGxv_ahWoZ55rSvKu_m99LIB-m5zrTen0f1Vfo1PaXrW4IcpqS2mPDHDWxL7NbEHdmdbSHWUWt5dUa0q39TQc_UXXX6kg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkZrvow8lSLu187KqcEwggAAAOgAAAIB&google_gid=CAESEF89o8l59D4W8uBqGZl6jVY&google_push=AYg5qPJPqcGxv_ahWoZ55rSvKu_m99LIB-m5zrTen0f1Vfo1PaXrW4IcpqS2mPDHDWxL7NbEHdmdbSHWUWt5dUa0q39TQc_UXXX6kg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkZrvow8lSLu187KqcEwggAAAOgAAAIB&google_gid=CAESEF89o8l59D4W8uBqGZl6jVY&google_push=AYg5qPJPqcGxv_ahWoZ55rSvKu_m99LIB-m5zrTen0f1Vfo1PaXrW4IcpqS2mPDHDWxL7NbEHdmdbSHWUWt5dUa0q39TQc_UXXX6kg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkZrvow8lSLu187KqcEwggAAAOgAAAIB&google_gid=CAESEF89o8l59D4W8uBqGZl6jVY&google_push=AYg5qPJPqcGxv_ahWoZ55rSvKu_m99LIB-m5zrTen0f1Vfo1PaXrW4IcpqS2mPDHDWxL7NbEHdmdbSHWUWt5dUa0q39TQc_UXXX6kg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkZrvow8lSLu187KqcEwggAAAOgAAAIB&google_gid=CAESEF89o8l59D4W8uBqGZl6jVY&google_push=AYg5qPJPqcGxv_ahWoZ55rSvKu_m99LIB-m5zrTen0f1Vfo1PaXrW4IcpqS2mPDHDWxL7NbEHdmdbSHWUWt5dUa0q39TQc_UXXX6kg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkZrvow8lSLu187KqcEwggAAAOgAAAIB&google_gid=CAESEF89o8l59D4W8uBqGZl6jVY&google_push=AYg5qPJPqcGxv_ahWoZ55rSvKu_m99LIB-m5zrTen0f1Vfo1PaXrW4IcpqS2mPDHDWxL7NbEHdmdbSHWUWt5dUa0q39TQc_UXXX6kg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkZrvow8lSLu187KqcEwggAAAOgAAAIB&google_gid=CAESEF89o8l59D4W8uBqGZl6jVY&google_push=AYg5qPJPqcGxv_ahWoZ55rSvKu_m99LIB-m5zrTen0f1Vfo1PaXrW4IcpqS2mPDHDWxL7NbEHdmdbSHWUWt5dUa0q39TQc_UXXX6kg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkZrvow8lSLu187KqcEwggAAAOgAAAIB&google_gid=CAESEF89o8l59D4W8uBqGZl6jVY&google_push=AYg5qPJPqcGxv_ahWoZ55rSvKu_m99LIB-m5zrTen0f1Vfo1PaXrW4IcpqS2mPDHDWxL7NbEHdmdbSHWUWt5dUa0q39TQc_UXXX6kg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkZrvow8lSLu187KqcEwggAAAOgAAAIB&google_gid=CAESEF89o8l59D4W8uBqGZl6jVY&google_push=AYg5qPJPqcGxv_ahWoZ55rSvKu_m99LIB-m5zrTen0f1Vfo1PaXrW4IcpqS2mPDHDWxL7NbEHdmdbSHWUWt5dUa0q39TQc_UXXX6kg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkZrvow8lSLu187KqcEwggAAAOgAAAIB&google_gid=CAESEF89o8l59D4W8uBqGZl6jVY&google_push=AYg5qPJPqcGxv_ahWoZ55rSvKu_m99LIB-m5zrTen0f1Vfo1PaXrW4IcpqS2mPDHDWxL7NbEHdmdbSHWUWt5dUa0q39TQc_UXXX6kg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkZrvow8lSLu187KqcEwggAAAOgAAAIB&google_gid=CAESEF89o8l59D4W8uBqGZl6jVY&google_push=AYg5qPJPqcGxv_ahWoZ55rSvKu_m99LIB-m5zrTen0f1Vfo1PaXrW4IcpqS2mPDHDWxL7NbEHdmdbSHWUWt5dUa0q39TQc_UXXX6kg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkZrvow8lSLu187KqcEwggAAAOgAAAIB&google_gid=CAESEF89o8l59D4W8uBqGZl6jVY&google_push=AYg5qPJPqcGxv_ahWoZ55rSvKu_m99LIB-m5zrTen0f1Vfo1PaXrW4IcpqS2mPDHDWxL7NbEHdmdbSHWUWt5dUa0q39TQc_UXXX6kg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkZrvow8lSLu187KqcEwggAAAOgAAAIB&google_gid=CAESEF89o8l59D4W8uBqGZl6jVY&google_push=AYg5qPJPqcGxv_ahWoZ55rSvKu_m99LIB-m5zrTen0f1Vfo1PaXrW4IcpqS2mPDHDWxL7NbEHdmdbSHWUWt5dUa0q39TQc_UXXX6kg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkZrvow8lSLu187KqcEwggAAAOgAAAIB&google_gid=CAESEF89o8l59D4W8uBqGZl6jVY&google_push=AYg5qPJPqcGxv_ahWoZ55rSvKu_m99LIB-m5zrTen0f1Vfo1PaXrW4IcpqS2mPDHDWxL7NbEHdmdbSHWUWt5dUa0q39TQc_UXXX6kg&google_cver=1

Request Chain 304

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEMy_ZaAufbMXhKw3kBMC4V8&google_cver=1&google_push=AYg5qPLZiy6iFEZ3h0xQTqlJCfVnDuVAc6Zj4JlB3Y7_aW7rRhoLOOyP67lAhksR4JF8fQqnemeBt6hs9wrqVggN-ttWL-eRgVSF9w HTTP 301
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPLZiy6iFEZ3h0xQTqlJCfVnDuVAc6Zj4JlB3Y7_aW7rRhoLOOyP67lAhksR4JF8fQqnemeBt6hs9wrqVggN-ttWL-eRgVSF9w&google_hm=

Request Chain 325

https://gum.criteo.com/sid/json?origin=publishertag&domain=buhgalter.com.ua&sn=ChromeSyncframe&so=0&topUrl=buhgalter.com.ua&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=cJNH63wrdzFLNjAxL1RjWVU4NnBsOVQ3RzFpUkM2VWNBWjFIVnhsQWVtZnNpaGlyWXJSRUZLVjAvTnBWQjFTVG8zb0tVbmU4ZVRtYmJsamwvOEpkMEFxRW45OTdFYjN5SHdNaW54YUpXSUdOOHJwVnhCUituT2xXYmt6RnBLbU5sT0hzekh0YjdwbXhrbEVJY1Z0eTJhUlFtekd2QlZHN1RZdGwwSzBEK0xUczV3RGdFREZmNVBrVHVUY1ZpOWovZ1BpWWM5aWltSnZ6eThNalFZaHZvNzBZR1lhR3R0d2pzTk1KVktTcFNraUVJeUR3aExUZUc5WUJRdVIzU2loZ1lVTE9nU29ubnVJNmlSek9jNEpaYnFYeHExQT09fA&cppv=2

Request Chain 334

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESELANwllJQZIk0wA6IXVCDfc&google_cver=1&google_push=AYg5qPJz9-_56j3SKTQGIeVvABOylmcKpEqGbeiP8y6PO5hAfdyrWiAAV2lUL7kt6fOeeK0IiyLPw9aOckondFe8QNAy0pfh1zzL HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPJz9-_56j3SKTQGIeVvABOylmcKpEqGbeiP8y6PO5hAfdyrWiAAV2lUL7kt6fOeeK0IiyLPw9aOckondFe8QNAy0pfh1zzL&google_hm=df9DmtaNYd8BrKzjQlVmQg

Request Chain 335

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPJXygabmUeAPbM3DsH4sspabCu9f_q8j9WBA9-Nnq1HdcrFdSjOt5tIVGWdBPTZuZzB7DTKWUjIzstpryYHgt2HKPVrjIcr&google_gid=CAESELjenm_yPhNT0hMBDEfQIDA&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPJXygabmUeAPbM3DsH4sspabCu9f_q8j9WBA9-Nnq1HdcrFdSjOt5tIVGWdBPTZuZzB7DTKWUjIzstpryYHgt2HKPVrjIcr&google_gid=CAESELjenm_yPhNT0hMBDEfQIDA&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA0MDEwMzA0MzEwMDA2ODMzNTM0NjE0MA%3D%3D&google_push=AYg5qPJXygabmUeAPbM3DsH4sspabCu9f_q8j9WBA9-Nnq1HdcrFdSjOt5tIVGWdBPTZuZzB7DTKWUjIzstpryYHgt2HKPVrjIcr

Request Chain 337

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEMBkv8rPACy1Pawq6spljXA&google_cver=1&google_push=AYg5qPKKyeyeQicJrnA_micJPx-QZpAycg_Rj5jaKwoirwAI96hE6jBkAc_cm0W-VDrOizGdBzu9wQ16h7M3_1jJfEZedc1Cqpid HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEMBkv8rPACy1Pawq6spljXA&google_cver=1&google_push=AYg5qPKKyeyeQicJrnA_micJPx-QZpAycg_Rj5jaKwoirwAI96hE6jBkAc_cm0W-VDrOizGdBzu9wQ16h7M3_1jJfEZedc1Cqpid&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=xW0Ji2pFSTW_UIhVn8Elmw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKKyeyeQicJrnA_micJPx-QZpAycg_Rj5jaKwoirwAI96hE6jBkAc_cm0W-VDrOizGdBzu9wQ16h7M3_1jJfEZedc1Cqpid

Request Chain 338

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEA7eX2GfwpkjPP9bv2t3F9I&google_cver=1&google_push=AYg5qPIiAJeNeseUahtmST7XmbER8UwJl7_idZaSWMhdc36-4OEw2ituGjunCa6_1MCBNI_EdHn03DO9SOFtYLjELK3T1eUnlgHr HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFGVUU0R0wtTC02VzA4&google_push=AYg5qPIiAJeNeseUahtmST7XmbER8UwJl7_idZaSWMhdc36-4OEw2ituGjunCa6_1MCBNI_EdHn03DO9SOFtYLjELK3T1eUnlgHr

Request Chain 339

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEF89o8l59D4W8uBqGZl6jVY&google_cver=1&google_push=AYg5qPJ025eR6tvKbh7Dobu1f36sRMwHaVFif6dORm_zsYuT-ewPUiz-eGXGHm-RFiY0Yz_DTJ7rAv3dsDY3Ofd6G2z8p0dxSrzv HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkZrvow8lSLu187KqcEwggAAAOgAAAIB&google_cver=1&google_gid=CAESEF89o8l59D4W8uBqGZl6jVY&google_push=AYg5qPJ025eR6tvKbh7Dobu1f36sRMwHaVFif6dORm_zsYuT-ewPUiz-eGXGHm-RFiY0Yz_DTJ7rAv3dsDY3Ofd6G2z8p0dxSrzv HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkZrvow8lSLu187KqcEwggAAAOgAAAIB&google_cver=1&google_gid=CAESEF89o8l59D4W8uBqGZl6jVY&google_push=AYg5qPJ025eR6tvKbh7Dobu1f36sRMwHaVFif6dORm_zsYuT-ewPUiz-eGXGHm-RFiY0Yz_DTJ7rAv3dsDY3Ofd6G2z8p0dxSrzv HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkZrvow8lSLu187KqcEwggAAAOgAAAIB&google_cver=1&google_gid=CAESEF89o8l59D4W8uBqGZl6jVY&google_push=AYg5qPJ025eR6tvKbh7Dobu1f36sRMwHaVFif6dORm_zsYuT-ewPUiz-eGXGHm-RFiY0Yz_DTJ7rAv3dsDY3Ofd6G2z8p0dxSrzv HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkZrvow8lSLu187KqcEwggAAAOgAAAIB&google_cver=1&google_gid=CAESEF89o8l59D4W8uBqGZl6jVY&google_push=AYg5qPJ025eR6tvKbh7Dobu1f36sRMwHaVFif6dORm_zsYuT-ewPUiz-eGXGHm-RFiY0Yz_DTJ7rAv3dsDY3Ofd6G2z8p0dxSrzv HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkZrvow8lSLu187KqcEwggAAAOgAAAIB&google_cver=1&google_gid=CAESEF89o8l59D4W8uBqGZl6jVY&google_push=AYg5qPJ025eR6tvKbh7Dobu1f36sRMwHaVFif6dORm_zsYuT-ewPUiz-eGXGHm-RFiY0Yz_DTJ7rAv3dsDY3Ofd6G2z8p0dxSrzv HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkZrvow8lSLu187KqcEwggAAAOgAAAIB&google_cver=1&google_gid=CAESEF89o8l59D4W8uBqGZl6jVY&google_push=AYg5qPJ025eR6tvKbh7Dobu1f36sRMwHaVFif6dORm_zsYuT-ewPUiz-eGXGHm-RFiY0Yz_DTJ7rAv3dsDY3Ofd6G2z8p0dxSrzv HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkZrvow8lSLu187KqcEwggAAAOgAAAIB&google_cver=1&google_gid=CAESEF89o8l59D4W8uBqGZl6jVY&google_push=AYg5qPJ025eR6tvKbh7Dobu1f36sRMwHaVFif6dORm_zsYuT-ewPUiz-eGXGHm-RFiY0Yz_DTJ7rAv3dsDY3Ofd6G2z8p0dxSrzv HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkZrvow8lSLu187KqcEwggAAAOgAAAIB&google_cver=1&google_gid=CAESEF89o8l59D4W8uBqGZl6jVY&google_push=AYg5qPJ025eR6tvKbh7Dobu1f36sRMwHaVFif6dORm_zsYuT-ewPUiz-eGXGHm-RFiY0Yz_DTJ7rAv3dsDY3Ofd6G2z8p0dxSrzv HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkZrvow8lSLu187KqcEwggAAAOgAAAIB&google_cver=1&google_gid=CAESEF89o8l59D4W8uBqGZl6jVY&google_push=AYg5qPJ025eR6tvKbh7Dobu1f36sRMwHaVFif6dORm_zsYuT-ewPUiz-eGXGHm-RFiY0Yz_DTJ7rAv3dsDY3Ofd6G2z8p0dxSrzv HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkZrvow8lSLu187KqcEwggAAAOgAAAIB&google_cver=1&google_gid=CAESEF89o8l59D4W8uBqGZl6jVY&google_push=AYg5qPJ025eR6tvKbh7Dobu1f36sRMwHaVFif6dORm_zsYuT-ewPUiz-eGXGHm-RFiY0Yz_DTJ7rAv3dsDY3Ofd6G2z8p0dxSrzv HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkZrvow8lSLu187KqcEwggAAAOgAAAIB&google_cver=1&google_gid=CAESEF89o8l59D4W8uBqGZl6jVY&google_push=AYg5qPJ025eR6tvKbh7Dobu1f36sRMwHaVFif6dORm_zsYuT-ewPUiz-eGXGHm-RFiY0Yz_DTJ7rAv3dsDY3Ofd6G2z8p0dxSrzv HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkZrvow8lSLu187KqcEwggAAAOgAAAIB&google_cver=1&google_gid=CAESEF89o8l59D4W8uBqGZl6jVY&google_push=AYg5qPJ025eR6tvKbh7Dobu1f36sRMwHaVFif6dORm_zsYuT-ewPUiz-eGXGHm-RFiY0Yz_DTJ7rAv3dsDY3Ofd6G2z8p0dxSrzv HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkZrvow8lSLu187KqcEwggAAAOgAAAIB&google_cver=1&google_gid=CAESEF89o8l59D4W8uBqGZl6jVY&google_push=AYg5qPJ025eR6tvKbh7Dobu1f36sRMwHaVFif6dORm_zsYuT-ewPUiz-eGXGHm-RFiY0Yz_DTJ7rAv3dsDY3Ofd6G2z8p0dxSrzv HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkZrvow8lSLu187KqcEwggAAAOgAAAIB&google_cver=1&google_gid=CAESEF89o8l59D4W8uBqGZl6jVY&google_push=AYg5qPJ025eR6tvKbh7Dobu1f36sRMwHaVFif6dORm_zsYuT-ewPUiz-eGXGHm-RFiY0Yz_DTJ7rAv3dsDY3Ofd6G2z8p0dxSrzv HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkZrvow8lSLu187KqcEwggAAAOgAAAIB&google_cver=1&google_gid=CAESEF89o8l59D4W8uBqGZl6jVY&google_push=AYg5qPJ025eR6tvKbh7Dobu1f36sRMwHaVFif6dORm_zsYuT-ewPUiz-eGXGHm-RFiY0Yz_DTJ7rAv3dsDY3Ofd6G2z8p0dxSrzv HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkZrvow8lSLu187KqcEwggAAAOgAAAIB&google_cver=1&google_gid=CAESEF89o8l59D4W8uBqGZl6jVY&google_push=AYg5qPJ025eR6tvKbh7Dobu1f36sRMwHaVFif6dORm_zsYuT-ewPUiz-eGXGHm-RFiY0Yz_DTJ7rAv3dsDY3Ofd6G2z8p0dxSrzv HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkZrvow8lSLu187KqcEwggAAAOgAAAIB&google_cver=1&google_gid=CAESEF89o8l59D4W8uBqGZl6jVY&google_push=AYg5qPJ025eR6tvKbh7Dobu1f36sRMwHaVFif6dORm_zsYuT-ewPUiz-eGXGHm-RFiY0Yz_DTJ7rAv3dsDY3Ofd6G2z8p0dxSrzv HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkZrvow8lSLu187KqcEwggAAAOgAAAIB&google_cver=1&google_gid=CAESEF89o8l59D4W8uBqGZl6jVY&google_push=AYg5qPJ025eR6tvKbh7Dobu1f36sRMwHaVFif6dORm_zsYuT-ewPUiz-eGXGHm-RFiY0Yz_DTJ7rAv3dsDY3Ofd6G2z8p0dxSrzv HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkZrvow8lSLu187KqcEwggAAAOgAAAIB&google_cver=1&google_gid=CAESEF89o8l59D4W8uBqGZl6jVY&google_push=AYg5qPJ025eR6tvKbh7Dobu1f36sRMwHaVFif6dORm_zsYuT-ewPUiz-eGXGHm-RFiY0Yz_DTJ7rAv3dsDY3Ofd6G2z8p0dxSrzv HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkZrvow8lSLu187KqcEwggAAAOgAAAIB&google_cver=1&google_gid=CAESEF89o8l59D4W8uBqGZl6jVY&google_push=AYg5qPJ025eR6tvKbh7Dobu1f36sRMwHaVFif6dORm_zsYuT-ewPUiz-eGXGHm-RFiY0Yz_DTJ7rAv3dsDY3Ofd6G2z8p0dxSrzv

Request Chain 353

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fbuhgalter.com.ua%2F&domain=buhgalter.com.ua&cw=1&pbt=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=QEvlhnxENSsrTzZNcFN2TDFDQVY2RWpOYTBoc2ZESkpWSWZqQU8wT1U4dERMdTg5anJPdWVEVVhCakN6OEZFanNtSlQwTlpaemVxUkNqdUhVVVNGL3hXMkNMNTdMRFJ4dVV4MS9HOHRCT0J2SXprSGl6Z3BvMzM5R2dVYWNmd0JleVZLclJBYS84YlNWbWhlOXBoWmYwczF3dlhIWDQwekt5dnBubFVxKzR2QnY5ZHd4ajV1V2JnTVA3ajNzZWJtVGVpVS9neHdhZnRFWTdNaFMza1ltQytNSUVmUFozSm5vRm5ZYnkvemdSejRTSCtuSE5TTy8zcTdPSUtXN0NHYWhuSUN4R2JZNTFzcFl1NDJmWmNPRzMxYVBOZz09fA&cppv=2

269 HTTP transactions
89 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
buhgalter.com.ua/
Redirect Chain

http://buhgalter.com.ua/
https://buhgalter.com.ua/

144 KB
38 KB

231ms
147ms

Document
text/html

136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL

https://buhgalter.com.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

136.144.183.196 Zoetermeer, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),

Reverse DNS

136-144-183-196.colo.transip.net

Software

nginx /

Resource Hash

9abc711251b1d5c2d93f34ff71a32b27cbd7002b3a15411ac13f210b6428a6dc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=15768000; includeSubdomains;
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cache-control: no-store, no-cache, must-revalidate, max-age=0 no-transform
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Fri, 01 Apr 2022 03:04:26 GMT
expires: Fri, 01 Apr 2022 04:04:26 GMT
last-modified: Thu, 28 May 2020 12:12:45 GMT
server: nginx
strict-transport-security: max-age=15768000; includeSubdomains;
vary: Accept-Encoding
x-content-type-options: nosniff nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block 1; mode=block

Redirect headers

Connection: Keep-Alive
Content-Length: 233
Content-Type: text/html; charset=iso-8859-1
Date: Fri, 01 Apr 2022 03:04:26 GMT
Keep-Alive: timeout=5, max=100
Location: https://buhgalter.com.ua/
Server: Apache
Strict-Transport-Security: max-age=15768000; includeSubdomains;
x-xss-protection: 1; mode=block

GET
H2 200 jquery.min.js Show response
buhgalter.com.ua/assets/templates/base/js/ 94 KB
33 KB 85ms
85ms Script
application/javascript 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://buhgalter.com.ua/assets/templates/base/js/jquery.min.js?1548420380
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Zoetermeer, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:04:26 GMT
content-encoding: gzip
last-modified: Fri, 25 Jan 2019 12:46:20 GMT
server: nginx
etag: W/"5c4b051c-1762a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1209600, public, no-transform
expires: Fri, 15 Apr 2022 03:04:26 GMT

GET
H2 200 client.js Show response
cdn.gravitec.net/storage/c77ccd81f8480b85adc1e41419254e96/ 64 KB
18 KB 211ms
95ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.net/storage/c77ccd81f8480b85adc1e41419254e96/client.js
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: b272da8532a2532b094eb8b01d0c38fac4cb5cbc2a48e620f40cdf886db497a1

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:04:26 GMT
content-encoding: gzip
last-modified: Wed, 02 Feb 2022 09:05:19 GMT
server: nginx
etag: W/"61fa494f-100fb"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Wed, 02 Feb 2022 09:10:07 GMT
cache-control: max-age=10
x-proxy-cache: REVALIDATED

GET
H2 200 subscribe_form.css
buhgalter.com.ua/assets/templates/base/css/ 2 KB
784 B 89ms
89ms Stylesheet
text/css 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://buhgalter.com.ua/assets/templates/base/css/subscribe_form.css?1562068831
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Zoetermeer, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: f7ec9f64994c0f12acd8ab801d6709a5373b161d22752d64c316fc4dc6b04026

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:04:26 GMT
content-encoding: gzip
last-modified: Tue, 02 Jul 2019 12:00:31 GMT
server: nginx
etag: W/"5d1b475f-656"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1209600, public, no-transform
expires: Fri, 15 Apr 2022 03:04:26 GMT

GET
H2 200 newsinfocus.css
buhgalter.com.ua/assets/templates/base/css/ 12 KB
6 KB 89ms
89ms Stylesheet
text/css 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://buhgalter.com.ua/assets/templates/base/css/newsinfocus.css?v=20210222
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Zoetermeer, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: a4f9fa103935fadea54ea87412c9697a65d9545e2b4d67b3b3f984590c1f0dea

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:04:26 GMT
content-encoding: gzip
last-modified: Thu, 19 Aug 2021 06:46:08 GMT
server: nginx
etag: W/"611dfe30-2fc1"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1209600, public, no-transform
expires: Fri, 15 Apr 2022 03:04:26 GMT

GET
H2 200 main.js Show response
buhgalter.com.ua/assets/templates/base/js/ 28 KB
8 KB 102ms
102ms Script
application/javascript 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://buhgalter.com.ua/assets/templates/base/js/main.js?1633614701
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Zoetermeer, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: 7d68bf16f9dfd99f7fa09fc4a5eecdac68c35c88acd20d442c69715e0e125ef6

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:04:26 GMT
content-encoding: gzip
last-modified: Thu, 07 Oct 2021 13:51:41 GMT
server: nginx
etag: W/"615efb6d-6ff4"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1209600, public, no-transform
expires: Fri, 15 Apr 2022 03:04:26 GMT

GET
H2 200 advert.js Show response
buhgalter.com.ua/assets/templates/base/js/ 2 KB
1 KB 102ms
102ms Script
application/javascript 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://buhgalter.com.ua/assets/templates/base/js/advert.js?1482134876
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Zoetermeer, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: 22ef740962bc0b112be9cf31438b5f65689bee5ea052a5538cf05d959cd4d96c

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:04:26 GMT
content-encoding: gzip
last-modified: Mon, 19 Dec 2016 08:07:56 GMT
server: nginx
etag: W/"5857955c-947"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1209600, public, no-transform
expires: Fri, 15 Apr 2022 03:04:26 GMT

GET
H2 200 custom_branding.css
buhgalter.com.ua/assets/templates/base/css/ 2 KB
798 B 89ms
89ms Stylesheet
text/css 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://buhgalter.com.ua/assets/templates/base/css/custom_branding.css?1645010085
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Zoetermeer, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: 3061a71d8be14bbf325156cea941da0e53ef184eef60c14331e15b4145b4dc7e

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:04:26 GMT
content-encoding: gzip
last-modified: Wed, 16 Feb 2022 11:14:45 GMT
server: nginx
etag: W/"620cdca5-90d"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1209600, public, no-transform
expires: Fri, 15 Apr 2022 03:04:26 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 211ms
73ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-35985798-1

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

314627072eed744a7751f13b4060fe6c5510437b8376bbeb9e3f00bc14c80953

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:04:27 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38091
x-xss-protection: 0
expires: Fri, 01 Apr 2022 03:04:27 GMT

GET
H2 200 config_accounts.js Show response
buhgalter.com.ua/assets/templates/base/js/ 676 B
885 B 102ms
102ms Script
application/javascript 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://buhgalter.com.ua/assets/templates/base/js/config_accounts.js
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Zoetermeer, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: a84684c392beb111f1ffc575860f0fd182e14aa8953829b5655a90cf5094e898

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:04:26 GMT
last-modified: Thu, 11 Nov 2021 09:07:41 GMT
server: nginx
etag: "618cdd5d-2a4"
content-type: application/javascript
cache-control: max-age=1209600, public, no-transform
accept-ranges: bytes
content-length: 676
expires: Fri, 15 Apr 2022 03:04:26 GMT

GET
H2 200 all-sites.js Show response
buhgalter.com.ua/assets/templates/base/js/ 31 KB
7 KB 104ms
100ms Script
application/javascript 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://buhgalter.com.ua/assets/templates/base/js/all-sites.js?v=18012022
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Zoetermeer, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: 44efff41d0d15b2c8a71e9b0363c1da9b56af5b022813522d3495f6bccc29855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:04:26 GMT
content-encoding: gzip
last-modified: Tue, 18 Jan 2022 07:37:42 GMT
server: nginx
etag: W/"61e66e46-7beb"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1209600, public, no-transform
expires: Fri, 15 Apr 2022 03:04:26 GMT

GET
H2 200 buy-access.css
buhgalter.com.ua/assets/templates/base/css/ 14 KB
3 KB 58ms
57ms Stylesheet
text/css 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://buhgalter.com.ua/assets/templates/base/css/buy-access.css?v=20210310-5799
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Zoetermeer, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: 311f12283591ddf862c5164f47f2b1cff87aa739385d785b9a7d37f61dfbf5f3

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:04:26 GMT
content-encoding: gzip
last-modified: Thu, 29 Apr 2021 07:26:39 GMT
server: nginx
etag: W/"608a5faf-39e0"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1209600, public, no-transform
expires: Fri, 15 Apr 2022 03:04:26 GMT

GET
H2 200 subscribe_form_newsone.css
buhgalter.com.ua/assets/templates/base/css/ 7 KB
2 KB 59ms
58ms Stylesheet
text/css 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://buhgalter.com.ua/assets/templates/base/css/subscribe_form_newsone.css?v=20210423
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Zoetermeer, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: f4a200874570c195f6c49b82b17fe002032c87eb697b19c70f5c049b32bb2b91

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:04:26 GMT
content-encoding: gzip
last-modified: Fri, 30 Apr 2021 08:01:23 GMT
server: nginx
etag: W/"608bb953-1b04"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1209600, public, no-transform
expires: Fri, 15 Apr 2022 03:04:26 GMT

GET
H2 200 env_icon.png
buhgalter.com.ua/assets/templates/base/images/ 749 B
949 B 104ms
100ms Image
image/png 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buhgalter.com.ua/assets/templates/base/images/env_icon.png
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Zoetermeer, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: b31fe2b6af2b697209125a16140b060c511bdec34f3ea28c8c56976beacdaefb

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:04:26 GMT
last-modified: Mon, 13 Apr 2020 08:20:47 GMT
server: nginx
etag: "5e9420df-2ed"
content-type: image/png
cache-control: max-age=1209600, public, no-transform
accept-ranges: bytes
content-length: 749
expires: Fri, 15 Apr 2022 03:04:26 GMT

GET
H2 200 sockjs.min.js Show response
cdn.jsdelivr.net/sockjs/0.3.4/ 33 KB
12 KB 175ms
64ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/sockjs/0.3.4/sockjs.min.js

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4b6d898c081feaaf31175668b7a4837cf08ee6480fce388cbb93fc710646d07

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:04:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 925497
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19169-FRA, cache-lcy19243-LCY
timing-allow-origin: *
server: cloudflare
etag: W/"845f-2xqGtL6IkSLNx0THukpBdUC8xho"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6f4e18f0fe1f4052-LHR

GET
H2 200 factor-logo-green.png
buhgalter.com.ua/assets/templates/base/images/ 2 KB
2 KB 104ms
100ms Image
image/png 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buhgalter.com.ua/assets/templates/base/images/factor-logo-green.png
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Zoetermeer, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: f8636f840e55868b04f7621502a452351269ffd7ce2fa600c15dda7fafb66da0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:04:26 GMT
last-modified: Wed, 26 Feb 2020 09:05:33 GMT
server: nginx
etag: "5e5634dd-92e"
content-type: image/png
cache-control: max-age=1209600, public, no-transform
accept-ranges: bytes
content-length: 2350
expires: Fri, 15 Apr 2022 03:04:26 GMT

GET
H2 200 bb.jpg
buhgalter.com.ua/upload/banners/journals-31-08-18/ 16 KB
16 KB 105ms
102ms Image
image/jpeg 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buhgalter.com.ua/upload/banners/journals-31-08-18/bb.jpg
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Zoetermeer, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: b5cfb2ebe32805d7643546c8906515cd6f8c70f29597fb9abaf46e029044c496

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:04:26 GMT
last-modified: Mon, 22 Nov 2021 14:55:39 GMT
server: nginx
etag: "619baf6b-407a"
content-type: image/jpeg
cache-control: max-age=1209600, public, no-transform
accept-ranges: bytes
content-length: 16506
expires: Fri, 15 Apr 2022 03:04:26 GMT

GET
H2 200 ms-new-min.jpg
buhgalter.com.ua/assets/templates/base/images/pub/ 5 KB
5 KB 105ms
103ms Image
image/jpeg 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buhgalter.com.ua/assets/templates/base/images/pub/ms-new-min.jpg
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Zoetermeer, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: 59930862af8eeece2cdac39829c922e109f0eebed8049ae6229ad25deb8089f0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:04:26 GMT
last-modified: Fri, 02 Jul 2021 08:41:50 GMT
server: nginx
etag: "60ded14e-125d"
content-type: image/jpeg
cache-control: max-age=1209600, public, no-transform
accept-ranges: bytes
content-length: 4701
expires: Fri, 15 Apr 2022 03:04:26 GMT

GET
H2 200 b-com-min.jpg
buhgalter.com.ua/assets/templates/base/images/ 5 KB
5 KB 106ms
103ms Image
image/jpeg 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buhgalter.com.ua/assets/templates/base/images/b-com-min.jpg
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Zoetermeer, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: 24bbe137f237a6630db0061ede2daa44c062a28761b6c5375653a26a45a8dc6f

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:04:26 GMT
last-modified: Wed, 26 May 2021 16:52:25 GMT
server: nginx
etag: "60ae7cc9-145f"
content-type: image/jpeg
cache-control: max-age=1209600, public, no-transform
accept-ranges: bytes
content-length: 5215
expires: Fri, 15 Apr 2022 03:04:26 GMT

GET
H2 200 bb-min.png
buhgalter.com.ua/assets/templates/base/images/ 6 KB
6 KB 113ms
110ms Image
image/png 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buhgalter.com.ua/assets/templates/base/images/bb-min.png
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Zoetermeer, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: e1b794cc9478098a88362aeb9c2ee3c0f84a4c55d1eb34d72f5b41dc0c602ad5

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:04:26 GMT
last-modified: Fri, 06 Apr 2018 11:16:36 GMT
server: nginx
etag: "5ac75714-16ea"
content-type: image/png
cache-control: max-age=1209600, public, no-transform
accept-ranges: bytes
content-length: 5866
expires: Fri, 15 Apr 2022 03:04:26 GMT

GET
H2 200 privat.svg
buhgalter.com.ua/assets/templates/base/images/footer_icons/ 531 B
735 B 113ms
111ms Image
image/svg+xml 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buhgalter.com.ua/assets/templates/base/images/footer_icons/privat.svg
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Zoetermeer, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: bda57657e18fe9533bbcc9e1aee5f305fd6c19f271b478639b9f25455dd27ce6

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:04:26 GMT
last-modified: Fri, 10 Sep 2021 06:22:12 GMT
server: nginx
etag: "613af994-213"
content-type: image/svg+xml
cache-control: max-age=1209600, public, no-transform
accept-ranges: bytes
content-length: 531
expires: Fri, 15 Apr 2022 03:04:26 GMT

GET
H2 200 visa.svg
buhgalter.com.ua/assets/templates/base/images/footer_icons/ 1 KB
966 B 113ms
111ms Image
image/svg+xml 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buhgalter.com.ua/assets/templates/base/images/footer_icons/visa.svg
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Zoetermeer, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: 3a4529b12c7684943d7612770b24292a5a5cf199e1ad370eff2c56a53f56461a

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:04:26 GMT
content-encoding: gzip
last-modified: Fri, 10 Sep 2021 06:22:12 GMT
server: nginx
etag: W/"613af994-55a"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=1209600, public, no-transform
expires: Fri, 15 Apr 2022 03:04:26 GMT

GET
H2 200 mastercard.svg
buhgalter.com.ua/assets/templates/base/images/footer_icons/ 3 KB
1 KB 113ms
111ms Image
image/svg+xml 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buhgalter.com.ua/assets/templates/base/images/footer_icons/mastercard.svg
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Zoetermeer, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: 90b2c189be5f0290cd8d7003c28c08de7df1eb1d6240b24f699fc75a4132b70e

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:04:26 GMT
content-encoding: gzip
last-modified: Fri, 10 Sep 2021 06:22:12 GMT
server: nginx
etag: W/"613af994-cf1"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=1209600, public, no-transform
expires: Fri, 15 Apr 2022 03:04:26 GMT

GET
H2 200 logo_web.gif
buhgalter.com.ua/assets/templates/base/images/ 35 KB
35 KB 115ms
113ms Image
image/gif 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buhgalter.com.ua/assets/templates/base/images/logo_web.gif
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Zoetermeer, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: be625afbc485e960e06e97f06fd611767c597ec27ec976a899408074d2a78078

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:04:26 GMT
last-modified: Fri, 25 Mar 2016 08:11:53 GMT
server: nginx
etag: "56f4f2c9-8bb4"
content-type: image/gif
cache-control: max-age=1209600, public, no-transform
accept-ranges: bytes
content-length: 35764
expires: Fri, 15 Apr 2022 03:04:26 GMT

GET
H2 404 js.cookie.min.js
buhgalter.com.ua/assets/templates/base/js/ 0
0 53ms
53ms Script
text/html 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://buhgalter.com.ua/assets/templates/base/js/js.cookie.min.js
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Zoetermeer, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:04:26 GMT
server: nginx
content-length: 548
content-type: text/html

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ 44 KB
17 KB 209ms
72ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

42a19d98efbb64845bf7ea7482fc3a852d0c8de8b5bdf2cbb781630ad76f3482

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:04:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17208
x-xss-protection: 0
server: cafe
etag: 9595178060056202161
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 01 Apr 2022 03:04:27 GMT

GET
H2 200 chat2.js Show response
buhgalter.com.ua/assets/templates/base/chat/js/ 14 KB
5 KB 160ms
158ms Script
application/javascript 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://buhgalter.com.ua/assets/templates/base/chat/js/chat2.js?1575636222
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Zoetermeer, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: 2794e4bee8b85e3e25f439d6e2eff996da14eee39f04ccd2ab65436562be1fe9

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:04:26 GMT
content-encoding: gzip
last-modified: Fri, 06 Dec 2019 12:43:42 GMT
server: nginx
etag: W/"5dea4cfe-375c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1209600, public, no-transform
expires: Fri, 15 Apr 2022 03:04:26 GMT

GET
H2 200 favorites.js Show response
buhgalter.com.ua/assets/templates/base/js/ 5 KB
1 KB 57ms
57ms Script
application/javascript 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://buhgalter.com.ua/assets/templates/base/js/favorites.js?1549530983
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Zoetermeer, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: b044100db87d9ea6f2baea5b4c2cacbd92d3f76a8fb521cdcddca8c26c196c1f

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:04:26 GMT
content-encoding: gzip
last-modified: Thu, 07 Feb 2019 09:16:23 GMT
server: nginx
etag: W/"5c5bf767-140a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1209600, public, no-transform
expires: Fri, 15 Apr 2022 03:04:26 GMT

GET
H2 200 ads_remove_popup.js Show response
buhgalter.com.ua/assets/templates/base/js/ 3 KB
1 KB 57ms
57ms Script
application/javascript 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://buhgalter.com.ua/assets/templates/base/js/ads_remove_popup.js?1551773669
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Zoetermeer, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: 060bb8520b20eb55d3627c997fb70a310ee7340fca81019d845ec4d411f1f28d

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:04:26 GMT
content-encoding: gzip
last-modified: Tue, 05 Mar 2019 08:14:29 GMT
server: nginx
etag: W/"5c7e2fe5-c04"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1209600, public, no-transform
expires: Fri, 15 Apr 2022 03:04:26 GMT

GET
H2 200 analytics.js Show response
buhgalter.com.ua/assets/templates/base/js/ 9 KB
2 KB 58ms
57ms Script
application/javascript 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://buhgalter.com.ua/assets/templates/base/js/analytics.js?1626441437
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Zoetermeer, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: d80bd54f6f01cdaa4f9b4bf238a45def7223316f3613971da9a6a417c62b5364

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:04:26 GMT
content-encoding: gzip
last-modified: Fri, 16 Jul 2021 13:17:17 GMT
server: nginx
etag: W/"60f186dd-22ed"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1209600, public, no-transform
expires: Fri, 15 Apr 2022 03:04:26 GMT

GET
H2 200 content_breaker.js Show response
buhgalter.com.ua/assets/templates/base/js/ 785 B
994 B 58ms
58ms Script
application/javascript 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://buhgalter.com.ua/assets/templates/base/js/content_breaker.js?1638465638
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Zoetermeer, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: aac16f954d581bdc9117839285ab45c1e9c71133dbdf18d0e72f420f18d99f13

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:04:26 GMT
last-modified: Thu, 02 Dec 2021 17:20:38 GMT
server: nginx
etag: "61a90066-311"
content-type: application/javascript
cache-control: max-age=1209600, public, no-transform
accept-ranges: bytes
content-length: 785
expires: Fri, 15 Apr 2022 03:04:26 GMT

GET
H2 200 check_access.js Show response
buhgalter.com.ua/assets/templates/base/js/ 302 B
511 B 58ms
58ms Script
application/javascript 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://buhgalter.com.ua/assets/templates/base/js/check_access.js?1638465374
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Zoetermeer, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: a7175d1d334c622399772f16264ac7a80176047397f32836b6e0b004a59969e8

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:04:26 GMT
last-modified: Thu, 02 Dec 2021 17:16:14 GMT
server: nginx
etag: "61a8ff5e-12e"
content-type: application/javascript
cache-control: max-age=1209600, public, no-transform
accept-ranges: bytes
content-length: 302
expires: Fri, 15 Apr 2022 03:04:26 GMT

GET
H2 200 copy-print.css
buhgalter.com.ua/assets/templates/base/css/ 3 KB
949 B 58ms
58ms Stylesheet
text/css 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://buhgalter.com.ua/assets/templates/base/css/copy-print.css?1563536971
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Zoetermeer, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: fce47c008bc1eedf3d2f5efe16ffee0aa0e5ac44254b5ecce2c7de7273e54e12

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:04:26 GMT
content-encoding: gzip
last-modified: Fri, 19 Jul 2019 11:49:31 GMT
server: nginx
etag: W/"5d31ae4b-a33"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1209600, public, no-transform
expires: Fri, 15 Apr 2022 03:04:26 GMT

GET
H2 200 cut_copy_error.png
buhgalter.com.ua/assets/templates/base/images/ 1 KB
1 KB 160ms
159ms Image
image/png 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buhgalter.com.ua/assets/templates/base/images/cut_copy_error.png
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Zoetermeer, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: e6fce2657668d80c13f0b61064202b609505fedeaf02cbc1f83ef1b8fff6cb8a

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:04:26 GMT
last-modified: Tue, 16 Jul 2019 12:30:51 GMT
server: nginx
etag: "5d2dc37b-4be"
content-type: image/png
cache-control: max-age=1209600, public, no-transform
accept-ranges: bytes
content-length: 1214
expires: Fri, 15 Apr 2022 03:04:26 GMT

GET
H2 200 ads_turn_off.css
buhgalter.com.ua/assets/templates/base/css/ 5 KB
1 KB 58ms
58ms Stylesheet
text/css 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://buhgalter.com.ua/assets/templates/base/css/ads_turn_off.css?v=20200507
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Zoetermeer, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: 135d61e6a484f98a225e6c68264d7021f18ace3f1ce0ae8611b7c2b0c256f209

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:04:26 GMT
content-encoding: gzip
last-modified: Thu, 14 May 2020 10:32:42 GMT
server: nginx
etag: W/"5ebd1e4a-13bb"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1209600, public, no-transform
expires: Fri, 15 Apr 2022 03:04:26 GMT

GET
H2 200 ic-block.png
buhgalter.com.ua/assets/templates/base/images/ 34 KB
34 KB 163ms
161ms Image
image/png 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buhgalter.com.ua/assets/templates/base/images/ic-block.png
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Zoetermeer, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: 448f7fb85b4c5699d46f1899d90c7d3266413020bffa738ac33b6b0ba21d2399

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:04:26 GMT
last-modified: Tue, 12 May 2020 07:15:13 GMT
server: nginx
etag: "5eba4d01-8888"
content-type: image/png
cache-control: max-age=1209600, public, no-transform
accept-ranges: bytes
content-length: 34952
expires: Fri, 15 Apr 2022 03:04:26 GMT

GET
H2 200 accounts_manager.js Show response
buhgalter.com.ua/assets/templates/base/js/ 2 KB
740 B 59ms
59ms Script
application/javascript 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://buhgalter.com.ua/assets/templates/base/js/accounts_manager.js?v=02022021
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Zoetermeer, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: f268e67bed4c1584ddf22b804ba2e482c2ed18c8905a1f032406bf846d7887dc

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:04:26 GMT
content-encoding: gzip
last-modified: Mon, 25 Jan 2021 07:56:35 GMT
server: nginx
etag: W/"600e79b3-609"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1209600, public, no-transform
expires: Fri, 15 Apr 2022 03:04:26 GMT

GET
H2 200 ads_turn_off.js Show response
buhgalter.com.ua/assets/templates/base/js/ 3 KB
1 KB 59ms
59ms Script
application/javascript 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://buhgalter.com.ua/assets/templates/base/js/ads_turn_off.js?1640073844
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Zoetermeer, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: e904243c8ba54726547afae3e2cf80dd5394b98841b54716a5deae86f3d67aa8

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:04:26 GMT
content-encoding: gzip
last-modified: Tue, 21 Dec 2021 08:04:04 GMT
server: nginx
etag: W/"61c18a74-d2f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1209600, public, no-transform
expires: Fri, 15 Apr 2022 03:04:26 GMT

GET
H2 200 v7nxv24k.js Show response
l.getsitecontrol.com/ 433 B
1 KB 207ms
55ms Script
text/javascript 84.17.46.53
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://l.getsitecontrol.com/v7nxv24k.js
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 84.17.46.53 Amsterdam, Netherlands, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-84-17-46-53.cdn77.com
Software: BunnyCDN-AMS1-879 /
Resource Hash: 8a109b74b240d241933b3e01970cbd4b242035e1c476f7ff4b394b7926fb00e4

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:04:27 GMT
content-encoding: br
cdn-edgestorageid: 879
x-amz-request-id: A15TZC1NWMBEYB4G
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 03/30/2022 23:51:44
cdn-pullzone: 89704
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: Rw/lQ8Gc26yxd+S+gC/tUHm+lBnBK3ztPe1j1Q/t8PjeLoGnhz/e2VQ1Bkn7Nuzgrc6eYwnuZZ4=
server: BunnyCDN-AMS1-879
access-control-allow-origin: *
last-modified: Thu, 03 Mar 2022 15:46:32 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"9e4cec39b6cab3a5066e9f54e8b61a85"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cdn-cache: HIT
cdn-uid: e3a1246b-2fdd-4153-9207-6ca707c9379d
cache-control: public, max-age=86400
cdn-requestid: 3ecb86fcac9449249b15859864f397aa
cdn-requestcountrycode: GB
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 lw.css
buhgalter.com.ua/assets/templates/base/css/ 2 KB
834 B 59ms
59ms Stylesheet
text/css 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://buhgalter.com.ua/assets/templates/base/css/lw.css?1642000502
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Zoetermeer, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: ec7cf723e138fd1ced41f6f1c2c0d724c43183a65b54ebaef160e9635fc222d6

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:04:26 GMT
content-encoding: gzip
last-modified: Wed, 12 Jan 2022 15:15:02 GMT
server: nginx
etag: W/"61def076-73c"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1209600, public, no-transform
expires: Fri, 15 Apr 2022 03:04:26 GMT

GET
H2 200 paywall_counter.css
buhgalter.com.ua/assets/templates/base/css/ 7 KB
1 KB 59ms
59ms Stylesheet
text/css 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://buhgalter.com.ua/assets/templates/base/css/paywall_counter.css?1638464533
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Zoetermeer, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: a31a9769677c0e5e9f40a8ad5f40ece87ab2e1a27371caaa0abf52539f5225c8

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:04:26 GMT
content-encoding: gzip
last-modified: Thu, 02 Dec 2021 17:02:13 GMT
server: nginx
etag: W/"61a8fc15-1a0e"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1209600, public, no-transform
expires: Fri, 15 Apr 2022 03:04:26 GMT

GET
H2 200 cup_coffee.svg
buhgalter.com.ua/assets/templates/base/images/paywall/ 113 KB
83 KB 176ms
174ms Image
image/svg+xml 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buhgalter.com.ua/assets/templates/base/images/paywall/cup_coffee.svg
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Zoetermeer, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: a4991d87ebaea362f7b779eb0e62f6664d2b0bfb83aada173b6dbdc6ed587a7b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:04:26 GMT
content-encoding: gzip
last-modified: Wed, 10 Mar 2021 07:46:47 GMT
server: nginx
etag: W/"60487967-1c399"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=1209600, public, no-transform
expires: Fri, 15 Apr 2022 03:04:26 GMT

GET
H2 200 ic-pay-access.png
buhgalter.com.ua/assets/templates/base/images/ 2 KB
2 KB 176ms
175ms Image
image/png 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buhgalter.com.ua/assets/templates/base/images/ic-pay-access.png
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Zoetermeer, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: b6802ed3c9a13e4e0c4be93749ab1ffdfbf488638b05ed7e18ad3896b1a1748e

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:04:26 GMT
last-modified: Fri, 29 Jan 2021 11:15:23 GMT
server: nginx
etag: "6013ee4b-841"
content-type: image/png
cache-control: max-age=1209600, public, no-transform
accept-ranges: bytes
content-length: 2113
expires: Fri, 15 Apr 2022 03:04:26 GMT

GET
H2 200 wrapper_hb_299506_4371.js Show response
player.adtelligent.com/prebid/ 786 B
748 B 242ms
62ms Script
application/javascript 45.133.44.4
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/prebid/wrapper_hb_299506_4371.js?cb=19083
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: bb1f1665d7d36ff738dcb494fb38266ebc6a0c9de10887324006b9e0b7e4c539

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:04:27 GMT
content-encoding: gzip
last-modified: Wed, 30 Mar 2022 14:25:51 GMT
server: nginx
etag: W/"6244686f-312"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Sun, 03 Apr 2022 03:04:27 GMT
cache-control: max-age=172800
x-proxy-cache: HIT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 177 KB
60 KB 283ms
152ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WVLD3W

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8ff294af494f628f10f247ce8a14ad10273d27e3ddc3e3f8bc80763c6bd25211

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:04:27 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60989
x-xss-protection: 0
expires: Fri, 01 Apr 2022 03:04:27 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
1 KB 209ms
76ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@500&display=swap

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/assets/templates/base/css/buy-access.css?v=20210310-5799

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c6f02ea61b580dd0d3d5fd8b473d8584ab32e741a5a969704928df2d2753a44e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 01 Apr 2022 01:43:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 01 Apr 2022 03:04:27 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 01 Apr 2022 03:04:27 GMT

GET
H2 200 resource_icons_v7.png
buhgalter.com.ua/assets/templates/base/images/accounts/ 4 KB
4 KB 160ms
160ms Image
image/png 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buhgalter.com.ua/assets/templates/base/images/accounts/resource_icons_v7.png
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Zoetermeer, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: c5a7e1a01e97fddf0d6fea76f7a895d53516d76728a4615816a71afa8141d8df

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:04:26 GMT
last-modified: Thu, 17 Jun 2021 10:19:17 GMT
server: nginx
etag: "60cb21a5-f41"
content-type: image/png
cache-control: max-age=1209600, public, no-transform
accept-ranges: bytes
content-length: 3905
expires: Fri, 15 Apr 2022 03:04:26 GMT

GET
H2 200 configs Show response
cdn.gravitec.net/sdk/web/ 2 KB
1 KB 177ms
64ms Fetch
application/json 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.net/sdk/web/configs?appKey=c77ccd81f8480b85adc1e41419254e96
Requested by: Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/c77ccd81f8480b85adc1e41419254e96/client.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 0673a67906e341eb7c6158899b672c6701aa4febb161fc0dfbd440ead60f30aa

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:04:27 GMT
x-correlation-id: 95b88f6d4a54d3ebbc3ee9a144e61be4
server: nginx
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
content-encoding: gzip
x-proxy-cache: MISS

GET
H2 200 logo_event_n.png
buhgalter.com.ua/assets/templates/base/images/ 9 KB
10 KB 63ms
59ms Image
image/png 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buhgalter.com.ua/assets/templates/base/images/logo_event_n.png
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Zoetermeer, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: d564e795aec94a8c74308ecec87cb269c8b536135086e36ba14ffa7f22434264

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:04:27 GMT
last-modified: Tue, 15 Jun 2021 12:47:48 GMT
server: nginx
etag: "60c8a174-25c4"
content-type: image/png
cache-control: max-age=1209600, public, no-transform
accept-ranges: bytes
content-length: 9668
expires: Fri, 15 Apr 2022 03:04:27 GMT

GET
DATA 200
OK truncated
/ 408 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 259c000134f1b62928de5c6c5b2fbd055aa9c1133a3d95ae6794acf455f86458

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dec_line2.png
buhgalter.com.ua/assets/templates/base/images/ 228 B
428 B 60ms
60ms Image
image/png 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buhgalter.com.ua/assets/templates/base/images/dec_line2.png
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/assets/templates/base/css/subscribe_form_newsone.css?v=20210423
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Zoetermeer, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: 4434af4fb7f6dcd25c06a6979ee9d9965188ba85e7860e8ded9d730a3419afb6

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/assets/templates/base/css/subscribe_form_newsone.css?v=20210423
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:04:27 GMT
last-modified: Mon, 13 Apr 2020 08:20:47 GMT
server: nginx
etag: "5e9420df-e4"
content-type: image/png
cache-control: max-age=1209600, public, no-transform
accept-ranges: bytes
content-length: 228
expires: Fri, 15 Apr 2022 03:04:27 GMT

GET
H2 200 fbds.js Show response
connect.facebook.net/en_US/ 4 KB
3 KB 221ms
77ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbds.js

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f447d61fcc469934a877b4b75120cdef375c02bacd928a0998e877da6fd89482

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 7b+CoNO3eBaHPe2iPW43Xg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 2165
x-fb-rlafr: 0
x-fb-debug: 8UbT1Cbg5c2EuCdCVWuktut5dy3HViSffREFeG8DyxK/dyU/+RT8SL2o68iLTFwV3ygyD+HgI8/Mj15I42gO+g==
x-fb-trip-id: 917726464
x-fb-content-md5: 05a761f288ba98ee7c893a5e90e52d96
x-frame-options: DENY
date: Fri, 01 Apr 2022 03:04:27 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "22e7f2e6890090b74f25cbc019c2b047"
timing-allow-origin: *
priority: u=3,i
expires: Fri, 01 Apr 2022 03:21:55 GMT

POST
H/1.1 200
OK add Show response
analytics.factor.ua/analytics/ 0
242 B 428ms
254ms XHR
text/html 95.170.82.90
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.factor.ua/analytics/add
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/assets/templates/base/js/analytics.js?1626441437
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.170.82.90 Amsterdam, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 95-170-82-90.colo.transip.net
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://buhgalter.com.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: https://buhgalter.com.ua
Date: Fri, 01 Apr 2022 03:04:27 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 0
Content-Type: text/html; charset=UTF-8

POST
H2 200 z Show response
s.zmctrack.net/ Frame 7DD9 50 KB
23 KB 515ms
240ms XHR
text/javascript 185.187.81.40
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.zmctrack.net/z
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.40 Kyiv, Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: openresty /
Resource Hash: ac1806c547b33c96ca5c52c8a6ef807e01c05baff00f993742e974d509065932

Request headers

Referer
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 01 Apr 2022 03:04:27 GMT
content-encoding: gzip
server: openresty
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: X-Location, X-Meta-Status, X-Set-Cookie, X-Cookie, X-Check
cache-control: no-cache, no-store
access-control-allow-headers: X-Request-Data, X-Headers, X-Url, Accept-Encoding, Accept-Language, Content-Language, Accept, Content-Type, Cookie, Origin, User-Agent
content-length: 23391
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/975200280/ 2 KB
2 KB 224ms
85ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/975200280/?random=1648782267201&cv=9&fst=1648782267201&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fbuhgalter.com.ua%2F&tiba=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D0%B1%D1%83%D1%85%D0%B3%D0%B0%D0%BB%D1%82%D0%B5%D1%80%D1%96%D0%B2%20%D0%B1%D1%8E%D0%B4%D0%B6%D0%B5%D1%82%D0%BD%D0%B8%D1%85%20%D1%83%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e2278104b49720a432453998bbbb45829d7a8a07c2f928375c1eecaf784a3303

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Apr 2022 03:04:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1061
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK / Show response
jsonip.com/ 152 B
453 B 616ms
182ms Script
application/json 2600:3c01::f03c:91ff:fe79:43b
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL

https://jsonip.com/?callback=jQuery111106043186239408238_1648782266896&_=1648782266897

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/assets/templates/base/js/jquery.min.js?1548420380

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:3c01::f03c:91ff:fe79:43b Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),

Reverse DNS

Software

nginx/1.20.2 /

Resource Hash

4f1e2fbf7a7df4c0045fb6a384d94ad9f76679cebe5e1658cfb439fd0bb39549

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 01 Apr 2022 03:04:27 GMT
Server: nginx/1.20.2
Strict-Transport-Security: max-age=31536000;
Access-Control-Allow-Methods: GET
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive

GET
H2 200 v7nxv24k.json Show response
l.getsitecontrol.com/ 26 B
893 B 337ms
210ms XHR
application/json 84.17.46.53
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://l.getsitecontrol.com/v7nxv24k.json
Requested by: Host: l.getsitecontrol.com
URL: https://l.getsitecontrol.com/v7nxv24k.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 84.17.46.53 Amsterdam, Netherlands, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-84-17-46-53.cdn77.com
Software: BunnyCDN-AMS1-879 /
Resource Hash: 2388df780f154980d5f334830101f63540ae55f3601ed8a2d3eb4053a6a9f4e3

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:04:27 GMT
content-encoding: br
vary: Accept-Encoding
cdn-edgestorageid: 766
x-amz-request-id: T82PB62YNP20X2DY
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 03/09/2022 22:42:26
cdn-pullzone: 89704
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: QLQG27F7BMILNZNFeqq7/2sfowL8DqRTeGjHOGKsHIj7hRij8CopYL0QzcZePRc3TaD8rYR/Rcs=
server: BunnyCDN-AMS1-879
access-control-allow-origin: *
last-modified: Mon, 07 Mar 2022 12:00:07 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"93810944f20c0434e4e2ea2795b1c469"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/json; charset=utf-8
cdn-cache: REVALIDATED
cdn-uid: e3a1246b-2fdd-4153-9207-6ca707c9379d
cache-control: public, max-age=5
cdn-requestid: d80ed78a3237515e797bb162449d5b0b
cdn-requestcountrycode: GB
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 hbw_master_299506_4371.js Show response
player.adtelligent.com/prebidlink/457995/ 123 KB
29 KB 145ms
144ms Script
application/javascript 45.133.44.4
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/prebidlink/457995/hbw_master_299506_4371.js
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebid/wrapper_hb_299506_4371.js?cb=19083
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: 121c2db4893e288f08458cf3571762c887647298620ec0e8e74f85f515c1bf82

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:04:27 GMT
content-encoding: gzip
last-modified: Wed, 30 Mar 2022 14:25:51 GMT
server: nginx
etag: W/"6244686f-1ea66"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Sun, 03 Apr 2022 03:04:27 GMT
cache-control: max-age=172800
x-proxy-cache: MISS

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 83 KB
28 KB 223ms
82ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e08bc9b80996769fbd4d7f7275dbf0bbd477a433f4621ec04be63110cb6896f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:04:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28281
x-xss-protection: 0
server: sffe
etag: "1174 / 768 of 1000 / last-modified: 1648764545"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 01 Apr 2022 03:04:27 GMT

GET
H2 200 main.css
buhgalter.com.ua/assets/templates/base/chat/css/ 849 KB
458 KB 63ms
63ms Stylesheet
text/css 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://buhgalter.com.ua/assets/templates/base/chat/css/main.css?1625654744
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/assets/templates/base/js/jquery.min.js?1548420380
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Zoetermeer, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: 5e1055767f6d4ebc018c9e2386d3ca843ce1cc24daf9add01c652a15b7fdaf4d

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:04:27 GMT
content-encoding: gzip
last-modified: Wed, 07 Jul 2021 10:45:44 GMT
server: nginx
etag: W/"60e585d8-d4267"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1209600, public, no-transform
expires: Fri, 15 Apr 2022 03:04:27 GMT

GET
H2 200 favourites.css
buhgalter.com.ua/assets/templates/base/css/ 5 KB
1 KB 268ms
268ms Stylesheet
text/css 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://buhgalter.com.ua/assets/templates/base/css/favourites.css?1549530487
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/assets/templates/base/js/jquery.min.js?1548420380
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Zoetermeer, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: b7e5a16afe5493961690e4e41f66a8031db0bc3065aebbe95414494837ccd23c

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:04:27 GMT
content-encoding: gzip
last-modified: Thu, 07 Feb 2019 09:08:07 GMT
server: nginx
etag: W/"5c5bf577-15d9"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1209600, public, no-transform
expires: Fri, 15 Apr 2022 03:04:27 GMT

GET
H2 200 notyfy_popups.css
buhgalter.com.ua/assets/templates/base/css/ 3 KB
973 B 268ms
268ms Stylesheet
text/css 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://buhgalter.com.ua/assets/templates/base/css/notyfy_popups.css?1551775774
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/assets/templates/base/js/jquery.min.js?1548420380
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Zoetermeer, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: 7b63f721e824f90d7f3144b2458f93b1697419fc8790f35537a064ed757a1b80

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:04:27 GMT
content-encoding: gzip
last-modified: Tue, 05 Mar 2019 08:49:34 GMT
server: nginx
etag: W/"5c7e381e-a18"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1209600, public, no-transform
expires: Fri, 15 Apr 2022 03:04:27 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.6.3/css/ 52 KB
12 KB 186ms
75ms Stylesheet
text/css 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.6.3/css/all.css
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/assets/templates/base/js/jquery.min.js?1548420380
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a

Request headers

Referer: https://buhgalter.com.ua/
Origin: https://buhgalter.com.ua
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:04:27 GMT
content-encoding: br
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8181386
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: XAEZMP79N5HDFW8W
x-amz-id-2: qRfP/50JtjpsoLcE12exu2WJEoBLr33ovgZZLWB9Zo94FDB+c+wzpIUrdhFxgjSWz6u/sfHBzvo=
last-modified: Wed, 30 Jun 2021 15:44:33 GMT
server: cloudflare
etag: W/"dc93d584e41f8417f6b7163320d34329"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YMBZ13G8guM1PyBznk4WsRZzApFZ0%2FOvIN9cJAQcF9zZV4YwaNR7eg05iwlGoqyXIQAXldT1wG5tjRQAylM%2BThWi5snLgMpYsYA4xWl5rVcSYfvlMXVsaxwOXjFJ6l0RdZCJK6K6L%2BZTgPxHkj%2FCncNq"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 6f4e18f30f8572e5-LHR

GET
H2 200 media.css
buhgalter.com.ua/assets/templates/base/css/ 120 KB
41 KB 267ms
267ms Stylesheet
text/css 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://buhgalter.com.ua/assets/templates/base/css/media.css?1642162679
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/assets/templates/base/js/jquery.min.js?1548420380
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Zoetermeer, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: 4a332e4376303ca434ff138b0872d64fc86a45101b51065c776206afe66c015a

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:04:27 GMT
content-encoding: gzip
last-modified: Fri, 14 Jan 2022 12:17:59 GMT
server: nginx
etag: W/"61e169f7-1de87"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1209600, public, no-transform
expires: Fri, 15 Apr 2022 03:04:27 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 227ms
65ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-35985798-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 3581
date: Fri, 01 Apr 2022 02:04:46 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 01 Apr 2022 04:04:46 GMT

GET
H2 200 / Show response
id.gravitec.net/ Frame E5AD 621 B
700 B 315ms
72ms Document
text/html 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://id.gravitec.net/
Requested by: Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/c77ccd81f8480b85adc1e41419254e96/client.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 9d1cb86ec27e86dfdefab39206fb510070d00b81d91f11ddc6720e3c62629d32

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
cache-control: max-age=315360000 public
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 01 Apr 2022 03:04:27 GMT
etag: W/"5e9485b6-26d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Mon, 13 Apr 2020 15:31:02 GMT
pragma: public
server: CDN77-Turbo
x-77-cache: HIT
x-77-nzt: Abk73BAfxJj/9JmNAQ
x-77-nzt-ray: VTHC2VD4RWw
x-77-pop: frankfurtDE
x-accel-expires: @1938085063
x-age: 26057204
x-cache: HIT

GET push-worker.js
buhgalter.com.ua/ Frame 0
0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 176 KB
65 KB 92ms
91ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-6VVQ37Y1T2&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-35985798-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

24c2b2f7841732ddd0cbea2353609e12aa6339a6a24d224b8dc0e509ce7a8211

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:04:27 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 66100
x-xss-protection: 0
expires: Fri, 01 Apr 2022 03:04:27 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 90ms
89ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVLD3W

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

9616865a4344d7bd7631fb93925d422d89ea1db93bc52f9d217354841c2bdf3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:04:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14883
x-xss-protection: 0
server: cafe
etag: 14534967036905587165
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 01 Apr 2022 03:04:27 GMT

GET
H2 200 optimize.js Show response
www.google-analytics.com/gtm/ 98 KB
38 KB 220ms
99ms Script
application/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/optimize.js?id=GTM-WMZFGRB

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVLD3W

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0dc4a90093e413fcbd18cc489a69a84465edcb5f81ec7229065cb135a6fdd7db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:04:27 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38522
x-xss-protection: 0
expires: Fri, 01 Apr 2022 03:04:27 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/uk_UA/ 3 KB
2 KB 100ms
96ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/uk_UA/sdk.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVLD3W

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5b4b9c179a5e46f2042fcdd625d8e65c0de92dd2c5f22e422a3192dbb3d63640

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: dNcinxAo421nPqkm7ZaagA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Apr 2022 03:14:47 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1685
x-fb-rlafr: 0
x-fb-debug: FDRqXtwyt9em/sa8/n7lLe9NaQrqG5Ln7XlMcrBgOjUeX8MELKM88FkeKOCpKC9XzZ3mlMnqFRQYWhZE5GH2YQ==
x-fb-trip-id: 917726464
x-fb-content-md5: 114c2426e5fdecf42d4910033a6ae283
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 01 Apr 2022 03:04:27 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "1c4997c44ef7874e78ef5141f0b185c8"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
26 KB 81ms
78ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c8d70946c3b971f61a3a24a011463ea1fd30a1490a34eed4a58b8685441172f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26313
x-xss-protection: 0
pragma: public
x-fb-debug: 8IOsHiTZ/ODMgtpDBXFCq0coMSJ1RTnp3OdOLZwHbStK5WOodypiP8s7u3G/MTXXqzjyYWKC/2G8q/+LKUbGYg==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Fri, 01 Apr 2022 03:04:27 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 231ms
80ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1495025544106981&ev=PixelInitialized&dl=https%3A%2F%2Fbuhgalter.com.ua%2F&rl=&if=false&ts=1648782267387

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:04:27 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Fri, 01 Apr 2022 03:04:27 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/977649145/ 3 KB
1 KB 78ms
78ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/977649145/?random=1648782267405&cv=9&fst=1648782267405&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg3u0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fbuhgalter.com.ua%2F&tiba=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D0%B1%D1%83%D1%85%D0%B3%D0%B0%D0%BB%D1%82%D0%B5%D1%80%D1%96%D0%B2%20%D0%B1%D1%8E%D0%B4%D0%B6%D0%B5%D1%82%D0%BD%D0%B8%D1%85%20%D1%83%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f096d74315432ccdfbb5dfd564a72e47b587b55e287fbbd193d002a78cb6d8bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Apr 2022 03:04:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1072
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 1495025544106981 Show response
connect.facebook.net/signals/config/ 307 KB
87 KB 204ms
134ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1495025544106981?v=2.9.57&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7a3c3481de257dc5d922b2b92851be28dfdaaef01ba33ae039ccfce541a4788d

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: pgR+TWlQ1NfVa5V9ma99uCDMPDqLY0h0LsuIClxvpqQanwuQMOXeqXPMqIgpj5KaFd1rqyOI+T58BCfb+hPPDw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 01 Apr 2022 03:04:27 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/uk_UA/ 289 KB
82 KB 141ms
70ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/uk_UA/sdk.js?hash=e78d81ed295bbe8c5fd56aaf93ce942f

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/uk_UA/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

57ff02f9cc3a7cabe1221cc44a07430be10791247794496ebbefe4f89b29c22a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://buhgalter.com.ua/
Origin: https://buhgalter.com.ua
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: C4X3ziEEpqe8v7eS29piZA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 84362
x-fb-rlafr: 0
x-fb-debug: 03X2YSdJ6rR2ytzcHi9igkte7rG0RyclgzDpCDBawW9k6N/WzpML8PI2HiXVU5PJ+T/vpNMEbzaYwxmwMRfjHA==
x-fb-content-md5: ff97cbf469ce6a50ffc1898c5c895e15
x-frame-options: DENY
date: Fri, 01 Apr 2022 03:04:27 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "2210dbbd42d7d2180b4abab17d68f51b"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Apr 2023 02:47:40 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
347 B 234ms
79ms Ping
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-6VVQ37Y1T2&gtm=2oe3u0&_p=641238539&sr=1600x1200&_gaz=1&ul=en-us&cid=912416073.1648782267&_s=1&dl=https%3A%2F%2Fbuhgalter.com.ua%2F&dt=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D0%B1%D1%83%D1%85%D0%B3%D0%B0%D0%BB%D1%82%D0%B5%D1%80%D1%96%D0%B2%20%D0%B1%D1%8E%D0%B4%D0%B6%D0%B5%D1%82%D0%BD%D0%B8%D1%85%20%D1%83%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2&sid=1648782267&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6VVQ37Y1T2&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Apr 2022 03:04:27 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://buhgalter.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
347 B 274ms
139ms Ping
text/plain 2a00:1450:400c:c04::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-6VVQ37Y1T2&cid=912416073.1648782267&gtm=2oe3u0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6VVQ37Y1T2&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c04::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Apr 2022 03:04:27 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://buhgalter.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.co.uk/ads/ 42 B
501 B 233ms
82ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-6VVQ37Y1T2&cid=912416073.1648782267&gtm=2oe3u0&aip=1&z=752543097

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Apr 2022 03:04:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.6.3/webfonts/ 77 KB
78 KB 135ms
73ms Font
font/woff2 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.6.3/webfonts/fa-solid-900.woff2
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f419ad7a4477f36ce73c74a23dce784150ca38fa5075a8e06109709cbb716903

Request headers

Referer: https://buhgalter.com.ua/
Origin: https://buhgalter.com.ua
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:04:27 GMT
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 210528
cf-ray: 6f4e18f44877005b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 79100
x-amz-id-2: TP6iaaOMqWg4Pys7uhBLHdTeh2YW5fTIjHF1Jk315XXRUIbR3bwKnkMvmGmII/N2ZZvHVRpOvEI=
last-modified: Wed, 30 Jun 2021 15:44:54 GMT
server: cloudflare
etag: "5dc01cfcd5336f696cb85da7ce53fa9b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KC8rhx3kupj%2F%2B%2FCHbDhHfblZ4ZOkBEXmmf6gxF3U9a3RBHBjBHa4z7Me32QEuEGeOFaz1qw9LIqpSe5mjC%2BQloHoBCxbaP%2FjRcoJ2TXDt7SZe0LcT8BabZNEcyWRuXZ2BIdZkIyiCDwAyEeUGpdgOHQF"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: 1HTVRR1YVWAMENR1
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
content-type: font/woff2

GET
H2 200 hb_299506_4371.js Show response
player.adtelligent.com/prebidlink/ex19083/ 352 KB
108 KB 88ms
88ms Script
application/javascript 45.133.44.4
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/prebidlink/ex19083/hb_299506_4371.js
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/457995/hbw_master_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: 585577abe91b88ad3c7e8ee6353fb2e6e1821fb1b73f321a387a7eb6fe3dff1d

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:04:27 GMT
content-encoding: gzip
last-modified: Wed, 09 Mar 2022 11:06:41 GMT
server: nginx
etag: W/"62288a41-57f1c"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Sun, 03 Apr 2022 03:04:27 GMT
cache-control: max-age=172800
x-proxy-cache: HIT

GET
H2 200 /
www.google.com/pagead/1p-user-list/975200280/ 42 B
548 B 243ms
72ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/975200280/?random=1648782267201&cv=9&fst=1648782000000&num=1&guid=ON&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fbuhgalter.com.ua%2F&tiba=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D0%B1%D1%83%D1%85%D0%B3%D0%B0%D0%BB%D1%82%D0%B5%D1%80%D1%96%D0%B2%20%D0%B1%D1%8E%D0%B4%D0%B6%D0%B5%D1%82%D0%BD%D0%B8%D1%85%20%D1%83%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2&fmt=3&is_vtc=1&random=773902513&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Apr 2022 03:04:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.co.uk/pagead/1p-user-list/975200280/ 42 B
154 B 265ms
141ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/pagead/1p-user-list/975200280/?random=1648782267201&cv=9&fst=1648782000000&num=1&guid=ON&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fbuhgalter.com.ua%2F&tiba=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D0%B1%D1%83%D1%85%D0%B3%D0%B0%D0%BB%D1%82%D0%B5%D1%80%D1%96%D0%B2%20%D0%B1%D1%8E%D0%B4%D0%B6%D0%B5%D1%82%D0%BD%D0%B8%D1%85%20%D1%83%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2&fmt=3&is_vtc=1&random=773902513&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Apr 2022 03:04:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/977649145/ 42 B
108 B 241ms
73ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/977649145/?random=1648782267405&cv=9&fst=1648782000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg3u0&sendb=1&frm=0&url=https%3A%2F%2Fbuhgalter.com.ua%2F&tiba=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D0%B1%D1%83%D1%85%D0%B3%D0%B0%D0%BB%D1%82%D0%B5%D1%80%D1%96%D0%B2%20%D0%B1%D1%8E%D0%B4%D0%B6%D0%B5%D1%82%D0%BD%D0%B8%D1%85%20%D1%83%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2&async=1&fmt=3&is_vtc=1&random=3600270935&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Apr 2022 03:04:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.co.uk/pagead/1p-user-list/977649145/ 42 B
108 B 262ms
141ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/pagead/1p-user-list/977649145/?random=1648782267405&cv=9&fst=1648782000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg3u0&sendb=1&frm=0&url=https%3A%2F%2Fbuhgalter.com.ua%2F&tiba=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D0%B1%D1%83%D1%85%D0%B3%D0%B0%D0%BB%D1%82%D0%B5%D1%80%D1%96%D0%B2%20%D0%B1%D1%8E%D0%B4%D0%B6%D0%B5%D1%82%D0%BD%D0%B8%D1%85%20%D1%83%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2&async=1&fmt=3&is_vtc=1&random=3600270935&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Apr 2022 03:04:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK / Show response
ghb.adtelligent.com/geo/ 125 B
374 B 331ms
48ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/geo/
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/457995/hbw_master_299506_4371.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: d2584c2f4bdc69a755732b678339b0f69b151ddc7aa7e4ee30a0a7eb8079bb2c

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://buhgalter.com.ua
Date: Fri, 01 Apr 2022 03:04:27 GMT
Access-Control-Allow-Credentials: true
Server: Adtelligent
Connection: Keep-Alive
Content-Length: 125
Content-Type: application/json

GET
H/1.1 200
OK tracking Show response
ghb.adtelligent.com/adunit/ 43 B
410 B 331ms
48ms XHR
image/gif 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/adunit/tracking?event=11&type=0&client_id=299506&site_id=4371&full_page_url=https%3A%2F%2Fbuhgalter.com.ua%2F&adid=fue3qo.27&features=16416&vpbv=N054&lifecycle_tte=1044
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/457995/hbw_master_299506_4371.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://buhgalter.com.ua
Date: Fri, 01 Apr 2022 03:04:27 GMT
Access-Control-Allow-Credentials: true
Server: Adtelligent
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 240ms
156ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=641238539&t=pageview&_s=1&dl=https%3A%2F%2Fbuhgalter.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D0%B1%D1%83%D1%85%D0%B3%D0%B0%D0%BB%D1%82%D0%B5%D1%80%D1%96%D0%B2%20%D0%B1%D1%8E%D0%B4%D0%B6%D0%B5%D1%82%D0%BD%D0%B8%D1%85%20%D1%83%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=4CDACUABRAAAAC~&jid=1579924409&gjid=2029407814&cid=912416073.1648782267&tid=UA-35985798-1&_gid=222964816.1648782268&_r=1&gtm=2ou3u0&z=1464555053

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://buhgalter.com.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 01 Apr 2022 03:04:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://buhgalter.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 239ms
156ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=641238539&t=event&_s=2&dl=https%3A%2F%2Fbuhgalter.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D0%B1%D1%83%D1%85%D0%B3%D0%B0%D0%BB%D1%82%D0%B5%D1%80%D1%96%D0%B2%20%D0%B1%D1%8E%D0%B4%D0%B6%D0%B5%D1%82%D0%BD%D0%B8%D1%85%20%D1%83%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=general&ea=event2&_u=4CDACUABRAAAAC~&jid=&gjid=&cid=912416073.1648782267&tid=UA-35985798-1&_gid=222964816.1648782268&cd2=%D0%BD%D0%B5%D1%82&gtm=2ou3u0&cd1=%D0%BD%D0%B5%D1%82&z=330217867

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Apr 2022 01:16:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 6483
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_2022032908.js Show response
securepubads.g.doubleclick.net/gpt/ 366 KB
125 KB 194ms
54ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032908.js?cb=31066037

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

81ba1ee0ac9dd087f7bf1f9cd2b5e30d04487a018b52061323dc7c8728557d7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 22:49:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15281
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127474
x-xss-protection: 0
last-modified: Tue, 29 Mar 2022 19:32:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 31 Mar 2023 22:49:46 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 266 B
776 B 272ms
68ms XHR
application/json 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=buhgalter.com.ua

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

424bacdef5fec4f25bbbdf3426f6163f8cb9149c0f28fbebf3438f7de0160c0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 01 Apr 2022 03:04:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 140
x-xss-protection: 0
expires: Fri, 01 Apr 2022 03:04:27 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 134ms
134ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=641238539&t=pageview&_s=1&dl=https%3A%2F%2Fbuhgalter.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D0%B1%D1%83%D1%85%D0%B3%D0%B0%D0%BB%D1%82%D0%B5%D1%80%D1%96%D0%B2%20%D0%B1%D1%8E%D0%B4%D0%B6%D0%B5%D1%82%D0%BD%D0%B8%D1%85%20%D1%83%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=6CDACUABRAAAAC~&jid=490803720&gjid=1337558324&cid=912416073.1648782267&tid=UA-53572572-5&_gid=222964816.1648782268&_r=1&gtm=2wg3u0WVLD3W&z=280063697

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://buhgalter.com.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 01 Apr 2022 03:04:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://buhgalter.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 129ms
128ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=641238539&t=pageview&_s=1&dl=https%3A%2F%2Fbuhgalter.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D0%B1%D1%83%D1%85%D0%B3%D0%B0%D0%BB%D1%82%D0%B5%D1%80%D1%96%D0%B2%20%D0%B1%D1%8E%D0%B4%D0%B6%D0%B5%D1%82%D0%BD%D0%B8%D1%85%20%D1%83%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=6CDACUABRAAAAC~&jid=627570916&gjid=26251958&cid=912416073.1648782267&tid=UA-35985798-1&_gid=222964816.1648782268&_r=1&gtm=2wg3u0WVLD3W&z=145881912

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://buhgalter.com.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 01 Apr 2022 03:04:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://buhgalter.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 383 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f3fb84ac22d9aa3bcb4eb5a032abb61f745d15a6e89e4b5c87a60d08bb48bbd8

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ic_video.png
buhgalter.com.ua/assets/templates/base/images/ico-social/ 424 B
624 B 56ms
56ms Image
image/png 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buhgalter.com.ua/assets/templates/base/images/ico-social/ic_video.png
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/assets/templates/base/css/media.css?1642162679
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Zoetermeer, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: 8d08002698e3eea9504529fb40cb7ee307d4bfcb79b26e6b7a9f0d88583ae8ae

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/assets/templates/base/css/media.css?1642162679
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:04:27 GMT
last-modified: Thu, 28 May 2020 12:05:04 GMT
server: nginx
etag: "5ecfa8f0-1a8"
content-type: image/png
cache-control: max-age=1209600, public, no-transform
accept-ranges: bytes
content-length: 424
expires: Fri, 15 Apr 2022 03:04:27 GMT

GET
H2 200 fit_button_new.svg
buhgalter.com.ua/assets/templates/base/images/ 5 KB
2 KB 55ms
55ms Image
image/svg+xml 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buhgalter.com.ua/assets/templates/base/images/fit_button_new.svg
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/assets/templates/base/css/media.css?1642162679
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Zoetermeer, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: 8429d286889a500a6549279dbb7135387b5c3167421d6f703d929f06910cf617

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/assets/templates/base/css/media.css?1642162679
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:04:27 GMT
content-encoding: gzip
last-modified: Thu, 16 Apr 2020 15:40:47 GMT
server: nginx
etag: W/"5e987c7f-138a"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=1209600, public, no-transform
expires: Fri, 15 Apr 2022 03:04:27 GMT

GET
DATA 200
OK truncated
/ 425 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2d27a1810a9c43b17603247c2757dba5e852432b29416d66de79bf6a3bbd1fd3

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 288 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aa7d00eefe0b4610697ae7d4bdd52e0fcc48e82806bafb322e16e7ee66678ace

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 468 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b265408716dbe3e1a43a7bb536defb88b2a4df5e02fd12f1262ded3e46b2c9c2

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 106 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 74c3d6e4e68a777357e0779c0dac3ab4b146a1b9f95f5884893f453e703ef745

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 285 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4e54a4e1093719499f227854e31568e062cbb3eb158697d3a4ab56df81450ce6

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a74d051cb4f10fc6e724eafd37adaf9dd951c9e1786c48158d14c44a7c948a7c

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 169 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ae9dc62c51a79132774aa19bec7fea733c24b5a200d3ce68ba362ba7ead54396

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 312 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 33469539b582e93d9b98eecbae3c3cc48965f030aeaad68cc56cbbf20f774923

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 93 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f1f2c754697a52684fccacaa9e300ac3268d6c13837b9ac7f46475cc67de8d4c

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 107 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4fa18ae7faa4c864e0c14d23b00a46e5cb48f7509335d3d9ece052ff93c328d5

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 user.png
buhgalter.com.ua/assets/templates/base/chat/img/ 631 B
831 B 55ms
52ms Image
image/png 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buhgalter.com.ua/assets/templates/base/chat/img/user.png
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/assets/templates/base/chat/css/main.css?1625654744
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Zoetermeer, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: fa730e45f1461662728ed590039a2cb0900eee5486af662670dccca0e7f0ddd6

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/assets/templates/base/chat/css/main.css?1625654744
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:04:27 GMT
last-modified: Fri, 25 Jan 2019 12:16:54 GMT
server: nginx
etag: "5c4afe36-277"
content-type: image/png
cache-control: max-age=1209600, public, no-transform
accept-ranges: bytes
content-length: 631
expires: Fri, 15 Apr 2022 03:04:27 GMT

GET
H2 200 smyle.png
buhgalter.com.ua/assets/templates/base/chat/img/ 816 B
1016 B 55ms
53ms Image
image/png 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buhgalter.com.ua/assets/templates/base/chat/img/smyle.png
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/assets/templates/base/chat/css/main.css?1625654744
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Zoetermeer, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: 5833f676a69a7385d07b129f61b2545762ac94c5691a5c8fc82b1eff66d74737

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/assets/templates/base/chat/css/main.css?1625654744
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:04:27 GMT
last-modified: Fri, 25 Jan 2019 12:16:54 GMT
server: nginx
etag: "5c4afe36-330"
content-type: image/png
cache-control: max-age=1209600, public, no-transform
accept-ranges: bytes
content-length: 816
expires: Fri, 15 Apr 2022 03:04:27 GMT

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0e5b66a959fea501a734824f70aa077d915830dfd1a627bc7b5a31ebd5212b16

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 logo_forum.png
buhgalter.com.ua/assets/templates/base/images/ 3 KB
4 KB 54ms
53ms Image
image/png 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buhgalter.com.ua/assets/templates/base/images/logo_forum.png
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/assets/templates/base/css/media.css?1642162679
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Zoetermeer, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: d6b329563ab2466783f3b47eecbe503544948991015d8ce711e3168d99f3adf3

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/assets/templates/base/css/media.css?1642162679
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:04:27 GMT
last-modified: Thu, 17 Jun 2021 14:28:16 GMT
server: nginx
etag: "60cb5c00-dce"
content-type: image/png
cache-control: max-age=1209600, public, no-transform
accept-ranges: bytes
content-length: 3534
expires: Fri, 15 Apr 2022 03:04:27 GMT

GET
H2 204 /
loadercdn.net/ 0
169 B 333ms
114ms Image
text/plain 185.187.81.40
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadercdn.net/?r=1&u=cef5c5d494e23424&d=buhgalter.com.ua
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.40 Kyiv, Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 01 Apr 2022 03:04:28 GMT
server: openresty

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 7 B
28 B 115ms
57ms XHR
text/plain 2a00:1450:400c:c04::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-35985798-1&cid=912416073.1648782267&jid=1579924409&gjid=2029407814&_gid=222964816.1648782268&_u=4CDACUAARAAAAC~&z=245297488

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c04::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://buhgalter.com.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 01 Apr 2022 03:04:27 GMT
content-type: text/plain
access-control-allow-origin: https://buhgalter.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 7 B
28 B 112ms
55ms XHR
text/plain 2a00:1450:400c:c04::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-53572572-5&cid=912416073.1648782267&jid=490803720&gjid=1337558324&_gid=222964816.1648782268&_u=6CDACUABRAAAAC~&z=694296311

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c04::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://buhgalter.com.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 01 Apr 2022 03:04:27 GMT
content-type: text/plain
access-control-allow-origin: https://buhgalter.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 7 B
28 B 113ms
57ms XHR
text/plain 2a00:1450:400c:c04::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-35985798-1&cid=912416073.1648782267&jid=627570916&gjid=26251958&_gid=222964816.1648782268&_u=6CDACUABRAAAAC~&z=1987201700

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c04::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://buhgalter.com.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 01 Apr 2022 03:04:27 GMT
content-type: text/plain
access-control-allow-origin: https://buhgalter.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 131ms
66ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1495025544106981&ev=PageView&dl=https%3A%2F%2Fbuhgalter.com.ua%2F&rl=&if=false&ts=1648782267827&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&fbp=fb.2.1648782267825.382864134&it=1648782267415&coo=false&exp=p1&rqm=GET

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:04:27 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Fri, 01 Apr 2022 03:04:27 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 101ms
65ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1264355410382750&ev=fb_page_view&dl=https%3A%2F%2Fbuhgalter.com.ua%2F&rl=&if=false&ts=1648782267856&sw=1600&sh=1200&at=

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:04:27 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Fri, 01 Apr 2022 03:04:27 GMT

GET
H/1.1 200
OK csyncs Show response
ghb.adtelligent.com/ 448 B
572 B 49ms
49ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/csyncs?aid1=443990&aid2=443991&aid3=undefined
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/457995/hbw_master_299506_4371.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: d95fccc8a4d3363801ea0564fce8cd0ef5938d2f3aae4bfd873b192a8b2667ba

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 01 Apr 2022 03:04:27 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://buhgalter.com.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Length: 284

GET
H2 200 0.bundle.js Show response
cdn.gravitec.net/modules/ 9 KB
4 KB 49ms
48ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.net/modules/0.bundle.js
Requested by: Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/c77ccd81f8480b85adc1e41419254e96/client.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 0a91fbed903c7ee569d116adee58d579d0c64775a469ee86d3cc4281f913bda1

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:04:27 GMT
content-encoding: gzip
last-modified: Wed, 02 Feb 2022 09:01:35 GMT
server: nginx
etag: W/"61fa486f-2550"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Wed, 02 Feb 2022 09:06:29 GMT
cache-control: max-age=10
x-proxy-cache: HIT

GET
H2 200 1.bundle.js Show response
cdn.gravitec.net/modules/ 32 KB
8 KB 61ms
61ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.net/modules/1.bundle.js
Requested by: Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/c77ccd81f8480b85adc1e41419254e96/client.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 23b89bb3578573b474d7a69e2df32e8f0ee7839a44392edb040e4117a07ce6fa

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:04:27 GMT
content-encoding: gzip
last-modified: Wed, 02 Feb 2022 09:01:35 GMT
server: nginx
etag: W/"61fa486f-8092"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Wed, 02 Feb 2022 09:06:29 GMT
cache-control: max-age=10
x-proxy-cache: HIT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 158ms
73ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-53572572-5&cid=912416073.1648782267&jid=490803720&_u=6CDACUABRAAAAC~&z=2115560753

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Apr 2022 03:04:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.co.uk/ads/ 42 B
63 B 159ms
74ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-53572572-5&cid=912416073.1648782267&jid=490803720&_u=6CDACUABRAAAAC~&z=2115560753

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Apr 2022 03:04:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 159ms
76ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-35985798-1&cid=912416073.1648782267&jid=627570916&_u=6CDACUABRAAAAC~&z=141387263

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Apr 2022 03:04:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.co.uk/ads/ 42 B
63 B 158ms
75ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-35985798-1&cid=912416073.1648782267&jid=627570916&_u=6CDACUABRAAAAC~&z=141387263

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Apr 2022 03:04:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 156ms
74ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-35985798-1&cid=912416073.1648782267&jid=1579924409&_u=4CDACUAARAAAAC~&z=385977283

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Apr 2022 03:04:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.co.uk/ads/ 42 B
63 B 158ms
74ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-35985798-1&cid=912416073.1648782267&jid=1579924409&_u=4CDACUAARAAAAC~&z=385977283

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Apr 2022 03:04:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

1px-matching-adtelligent.gif
t.trafmag.com/images/images/
Redirect Chain

https://sync.adtelligent.com/csync?&redir=https%3A%2F%2Ft.trafmag.com%2Fimages%2Fimages%2F1px-matching-adtelligent.gif%3Fid%3D%7Buid%7D
https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=9f5d559d1786be6d

35 B
351 B

97ms
30ms

Image
image/gif

193.200.65.5
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=9f5d559d1786be6d
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: HTTP/1.1
Server: 193.200.65.5 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: t.trafmag.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 01 Apr 2022 03:04:28 GMT
Server: nginx
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
P3P: CP="NON DSP COR CURa TIA"

Redirect headers

Location: https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=9f5d559d1786be6d
Date: Fri, 01 Apr 2022 03:04:27 GMT
Server: VertaMedia 1.0
Etag: 9f5d559d1786be6d
Content-Length: 0

GET
H/1.1

200
OK

csync
sync.adtelligent.com/
Redirect Chain

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=49030dc5-4be6-471b-bff7-26ccf201d0e9

0
407 B

333ms
94ms

Image
text/plain

23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=49030dc5-4be6-471b-bff7-26ccf201d0e9
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: HTTP/1.1
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 01 Apr 2022 03:04:27 GMT
Server: VertaMedia 1.0
Etag: 9f5d559d1786be6d
Content-Length: 0

Redirect headers

location: https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=49030dc5-4be6-471b-bff7-26ccf201d0e9
date: Fri, 01 Apr 2022 03:04:28 GMT
cache-control: no-store no-transform
server: nginx
content-length: 166
content-type: text/html; charset=utf-8

GET
H2 200 config.json Show response
player.adtelligent.com/exchange_rates/299481/ 2 KB
1 KB 143ms
44ms XHR
application/json 45.133.44.4
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/exchange_rates/299481/config.json?cb=https%3A%2F%2Fbuhgalter.com.ua%2F
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19083/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: bfbdf8d87df823b9780a01f70ab265dbfd717bfffc70535a9b4ed94d28949e7e

Request headers

Referer: https://buhgalter.com.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 01 Apr 2022 03:04:28 GMT
content-encoding: gzip
last-modified: Thu, 31 Mar 2022 12:01:13 GMT
server: nginx
etag: W/"62459809-8af"
content-type: application/json
access-control-allow-origin: https://buhgalter.com.ua
expires: Sun, 03 Apr 2022 03:04:28 GMT
cache-control: max-age=172800
x-proxy-cache: HIT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 17380452670e8c3216bc2cf483c28eec5059a45c47cabf1b216e09a6815f12cb

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
792 B 241ms
71ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=buhgalter.com.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032908.js?cb=31066037

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 01 Apr 2022 03:04:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 205ms
77ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=buhgalter.com.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032908.js?cb=31066037

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 01 Apr 2022 03:04:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 422 B
260 B 163ms
91ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3408811296539694&correlator=3935659249396959&eid=31063378%2C31065714%2C31066037&output=ldjh&gdfp_req=1&vrg=2022032908&ptt=17&impl=fifs&iu_parts=141806220%2Cbuhgalter-brand-custom&enc_prev_ius=%2F0%2F1&prev_iu_szs=1920x1080&ifi=1&adks=2347397124&sfv=1-0-38&ecs=20220401&fsapi=false&prev_scp=excl_cat%3DPREPOST&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1648782268029&lmt=1590667965&dlt=1648782266773&idt=1214&biw=1600&bih=1200&adxs=-12245933&adys=-12245933&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fbuhgalter.com.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1600x3523&msz=1920x-1&fws=640&ohw=0&ga_vid=912416073.1648782267&ga_sid=1648782268&ga_hid=641238539&ga_fc=true&btvi=-1&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032908.js?cb=31066037

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

ab7d4fc44fda610b424117f678a138d8e05b2a0ed04ec111c9d8effa8c69a428

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:04:28 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 229
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://buhgalter.com.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 424 B
269 B 172ms
99ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3408811296539694&correlator=17597625792215&eid=31063378%2C31065714%2C31066037&output=ldjh&gdfp_req=1&vrg=2022032908&ptt=17&impl=fifs&iu_parts=430837318%2CTOTAL_TAS%2CAdtelligent&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=2&adks=1413638297&sfv=1-0-38&ecs=20220401&fsapi=false&prev_scp=tmPtS%3DINSERT_UTM_SOURCE_HERE%26tmPtM%3DINSERT_UTM_MEDIUM_HERE%26tmDmn%3DINSERT_DOMAIN_HERE%26tmClnt%3DAdtelligent%26excl_cat%3DPREPOST&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1648782268036&lmt=1590667965&dlt=1648782266773&idt=1214&biw=1600&bih=1200&adxs=0&adys=3524&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fbuhgalter.com.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1600x3523&msz=1600x0&fws=0&ohw=0&ga_vid=912416073.1648782267&ga_sid=1648782268&ga_hid=641238539&ga_fc=true&btvi=1&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032908.js?cb=31066037

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

c691e14dcd01f0d0a301e401c5de5fc0a822061336e2a50b2fd34c48563755ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:04:28 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 238
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://buhgalter.com.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1B1F 6 KB
4 KB 281ms
68ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032908.js?cb=31066037

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 01 Apr 2022 03:04:28 GMT
expires: Sat, 01 Apr 2023 03:04:28 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 35 KB
14 KB 373ms
239ms XHR
application/json 185.33.221.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19083/hb_299506_4371.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.52 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0a1ae4c33916870c08157d6570248dd85f2abfcc42a0974bba02080370943125

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://buhgalter.com.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 01 Apr 2022 03:04:28 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 5.187.21.103; 5.187.21.103; 725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 9111a042-36a1-41c6-9b3a-2fc1313df75b
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://buhgalter.com.ua
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
218 B 311ms
69ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.7.0-pre&cb=45238131192

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19083/hb_299506_4371.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://buhgalter.com.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 01 Apr 2022 03:04:27 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 37 B
330 B 436ms
199ms XHR
application/json 23.32.59.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=356568&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2213ed34b90ecfe5e%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fbuhgalter.com.ua%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A5%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A5%2C%22ren%22%3Afalse%2C%22version%22%3A%226.7.0-pre%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2214e947e4344a1d6%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22356568%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22356568%22%2C%22sid%22%3A%22970x90%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2216de491fc4f868f%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A468%2C%22h%22%3A60%2C%22ext%22%3A%7B%22siteID%22%3A%22356568%22%2C%22sid%22%3A%22468x60%22%7D%7D%2C%7B%22w%22%3A610%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22356568%22%2C%22sid%22%3A%22610x90%22%7D%7D%2C%7B%22w%22%3A620%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22356568%22%2C%22sid%22%3A%22620x90%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2219a98a3418aea7c%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A160%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22356568%22%2C%22sid%22%3A%22160x600%22%7D%7D%2C%7B%22w%22%3A240%2C%22h%22%3A400%2C%22ext%22%3A%7B%22siteID%22%3A%22356568%22%2C%22sid%22%3A%22240x400%22%7D%7D%2C%7B%22w%22%3A250%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22356568%22%2C%22sid%22%3A%22250x250%22%7D%7D%2C%7B%22w%22%3A250%2C%22h%22%3A400%2C%22ext%22%3A%7B%22siteID%22%3A%22356568%22%2C%22sid%22%3A%22250x400%22%7D%7D%2C%7B%22w%22%3A250%2C%22h%22%3A500%2C%22ext%22%3A%7B%22siteID%22%3A%22356568%22%2C%22sid%22%3A%22250x500%22%7D%7D%2C%7B%22w%22%3A250%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22356568%22%2C%22sid%22%3A%22250x600%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%222520243056d1a78%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A160%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22356568%22%2C%22sid%22%3A%22160x600%22%7D%7D%2C%7B%22w%22%3A240%2C%22h%22%3A400%2C%22ext%22%3A%7B%22siteID%22%3A%22356568%22%2C%22sid%22%3A%22240x400%22%7D%7D%2C%7B%22w%22%3A250%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22356568%22%2C%22sid%22%3A%22250x250%22%7D%7D%2C%7B%22w%22%3A250%2C%22h%22%3A500%2C%22ext%22%3A%7B%22siteID%22%3A%22356568%22%2C%22sid%22%3A%22250x500%22%7D%7D%2C%7B%22w%22%3A250%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22356568%22%2C%22sid%22%3A%22250x600%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%223022596a19e4afe%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22356568%22%2C%22sid%22%3A%22970x90%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22f5afa93e-1b10-408c-8b14-f3a4a7634827%22%7D%5D%7D%5D%7D%7D
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19083/hb_299506_4371.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.59.34 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-59-34.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 24c9c31520b41a77a783be86d3023478308bd028bbe36d1de491a6f63eaf8ecf

Request headers

Referer: https://buhgalter.com.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 01 Apr 2022 03:04:28 GMT
x-ak-initial-geo: CC:[GB], RC:[EN], CN:[EU], CIP:[5.187.21.103], XFF:[]
server: Apache
content-type: application/json
access-control-allow-origin: https://buhgalter.com.ua
x-cs-client-geo: 27
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 37
x-ak-client-geo: 27
expires: Fri, 01 Apr 2022 03:04:28 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 259 B
1 KB 343ms
99ms XHR
application/json 2602:803:c003:200::51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48254&zone_id=1767334&size_id=2&alt_size_ids=55%2C221&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=f5afa93e-1b10-408c-8b14-f3a4a7634827%5E1&rf=https%3A%2F%2Fbuhgalter.com.ua%2F&tk_flint=pbjs_lite_v6.7.0-pre&x_source.tid=e7d147f0-d218-4875-b254-5ed47fa8bfdf&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6327240907378195
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19083/hb_299506_4371.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 25ba457235ce8334294e71e4de5677b47d4dd7eaf9b49eae676e815b47e9c1cf

Request headers

Referer: https://buhgalter.com.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 01 Apr 2022 03:04:28 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://buhgalter.com.ua
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 259
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 239 B
1 KB 340ms
96ms XHR
application/json 2602:803:c003:200::51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48254&zone_id=1767334&size_id=1&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=f5afa93e-1b10-408c-8b14-f3a4a7634827%5E1&rf=https%3A%2F%2Fbuhgalter.com.ua%2F&tk_flint=pbjs_lite_v6.7.0-pre&x_source.tid=a8a29552-b9d0-467b-9e22-095d0b2eaa94&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6194666980886858
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19083/hb_299506_4371.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 29398a01e1ab5b4e039a9d372a1f1c8cc1355bbd08f2029aa342bee21e44716d

Request headers

Referer: https://buhgalter.com.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 01 Apr 2022 03:04:28 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://buhgalter.com.ua
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 239
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 259 B
1 KB 343ms
99ms XHR
application/json 2602:803:c003:200::51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48254&zone_id=1767334&size_id=9&alt_size_ids=14%2C17%2C179&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=f5afa93e-1b10-408c-8b14-f3a4a7634827%5E1&rf=https%3A%2F%2Fbuhgalter.com.ua%2F&tk_flint=pbjs_lite_v6.7.0-pre&x_source.tid=baf1f212-a656-4b43-b1ee-13759a4ef735&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.762003896986885
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19083/hb_299506_4371.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 37bbd667b3cff3432ebd22ba68b2e18b7abcd5a4682be549cb61c67542caf117

Request headers

Referer: https://buhgalter.com.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 01 Apr 2022 03:04:28 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://buhgalter.com.ua
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 259
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 259 B
1 KB 345ms
101ms XHR
application/json 2602:803:c003:200::51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48254&zone_id=1767334&size_id=9&alt_size_ids=14%2C17%2C179&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=f5afa93e-1b10-408c-8b14-f3a4a7634827%5E1&rf=https%3A%2F%2Fbuhgalter.com.ua%2F&tk_flint=pbjs_lite_v6.7.0-pre&x_source.tid=e7d6948a-a6d7-4cf1-be6b-6be7fec582d5&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9151414296382752
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19083/hb_299506_4371.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: f9e4089d0bb8b4ee69afde81ee2de2e321f74f6fd6c766837109e2c1fabd47ee

Request headers

Referer: https://buhgalter.com.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 01 Apr 2022 03:04:28 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://buhgalter.com.ua
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 259
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 240 B
1 KB 338ms
94ms XHR
application/json 2602:803:c003:200::51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48254&zone_id=1767334&size_id=55&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=f5afa93e-1b10-408c-8b14-f3a4a7634827%5E1&rf=https%3A%2F%2Fbuhgalter.com.ua%2F&tk_flint=pbjs_lite_v6.7.0-pre&x_source.tid=f3e751c3-7824-4e7f-a940-452b55adf982&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8494745419068854
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19083/hb_299506_4371.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 2fe27427c31970b671afe1575f74045da7a63972c49caabdae8b93471330f59c

Request headers

Referer: https://buhgalter.com.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 01 Apr 2022 03:04:28 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://buhgalter.com.ua
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 240
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2

200

ROS Show response
pbjs.e-planning.net/hb/1/2e43c/1/buhgalter.com.ua/
Redirect Chain

https://pbjs.e-planning.net/pbjs/1/2e43c/1/buhgalter.com.ua/ROS?rnd=0.19515113201243262&e=728x90_0%3A728x90%2C970x90%2C1x1%2B468x60_0%3A468x60%2C610x90%2C620x90%2B160x600_0%3A160x600%2C250x600%2C25...
https://pbjs.e-planning.net/hb/1/2e43c/1/buhgalter.com.ua/ROS?ct=1&r=pbjs&rnd=0.19515113201243262&e=728x90_0%3A728x90%2C970x90%2C1x1%2B468x60_0%3A468x60%2C610x90%2C620x90%2B160x600_0%3A160x600%2C25...

445 B
861 B

67ms
66ms

XHR
application/json

46.249.52.248
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pbjs.e-planning.net/hb/1/2e43c/1/buhgalter.com.ua/ROS?ct=1&r=pbjs&rnd=0.19515113201243262&e=728x90_0%3A728x90%2C970x90%2C1x1%2B468x60_0%3A468x60%2C610x90%2C620x90%2B160x600_0%3A160x600%2C250x600%2C250x500%2C250x250%2C240x400%2C240x500%2C250x400%2B160x600_1%3A160x600%2C250x600%2C250x500%2C250x250%2C240x400%2C240x500%2C250x400%2B970x90_0%3A970x90%2C1420x90%2C1420x180&ur=https%3A%2F%2Fbuhgalter.com.ua%2F&pbv=6.7.0-pre&ncb=1&vs=FFFFF&crs=UTF-8&fr=https%3A%2F%2Fbuhgalter.com.ua%2F&e_pubcid=f5afa93e-1b10-408c-8b14-f3a4a7634827
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Server: 46.249.52.248 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ff901b835d08f449d1c8b0b16dfc0e37d49571a5e1a1747db1491f858ec9c224

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:04:28 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://buhgalter.com.ua
expires: Fri, 01 Apr 2022 03:04:28 GMT
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 445
x-sid: AMS-743

Redirect headers

date: Fri, 01 Apr 2022 03:04:28 GMT
server: openresty
access-control-allow-origin: https://buhgalter.com.ua
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location: /hb/1/2e43c/1/buhgalter.com.ua/ROS?ct=1&r=pbjs&rnd=0.19515113201243262&e=728x90_0%3A728x90%2C970x90%2C1x1%2B468x60_0%3A468x60%2C610x90%2C620x90%2B160x600_0%3A160x600%2C250x600%2C250x500%2C250x250%2C240x400%2C240x500%2C250x400%2B160x600_1%3A160x600%2C250x600%2C250x500%2C250x250%2C240x400%2C240x500%2C250x400%2B970x90_0%3A970x90%2C1420x90%2C1420x180&ur=https%3A%2F%2Fbuhgalter.com.ua%2F&pbv=6.7.0-pre&ncb=1&vs=FFFFF&crs=UTF-8&fr=https%3A%2F%2Fbuhgalter.com.ua%2F&e_pubcid=f5afa93e-1b10-408c-8b14-f3a4a7634827
access-control-allow-credentials: true
content-type: text/html; charset=iso-8859-1
x-sid: AMS-743

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
116 B 998ms
116ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19083/hb_299506_4371.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://buhgalter.com.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://buhgalter.com.ua
date: Fri, 01 Apr 2022 03:04:28 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 264 B
1 KB 335ms
99ms XHR
application/json 2602:803:c003:200::51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2126352&size_id=2&alt_size_ids=55%2C221&eid_pubcid.org=f5afa93e-1b10-408c-8b14-f3a4a7634827%5E1&rf=https%3A%2F%2Fbuhgalter.com.ua%2F&tk_flint=pbjs_lite_v6.7.0-pre&x_source.tid=e7d147f0-d218-4875-b254-5ed47fa8bfdf&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6083625147805409
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19083/hb_299506_4371.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 55df2c659e1d6b7d622fdb3e08175c5d8f9655f4cfe7963a88a933e1c19d0e33

Request headers

Referer: https://buhgalter.com.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 01 Apr 2022 03:04:28 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://buhgalter.com.ua
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 264
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 240 B
1 KB 426ms
95ms XHR
application/json 2602:803:c003:200::51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2126352&size_id=1&eid_pubcid.org=f5afa93e-1b10-408c-8b14-f3a4a7634827%5E1&rf=https%3A%2F%2Fbuhgalter.com.ua%2F&tk_flint=pbjs_lite_v6.7.0-pre&x_source.tid=a8a29552-b9d0-467b-9e22-095d0b2eaa94&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.4753133335117319
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19083/hb_299506_4371.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 48af1b1fa59053a1dcfde1e87b30889954ee392ed2401c52f92cded2bb4fce69

Request headers

Referer: https://buhgalter.com.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 01 Apr 2022 03:04:28 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://buhgalter.com.ua
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 240
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 240 B
1 KB 418ms
85ms XHR
application/json 2602:803:c003:200::51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2126352&size_id=9&alt_size_ids=14%2C17%2C179&eid_pubcid.org=f5afa93e-1b10-408c-8b14-f3a4a7634827%5E1&rf=https%3A%2F%2Fbuhgalter.com.ua%2F&tk_flint=pbjs_lite_v6.7.0-pre&x_source.tid=baf1f212-a656-4b43-b1ee-13759a4ef735&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.18482694647383124
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19083/hb_299506_4371.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 0d1aa534990a50585edfa6d99331c0a8a38c602b37b9032eafe72bc95be5fb2d

Request headers

Referer: https://buhgalter.com.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 01 Apr 2022 03:04:28 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://buhgalter.com.ua
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 240
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 240 B
1 KB 423ms
86ms XHR
application/json 2602:803:c003:200::51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2126352&size_id=9&alt_size_ids=14%2C17%2C179&eid_pubcid.org=f5afa93e-1b10-408c-8b14-f3a4a7634827%5E1&rf=https%3A%2F%2Fbuhgalter.com.ua%2F&tk_flint=pbjs_lite_v6.7.0-pre&x_source.tid=e7d6948a-a6d7-4cf1-be6b-6be7fec582d5&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.04193953995550803
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19083/hb_299506_4371.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 78658042fdb8ea68a095ea08d114e3776309bbed41ead7e185c69f4666826ebd

Request headers

Referer: https://buhgalter.com.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 01 Apr 2022 03:04:28 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://buhgalter.com.ua
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 240
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 241 B
1 KB 420ms
83ms XHR
application/json 2602:803:c003:200::51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2126352&size_id=55&eid_pubcid.org=f5afa93e-1b10-408c-8b14-f3a4a7634827%5E1&rf=https%3A%2F%2Fbuhgalter.com.ua%2F&tk_flint=pbjs_lite_v6.7.0-pre&x_source.tid=f3e751c3-7824-4e7f-a940-452b55adf982&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.06736519412259923
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19083/hb_299506_4371.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 5931264f10bf7fee4426124666333354889fc4eed0199df908b84ad213ab60b3

Request headers

Referer: https://buhgalter.com.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 01 Apr 2022 03:04:28 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://buhgalter.com.ua
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 241
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
178 B 163ms
58ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19083/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://buhgalter.com.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://buhgalter.com.ua
date: Fri, 01 Apr 2022 03:04:28 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
60 B 1041ms
166ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19083/hb_299506_4371.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://buhgalter.com.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://buhgalter.com.ua
date: Fri, 01 Apr 2022 03:04:29 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK / Show response
ghb.adtelligent.com/v2/auction/ 4 KB
769 B 46ms
46ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/v2/auction/
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19083/hb_299506_4371.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 3ccd6d179d794aa7c17db153db0d32bad1137073b79755487cced22dce68c37e

Request headers

Referer: https://buhgalter.com.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 01 Apr 2022 03:04:28 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://buhgalter.com.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Length: 481

POST
H/1.1 200
OK / Show response
ghb1.adtelligent.com/v2/auction/ 2 KB
676 B 302ms
57ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb1.adtelligent.com/v2/auction/
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19083/hb_299506_4371.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2ae5fd4e41224a9263409907c74a7db5d7c80bc9aad0b609a4a238f8b7a1d479

Request headers

Referer: https://buhgalter.com.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 01 Apr 2022 03:04:28 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://buhgalter.com.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Length: 388

POST
H/1.1 200
OK auction Show response
rtb.adxpremium.services/openrtb2/ 608 B
934 B 346ms
55ms XHR
application/json 148.251.121.152
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.adxpremium.services/openrtb2/auction
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19083/hb_299506_4371.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 148.251.121.152 Braunlage, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: egon
Software: /
Resource Hash: f51bb0a546dbfbf40dcc606a2fc94638be16302deb3ac982c55c76f43d3bb528

Request headers

Referer: https://buhgalter.com.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 01 Apr 2022 03:04:28 GMT
x-prebid: pbs-go/unknown
vary: Origin
content-type: application/json
access-control-allow-origin: https://buhgalter.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 608
expires: 0

POST
H2 200 z Show response
s.zmctrack.net/ Frame 2BC5 102 B
451 B 110ms
110ms XHR
text/plain 185.187.81.40
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.zmctrack.net/z
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.40 Kyiv, Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: openresty /
Resource Hash: ab1e1d2c3241edd8bba108a3351245d03b469ca6b7cb82e92995bac6f37dc2b1

Request headers

Referer
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-language: eyJ4LXBvc3QiOiIxIn0=
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 01 Apr 2022 03:04:28 GMT
server: openresty
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-expose-headers: X-Meta-Request-Id, X-Location, X-Meta-Status, X-Check, X-Cookie
access-control-allow-headers: X-Request-Data, X-Headers, X-Url, Accept-Encoding, Accept-Language, Content-Language, Accept, Content-Type, Cookie, Origin, User-Agent
content-length: 102

GET
H2 200 logo_mob_new.png
buhgalter.com.ua/assets/templates/base/images/ 2 KB
2 KB 61ms
61ms Image
image/png 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buhgalter.com.ua/assets/templates/base/images/logo_mob_new.png
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/assets/templates/base/css/media.css?1642162679
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Zoetermeer, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: b85b745fa489a54767288f43654aa568b94813c1b46c4edcac86df0fbd0d22bc

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/assets/templates/base/css/media.css?1642162679
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:04:28 GMT
last-modified: Tue, 15 Jun 2021 12:47:48 GMT
server: nginx
etag: "60c8a174-62b"
content-type: image/png
cache-control: max-age=1209600, public, no-transform
accept-ranges: bytes
content-length: 1579
expires: Fri, 15 Apr 2022 03:04:28 GMT

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ecc36cc1d2a1b39c6dcc4d23c5e1c029f1d2c78e8f696e094c8ea8db964e5664

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 9 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: de845987f3459366a295fa160b916e6945c7b96961d7ba73d441b03f211811e8

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 16 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f7c81f756187282cde04eb081009912e336f388013eb18b70b9895f4cefb6a79

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 13 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ea35c5d1362d678749f64a9e5e667ff8e8cde215869401caa753c5e6585f568f

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 8 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d691477018d0f0957939aa725df7f8a979d42731cd24ffc4b2a91e8cb456db82

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 16 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 09cf7684a243dfc294f30f108a7a97ad7807efebc4699aeff4baf8b94c65d749

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 29 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c52ea3c0b9b1233a70ed9ee281fec4418c13f8688c556ba31e587e0570cc2b43

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 13 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c4a5a12744673c5a2dbb3653fcf99e1d86f9630f2a49ff4aa892cc5018794720

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7535435b268eceb5a194a8a6065e853af11815cedcbe1769155617d3a8487d60

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c1ccf8f543009a813c29e737c9d9b1c5348169995360fbab23c402ab35c93374

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 69768ececc08139a577e3382f14cdec2f0c549663ab259f280e2f83e709065a2

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 10 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e955ea3c7cea5f641e22b09184850d60c3a4a8eef354d739ca9e0ac25daebfaf

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 8 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f1b4809c02c833ef4a89170232005bdb3b7b825cd4a1b16e1f7868fdcef834d7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 14 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7d5bed178d04622ad95cab658071133ce2ea6b1b394fd71179ec07b5de122bc5

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0c593b478bac40d4bd1c30ccf349c6e118c347e0ed9881ff7e70a7c5de86493e

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 36bfcbfb8c235969f901acae944343611139ad8fe2ab577e907cbd2ca7cbef55

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 8 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fd3eec52805f5b6243e9fe47efb617a37254f80fdeafe26f9d39e007635e0266

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e94d0e2d56d7e7d35935918e549a374568fad167f2c8f4e5189104fa6546d8d5

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 6 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c52a8264c8a4dfb27b101c226b29ed7df32bd643d17550a6aabf8d44d880c75d

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 6 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ca30c33aa5f114d6c4810f2546893395a3047705d5a8b23cb60bba9a157a77ef

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 09bf76bf9a693f6d1ff70fb63a0f530e6d880240a4cf8b53baa070cb244852c0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 14 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d0e59aaca8c9a62d2ae97808a1d7c958012a860f486ecf0f35c73308ac3623cb

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b3513b034d0ecb8f59408a1ca4b9b3a8ba63c68f07f877b2e1e1f34da644afe1

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 14 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c1dffd59aa695c7624ba66ca5c2a1f152f44821259b74a05a3e76f59e84331fb

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 14 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 87a156566bf61f245a0b0d6c16f0446eb7cc4a36a9350be545fa37259a40b71a

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 36 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6e337204ed03b6e4418d9b9b436cd2614831b06c4e1a9ca156d47ece9ad0951c

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 16 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f77bdfc493418da1a85260cc1b790bd02c9d0a09426ed1ad89a9613aa16e5758

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 28 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 741cb5b795c866f5aef2c01f64bf8eda484c92bfebe3ee309c9ed35cd252f033

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 08e04409d774299c7ac6fbbd18203bb89d0febac102760ed40a76864a6bb4066

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 12 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b6681c00074d8e62bb49a4c31444da8096a55f8830f62e4e8cf7b00882ba6cdb

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 6 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b36e2f24c228d4aa3773ac182616c0cf6835f37725be8de6ce7305caa2a99348

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2c30bce9316a009e9a17785731b7c5b52af0e3f3f162efbc5787513b54cea138

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d453778582484007a5a8c9b610fbe6a12a863260562fadd46f8e402f740ab12e

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7704281ee0b386ac39b9b1f6ca82401efc3500b75ac160e9a46ab6246974d9a5

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 061543b6ada60edddffd9f7c3f5a4fd1fa7c37e0f023816dbe1a8d4091daf49e

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6aa60dd23a74b3701f5ed911709abd25ac4e7f4a8cbd13d777fda48db32915f8

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dd9366b123766ecaeec85d47719aaa8ddbd3b68aa7e1fae5434fec5133ebd7cd

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 159210f9ceb6561cae10aa34238d9c3d4a601a5ac825ff6d9f3e669d8bd0df0e

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 16 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a1b43339886c2df3f1451af8474e95a8923085ef0fc240820e7a8218110d573b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 9 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 07b382d14e2714223655f23745e8bfad2b87de32d3bc5d145403ed07dbcce891

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d285ddb67b0c0d1642d8dbc0d6c122085eaf32cc6df3f165febbb4a47d05c9b5

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 10 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aac32479b7e00e374a47b5c6daeb907574805cd3320d6d2c520764c6ee96c12d

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 9 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: df352596341aef158df4b1735cf3b02723951a0a584685f896ce3782f6e33f29

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 9 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 679449bd06f6cbbe46b129b5009ce6b490d323677b02fac4a62b10bdfc678ddb

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 6 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4f9695de838f580539a55fb51b39700729e469625f429ef612e7e3173bd004bc

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 83f2963ac96def32a52b88d46767a0e6b4f7d5deeabe40bdcd795ce25b99217a

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b35b72ac1876a9d5ec1b9955529f4070e971ce9439a1394970143145b499117f

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 57433e1293341458165bf38974563d349e5c2116f089af926afe7bf6a4e4a49c

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 18 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b61c483c1ef272649d59390899f6ba6dacc4a0047fd5f31fb66a5a4bcb5af0ea

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 30 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a3492ab3d262a82e24fbabfecd777c0800964578ca1e00a363307bd3e590dc77

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 110b303089a71f1b1c392a22406acdad508b9b0d39a1f39626827e86f3a5a78f

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9ce75ed467996485eace448fc8554374409488e31678c2e1efb995c77449c0e4

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 10 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a56602d44222ff0e9c9c9d8faa30c87de0a0b053145aff4a43be4588d216157f

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 6 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3971a86564fe25b2262b78bf830d8af076f7cde4fe7b2167585b38571b3f180a

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 11 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6689b10d16d6c6f738c2fae6e209c53d7b4ad2d597ba712e0ecc2f1852a280ac

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e027435211ef2a57f103c525775456d802bd6ad5acaa62117d45e10930c7af7e

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d4c5780344a410ba6f301b65ec5a0fff84b5ff87bdf3e65c7f6f52958beba7e0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 11 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 188fc2045c73ceb0931b06357ec5c0a8c0b93045b831c79e557c25e4c8959d01

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 9 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 75471d692aeb9322e75a041dcb0c363657eb51db495b14d5555c5e7a907fa799

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 07ab47c07bab62e7d7ff7bc8ec64936785a7e488438074dd3510227aa5c466b0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ffa2e149a7cb4362696d47b85863b157283c7225b648bf0ea43e0591165e4c2d

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 11 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f7ec7b8677014393b78f8e512a7b08dd6227d6d54fb6c145ab0ccc5a71b11600

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 82a4df0a6f0f70b0df90aeef7e01e356a0a5859da073e4139145dffd0844b226

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 489 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 84d368b23e95809600d8e96a8532cc3b88c49cecd69a058d249b4ec0024073ba

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 11 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c1862f5fa7dd3945e2bab43995b64fa4f720581a0b070afea4dc9431b9cfabd8

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 1000 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b3d7d3c47dc2ed2229601da34d1b8d1a9f7e7405e2a495c582544cd4fe82dc20

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6356465097a91fe7436546d26b9a0575a5092cdea33572d65d1ee447777890c5

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 14 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 52db729bbfda2646c18d63f4ad32c8bb07ab396a30c8cd49b22d0481af5310c2

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 13 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 625614d0c74d2cd49b55966090b740556a74d6f81fab60a6ba40cbeb2a328ebd

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 16 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a18472ae86a7b20ced524d98ed60a37cc38d222dd6891200a0edcc335d3d9350

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 arr.png
buhgalter.com.ua/assets/templates/base/chat/img/ 1 KB
1 KB 54ms
54ms Image
image/png 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buhgalter.com.ua/assets/templates/base/chat/img/arr.png
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/assets/templates/base/chat/css/main.css?1625654744
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Zoetermeer, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: 40cf551965abb3907196d630825291b27d1b77dd499bbbf12e07905a25afcf59

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/assets/templates/base/chat/css/main.css?1625654744
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:04:28 GMT
last-modified: Tue, 13 Dec 2016 08:59:45 GMT
server: nginx
etag: "584fb881-490"
content-type: image/png
cache-control: max-age=1209600, public, no-transform
accept-ranges: bytes
content-length: 1168
expires: Fri, 15 Apr 2022 03:04:28 GMT

GET
DATA 200
OK truncated
/ 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2ee69f515b17f5b570b287e1d92f35e94e76139440dbd97db70805430ffda58d

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 16 KB
16 KB 177ms
38ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://buhgalter.com.ua
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 14:02:01 GMT
x-content-type-options: nosniff
age: 219747
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 29 Mar 2023 14:02:01 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 6163 0
15 B 58ms
58ms Document
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-GB,en;q=0.9
Content-Type: application/x-www-form-urlencoded
Origin: https://buhgalter.com.ua
Referer: https://buhgalter.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://buhgalter.com.ua
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Fri, 01 Apr 2022 03:04:28 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H3 200 group.php Show response
www.facebook.com/v3.2/plugins/ Frame 0AF6 53 KB
16 KB 109ms
109ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v3.2/plugins/group.php?app_id=1264355410382750&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df204d62dad21f34%26domain%3Dbuhgalter.com.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fbuhgalter.com.ua%252Ff1734d062b8e14c%26relation%3Dparent.parent&container_width=250&href=https%3A%2F%2Fwww.facebook.com%2Fgroups%2Fbuhgalter.com.ua%2F&locale=uk_UA&sdk=joey&show_metadata=false&show_social_context=true&width=250

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/uk_UA/sdk.js?hash=e78d81ed295bbe8c5fd56aaf93ce942f

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1d0008fbf94fa0a01ab709061cdf3f19def4715c47da75dd06ef342364e959f9

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: same-origin
date: Fri, 01 Apr 2022 03:04:28 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v6.0
pragma: no-cache
priority: u=0
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: 2CwMSrDQpmWl9xok5TkRFNgTZFGRezkfrkfBDKU4iWWJhWgsZlcD5B6aeWEqzu3EOD2uvGdIvEqmAhLtszdn4w==
x-fb-rlafr: 0
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 132ms
54ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022032908&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032908.js?cb=31066037

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e310ee2ad9c393f1c2276d3df52177b76f2b5196adeb738f0718b68823984126

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 01 Apr 2022 03:04:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10605
x-xss-protection: 0

GET
H/1.1 200
OK info Show response
reactive.factor.ua/buhgalter911_chat/ 78 B
445 B 123ms
33ms XHR
application/json 37.97.131.40
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://reactive.factor.ua/buhgalter911_chat/info
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/sockjs/0.3.4/sockjs.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.97.131.40 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 37-97-131-40.colo.transip.net
Software: nginx /
Resource Hash: 7cc646a81da660d874a020dc839ce9dd25de3de1c4bb12d592e59e5caed5c392

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 01 Apr 2022 03:04:28 GMT
Server: nginx
Vary: Origin
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://buhgalter.com.ua
Cache-Control: no-store, no-cache, no-transform, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Transfer-Encoding: chunked

GET
H2 200 _mow9f44iuT.css
static.xx.fbcdn.net/rsrc.php/v3/yv/l/0,cross/ Frame 0AF6 810 B
806 B 114ms
37ms Stylesheet
text/css 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yv/l/0,cross/_mow9f44iuT.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/group.php?app_id=1264355410382750&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df204d62dad21f34%26domain%3Dbuhgalter.com.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fbuhgalter.com.ua%252Ff1734d062b8e14c%26relation%3Dparent.parent&container_width=250&href=https%3A%2F%2Fwww.facebook.com%2Fgroups%2Fbuhgalter.com.ua%2F&locale=uk_UA&sdk=joey&show_metadata=false&show_social_context=true&width=250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

11c218596cc6e20a1492060c81a96ba6b4c3e1e2b3f574d42ee5aed2a807c124

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:04:28 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: yEClpGUZnZFPUohyjdJ/UQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 341
x-fb-rlafr: 0
x-fb-debug: 4wbJX3NZq6hlgjDuKYHi8u/FviIUFj4f+opLEu/veowVMtV6EG4vqMlh5QJ/Gz8m2xvm7n0v4/+ej9zMbAlYbw==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Fri, 31 Mar 2023 04:33:31 GMT

GET
H2 200 wn2Dg7drpsL.css
static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,cross/ Frame 0AF6 24 KB
6 KB 114ms
37ms Stylesheet
text/css 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,cross/wn2Dg7drpsL.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d0405a16ba84804ddb07a9a25afa0dab7d9a387bd0095a88aedd8d808ad1441e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:04:28 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 4JDwGHS+YnPL9menjGU+6A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 5480
x-fb-rlafr: 0
x-fb-debug: ASx7dyXNwb3dq0bf0VXJ5qv1RibQ2eBImzL8wXfw5/EqeS8dW7/msLTxdeNma5jbaZqFV7ZlNbmODuPP2ARpMA==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Fri, 31 Mar 2023 15:12:39 GMT

GET
H2 200 FPdNN1TK3wJ.css
static.xx.fbcdn.net/rsrc.php/v3/yF/l/0,cross/ Frame 0AF6 2 KB
1020 B 114ms
37ms Stylesheet
text/css 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yF/l/0,cross/FPdNN1TK3wJ.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a33a18d3ade364ae94fdc88f786c869ff8b45cae9bf98f2e2a16dd1459d98cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:04:28 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: qki4Wy05mlz5CwH9oqDKag==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 815
x-fb-rlafr: 0
x-fb-debug: CLEZTg2S7VtZvNUDq7snPnEO6tbx7OaCpbucTKiSQ/uYb8/xrSbYEg+Y33RBwEhmyZMiGMKWGyI42MVdyKBSog==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 31 Mar 2023 04:29:32 GMT

GET
H2 200 GZLIoayJ99W.css
static.xx.fbcdn.net/rsrc.php/v3/y3/l/0,cross/ Frame 0AF6 22 KB
5 KB 114ms
38ms Stylesheet
text/css 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y3/l/0,cross/GZLIoayJ99W.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

84cc71e6f3793bf27e9ddd04481fd1a476dd04aa4057410caefda377b00ce878

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:04:28 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: GVICHVR+moKHtB4pXNyEmw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 5360
x-fb-rlafr: 0
x-fb-debug: pmhGx/IFMj9YGemzVWjbx2INLNt4uXZ2BgbWU1Gp/1qy9HrK3rqMI35X+9nO2o96U00xpZZLj/Aa+J+8vTC47Q==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 31 Mar 2023 15:14:19 GMT

GET
H2 200 Tq_N4uAMCbj.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yp/r/ Frame 0AF6 307 KB
83 KB 114ms
38ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yp/r/Tq_N4uAMCbj.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ec88cf0db5b8b5eb893e68f74045ff0c523a7ad75ffc5b4ba09ccf3eabd916dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:04:28 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: hz2FIc/yI7LxeaO3U6gymg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 84484
x-fb-rlafr: 0
x-fb-debug: EDl7MZAd4j2iahdm2QsHv9Nq2uwjZgqjWWzcgmbl6fHGDWQJ8A7pFVUNFhCKt+/PSntFBNgJck41CtWKtfKjHw==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Thu, 30 Mar 2023 21:37:23 GMT

GET
H2 200 GG1Y0sYc7My.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yv/r/ Frame 0AF6 5 KB
2 KB 114ms
38ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yv/r/GG1Y0sYc7My.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

de934a085817710cb3bbd98d33e5b0c91709425d89eada2a2c55909c8b3443de

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:04:28 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: yJ9Wq2491L53MWugs2kUlg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1642
x-fb-rlafr: 0
x-fb-debug: SJsJljF92l2kk9pS/EO/ZYZwn14KjnHUTvZdjwf/xXRtG3HFrIkvPT34veGgKdbrOmZztBhKRosw6MrbNdp7Gg==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Thu, 30 Mar 2023 19:03:15 GMT

GET
H2 200 bn5IKAKfOiU.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yi/r/ Frame 0AF6 42 KB
14 KB 205ms
129ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yi/r/bn5IKAKfOiU.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f957f0996053d409ed93207c211a1538f97466ba02605ed96fa6a66c42cc1c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:04:28 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: f8Otbo9uUTQ4mUqw1oEruQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 13686
x-fb-rlafr: 0
x-fb-debug: NdOC0X3koRpvtws0kLU/VH/081Cra9gE1uiU24lsK1Cwp6rzS1A7cnzUN+OA4RcgYhUZr5LebpM1pU/o2SPP1A==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Thu, 30 Mar 2023 05:21:09 GMT

GET
H2 200 gZafJ_MF82q.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yC/r/ Frame 0AF6 49 KB
15 KB 199ms
124ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yC/r/gZafJ_MF82q.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5869f8b7a0c1419b0f8793234ae47779f4e1d46bc1aaf914bd037fe55d84ae6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:04:28 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: jmPv8gy3vfAa+iebuZyWGg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 15488
x-fb-rlafr: 0
x-fb-debug: NGzF6Cqz4obxbHdS+68BPMvthF4MfMzZcx1oeDAYesnLb9hj4eRr4bltDZKsNO6mVwh0kzqMTZA1wEUePoRMMg==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Fri, 31 Mar 2023 06:23:32 GMT

GET
H2 200 F8LQ5-eKZbo.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yc/r/ Frame 0AF6 4 KB
1 KB 199ms
124ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yc/r/F8LQ5-eKZbo.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

96e970758e57ddf48726b2e8a9680be23ae650acbaac94d68935c36a781fab52

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:04:28 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: EmBvPivseOlEhX4pDcPOLQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1113
x-fb-rlafr: 0
x-fb-debug: tdJVpZfESv5pdO+YyToQnxNxxoWR2Lbd0xvprvZQxOHhxgIt1ZRQIK/hG4N+sacSmerb480ffisiGOlfDh7ZRw==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Fri, 31 Mar 2023 04:04:05 GMT

GET
H2 200 201217635_5654539184618609_2513873357703081699_n.jpg
scontent-lhr8-1.xx.fbcdn.net/v/t1.6435-9/ Frame 0AF6 8 KB
8 KB 160ms
42ms Image
image/jpeg 2a03:2880:f058:f:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-lhr8-1.xx.fbcdn.net/v/t1.6435-9/201217635_5654539184618609_2513873357703081699_n.jpg?stp=dst-jpg_p130x130&_nc_cat=107&ccb=1-5&_nc_sid=ac9ee4&_nc_ohc=P-TqJuvuq78AX9o72zV&_nc_ht=scontent-lhr8-1.xx&edm=AJ9j6YYEAAAA&oh=00_AT8tvvnrHQPB6S1bMQKgV1BWat_0K98o3ERvzaUgz1XmBg&oe=626A29FF
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/group.php?app_id=1264355410382750&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df204d62dad21f34%26domain%3Dbuhgalter.com.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fbuhgalter.com.ua%252Ff1734d062b8e14c%26relation%3Dparent.parent&container_width=250&href=https%3A%2F%2Fwww.facebook.com%2Fgroups%2Fbuhgalter.com.ua%2F&locale=uk_UA&sdk=joey&show_metadata=false&show_social_context=true&width=250
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f058:f:face:b00c:0:3 London, United Kingdom, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: dadc342d66fe74c55e27087590362734cad1eb09b0b788032e47a8211252f99c

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-haystack-needlechecksum: 3724070233
date: Fri, 01 Apr 2022 03:04:29 GMT
x-fb-trip-id: 1679558926
last-modified: Wed, 16 Jun 2021 06:42:07 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=2148807180
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 1476050430
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 7797

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 136ms
56ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032908.js?cb=31066037

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:04:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 01 Apr 2022 03:04:28 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9087 13 KB
5 KB 117ms
53ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

accept-ranges: bytes
age: 15266
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 31 Mar 2022 22:50:02 GMT
expires: Fri, 31 Mar 2023 22:50:02 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 143D 783 B
534 B 65ms
64ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d2bb534da7b37d06e90464d7710ea8e7f4b42d32fe3d04d0ee4dc9bc105778b1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-1pp4uhjVwp3ZSotN2en/hQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-1pp4uhjVwp3ZSotN2en/hQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 01 Apr 2022 03:04:28 GMT
expires: Fri, 01 Apr 2022 03:04:28 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 yZaM3V4JGqp.png
static.xx.fbcdn.net/rsrc.php/v3/yC/r/ Frame 0AF6 434 B
486 B 54ms
54ms Image
image/png 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yC/r/yZaM3V4JGqp.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yv/l/0,cross/_mow9f44iuT.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b003d9352600682b23649cd757ca88a601667ccee1cd9e78da932862912ec0d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yv/l/0,cross/_mow9f44iuT.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:04:28 GMT
x-content-type-options: nosniff
content-md5: +8BW+7oFwjlER48ze9yVlg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 434
x-fb-rlafr: 0
x-fb-debug: 8JHXorO6vF4kY84YsMSWyZoIyJWjbXmWjYWHuXdomRZ4OKiWgmbedsqAI9wGyyob559pjMmU5ui56VCSVKQZ0A==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 30 Mar 2023 05:28:16 GMT

GET
H3 200 SQdp1QIZvnh.js Show response
static.xx.fbcdn.net/rsrc.php/v3il1s4/yH/l/uk_UA/ Frame 0AF6 83 KB
23 KB 58ms
58ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3il1s4/yH/l/uk_UA/SQdp1QIZvnh.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yp/r/Tq_N4uAMCbj.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4c79b7769d37ba6aa2b8c0f48052c75287819ef2343659ec85122e9247819b7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:04:28 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: i7dqAGdtCg6CfAgajIu49w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 23080
x-fb-rlafr: 0
x-fb-debug: nE460ymr+7bk2hU+PFCk325ZgHANkRhMfAQhYrqF6M5xth8ezDfEh/t/k2xgwDGFPskETaityBDCTj6KPLC2hw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 30 Mar 2023 03:32:27 GMT

GET
H3 200 HUpsRw4A4la.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y0/r/ Frame 0AF6 21 KB
7 KB 60ms
60ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y0/r/HUpsRw4A4la.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yp/r/Tq_N4uAMCbj.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

662dae67065bef1763ed6d671404e7e86e7488a05c82147f7e2df1ef1809b1a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:04:28 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: MiMMzhtCdKcDEaRbkM9vBg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 7041
x-fb-rlafr: 0
x-fb-debug: /2Q4V9L1gaqcqqhuAopUAdczZnrWHHDDKnXjw39b+eRzU1Xis1ut/56wfGwlunqXZ/xwp9YsUzMexfez2T/L3A==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Fri, 31 Mar 2023 05:53:57 GMT

GET
H3 200 CWJINsGKrOS.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y3/r/ Frame 0AF6 18 KB
6 KB 65ms
64ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y3/r/CWJINsGKrOS.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yp/r/Tq_N4uAMCbj.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b0dd739c0e029cf3ccc53afcfaeac9d062ffe27325823314d830689726c8a034

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:04:28 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 13jUvIkjL6/WDwDC8XNWKw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 5954
x-fb-rlafr: 0
x-fb-debug: 5XWjXWuJe1LSQ8Otl3bWTZZ/vw1zin0vGeEH2aAdHYEH0TrjQ0SKaadoMroOOKAZ+1w9eHVqm2APLgurRbZB1g==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Thu, 30 Mar 2023 01:26:44 GMT

GET
H3 200 KWY7Edb5_DT.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yn/r/ Frame 0AF6 7 KB
2 KB 66ms
66ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yn/r/KWY7Edb5_DT.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yp/r/Tq_N4uAMCbj.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4a724ff2a95b5a54c343317baf6090f082980a1989788544c59c24c70f0e125d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:04:28 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: Eoz73gpLVGWHqQXnDz/66Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 2272
x-fb-rlafr: 0
x-fb-debug: thcnhzYHxFZGPlEIw9rGyG0wZwRFc1WboWMmwl7I0lozEKPUCk03AvFnL0bwMQpojT7Nb/j/VI3BLa+2mDQswQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Fri, 31 Mar 2023 06:48:02 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 143D 0
0 144ms
78ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022032908&jk=3408811296539694&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 gjBotrajnK0yz4ntvsDRFlMTAuB3twHveDeuldaHPWQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 9087 35 KB
13 KB 105ms
56ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gjBotrajnK0yz4ntvsDRFlMTAuB3twHveDeuldaHPWQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

823068b6b6a39cad32cf89edbec0d116531302e077b701ef7837ae95d6873d64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 09:56:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61704
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13748
x-xss-protection: 0
last-modified: Mon, 28 Mar 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 31 Mar 2023 09:56:05 GMT

POST
H/1.1 204
No Content multitracking Show response
ghb.adtelligent.com/adunit/ 0
204 B 84ms
83ms XHR
text/plain 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/adunit/multitracking
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/457995/hbw_master_299506_4371.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://buhgalter.com.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://buhgalter.com.ua
Date: Fri, 01 Apr 2022 03:04:29 GMT
Access-Control-Allow-Credentials: true
Server: Adtelligent
Connection: Keep-Alive

GET
H3 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
122 B 128ms
65ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=buhgalter.com.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032908.js?cb=31066037

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 01 Apr 2022 03:04:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 129ms
64ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=buhgalter.com.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032908.js?cb=31066037

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 01 Apr 2022 03:04:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 61 KB
23 KB 482ms
481ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3408811296539694&correlator=1406750073277654&eid=31063378%2C31065714%2C31066037&output=ldjh&gdfp_req=1&vrg=2022032908&ptt=17&impl=fifs&iu_parts=141806220%2Cbuhgalter.com.ua_top_banner%2Cbuhgalter.com.ua_bottom%2Cbuhgalter.com.ua_right_banner%2Cbuhgalter.com.ua_left_banner%2Cbuhgalter_catfish_banner&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5&prev_iu_szs=970x90%7C728x90%7C1x1%2C468x60%7C610x90%7C620x90%2C160x600%7C250x600%7C250x500%7C250x250%7C240x400%7C240x500%7C250x400%2C160x600%7C250x600%7C250x500%7C250x250%7C240x400%7C240x500%7C250x400%2C970x90%7C1420x90%7C1420x180&ifi=3&adks=1472868681%2C377900176%2C2541184592%2C2347727364%2C3757304322&sfv=1-0-38&ecs=20220401&fsapi=false&prev_scp=hb_rfBid%3D0%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&sc=1&cookie=ID%3D09f83b899e50814e%3AT%3D1648782268%3AS%3DALNI_MZyUiQYptI09DuTqPX0l2ATTLOEkA&abxe=1&dt=1648782269138&lmt=1590667965&dlt=1648782266773&idt=1214&biw=1600&bih=1200&adxs=315%2C500%2C1160%2C210%2C0&adys=40%2C2897%2C889%2C1293%2C1200&ucis=3%7C4%7C5%7C6%7C7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fbuhgalter.com.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1600x-1%7C620x0%7C250x0%7C250x0%7C1600x-1&msz=1600x-1%7C620x0%7C250x0%7C250x0%7C1600x-1&fws=0%2C0%2C0%2C0%2C512&ohw=0%2C0%2C0%2C0%2C0&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=912416073.1648782267&ga_sid=1648782268&ga_hid=641238539&ga_fc=true&btvi=0%7C2%7C0%7C3%7C4&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032908.js?cb=31066037

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

28dd2440e87c316c22aa97988f21bfbdd899d2278dd7cd428857345586971911

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:04:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23492
x-xss-protection: 0
google-lineitem-id: -1,-2,-1,-2,5924045903
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-2,-1,-2,138381187050
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://buhgalter.com.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 9087 0
9 B 56ms
55ms Image
text/plain 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?FSLfjQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:04:29 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 container.html Show response
f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 69B2 6 KB
3 KB 116ms
54ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032908.js?cb=31066037

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 01 Apr 2022 03:04:28 GMT
expires: Sat, 01 Apr 2023 03:04:28 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E737 6 KB
3 KB 107ms
58ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032908.js?cb=31066037

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 01 Apr 2022 03:04:28 GMT
expires: Sat, 01 Apr 2023 03:04:28 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame FA71 0
0 75ms
74ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst4BD39HVzc_KwCOsV9xfpe07JRdaIy6SapWLk5G3dcWdh3L14zvlrk-6y8-JNynIy1y7etwUc_K6LMRXEjW8e95dOwechAdNHO_m3mkLoS1_gnWODMCqdA0WQJRt8DsTbXtnRMQ79GpS_pCBcLmS34KOYERBWqQv2vzZLpvWSalfUWl7iOH-NR7OdBFvMw6e-sA6ifI1G05o5l2ErnSVgYoT0PM-DDiL0BVjub1oBoP0hIBgJ9ePxsyHCwxCtNpHADXTEdf-gLDmwStc2y1vS375KkgS1i3r34miSCMm4mk3wzru4EqbqIsODTaYSgZDklrtjgjpQ&sig=Cg0ArKJSzJ3SB8oABhY2EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 01 Apr 2022 03:04:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET invocation.min.js
ad.invamia.com/invamia/ Frame FA71 0
0

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FA71 119 KB
36 KB 129ms
69ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032908.js?cb=31066037

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d593fdf64289375adaa96b87ebf4c4beec2995d730e3601254e0a226808bfe57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:04:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36916
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1648640521462251"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 01 Apr 2022 03:04:29 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 93ms
92ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022032908&jk=3408811296539694&bg=!hIelh8PNAAZku-1yRLs7ACkAdvg8WrwjoHYG-tWmHlHohzYEAPKYvl9zcGG9n6xgMQBuqb0hTnODOwIAAABkUgAAAAFoAQcKAAHJmQLFysNmIW8FyMstP5xXqA3wDYeAlKw3BBnjfbKhNEbQk_WpeFQrM4NKjXx3TPgWDHsoSBiRS1ps-WUDxVE-hIjz-d5JzhoVsAf10inZDWx4qC0mC2aGquHHCaAZ1knbuT-rIlAMFhtp7q21i-PJqLcvcm9Oo3ApRK_233WBGsvG2yHatER9N-HrptDZ2J48r0LufvovVG4rhBE2wG1k_UiNIiYEUHxhT9ekdRD2hSVsdZCZHguGezwh-8MR7ooF5QDslWcOhzjoxrDwlxkDy5nqVZzpAapn4WEjvKF2lbUpUqYQ7mUtzdgRBzGtqG8gRuPFD6LrS8-0ENbiIJmItvTnxbVN_5S4axSw1d9hTDdJP6JteF5irhqBZ1ZR-AnMKP_7NHA5UJ5_pyuqGZG3y7OB8ymfJl5IkBhxxozV6Hsa6UmeUM5F-L4C-8x-DKuzEXyUYqZwXyMhjuihINce2IuH6uGvsIPBy4nzAEht6XFYi9FHMIJEt_TnpRt6Qv46rpKxVirPgI266oKdEhWetgH29w100bAq7YRYV4aP3ZNy95QWe1gwDuHUDrGUiD-6JlW8ZIF64swfQvBpRw2_0t4EDJfFY0auuacYOTRDgfmiIe2a3FkD4VrbkHlvjHSbR36utM_PbbxGL3HriGiIYSLaYuPSZlN3GEBeocdpVVl-_B4NrFWfH1hkNZ3Dj5aKq18IU_KZELxZXHTQagKptAWYISiORPSKgPPtUSS2yGJBYpoBBScGjHvJPWsu8hm3WCWnaATw8RoktneVWjFiu-Gt72x-0O48Z6A-R0CN-CWAYyNbO-L0Eb-7onOf8MSuEyYkki4s2n4BM_x1G8HCmMVgCbpjqDQRJ5yuGCvZf5BbRZyMO7XzjzYb6BNsO-yCbY37F7st1x7U-Xzi0ORbFiRibLCdkwECXjoRILcva2sxJeRMbHXEjw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Apr 2022 03:04:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 8076 624 B
297 B 126ms
65ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJXmOhC6sWMYoOTswQEwAQ&v=APEucNVZqT3IY4VqhWxqFVd4DSHjLaXsLR049_GOxAfuVsKIktpN2Yl_GgX531HLfzADRmLwznjMTouUuXyOT3D-Z_9l2PtP-7hkEd4gm4q8px0PsgrWWyw31y_VllAUO5iBUAB6vQBm4BMW-8s4SZLCcyXyHjQhWyYmVJfKaRCBQhgTq97ZTqg

Requested by

Host: f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com
URL: https://f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 01 Apr 2022 03:04:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 69B2 78 KB
33 KB 155ms
96ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CQY44XEp174e2ws2uaOZGzBE3iXN-mj8-K3tIT9KmPqVW5sDKdoOd7Wzw1e19LzL7ooIa2qFyULp8JSB6kG78dK4MXlq1E2ZepAbIFmIQ0uMrJoeVq8RCuSYiv0cbBnviW9PKDph1QSazpJJIBmy8eiKDUOQ&dbm_d=AKAmf-D9bzvrttzS5fc2CSdR42sR5DOrv8AFIJhMFNaDYl7B8Krzxb7Q3FjLx8xx59MJcRD3DpWmMYje_WF5jDGRNSz8KtosZ-opKQTL831ozgT9mCwVmcAYCpJNVPeuZbwEnhPsq8HkOCDVuW1dKiVh6-2HGXfcEjbZdP28LHSEi-7GlVTtm_joKgJmkt_TMroEQ4CV3RPgbf6Q0n3ZSMr5H-SJq2YtOPS3Wpqs2xWFAXHq3RNPT0TqM2FjJ4Yp1B7lr3wegbsi5TV5mNZ4w4y_so_tmKULMqmVyePeYxjTnX2AmLMvWmxlFILrwxQNxFSA1A4yMHg2lhm8k-cY6MGKVRJZIe8ZcVMXBqLJVoMiv8OvLDVE4Mk4SDA89MHM_wx58gPvkyCBNgU5rJbucFV1wGh9iguEHL4E_ic64EYrIF4T_fpcPKBG6dkoZIGveX7f2akcP9AOf4960SHr2GSChtrWIQ11_Tilpl9qgahLPiwml83ronoWiTbgGLVFJvpVVA4sgCD56Y0B7FlyAm_Mj29eJI2CXOIs0VeYbYfXKAzspmsMzaA-XB93dm9slXeECNIlfyev1QuRT8cN6RC9UlyuewwgA8up7pOypLZ-WrlAIidc0RiPkjT-0xDuWSOc6P3gzpIsN17w58UCfncFMBdQvnbtkwz3sK8LmINoDlK8OUPYGS6hKjqy_w1PEt0ECVFgeIWp0ZpO5tVRAxg1_GT7T8bMw5PtyHkIV-SkVknJHTcDyYdqRG6SMqdibjnvNb-rBrBK6jhZzEs3Ns2DD8As-08IsXEsV9T0zsEjHhFJ20yfvOy8ZnZl47pA4Fay2IsPkDdsfc_H9w4WbsfQqi2_t-HekzGxV9eQpsZ4HhtfTN-1lr3MvX6QD_oZVGGYPhf4Erbzymc2qFF4k7IGiMr77ux5ql6nifkJjkZ1iQrQ6LaR9jLHAmfg0UcvKH-duA0v9ISkASS9q2q0RgOEPhTcg5AiyxXaKbA-EFf-poXHMF1tibxHLVKgDGWQOcK3zJ2ujNZsCgSfF7vthA9boFx8QIs-8cqBnE6PUd_5flx5jrM5IQPy3ORMgE88lVN8itgIpzKU_IczO9uAdS3CtSH823PHr03zuX5sBoaEJWpUxmC-bKmXUrzOuitENPfvqMUgr_O3yWVhdaobpDUNt-0kFBqKVB9nyoKWGqF8H_0bMhOt12SWzkMWn-rsl6CJjZWUm7kiXmKC06aIvLbaQPln6BacTDIpTEuwDmgdzJYudF1nY9-FTgbqzLA5IItm54h5JlfkcwK4dPFoslRovxaNTELOqTimFrn9xb47GGJNGHeGcxS9EXOZV_naW8DDVE-4NWY_G0ozbjH57aIPvl1mFayYgOlHLKQ7ALtg57RXjdJDZXPyJcrGRAwXNvqq4S3q5-Wh_EOKC9bSJ8iLyKQhdI3GmA6PKtLqjk90j7_tAV99Nl3AgzizyuUSeg3V1HvPhJ693fnjv663eq-ejPuBDKIzEGo8ZB-pbV6hvBZOVaNllI-BlciSRGPnTDrQ-X6wwE38XhvMwTl53vYg07DK9t4sAyTMaSL_XntRkGVGU6-hDCoU4bw4w6HS1miYIEdj14t54H9jWIIgXwGDQYKAe0aY-llJhITh1EqUE4JCAQhCagYCZtb8moN8l5foBtXTGS2JAyOVI-6Qnep1dkPKCT1RSowFiFohMIJJgKHI8Et46f5IUSnFe8R9ircoYMFzyEzQpLukAUfa-mebDJMCIH8OByumcNHycZYYJA9HtnsPUkNGmBVeBDMtsDE7fHokn9hoo7GRa5hCssya4e8ptdqVmbj26GX7sEUNFwK4Yd6ujlYwFPNbkZR3-r6vq6HrYbnlDJYmeQDtG4frPYtx8MZ4N07Cj7bVWmGT8td-v2Y-33cx4j5Md17nBf70MRuwCkKfhCN5Tk9ikyM_T1XG3Cxx5IcVA5MkxIx1FQF6zY602qA79nkI7lAiGHBRGRwNuL7E__5tp4jrOKmkhhqY_MCSOd8v06xUu3Z_TtOSnRVWp8goMRsnOCN_VXrp5d9TRnJGb-oBVZmcF_JHyVQ0thYbMZQbqkn7Bs4rvR4B58ASgQc0W7pGoA2QNmd6iR7-M1Q7TE_RjzziTHIzyhEhU16yfKH1BDwyU9xi7bDXfcU2iYn8Ak2n9mTbfdNb5pif2UOdsB8JHV28PF65-3eQYWWnAbIK0UNcoY0rt11uAxkWo2H5eNQfy48cfIaZNy4HrHU7NXj15xlwOpVqdPLug_fVgifYELAolOuFI79KNVd_BBWKhnS3Bene8LxznMbaMIxraLgyLKNZK4zGXhalo9HsTOaDZZp99WG6dpZiu4SncGaxJoxIhNUvHqpWj1ZpkugkaD-85-A3mb4L6G2D1mS05M5-HQ1ErXCTsl9o8l7-_exWvPpdnw1HtTzzcVAgxLctKPLf5ePiDBMzX5XmbLdwxZd6rO-leRH7_DJAbDQEYOXizjPh5tabgrVQEH4OwYNbe6iplV106lD_8hTpyYT1tXPoLXHYJwwd-IXsJocjLN-dgMAL09Y-eWSW36BsfcaYDdtUhrJIVwjsFLQb6vgXAyuzVIgA304H2BgnOsuU0wclQR0S5OgelJgguLfb8XGuP-hnO4D51aa_PxmnvaAtU1IDvZI16PFcL7Pr5EFrAw4B6BrMnkC4MRjVMxhkIFo0hYPgtgaJC1QVbgG2ZBFAjnqsS1Yty5X9Kem_i1LzdvKkqiwn6P3XtsSRFeslwWxe4Bg8EcY5WeXZfZPttTVPuerAf4tzFo0cjoH9guWUATsmPqm2qjx-OPckRkpXLDsIY1zKJJmnwK8P7gZqJfK9bGsyG7DCHjgSmLPbLqwgaHs9-qCHbsz9-kmh3c6ZqNTSwRIZwJ9Oe7F7iZYo0yj0W4V53Z6xZz3msKT5e4Qdt7vrHmxQJ8TWtbbnp63nrTCLTvXbghCuLOep2emjaNMlhhLsld9T5Z9HZlIeVeqQ6bpefZcEWRY20-OpTblfQr0Me2fe2HvXnJKTEDP1a6FhmP7u_j2pKjTK5q-jMQFFu5t0fgmpy8iPKLbgXQqgLpWP9XWmbiZ_Md_d7fQ5hpqsJFPU1wZjNCB3bJSv2lRk9utssZWFWUfOJptMdyMNb6W8XkQikg7kkoo18MnLIFfj7sL55sQ8wxTIo5gPAGmpxerTcgxvmZru4pBs76DWkEJUBiqZzHD7ml9ItCfUXllfYYjxInzm--Dwe9WG0rlYGazitzuqBH968zJ8zV0A8O_7S8nL8zvqzFukU2kndU5nVLdOGwSQc1whNt8Zz9DhsZ-G2OvEdez2oMR5WZ5r-yHV&cid=CAASJORo8rjzb5d8B4dRzz55Wy41Hc6jDAJp9H8Fm49uhfFNtvWyzw&rfl=1%2Chttps%253A%252F%252Fbuhgalter.com.ua%252F%240

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ac0bfdfd9117cea6f4aae76353d0aeed281d4d63242d067ce2a972dac5707435

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Apr 2022 03:04:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33407
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 69B2 42 B
63 B 83ms
83ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Ai3UgJj19t6S3AI8GTnSKeZuMNqRFEnI0miPenjzWh2EB1O4Nll2FG3BzQdvnCf-BM8LC4M7BsM0Z0zFye217s4kS3DiG5h34KYQKDb1V9bQJpSrU

Requested by

Host: f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com
URL: https://f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Apr 2022 03:04:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/ Frame 69B2 2 KB
1 KB 51ms
51ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/window_focus_fy2019.js

Requested by

Host: f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com
URL: https://f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 02:51:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 804
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Apr 2022 02:51:05 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 69B2 119 KB
36 KB 62ms
62ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com
URL: https://f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d593fdf64289375adaa96b87ebf4c4beec2995d730e3601254e0a226808bfe57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:04:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36916
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1648640521462251"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 01 Apr 2022 03:04:29 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/ Frame 69B2 15 KB
6 KB 51ms
51ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com
URL: https://f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 02:36:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1666
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6407
x-xss-protection: 0
server: cafe
etag: 6055885685211612390
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Apr 2022 02:36:43 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 69B2 0
0 61ms
60ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTpCxrjECjW2_yEx1PP24THIpEZdqAkDQ7qgyPgF47gvUX-JUZOzrXzD_1TN1h1AJz5G6Cvak56Ns4H0EcsgTrgxTB9NQ
Requested by: Host: f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com
URL: https://f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame CB27 640 B
316 B 188ms
132ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPwBENm9sbICGJuaq8IBMAE&v=APEucNXHGKBFT7O-ag9ZdOY0g-uWfVqKm_GqJ3TvdwpA_vANSsAl7wMd9qYFkAkkLuB1tFM__QZmCFdORWEjyCNbo4qNLyKRbi8LD4tXSn-rSJXjJ57p9uJFbnMkRYhawMpLE-F3-2ZCOHLkGeeeLpH32gMmIGzuZicjH3d-bhxm3duq7IyrJA8

Requested by

Host: f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com
URL: https://f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 295
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 01 Apr 2022 03:04:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame E737 27 KB
16 KB 162ms
106ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DBaL1KKvPbhkmqnyeQOEcT_shk2ncwcvZhKRardMQ9-AmjzwEciCSFu6T5Ghy9makE6dv_2TjCJJTMJ_h4wDbTPWwipPon0HBffwsWO3sRAtXgMi2aBVXD20Yzs0zULXsrcVKNIw6hawi4SyLsvZWC9dMtBA&cry=1&dbm_d=AKAmf-C1Ir-JrkRww4cK8xh9bomAchnCEaH5_xq6WrktwJ0yrPL22BH_nZpJ_9our0SjEBn5U2aXPyVe3GuVIEE_tLQLM9D-gyqjxj-Bb2qUh-JR53oe9MnD_paGpPvy2fkPxlVYMV2b38aKdsJAzJlexdJMv7yoxfuEmq-QqzRiXd2ISziKkjtmhVLTIVIFmMjKdGrS6bmJLJkMTFDiphKZ_7OcyakY5D4ENI9yRz7F0PLphZIWyM_1Ei5lRQ15-kq0b9lLcNab6nozaInDvK09T9WxsOWGBEh_RcyMzPGj_2Yd8FOazQ42R3oEBmyoKU7Ex-1WM0oydZh47zL_9qUP1UI_6vns7i_jDoQDtzTsoMAkl08tM3KuXHFwgzP3qD8Ol_I9EzFtWDcTX5ekdmCoDwetwsn0emueYlt_rcGAVAOxA2asaRK2V_drnR9qDP_t0YYZ8mMa_vSweIY2XZsL8OtHlRfERv8LzYPHr1p_Sw_EScNJRH6rWjEu_ZWKjm6P-H5KiDdtp3DZBwSOf_e4wONKnm5o3xXJ78fmaiqAzh3eaUlzApQ3VBMDiXrkZngwR-D_sIBCqsuUAJaq19srzBFcPPhPdCjjlmzQJuf4mAgRgdjx8hveKhiCNdaEQAi4d70hNSzZhWfs0cffuiPBKg9kjaH5Gqq2GFbHi472no71hbwEWnuvVoeUMNeE8VS0q0MfIRUrVANui3yVvDvkQ7Q3Hyn9uW70XLgpAVMtBrK4yw4ljKJDe0Yf20aIcnPom7h7qRFZV02p5C3tcjhPw13RpcL-XBmzVhOKHMAxKh3V1V1R8wMxZgiKIVXj1W21E-6nR7nqywDniKKJk9hAVUPbOHqjpgma3GUJpjXBGocnDc4xG8gVauQAEONd3VPGc4opjI4-eYO4pPBp_HZbjqhXHBimm-n6qgg_s4-RBgauWj3c5zGbIxooy6F1E2BDBhoKm2XtrFotBwioVb0PSnVbGWBcQfbbmSrYGGDP991J4O4gSGx1OiiPu0VRWWWUpWiT-yuFmNACK4edZwU_2TRMULKgQtrCcZ9WOxqloiNN-cSga9emGXDFfqHpDKO1anySWr0U-9UlJZQPzT67UC1DxKhuOGetR6iUg92jzMoYm0jpCe22mvFqH8_p27lXI17XdvLQCHDFFrPJC5B9D_Gx77hLjHCqPth08u385hmnMqRqg9k1LPglaWApjXgva3Iuc3gUpIepLuIT-0YsQndUUSc--SLeiYW4zCXkhp2Up4OGxFsaiaUzW7gSkTojmxr5EvepvfMso-3Q9ftdcif6euCBvUTsvEYe4IYAVsvXBro8rOQfGZOPZ4SnwCyfUk_iL-pws6uEW7oQ459Zs-mjPBzhtJd4m1KXhBctzNcEfk71PSj1AuYHc3tzor2D7G6nSATRpS6d4xKfnPejEWMAkmbt9ASQbnxXreiGx03rUv3dm0F7LcEuOt1miSdT_hVRDmYv_FrD6dvjS58eM2ugtFS4A7rvXM45hNVrCqfWMl5EFf__q2j_HjKqvHQgaJBuOv_il2S5oqndmT5Bt3j93FAi7d47V8UGOnp-rs-7D08an-olk4clXlxWHCDOBu55djMGb6ODsg6W7_ldSqDpJB5tF2db-qsuZngl7NAx8rHWK_7sc8uSm1dKKKvmgjfWfm54zdBQV0xAUQRBeBaIXqIc6eQn51d1uE8_85snWiKWKlo0onmrhlMBojiuOF91s7zxKUQyP0R7yIGNk9hWDGf19rCoMMN3aFV6AaIE9XsmkkCqQ33M9rtFlmltOVNrrRb8CW791rOrBhbg8XWNaeH8sr1T4NKPoTBGCUn-rdo0P_WTF_9y28wbq_gM6f3bazYjoqftSWSFe7b9t2Tlo4SfA7ymGHdvMeh35e7obIREu331QTKRMi_3qSGqWkUMk8faLalcbKIHCydJTGzzu24oVeeG24eXQ9pfOK3PuIgkbDldqmuUjyUF3aH5PS9fmLClHRl9GGgOik5FlK0Zq38vnGhzNaslMq_gChXteVSEJTjh28XXxWvKtHaHPt4QuILyyjWbOAGB3IIir9WgSALZPA0RBRP4Ou11coBsTXTKV12MpxTARXxRrASepfSMLA3SobrvpsPkptGeULwgGqqQE5nup7z1RwcwFotTwGTMm_1g8EBMzIljm4ihzZz_CA4rBvi9_xwPbphzfV6nzGzVfWZKE4nbv-jzlawzSpqTX3_V2C32NNepRN7MF5Fsxy9pZcndzmJYdUaj-bYnCKV8biyerUOdxc0pcAvxWs63tsbnWnjX4-dtiH6AAtTg9hGIsPsQfWOx2SYV5O2PpFr2rR2sPchJSNOaMOwBbevN9Ma0eHg01VxhJRc0fpIWTBV3l0x5p6mMD_v2ROjDYboHwGxNWbXBaFFnU_4GM32ioNokjdElr2ufqDXbiGIV-YTE7XvRGmT_Fv8_ibwdgwsZpSONVxWfk2RrexJJixvg7rdcNlBR_m-FCKgB6G3c8k-BywP2gVCZQq0VhnzSM0VkXnABPPsvoBrSAHl9W5dG5PEBIq0ZAAF5I3HsM1enp-AKcl5JsUg4AgMCY3UCSJ_DLGMHwWvoqx8IuxC2xJ4Ds-Z5IvS0jp3HPOsemj8VLNxrGBWFfrEtZiQV7abWiHHzxxLuSy32R1ZoUn6fti3BGlmxVfw8iZY8zGpAS_K2ySZ1YqcIIlLtArSup7lUfQJaKz-zyiGMpKc0Cop28kzAK2EjHE7GKYXhS6KxjYoWwCyuBTctTeQTSQJnCb4etbgZj5VAf4D_XMkizuVoiYZYUc_ueTtOUNEt687nptfaxdUpgem-bolr8jpYPELhW3rAemye-UzpCpGdZ7-OglgzQjVGFMvUrCNej9nv7Jbvy8szR_fd2miRDW9PiVOKMlHlUOXfbXaRg0F1uc9p4mlzTIDDG_90u6nYBSIOwRq7VHq09__S_wyd_H5oCQg6H9jHGiI1FFWAZu_7G7Lck7Me9-4ggwerKKPgGGDZcqBlOgPiklEdivDOv_sjp4FZWi0j0LTp4ZHJ09A-roEFLU2oTzHp8xVh5cPzbJNooIHyXntl7Kzi_ipQj--bRm5YH9ct5xAlLzrKbGkyVHWTa8K_wjYWxR_-tN4nbPuSLIHIGXzz2oHzsRPfHpaZgJEsu7AK_vj3RyG2_lCeePNHIA9s1Le4W1hE8VnoSFJxBPjCc4LNBwpVQQFz-iFRpFf84tK2Gajy2MC0CrA09SqmrPxoE7ySB3L-F_U62o7O6U9qS1NcyeRWcMiQUn8adgfUXY_48HO_BXICNPDJmVSosgt3t-81WU2Qd5Dsa-n99dBxHpZYcdqNGKVTBoDhSuI2F3JIk0cIrezy5ysrfj4cEgF00YnrHv0dJAkRdiOEPbU1KKD5CrzvDBTMU-g6QiImv0DR1A&cid=CAASJORoJZ9fpOKXP4aAPw5JKaUSF6YToTYLh019IxF_0ZgAPEC2Gw&rfl=1%2Chttps%253A%252F%252Fbuhgalter.com.ua%252F%240

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ac6702f48f6f1e8d56c606210d7d02fa5f1083cd8832a5a5cf594e26368955e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Apr 2022 03:04:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16563
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame E737 42 B
63 B 83ms
82ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AWWCxAQ4_uU8qEUYoig4WFV6xjPpH9p-pHW0K0lTaM0Pe7pe1Ctim02bOujqtJ_WX-S0iPAudtpGagGokTdFbXe1Btr-A0EXv8qJz0wd0cP3bhSTA

Requested by

Host: f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com
URL: https://f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Apr 2022 03:04:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/ Frame E737 2 KB
1 KB 51ms
50ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/window_focus_fy2019.js

Requested by

Host: f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com
URL: https://f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 02:51:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 804
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Apr 2022 02:51:05 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E737 119 KB
36 KB 96ms
95ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com
URL: https://f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d593fdf64289375adaa96b87ebf4c4beec2995d730e3601254e0a226808bfe57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:04:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36916
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1648640521462251"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 01 Apr 2022 03:04:29 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/ Frame E737 15 KB
6 KB 51ms
50ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com
URL: https://f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 02:36:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1666
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6407
x-xss-protection: 0
server: cafe
etag: 6055885685211612390
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Apr 2022 02:36:43 GMT

GET
DATA 200
OK truncated
/ Frame FA71 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a9180ced898eb829fea14d607d45f69be8ec52828769835b0bc20fab45bff1f5

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 8076
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHAm7xsh7QTqzlpLFqspUgk&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHAm7xsh7QTqzlpLFqspUgk&google_cver=1&C=1

43 B
1012 B

68ms
68ms

Image
image/gif

23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHAm7xsh7QTqzlpLFqspUgk&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJXmOhC6sWMYoOTswQEwAQ&v=APEucNVZqT3IY4VqhWxqFVd4DSHjLaXsLR049_GOxAfuVsKIktpN2Yl_GgX531HLfzADRmLwznjMTouUuXyOT3D-Z_9l2PtP-7hkEd4gm4q8px0PsgrWWyw31y_VllAUO5iBUAB6vQBm4BMW-8s4SZLCcyXyHjQhWyYmVJfKaRCBQhgTq97ZTqg
Protocol: HTTP/1.1
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 01 Apr 2022 03:04:30 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 01 Apr 2022 03:04:30 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 01 Apr 2022 03:04:30 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHAm7xsh7QTqzlpLFqspUgk&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Fri, 01 Apr 2022 03:04:30 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 8076
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YkZrvuoYWiuewhWnCJ9fNQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHAm7xsh7QTqzlpLFqspUgk&google_cver=1

43 B
892 B

71ms
70ms

Image
image/gif

23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHAm7xsh7QTqzlpLFqspUgk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJXmOhC6sWMYoOTswQEwAQ&v=APEucNVZqT3IY4VqhWxqFVd4DSHjLaXsLR049_GOxAfuVsKIktpN2Yl_GgX531HLfzADRmLwznjMTouUuXyOT3D-Z_9l2PtP-7hkEd4gm4q8px0PsgrWWyw31y_VllAUO5iBUAB6vQBm4BMW-8s4SZLCcyXyHjQhWyYmVJfKaRCBQhgTq97ZTqg
Protocol: HTTP/1.1
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 01 Apr 2022 03:04:30 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 01 Apr 2022 03:04:30 GMT

Redirect headers

pragma: no-cache
date: Fri, 01 Apr 2022 03:04:30 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHAm7xsh7QTqzlpLFqspUgk&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 8076
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEB1_XT7ALvnYtRC6Boj-gAk&google_cver=1

43 B
1014 B

63ms
63ms

Image
image/gif

185.33.221.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEB1_XT7ALvnYtRC6Boj-gAk&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJXmOhC6sWMYoOTswQEwAQ&v=APEucNVZqT3IY4VqhWxqFVd4DSHjLaXsLR049_GOxAfuVsKIktpN2Yl_GgX531HLfzADRmLwznjMTouUuXyOT3D-Z_9l2PtP-7hkEd4gm4q8px0PsgrWWyw31y_VllAUO5iBUAB6vQBm4BMW-8s4SZLCcyXyHjQhWyYmVJfKaRCBQhgTq97ZTqg

Protocol

HTTP/1.1

Server

185.33.221.52 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 01 Apr 2022 03:04:30 GMT
X-Proxy-Origin: 5.187.21.103; 5.187.21.103; 725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: b4a09350-619b-403f-b546-3d4bb382acdc
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 01 Apr 2022 03:04:30 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEB1_XT7ALvnYtRC6Boj-gAk&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 8076
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTE2Njk2MzE2MjQ1NTc3OTE4Mw%3D%3D

170 B
243 B

144ms
72ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTE2Njk2MzE2MjQ1NTc3OTE4Mw%3D%3D

Requested by

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Apr 2022 03:04:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 01 Apr 2022 03:04:29 GMT
X-Proxy-Origin: 5.187.21.103; 5.187.21.103; 725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 53f0ff28-5c17-48fe-8693-83afdaa5d7ac
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTE2Njk2MzE2MjQ1NTc3OTE4Mw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame CB27
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECRJ2aTlGcW1U6rHSgVEkRM&google_cver=1

43 B
114 B

61ms
61ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECRJ2aTlGcW1U6rHSgVEkRM&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPwBENm9sbICGJuaq8IBMAE&v=APEucNXHGKBFT7O-ag9ZdOY0g-uWfVqKm_GqJ3TvdwpA_vANSsAl7wMd9qYFkAkkLuB1tFM__QZmCFdORWEjyCNbo4qNLyKRbi8LD4tXSn-rSJXjJ57p9uJFbnMkRYhawMpLE-F3-2ZCOHLkGeeeLpH32gMmIGzuZicjH3d-bhxm3duq7IyrJA8
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/17.2.1 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Apr 2022 03:04:30 GMT
via: 1.1 google
server: OXGW/17.2.1
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 01 Apr 2022 03:04:30 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECRJ2aTlGcW1U6rHSgVEkRM&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame CB27 43 B
305 B 197ms
59ms Image
image/gif 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPwBENm9sbICGJuaq8IBMAE&v=APEucNXHGKBFT7O-ag9ZdOY0g-uWfVqKm_GqJ3TvdwpA_vANSsAl7wMd9qYFkAkkLuB1tFM__QZmCFdORWEjyCNbo4qNLyKRbi8LD4tXSn-rSJXjJ57p9uJFbnMkRYhawMpLE-F3-2ZCOHLkGeeeLpH32gMmIGzuZicjH3d-bhxm3duq7IyrJA8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/17.2.1 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Apr 2022 03:04:30 GMT
content-encoding: gzip
server: OXGW/17.2.1
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
via: 1.1 google
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame CB27
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEPNUeR9Xdni0NEsGU-7lTGk&google_cver=1

23 B
172 B

367ms
79ms

Image
image/gif

104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEPNUeR9Xdni0NEsGU-7lTGk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPwBENm9sbICGJuaq8IBMAE&v=APEucNXHGKBFT7O-ag9ZdOY0g-uWfVqKm_GqJ3TvdwpA_vANSsAl7wMd9qYFkAkkLuB1tFM__QZmCFdORWEjyCNbo4qNLyKRbi8LD4tXSn-rSJXjJ57p9uJFbnMkRYhawMpLE-F3-2ZCOHLkGeeeLpH32gMmIGzuZicjH3d-bhxm3duq7IyrJA8
Protocol: H2
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.7 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Apr 2022 03:04:30 GMT
cache-control: max-age=0, no-cache, no-store
expires: Fri, 01 Apr 2022 03:04:30 GMT
server: akka-http/10.2.7
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 01 Apr 2022 03:04:30 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.teads.tv/um?eid=3&uid=CAESEPNUeR9Xdni0NEsGU-7lTGk&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame CB27 23 B
172 B 514ms
78ms Image
image/gif 104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPwBENm9sbICGJuaq8IBMAE&v=APEucNXHGKBFT7O-ag9ZdOY0g-uWfVqKm_GqJ3TvdwpA_vANSsAl7wMd9qYFkAkkLuB1tFM__QZmCFdORWEjyCNbo4qNLyKRbi8LD4tXSn-rSJXjJ57p9uJFbnMkRYhawMpLE-F3-2ZCOHLkGeeeLpH32gMmIGzuZicjH3d-bhxm3duq7IyrJA8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.7 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Apr 2022 03:04:30 GMT
cache-control: max-age=0, no-cache, no-store
expires: Fri, 01 Apr 2022 03:04:30 GMT
server: akka-http/10.2.7
content-length: 23
content-type: image/gif

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220330/r20110914/ Frame E737 25 KB
9 KB 58ms
58ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220330/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DBaL1KKvPbhkmqnyeQOEcT_shk2ncwcvZhKRardMQ9-AmjzwEciCSFu6T5Ghy9makE6dv_2TjCJJTMJ_h4wDbTPWwipPon0HBffwsWO3sRAtXgMi2aBVXD20Yzs0zULXsrcVKNIw6hawi4SyLsvZWC9dMtBA&cry=1&dbm_d=AKAmf-C1Ir-JrkRww4cK8xh9bomAchnCEaH5_xq6WrktwJ0yrPL22BH_nZpJ_9our0SjEBn5U2aXPyVe3GuVIEE_tLQLM9D-gyqjxj-Bb2qUh-JR53oe9MnD_paGpPvy2fkPxlVYMV2b38aKdsJAzJlexdJMv7yoxfuEmq-QqzRiXd2ISziKkjtmhVLTIVIFmMjKdGrS6bmJLJkMTFDiphKZ_7OcyakY5D4ENI9yRz7F0PLphZIWyM_1Ei5lRQ15-kq0b9lLcNab6nozaInDvK09T9WxsOWGBEh_RcyMzPGj_2Yd8FOazQ42R3oEBmyoKU7Ex-1WM0oydZh47zL_9qUP1UI_6vns7i_jDoQDtzTsoMAkl08tM3KuXHFwgzP3qD8Ol_I9EzFtWDcTX5ekdmCoDwetwsn0emueYlt_rcGAVAOxA2asaRK2V_drnR9qDP_t0YYZ8mMa_vSweIY2XZsL8OtHlRfERv8LzYPHr1p_Sw_EScNJRH6rWjEu_ZWKjm6P-H5KiDdtp3DZBwSOf_e4wONKnm5o3xXJ78fmaiqAzh3eaUlzApQ3VBMDiXrkZngwR-D_sIBCqsuUAJaq19srzBFcPPhPdCjjlmzQJuf4mAgRgdjx8hveKhiCNdaEQAi4d70hNSzZhWfs0cffuiPBKg9kjaH5Gqq2GFbHi472no71hbwEWnuvVoeUMNeE8VS0q0MfIRUrVANui3yVvDvkQ7Q3Hyn9uW70XLgpAVMtBrK4yw4ljKJDe0Yf20aIcnPom7h7qRFZV02p5C3tcjhPw13RpcL-XBmzVhOKHMAxKh3V1V1R8wMxZgiKIVXj1W21E-6nR7nqywDniKKJk9hAVUPbOHqjpgma3GUJpjXBGocnDc4xG8gVauQAEONd3VPGc4opjI4-eYO4pPBp_HZbjqhXHBimm-n6qgg_s4-RBgauWj3c5zGbIxooy6F1E2BDBhoKm2XtrFotBwioVb0PSnVbGWBcQfbbmSrYGGDP991J4O4gSGx1OiiPu0VRWWWUpWiT-yuFmNACK4edZwU_2TRMULKgQtrCcZ9WOxqloiNN-cSga9emGXDFfqHpDKO1anySWr0U-9UlJZQPzT67UC1DxKhuOGetR6iUg92jzMoYm0jpCe22mvFqH8_p27lXI17XdvLQCHDFFrPJC5B9D_Gx77hLjHCqPth08u385hmnMqRqg9k1LPglaWApjXgva3Iuc3gUpIepLuIT-0YsQndUUSc--SLeiYW4zCXkhp2Up4OGxFsaiaUzW7gSkTojmxr5EvepvfMso-3Q9ftdcif6euCBvUTsvEYe4IYAVsvXBro8rOQfGZOPZ4SnwCyfUk_iL-pws6uEW7oQ459Zs-mjPBzhtJd4m1KXhBctzNcEfk71PSj1AuYHc3tzor2D7G6nSATRpS6d4xKfnPejEWMAkmbt9ASQbnxXreiGx03rUv3dm0F7LcEuOt1miSdT_hVRDmYv_FrD6dvjS58eM2ugtFS4A7rvXM45hNVrCqfWMl5EFf__q2j_HjKqvHQgaJBuOv_il2S5oqndmT5Bt3j93FAi7d47V8UGOnp-rs-7D08an-olk4clXlxWHCDOBu55djMGb6ODsg6W7_ldSqDpJB5tF2db-qsuZngl7NAx8rHWK_7sc8uSm1dKKKvmgjfWfm54zdBQV0xAUQRBeBaIXqIc6eQn51d1uE8_85snWiKWKlo0onmrhlMBojiuOF91s7zxKUQyP0R7yIGNk9hWDGf19rCoMMN3aFV6AaIE9XsmkkCqQ33M9rtFlmltOVNrrRb8CW791rOrBhbg8XWNaeH8sr1T4NKPoTBGCUn-rdo0P_WTF_9y28wbq_gM6f3bazYjoqftSWSFe7b9t2Tlo4SfA7ymGHdvMeh35e7obIREu331QTKRMi_3qSGqWkUMk8faLalcbKIHCydJTGzzu24oVeeG24eXQ9pfOK3PuIgkbDldqmuUjyUF3aH5PS9fmLClHRl9GGgOik5FlK0Zq38vnGhzNaslMq_gChXteVSEJTjh28XXxWvKtHaHPt4QuILyyjWbOAGB3IIir9WgSALZPA0RBRP4Ou11coBsTXTKV12MpxTARXxRrASepfSMLA3SobrvpsPkptGeULwgGqqQE5nup7z1RwcwFotTwGTMm_1g8EBMzIljm4ihzZz_CA4rBvi9_xwPbphzfV6nzGzVfWZKE4nbv-jzlawzSpqTX3_V2C32NNepRN7MF5Fsxy9pZcndzmJYdUaj-bYnCKV8biyerUOdxc0pcAvxWs63tsbnWnjX4-dtiH6AAtTg9hGIsPsQfWOx2SYV5O2PpFr2rR2sPchJSNOaMOwBbevN9Ma0eHg01VxhJRc0fpIWTBV3l0x5p6mMD_v2ROjDYboHwGxNWbXBaFFnU_4GM32ioNokjdElr2ufqDXbiGIV-YTE7XvRGmT_Fv8_ibwdgwsZpSONVxWfk2RrexJJixvg7rdcNlBR_m-FCKgB6G3c8k-BywP2gVCZQq0VhnzSM0VkXnABPPsvoBrSAHl9W5dG5PEBIq0ZAAF5I3HsM1enp-AKcl5JsUg4AgMCY3UCSJ_DLGMHwWvoqx8IuxC2xJ4Ds-Z5IvS0jp3HPOsemj8VLNxrGBWFfrEtZiQV7abWiHHzxxLuSy32R1ZoUn6fti3BGlmxVfw8iZY8zGpAS_K2ySZ1YqcIIlLtArSup7lUfQJaKz-zyiGMpKc0Cop28kzAK2EjHE7GKYXhS6KxjYoWwCyuBTctTeQTSQJnCb4etbgZj5VAf4D_XMkizuVoiYZYUc_ueTtOUNEt687nptfaxdUpgem-bolr8jpYPELhW3rAemye-UzpCpGdZ7-OglgzQjVGFMvUrCNej9nv7Jbvy8szR_fd2miRDW9PiVOKMlHlUOXfbXaRg0F1uc9p4mlzTIDDG_90u6nYBSIOwRq7VHq09__S_wyd_H5oCQg6H9jHGiI1FFWAZu_7G7Lck7Me9-4ggwerKKPgGGDZcqBlOgPiklEdivDOv_sjp4FZWi0j0LTp4ZHJ09A-roEFLU2oTzHp8xVh5cPzbJNooIHyXntl7Kzi_ipQj--bRm5YH9ct5xAlLzrKbGkyVHWTa8K_wjYWxR_-tN4nbPuSLIHIGXzz2oHzsRPfHpaZgJEsu7AK_vj3RyG2_lCeePNHIA9s1Le4W1hE8VnoSFJxBPjCc4LNBwpVQQFz-iFRpFf84tK2Gajy2MC0CrA09SqmrPxoE7ySB3L-F_U62o7O6U9qS1NcyeRWcMiQUn8adgfUXY_48HO_BXICNPDJmVSosgt3t-81WU2Qd5Dsa-n99dBxHpZYcdqNGKVTBoDhSuI2F3JIk0cIrezy5ysrfj4cEgF00YnrHv0dJAkRdiOEPbU1KKD5CrzvDBTMU-g6QiImv0DR1A&cid=CAASJORoJZ9fpOKXP4aAPw5JKaUSF6YToTYLh019IxF_0ZgAPEC2Gw&rfl=1%2Chttps%253A%252F%252Fbuhgalter.com.ua%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a18b0faf6a447454e134730303202f8416b72f1d4f744b1d3b4646636240eb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 02:56:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 455
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9657
x-xss-protection: 0
server: cafe
etag: 16576748017229546422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Apr 2022 02:56:55 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame E737 41 KB
15 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 13:41:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 134607
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Mar 2023 13:41:03 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame 69B2 106 KB
38 KB 199ms
68ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com/
Origin: https://f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 14:41:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44567
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 01 Apr 2022 14:41:43 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220330/r20110914/elements/html/ Frame 69B2 8 KB
3 KB 61ms
60ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220330/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CQY44XEp174e2ws2uaOZGzBE3iXN-mj8-K3tIT9KmPqVW5sDKdoOd7Wzw1e19LzL7ooIa2qFyULp8JSB6kG78dK4MXlq1E2ZepAbIFmIQ0uMrJoeVq8RCuSYiv0cbBnviW9PKDph1QSazpJJIBmy8eiKDUOQ&dbm_d=AKAmf-D9bzvrttzS5fc2CSdR42sR5DOrv8AFIJhMFNaDYl7B8Krzxb7Q3FjLx8xx59MJcRD3DpWmMYje_WF5jDGRNSz8KtosZ-opKQTL831ozgT9mCwVmcAYCpJNVPeuZbwEnhPsq8HkOCDVuW1dKiVh6-2HGXfcEjbZdP28LHSEi-7GlVTtm_joKgJmkt_TMroEQ4CV3RPgbf6Q0n3ZSMr5H-SJq2YtOPS3Wpqs2xWFAXHq3RNPT0TqM2FjJ4Yp1B7lr3wegbsi5TV5mNZ4w4y_so_tmKULMqmVyePeYxjTnX2AmLMvWmxlFILrwxQNxFSA1A4yMHg2lhm8k-cY6MGKVRJZIe8ZcVMXBqLJVoMiv8OvLDVE4Mk4SDA89MHM_wx58gPvkyCBNgU5rJbucFV1wGh9iguEHL4E_ic64EYrIF4T_fpcPKBG6dkoZIGveX7f2akcP9AOf4960SHr2GSChtrWIQ11_Tilpl9qgahLPiwml83ronoWiTbgGLVFJvpVVA4sgCD56Y0B7FlyAm_Mj29eJI2CXOIs0VeYbYfXKAzspmsMzaA-XB93dm9slXeECNIlfyev1QuRT8cN6RC9UlyuewwgA8up7pOypLZ-WrlAIidc0RiPkjT-0xDuWSOc6P3gzpIsN17w58UCfncFMBdQvnbtkwz3sK8LmINoDlK8OUPYGS6hKjqy_w1PEt0ECVFgeIWp0ZpO5tVRAxg1_GT7T8bMw5PtyHkIV-SkVknJHTcDyYdqRG6SMqdibjnvNb-rBrBK6jhZzEs3Ns2DD8As-08IsXEsV9T0zsEjHhFJ20yfvOy8ZnZl47pA4Fay2IsPkDdsfc_H9w4WbsfQqi2_t-HekzGxV9eQpsZ4HhtfTN-1lr3MvX6QD_oZVGGYPhf4Erbzymc2qFF4k7IGiMr77ux5ql6nifkJjkZ1iQrQ6LaR9jLHAmfg0UcvKH-duA0v9ISkASS9q2q0RgOEPhTcg5AiyxXaKbA-EFf-poXHMF1tibxHLVKgDGWQOcK3zJ2ujNZsCgSfF7vthA9boFx8QIs-8cqBnE6PUd_5flx5jrM5IQPy3ORMgE88lVN8itgIpzKU_IczO9uAdS3CtSH823PHr03zuX5sBoaEJWpUxmC-bKmXUrzOuitENPfvqMUgr_O3yWVhdaobpDUNt-0kFBqKVB9nyoKWGqF8H_0bMhOt12SWzkMWn-rsl6CJjZWUm7kiXmKC06aIvLbaQPln6BacTDIpTEuwDmgdzJYudF1nY9-FTgbqzLA5IItm54h5JlfkcwK4dPFoslRovxaNTELOqTimFrn9xb47GGJNGHeGcxS9EXOZV_naW8DDVE-4NWY_G0ozbjH57aIPvl1mFayYgOlHLKQ7ALtg57RXjdJDZXPyJcrGRAwXNvqq4S3q5-Wh_EOKC9bSJ8iLyKQhdI3GmA6PKtLqjk90j7_tAV99Nl3AgzizyuUSeg3V1HvPhJ693fnjv663eq-ejPuBDKIzEGo8ZB-pbV6hvBZOVaNllI-BlciSRGPnTDrQ-X6wwE38XhvMwTl53vYg07DK9t4sAyTMaSL_XntRkGVGU6-hDCoU4bw4w6HS1miYIEdj14t54H9jWIIgXwGDQYKAe0aY-llJhITh1EqUE4JCAQhCagYCZtb8moN8l5foBtXTGS2JAyOVI-6Qnep1dkPKCT1RSowFiFohMIJJgKHI8Et46f5IUSnFe8R9ircoYMFzyEzQpLukAUfa-mebDJMCIH8OByumcNHycZYYJA9HtnsPUkNGmBVeBDMtsDE7fHokn9hoo7GRa5hCssya4e8ptdqVmbj26GX7sEUNFwK4Yd6ujlYwFPNbkZR3-r6vq6HrYbnlDJYmeQDtG4frPYtx8MZ4N07Cj7bVWmGT8td-v2Y-33cx4j5Md17nBf70MRuwCkKfhCN5Tk9ikyM_T1XG3Cxx5IcVA5MkxIx1FQF6zY602qA79nkI7lAiGHBRGRwNuL7E__5tp4jrOKmkhhqY_MCSOd8v06xUu3Z_TtOSnRVWp8goMRsnOCN_VXrp5d9TRnJGb-oBVZmcF_JHyVQ0thYbMZQbqkn7Bs4rvR4B58ASgQc0W7pGoA2QNmd6iR7-M1Q7TE_RjzziTHIzyhEhU16yfKH1BDwyU9xi7bDXfcU2iYn8Ak2n9mTbfdNb5pif2UOdsB8JHV28PF65-3eQYWWnAbIK0UNcoY0rt11uAxkWo2H5eNQfy48cfIaZNy4HrHU7NXj15xlwOpVqdPLug_fVgifYELAolOuFI79KNVd_BBWKhnS3Bene8LxznMbaMIxraLgyLKNZK4zGXhalo9HsTOaDZZp99WG6dpZiu4SncGaxJoxIhNUvHqpWj1ZpkugkaD-85-A3mb4L6G2D1mS05M5-HQ1ErXCTsl9o8l7-_exWvPpdnw1HtTzzcVAgxLctKPLf5ePiDBMzX5XmbLdwxZd6rO-leRH7_DJAbDQEYOXizjPh5tabgrVQEH4OwYNbe6iplV106lD_8hTpyYT1tXPoLXHYJwwd-IXsJocjLN-dgMAL09Y-eWSW36BsfcaYDdtUhrJIVwjsFLQb6vgXAyuzVIgA304H2BgnOsuU0wclQR0S5OgelJgguLfb8XGuP-hnO4D51aa_PxmnvaAtU1IDvZI16PFcL7Pr5EFrAw4B6BrMnkC4MRjVMxhkIFo0hYPgtgaJC1QVbgG2ZBFAjnqsS1Yty5X9Kem_i1LzdvKkqiwn6P3XtsSRFeslwWxe4Bg8EcY5WeXZfZPttTVPuerAf4tzFo0cjoH9guWUATsmPqm2qjx-OPckRkpXLDsIY1zKJJmnwK8P7gZqJfK9bGsyG7DCHjgSmLPbLqwgaHs9-qCHbsz9-kmh3c6ZqNTSwRIZwJ9Oe7F7iZYo0yj0W4V53Z6xZz3msKT5e4Qdt7vrHmxQJ8TWtbbnp63nrTCLTvXbghCuLOep2emjaNMlhhLsld9T5Z9HZlIeVeqQ6bpefZcEWRY20-OpTblfQr0Me2fe2HvXnJKTEDP1a6FhmP7u_j2pKjTK5q-jMQFFu5t0fgmpy8iPKLbgXQqgLpWP9XWmbiZ_Md_d7fQ5hpqsJFPU1wZjNCB3bJSv2lRk9utssZWFWUfOJptMdyMNb6W8XkQikg7kkoo18MnLIFfj7sL55sQ8wxTIo5gPAGmpxerTcgxvmZru4pBs76DWkEJUBiqZzHD7ml9ItCfUXllfYYjxInzm--Dwe9WG0rlYGazitzuqBH968zJ8zV0A8O_7S8nL8zvqzFukU2kndU5nVLdOGwSQc1whNt8Zz9DhsZ-G2OvEdez2oMR5WZ5r-yHV&cid=CAASJORo8rjzb5d8B4dRzz55Wy41Hc6jDAJp9H8Fm49uhfFNtvWyzw&rfl=1%2Chttps%253A%252F%252Fbuhgalter.com.ua%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 02:23:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2439
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Apr 2022 02:23:51 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220330/r20110914/ Frame 69B2 25 KB
9 KB 60ms
60ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220330/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a18b0faf6a447454e134730303202f8416b72f1d4f744b1d3b4646636240eb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 02:56:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 455
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9657
x-xss-protection: 0
server: cafe
etag: 16576748017229546422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Apr 2022 02:56:55 GMT

GET
H/1.1 200
OK / Show response
servedby.flashtalking.com/imp/1/170420;6331239;201;js;DV360;DemandCreation2022Q1PhotoshopEMEAUKCONDISPLAYAffinityDV360160x600Natasha/ Frame E737 1 KB
2 KB 298ms
54ms Script
text/javascript 209.197.3.19
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://servedby.flashtalking.com/imp/1/170420;6331239;201;js;DV360;DemandCreation2022Q1PhotoshopEMEAUKCONDISPLAYAffinityDV360160x600Natasha/?ftx=&fty=&ftadz=&ftscw=&ft_custom=&ftOBA=1&ft_ifb=1&ft_domain=buhgalter.com.ua&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fbuhgalter.com.ua%2F&gdpr=&gdpr_consent=&us_privacy=${US_PRIVACY}&cachebuster=48877.53297183006
Requested by: Host: f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com
URL: https://f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 209.197.3.19 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: vip0x013.map2.ssl.hwcdn.net
Software: prod-xre-app29.lhr11 /
Resource Hash: fe23534f40e3eb2e38895107f594b627b5b23a9d98e0cd7fa7351ec6d024242c

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 01 Apr 2022 03:04:30 GMT
Server: prod-xre-app29.lhr11
X-HW: 1648782270.dop227.lo4.t,1648782270.cds277.lo4.shn,1648782270.dop227.lo4.t,1648782270.cds275.lo4.sc,1648782270.cds275.lo4.p
Content-Type: text/javascript
Cache-Control: no-cache, no-store
Connection: Keep-Alive
Content-Length: 1483
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame BCDB 22 KB
8 KB 58ms
57ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

accept-ranges: bytes
age: 72702
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 31 Mar 2022 06:52:48 GMT
expires: Fri, 31 Mar 2023 06:52:48 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ 87 KB
28 KB 184ms
62ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19083/hb_299506_4371.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:04:30 GMT
content-encoding: gzip
last-modified: Wed, 29 Dec 2021 12:30:46 GMT
server: nginx
etag: W/"61cc54f6-15c19"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 02 Apr 2022 03:04:30 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 69B2 41 KB
15 KB 61ms
60ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com
URL: https://f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 13:41:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 134607
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Mar 2023 13:41:03 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 8670 1 KB
749 B 62ms
61ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com
URL: https://f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

age: 49098
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 31 Mar 2022 13:26:12 GMT
etag: 48472445140208031
expires: Fri, 01 Apr 2022 13:26:12 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 69B2 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e0adf17596ac91562dbb30238f456eccacdd267e095eef6fded8a6ec9a6f640f

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

POST
H/1.1 204
No Content multitracking Show response
ghb.adtelligent.com/adunit/ 0
204 B 56ms
56ms XHR
text/plain 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/adunit/multitracking
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/457995/hbw_master_299506_4371.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://buhgalter.com.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://buhgalter.com.ua
Date: Fri, 01 Apr 2022 03:04:30 GMT
Access-Control-Allow-Credentials: true
Server: Adtelligent
Connection: Keep-Alive

GET
H3 200 gjBotrajnK0yz4ntvsDRFlMTAuB3twHveDeuldaHPWQ.js Show response
pagead2.googlesyndication.com/bg/ Frame BCDB 35 KB
13 KB 64ms
63ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gjBotrajnK0yz4ntvsDRFlMTAuB3twHveDeuldaHPWQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

823068b6b6a39cad32cf89edbec0d116531302e077b701ef7837ae95d6873d64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 09:56:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61705
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13748
x-xss-protection: 0
last-modified: Mon, 28 Mar 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 31 Mar 2023 09:56:05 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 8670 35 B
464 B 233ms
56ms Image
image/gif 2620:116:800d:21:ee05:6a01:4b41:8c89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESELANwllJQZIk0wA6IXVCDfc&google_cver=1&google_push=AYg5qPLaEDU2ZNfbQp957Sib21_pZKXIPMyiuexD3pu1_x5vBDd94LmO59tDJW_u3qOE4aR4uy2YJNO-Ys45tbfMX1-Jfqyn9hExjA

Requested by

Host: f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com
URL: https://f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:ee05:6a01:4b41:8c89 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Apr 2022 03:04:30 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8670
Redirect Chain

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPJ5xp0LTbY71jKotfoLhNBBFpYYrr-xqcP06BZXukZcYifVfvnsBBieGVDNA1SK83URwxb7_Duxf9MBns_SsO0lOlni_qCW&google_gid=CAESEK2wbfU3q7unEuNsqd7AFEU&goo...
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCL7XmZIGEgUI6AcQAEIASnBnb29nbGVfcHVzaD1BWWc1cVBKNXhwMExUYlk3MWpLb3Rmb0xoTkJCRnBZWXJyLXhxY1AwNkJaWHVrWmNZaWZWZnZuc0JCaWVHVkROQTFTSzgzVVJ3eGI3X0R1eGY5TUJuc1...
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwdXdISjVZVGtsRTl1OEhaTms3Z3c3alBZbkxiTnRBS0xxMkU5bktUTXRmZw==&google_push

170 B
188 B

64ms
63ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwdXdISjVZVGtsRTl1OEhaTms3Z3c3alBZbkxiTnRBS0xxMkU5bktUTXRmZw==&google_push

Requested by

Host: f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com
URL: https://f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Apr 2022 03:04:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 01 Apr 2022 03:04:30 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwdXdISjVZVGtsRTl1OEhaTms3Z3c3alBZbkxiTnRBS0xxMkU5bktUTXRmZw==&google_push
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: clear
content-length: 0

GET
H2 200 dds
rtb.openx.net/sync/ Frame 8670 43 B
351 B 193ms
46ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEONuWIi8Mq9XzOXmP3_JtjI&google_cver=1&google_push=AYg5qPIP-HounGRh8ewQGfFWGpVlO3avumYs4V8CgQrEG-IqwQJRceqa0l1cIDMU_xE-FA0WNco2-9XUyjm18u17AFF5TElHjzIXaA
Requested by: Host: f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com
URL: https://f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Apr 2022 03:04:29 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 2md5h8jn7509oc2tph3c9mgo54vq9j00

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8670
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=LYI1LKb2Q2GrTjk7fVpVOg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

47ms
47ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=LYI1LKb2Q2GrTjk7fVpVOg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJz1mIbVA1lKO9Hw_nPdrxYqxnPU7z2l17_N9IMI1kZNAqH-pJ58vCAFGxCYEmGEoCCefjORw16yr6zGK8mNlnODkCQGBFodw

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Apr 2022 03:04:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=LYI1LKb2Q2GrTjk7fVpVOg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJz1mIbVA1lKO9Hw_nPdrxYqxnPU7z2l17_N9IMI1kZNAqH-pJ58vCAFGxCYEmGEoCCefjORw16yr6zGK8mNlnODkCQGBFodw
date: Fri, 01 Apr 2022 03:04:29 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8670
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEA7eX2GfwpkjPP9bv2t3F9I&google_cver=1&google_push=AYg5qPKjVtG6w8X4KlSQVO8jyYdnVplEOSOWDL59mTPfQOkh76n_OLLw84XBxoBuA24amYHzpyy...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFGVUU0R0wtTC02VzA4&google_push=AYg5qPKjVtG6w8X4KlSQVO8jyYdnVplEOSOWDL59mTPfQOkh76n_OLLw84XBxoBuA24amYHzpyyScn8t-eWgKsmrzAuZsvh0LC_w2A

170 B
188 B

63ms
62ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFGVUU0R0wtTC02VzA4&google_push=AYg5qPKjVtG6w8X4KlSQVO8jyYdnVplEOSOWDL59mTPfQOkh76n_OLLw84XBxoBuA24amYHzpyyScn8t-eWgKsmrzAuZsvh0LC_w2A

Requested by

Host: f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com
URL: https://f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Apr 2022 03:04:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFGVUU0R0wtTC02VzA4&google_push=AYg5qPKjVtG6w8X4KlSQVO8jyYdnVplEOSOWDL59mTPfQOkh76n_OLLw84XBxoBuA24amYHzpyyScn8t-eWgKsmrzAuZsvh0LC_w2A
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame 8670
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEF89o8l59D4W8uBqGZl6jVY&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEF89o8l59D4W8uBqGZl6jVY&google_push=AY...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkZrvow8lSLu187KqcEwggAAAOgAAAIB&google_gid=CAESEF89o8l59D4W8uBqGZl6jVY&google_push=AYg5qPJPqcGxv_ahWoZ55rSvKu_m99LIB-m5zrTen0f1Vfo1PaX...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkZrvow8lSLu187KqcEwggAAAOgAAAIB&google_gid=CAESEF89o8l59D4W8uBqGZl6jVY&google_push=AYg5qPJPqcGxv_ahWoZ55rSvKu_m99LIB-m5zrTen0f1Vfo1PaX...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkZrvow8lSLu187KqcEwggAAAOgAAAIB&google_gid=CAESEF89o8l59D4W8uBqGZl6jVY&google_push=AYg5qPJPqcGxv_ahWoZ55rSvKu_m99LIB-m5zrTen0f1Vfo1PaX...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkZrvow8lSLu187KqcEwggAAAOgAAAIB&google_gid=CAESEF89o8l59D4W8uBqGZl6jVY&google_push=AYg5qPJPqcGxv_ahWoZ55rSvKu_m99LIB-m5zrTen0f1Vfo1PaX...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkZrvow8lSLu187KqcEwggAAAOgAAAIB&google_gid=CAESEF89o8l59D4W8uBqGZl6jVY&google_push=AYg5qPJPqcGxv_ahWoZ55rSvKu_m99LIB-m5zrTen0f1Vfo1PaX...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkZrvow8lSLu187KqcEwggAAAOgAAAIB&google_gid=CAESEF89o8l59D4W8uBqGZl6jVY&google_push=AYg5qPJPqcGxv_ahWoZ55rSvKu_m99LIB-m5zrTen0f1Vfo1PaX...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkZrvow8lSLu187KqcEwggAAAOgAAAIB&google_gid=CAESEF89o8l59D4W8uBqGZl6jVY&google_push=AYg5qPJPqcGxv_ahWoZ55rSvKu_m99LIB-m5zrTen0f1Vfo1PaX...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkZrvow8lSLu187KqcEwggAAAOgAAAIB&google_gid=CAESEF89o8l59D4W8uBqGZl6jVY&google_push=AYg5qPJPqcGxv_ahWoZ55rSvKu_m99LIB-m5zrTen0f1Vfo1PaX...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkZrvow8lSLu187KqcEwggAAAOgAAAIB&google_gid=CAESEF89o8l59D4W8uBqGZl6jVY&google_push=AYg5qPJPqcGxv_ahWoZ55rSvKu_m99LIB-m5zrTen0f1Vfo1PaX...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkZrvow8lSLu187KqcEwggAAAOgAAAIB&google_gid=CAESEF89o8l59D4W8uBqGZl6jVY&google_push=AYg5qPJPqcGxv_ahWoZ55rSvKu_m99LIB-m5zrTen0f1Vfo1PaX...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkZrvow8lSLu187KqcEwggAAAOgAAAIB&google_gid=CAESEF89o8l59D4W8uBqGZl6jVY&google_push=AYg5qPJPqcGxv_ahWoZ55rSvKu_m99LIB-m5zrTen0f1Vfo1PaX...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkZrvow8lSLu187KqcEwggAAAOgAAAIB&google_gid=CAESEF89o8l59D4W8uBqGZl6jVY&google_push=AYg5qPJPqcGxv_ahWoZ55rSvKu_m99LIB-m5zrTen0f1Vfo1PaX...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkZrvow8lSLu187KqcEwggAAAOgAAAIB&google_gid=CAESEF89o8l59D4W8uBqGZl6jVY&google_push=AYg5qPJPqcGxv_ahWoZ55rSvKu_m99LIB-m5zrTen0f1Vfo1PaX...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkZrvow8lSLu187KqcEwggAAAOgAAAIB&google_gid=CAESEF89o8l59D4W8uBqGZl6jVY&google_push=AYg5qPJPqcGxv_ahWoZ55rSvKu_m99LIB-m5zrTen0f1Vfo1PaX...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkZrvow8lSLu187KqcEwggAAAOgAAAIB&google_gid=CAESEF89o8l59D4W8uBqGZl6jVY&google_push=AYg5qPJPqcGxv_ahWoZ55rSvKu_m99LIB-m5zrTen0f1Vfo1PaX...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkZrvow8lSLu187KqcEwggAAAOgAAAIB&google_gid=CAESEF89o8l59D4W8uBqGZl6jVY&google_push=AYg5qPJPqcGxv_ahWoZ55rSvKu_m99LIB-m5zrTen0f1Vfo1PaX...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkZrvow8lSLu187KqcEwggAAAOgAAAIB&google_gid=CAESEF89o8l59D4W8uBqGZl6jVY&google_push=AYg5qPJPqcGxv_ahWoZ55rSvKu_m99LIB-m5zrTen0f1Vfo1PaX...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkZrvow8lSLu187KqcEwggAAAOgAAAIB&google_gid=CAESEF89o8l59D4W8uBqGZl6jVY&google_push=AYg5qPJPqcGxv_ahWoZ55rSvKu_m99LIB-m5zrTen0f1Vfo1PaX...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkZrvow8lSLu187KqcEwggAAAOgAAAIB&google_gid=CAESEF89o8l59D4W8uBqGZl6jVY&google_push=AYg5qPJPqcGxv_ahWoZ55rSvKu_m99LIB-m5zrTen0f1Vfo1PaX...

0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8670
Redirect Chain

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEMy_ZaAufbMXhKw3kBMC4V8&google_cver=1&google_push=AYg5qPLZiy6iFEZ3h0xQTqlJ...
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPLZiy6iFEZ3h0xQTqlJCfVnDuVAc6Zj4JlB3Y7_aW7rRhoLOOyP67lAhksR4JF8fQqnemeBt6hs9wrqVggN-ttWL-eRgVSF9w&google_hm=

170 B
188 B

64ms
64ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPLZiy6iFEZ3h0xQTqlJCfVnDuVAc6Zj4JlB3Y7_aW7rRhoLOOyP67lAhksR4JF8fQqnemeBt6hs9wrqVggN-ttWL-eRgVSF9w&google_hm=

Requested by

Host: f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com
URL: https://f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Apr 2022 03:04:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 01 Apr 2022 03:04:30 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPLZiy6iFEZ3h0xQTqlJCfVnDuVAc6Zj4JlB3Y7_aW7rRhoLOOyP67lAhksR4JF8fQqnemeBt6hs9wrqVggN-ttWL-eRgVSF9w&google_hm=
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Thu, 31 Mar 2022 03:04:30 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 8670 0
12 B 143ms
69ms Image
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LmjbmDZVj0cfsrGamjTwmE3rH0Mz7QsRNNDuoDilstyu79_zYYEZlQ0RXYY_tvqagF73NEHQ

Requested by

Host: f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com
URL: https://f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:04:30 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 6AB1 22 KB
8 KB 60ms
59ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

accept-ranges: bytes
age: 72702
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 31 Mar 2022 06:52:48 GMT
expires: Fri, 31 Mar 2023 06:52:48 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 gjBotrajnK0yz4ntvsDRFlMTAuB3twHveDeuldaHPWQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 6AB1 35 KB
13 KB 57ms
56ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gjBotrajnK0yz4ntvsDRFlMTAuB3twHveDeuldaHPWQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

823068b6b6a39cad32cf89edbec0d116531302e077b701ef7837ae95d6873d64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 09:56:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61705
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13748
x-xss-protection: 0
last-modified: Mon, 28 Mar 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 31 Mar 2023 09:56:05 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/6526861/1646909013501/ Frame 3F84 16 KB
3 KB 119ms
55ms Document
text/html 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/6526861/1646909013501/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7c3c74331e4f9fb71ff4d85d4544db3af7e0ea4c9c7d4e59e4d97ea2213892c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 42067
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 3217
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 31 Mar 2022 15:23:23 GMT
expires: Fri, 01 Apr 2022 15:23:23 GMT
last-modified: Thu, 10 Mar 2022 10:43:33 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 69B2 0
622 B 228ms
73ms Ping
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssWZTBYjA8frcJ9CSAkaU_7jNzV5JCVoi8g_VnW0GrdmnY7Yyj4jIvPdUlg3FEvIAhX1CTDV3EL3F0V99ayAHJZ4DqXQ_YrypPo4Scx9_-jB9JlX6eC_Lif4LpX8nRofwqXGk9I0xpFGXWXWseL4R_DjWa5acSdfK_hacKKV7vpP2pndaZUN4TwUMuCMJYz7YOiyh1dhYmpmAxR43pHnEM-uManklUfwtmdUhzk6vBF8-mSa-8N3obqFBwRvUfWJL7rFTkHMl8k64F9QEzIl6hMVHt3mqnssnISoo5UwvVDQ4lmCqih2ddlBk_u3p9m_B5Z5Km9EHGbQ4BXW7wKSqECggaciU9TrzBTDKtrB4HOPOQ6FuO_scvM832IVM1jkzBihXxw4mK2i5bj7YBmdfrFQGZNGk1PzabEERT5RVC0zBuXF8Qor16zWS9cUZk0JQtLHOmfxG6EEBKCAUIF39eAfb5uj_p0OgNWwHNKForePxq0lTaB3LQeS_Qb2aA8-DgiemM7-OZ1ygEhuDlVTTdKktPkNYS0KzuYo2VdqmQdyD1cCtqEzwBsre-RC5W-gKLwMmvWLJy-10SbHbmnJSHkGXty9y4-Y-HOKwnhGcBLJHyji8SOwHzpCeMcFZzNUVuTgAPPMVjtwFCinhV2y9Qw0OTYvK12-J-kRkoWmMvrQPjhRhGnvoVnF1OPDZDexNVlBCRuMcmy67nFI_Bi5ZuMOeFrSGfmZQkNyHv6b8KfrKx08azhDVZ6sFkHmeNmsNeSFSNvkseK68lPw0b-d0c6Kgqm3YP4LfOgIXvjkPunKpkH8bSn0O1ynebc8WjV-o7Pzvq882eQVL5kUqVHHJXzB6oMLnxYoHbVEMpKey6i3SIpsrm5OVS1jvdk-QtCg5Y4Z8Bjof_ON1Ec3bFPZEbVOefy1cuU9NDods9WSVW0ZFw3mnAm_verkVn9jgwrWiixrlrxe2fxp7xJoi4guGXwjekAttiWyDoEgV1D9wfa1898OSaRak5Eq1y0lqT7iFgy-Gq9VG0nrBV1WrTjNMyurCE4fVRTVIUQ3Zc3zRBzMoWNAAeSqvu2A6uPkUmPO18JACEcVzV8qA_I1K_v_WL65JnIgqCA-Vzlc-JLiSXXYaKBUrQ_RfjTWdPKp7T6D3vwfCj6NlOJUkE7GrIQXhpVzgdQrwZ97CsOoIbkehY_iH2JxKcTZZIdD0irvw6ttvlvvyG8FytClSrUCnXs5EpUCqfikWocoYdRUalYwqoEK30-hmD52zsLlhkXjfIOuMW1YtFlTTznTAl-0JqqEbYWm2ZqXts6wlFeIuo&sai=AMfl-YQPpDrmKWbrM9RjOPiSnPiVFViTJhXb7cuu5w8bdbwZd2d660Y6z8XMyVg9yrOF0ZHNi5SDOFV8Lmdkfsd1SZFvie_a40Rnj0mvC-Bq_HYD8gMcOmFTA14JbFQr6KWutyqSAaAdVHTb81xaQ982_VP8HfeKT2MzvWEiBHVP-pUgiYw02fHY5iroEedZddNOv_1lHIWeKqhCmmIoSCfxqBpV0CgB3kmQZ5V7Oc6qKkVw&sig=Cg0ArKJSzHE579hRDy6REAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=294&cbvp=1&cstd=291&cisv=r20220330.92375&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Fri, 01 Apr 2022 03:04:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK adServerESI.aspx
secure.insightexpressai.com/adServer/ Frame 69B2 35 B
2 KB 356ms
67ms Image
image/gif 2a02:26f0:fb:5a4::1ec4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.insightexpressai.com/adServer/adServerESI.aspx?script=false&bannerID=10097792&rnd=1848427267&gdpr=&gdpr_consent=&redir=https://secure.insightexpressai.com/adserver/1pixel.gif

Requested by

Host: f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com
URL: https://f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb:5a4::1ec4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

22816a00dfe9fcdc30063d22717ab9cbab3aeb2a8e9844e9d774d256dc48b7c8

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src ; style-src 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Security-Policy: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline';
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
P3P: CP="NOI DSP COR NID CUR ADMa OUR STP STA"
Connection: keep-alive
Content-Length: 35
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:5b4dbfaf-2d3f-4217-81a4-dbc3623f316f
Pragma: no-cache
Referrer-Policy: unsafe-url
X-Frame-Options: ALLOWALL
Date: Fri, 01 Apr 2022 03:04:30 GMT
Vary: Accept-Encoding
Content-Type: image/gif
Access-Control-Expose-Headers: Request-Context
Cache-Control: max-age=0, no-cache
Feature-Policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
Expires: Fri, 01 Apr 2022 03:04:30 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 0D54 13 KB
5 KB 157ms
53ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=buhgalter.com.ua

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

2d97ecc3fc54beb500cfdfaab6e611f49e22c5dbaf368ede1c612e50bfd5099f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-length: 5136
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 01 Apr 2022 03:04:29 GMT
server-processing-duration-in-ticks: 1803
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 97 KB
31 KB 149ms
52ms XHR
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ff6956c6d9b77bdecabeef7eafb5625c810cf5694db1204d0a48e102ecd73c89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:04:30 GMT
content-encoding: gzip
last-modified: Tue, 08 Mar 2022 02:42:25 GMT
server: nginx
etag: W/"6226c291-1834f"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 02 Apr 2022 03:04:30 GMT

GET
H/1.1 200
OK j-6331239-3451573.js Show response
cdn.flashtalking.com/xre/633/6331239/3451573/js/ Frame E737 54 KB
15 KB 288ms
65ms Script
text/javascript 2.21.140.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/xre/633/6331239/3451573/js/j-6331239-3451573.js
Requested by: Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/imp/1/170420;6331239;201;js;DV360;DemandCreation2022Q1PhotoshopEMEAUKCONDISPLAYAffinityDV360160x600Natasha/?ftx=&fty=&ftadz=&ftscw=&ft_custom=&ftOBA=1&ft_ifb=1&ft_domain=buhgalter.com.ua&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fbuhgalter.com.ua%2F&gdpr=&gdpr_consent=&us_privacy=${US_PRIVACY}&cachebuster=48877.53297183006
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.140.103 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-140-103.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: 7570a584f3553fa0880b829b1ecd928cace3e57f9c64bfe41b01d144824cd2ce

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 01 Apr 2022 03:04:30 GMT
Content-Encoding: gzip
Last-Modified: Wed, 16 Feb 2022 10:55:01 GMT
Server: Flashtalking (AKA)
ETag: W/"7238ff204218e28064552e0b9618b633"
Vary: Accept-Encoding
X-Varnish: 94200880
Cache-Control: max-age=1200
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript; charset=utf-8
Content-Length: 14537
Expires: Fri, 01 Apr 2022 03:24:30 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BCDB 0
20 B 93ms
92ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bx3yMvWtGYtyeNZGH7gO8vbnIDAAAAAA4AeAEAg&bg=!W1ilWBzNAAZku-1yRLs7ACkAdvg8Wi4ChBnkwFi7mhlG_JgIpx_ktH24UZHXc0DCtR36G3KJjsomyAIAAACtUgAAAANoAQeZAw68hpK7Sr62VRSWxLP6NufD1m4tx95uclZp4qYTXrfNkVWI--ZIIME3j_C8QyGoHWbuZw3ubpcMpDIfIJB7MhtW2uCiu6HHPkY4LmcpbeYDgjfLEYwAjOnPwPu3d5rTBz_uOivfEsfUur9zBzqcxVn4SU1mPjfhmP75EccJM1-Soes_q_VoL-eclEd2SXIsb2x2iM-Q8jWwlwL00iN1YQb9A0BlEvMZUikkffi3PU097xIgFXi7h5sZo6sLg1grzaJAVTgvds3MYWImeZ3zaboE3sYFF1-7W0-mr8EHonXcwUG87vt3wNfcVYlnBXWigdQau0u_c7N9zw_uTiSw2uV1bp8miW_LJEAcC9nAfYO9B8oDITwyTeTzLVFpsAVnPKZL1I1kSaCvoZfhTACtU0J8lUpCDM9njkdDODa70Fag_lK62-5bgbcEdjQxo4a3onD_EYZpKEgNyrk_t2hmgH_mOLSHHpLswYmSkDbpYNxpHpuIV9dZdvPXIjXEPasyYD5nOHyCjQm9DrKwQKlq5Z1if5Bd0S6pKZ6GF5qZuYjyfRUQ69cqztiRH6BTkC53fFo1D-ClWEka0RbnaJ2IpaPObplDkX3E-0as5WyjTsPw1T4aflLDIYhRUguLJI-EYyEVgX9NCE1CHhjX9AXEXvqKqMp2d6ruIn4yZdk5UWvlrnfzQulM75WpkNCqudh2VOWiL8d4_ix31m8eclA-LoMrDYNL0zz01fGn0adR9VpI2v3Ht1Hlz9MCCr_eMczkqu8ykT5Ww20a_QoeudzUeh9NkI0o2k5wWv8t98c4tjhQ3Zy82kGN3xBQ8-MBsDUPi-xzeErt2inUlbG7gg6ve7WDWv02t-yztajPy9fc8DhVrkONSDQR9NG_EWjulPjkmiPQU2Jw5dSGunaj9kgt40PIe5JzUBbLdC0-G8T9fOyX3r502a-EuB4KHKYjZweiuqsetgY3vrR4Yw3HPj59pfh3Y07KaDeaUmC7POFqR8J5tTGhnkYC_qsaLkBIrzdSUJTIva9qC8rI8b7fK0E8pQ

Requested by

Host: f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com
URL: https://f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Apr 2022 03:04:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 logo.svg
s0.2mdn.net/6526861/1646909013501/ Frame 3F84 1 KB
716 B 53ms
53ms Image
image/svg+xml 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/6526861/1646909013501/logo.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/6526861/1646909013501/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

20f4d4d78f44d11e4b7547eab67a424465e4f5ef94ac04e5bd5e6b1d81365c92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/6526861/1646909013501/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 15:23:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42056
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 690
x-xss-protection: 0
last-modified: Thu, 10 Mar 2022 10:43:33 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 01 Apr 2022 15:23:34 GMT

GET
H3 200 text1.svg
s0.2mdn.net/6526861/1646909013501/ Frame 3F84 5 KB
2 KB 52ms
52ms Image
image/svg+xml 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/6526861/1646909013501/text1.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/6526861/1646909013501/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61e59f58e78d2acbb57ba61102b314703e98c05d898d452da6895c3693054da3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/6526861/1646909013501/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 15:23:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42056
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1981
x-xss-protection: 0
last-modified: Thu, 10 Mar 2022 10:43:33 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 01 Apr 2022 15:23:34 GMT

GET
H3 200 text2.svg
s0.2mdn.net/6526861/1646909013501/ Frame 3F84 5 KB
2 KB 54ms
53ms Image
image/svg+xml 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/6526861/1646909013501/text2.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/6526861/1646909013501/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3efcfeea9618e7f0b2fd4ba692bc893b7d33d4a54c08885f022770b83f4dc5a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/6526861/1646909013501/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 15:23:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42056
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1853
x-xss-protection: 0
last-modified: Thu, 10 Mar 2022 10:43:33 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 01 Apr 2022 15:23:34 GMT

GET
H3 200 text3.svg
s0.2mdn.net/6526861/1646909013501/ Frame 3F84 6 KB
2 KB 54ms
53ms Image
image/svg+xml 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/6526861/1646909013501/text3.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/6526861/1646909013501/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca3144caaa4d11bb957c265e45c11f17339f5c4a7bb3206c825ed10345fb5eaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/6526861/1646909013501/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 15:23:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42056
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2003
x-xss-protection: 0
last-modified: Thu, 10 Mar 2022 10:43:33 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 01 Apr 2022 15:23:34 GMT

GET
H3 200 text4.svg
s0.2mdn.net/6526861/1646909013501/ Frame 3F84 9 KB
3 KB 57ms
56ms Image
image/svg+xml 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/6526861/1646909013501/text4.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/6526861/1646909013501/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e146a0e178f40cdbe3c7c3da10f63ae100c6e07f11830092f5ee6e4113f86f2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/6526861/1646909013501/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 15:23:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42056
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2648
x-xss-protection: 0
last-modified: Thu, 10 Mar 2022 10:43:33 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 01 Apr 2022 15:23:34 GMT

GET
H3 200 flaga.svg
s0.2mdn.net/6526861/1646909013501/ Frame 3F84 293 B
233 B 56ms
55ms Image
image/svg+xml 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/6526861/1646909013501/flaga.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/6526861/1646909013501/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f780d57d59e3b45ccc4ff262589e1594db999470e6f4c3bfe6d44a71dcc30f29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/6526861/1646909013501/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 15:23:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42056
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 207
x-xss-protection: 0
last-modified: Thu, 10 Mar 2022 10:43:33 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 01 Apr 2022 15:23:34 GMT

GET
H3 200 logo2.svg
s0.2mdn.net/6526861/1646909013501/ Frame 3F84 1020 B
642 B 62ms
62ms Image
image/svg+xml 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/6526861/1646909013501/logo2.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/6526861/1646909013501/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19b6ace87358eb0ceedc2712ac67650a839f9045876629ac9b2cd98675d0ce49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/6526861/1646909013501/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 15:23:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42056
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 616
x-xss-protection: 0
last-modified: Thu, 10 Mar 2022 10:43:33 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 01 Apr 2022 15:23:34 GMT

GET
H3 200 learn.svg
s0.2mdn.net/6526861/1646909013501/ Frame 3F84 4 KB
2 KB 61ms
61ms Image
image/svg+xml 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/6526861/1646909013501/learn.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/6526861/1646909013501/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23a87173901f02a95fe4861a0056fab6a391563ff11ab5473013edefa70c9bf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/6526861/1646909013501/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 15:23:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42056
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1599
x-xss-protection: 0
last-modified: Thu, 10 Mar 2022 10:43:33 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 01 Apr 2022 15:23:34 GMT

GET
H3 200 anim.jpg
s0.2mdn.net/6526861/1646909013501/ Frame 3F84 42 KB
42 KB 62ms
62ms Image
image/jpeg 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/6526861/1646909013501/anim.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/6526861/1646909013501/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65aaf368eff8bb912508da2339794eac91621bb6b9f912302d2faa2f0eee456c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/6526861/1646909013501/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 15:23:34 GMT
x-content-type-options: nosniff
age: 42056
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42650
x-xss-protection: 0
last-modified: Thu, 10 Mar 2022 10:43:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 01 Apr 2022 15:23:34 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6AB1 0
20 B 71ms
70ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B_h8nvWtGYoeNNZaQjuwPivWhwA4AAAAAOAHgBAI&bg=!RkWlRQHNAAZku-1yRLs7ACkAdvg8WpRB-bdZGjGdVJExukFMqYKnbR5MYjZd0eet15UQGx0S6EU6ZAIAAAC4UgAAAANoAQeZAyBCrasMjQKcodNtCenRZhLKFQc6XBe4YAXLWXoiSRZoGcZISrEGVkEYxIJ7PXfdTp1pM0zuSXc8xlRp0iWyEPgbD3LsKGy5AmPG8TsTFLdfs_8epZV2LQIkTdasMSpagGxyUXRDAi8EMVOHVxZfT141cUS_q3MeEzTvLHpXfsbV_lH1-h1NcfNLShgjy9wNN8lH3GNzj6j-qYtJb6R0tzBoELz90BOvwjFd617Ez0JVNvLjR_j3iM7jGULGJZkyPfUf-14tcbzBEs_pAfs540zpKWhd2fFLwv7YbmqONezE8Z5biAvWz377R_Wg_WguZbykb8lGvfiOLXgexHI_ZbUdVxCP5SWEpEuktnc7WdvJzzBTn0AOyGEoS911ug8xB09vASxYrZe3x231UVzlyXXEpcyWtM4PeFZ5Htosnp525Wal05H1s6aaaJ7qdCrsfzw6ggsI28EwVFYLMp9QODfj6l7Pg5TIZDQYdFT_7tHFeGhVU0UR4i5QywnijrruZ5t0PuW7d-uAJm-3M30aTAdK2NpU9Ea23wdYkCG6VOCyWCdXZGwd7KRatYqRCvpQzdudhe3CEeYRjAEsquCu_FRUYyo_UBJvw4vJd9wAL25VPZJ-8DaSic3ue3cOwpTZEE73m2XWc2m94Lpa5pK15FR_maFCE-fOtMMEGRy6yu0SEkotiF2jzbPC4rqYwBZxINn0hPzwzp3e76onHOIzx-ID7DpBNWdSRTqzyBewleQoM4bAna8hA-lq3OoGbVqbDOAbWi6BX10d7nyDKTFwR3aWd6hCDhE-krL5SpummXOr7G0n5OQ9eGw51AUQyJh6ddk-pnWjpuft0J_Zr7HCaPtB5ihTKfe2OcsjK23VtdKBgwnfveaKElnoCru8QT5DCNmmoDIvGt-srMV_WhJVcWld1LSbl2-VZgoBac9je7dEvYAkymNzXHPPtgH1dNnODLWfH8v8JnTwPtMOxjTmJ4hPKMoMDC_g1kWnsLl2ILVhSwRO-CPvC-I3fWg-6ZVayXiJaUJPsy7d2Zn1sCTR_na2hgS8xCmQpO2x2Z21FAnn-Q

Requested by

Host: f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com
URL: https://f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Apr 2022 03:04:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 0D54
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=buhgalter.com.ua&sn=ChromeSyncframe&so=0&topUrl=buhgalter.com.ua&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=cJNH63wrdzFLNjAxL1RjWVU4NnBsOVQ3RzFpUkM2VWNBWjFIVnhsQWVtZnNpaGlyWXJSRUZLVjAvTnBWQjFTVG8zb0tVbmU4ZVRtYmJsamwvOEpkMEFxRW45OTdFYjN5SHdNaW54YUpXSUdOOHJwVnhCUituT2xXYmt6Rn...

446 B
637 B

114ms
32ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=cJNH63wrdzFLNjAxL1RjWVU4NnBsOVQ3RzFpUkM2VWNBWjFIVnhsQWVtZnNpaGlyWXJSRUZLVjAvTnBWQjFTVG8zb0tVbmU4ZVRtYmJsamwvOEpkMEFxRW45OTdFYjN5SHdNaW54YUpXSUdOOHJwVnhCUituT2xXYmt6RnBLbU5sT0hzekh0YjdwbXhrbEVJY1Z0eTJhUlFtekd2QlZHN1RZdGwwSzBEK0xUczV3RGdFREZmNVBrVHVUY1ZpOWovZ1BpWWM5aWltSnZ6eThNalFZaHZvNzBZR1lhR3R0d2pzTk1KVktTcFNraUVJeUR3aExUZUc5WUJRdVIzU2loZ1lVTE9nU29ubnVJNmlSek9jNEpaYnFYeHExQT09fA&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

0678f2209fb16c1c4305379918aee1ff4c6b48f4ec824a0be87eb7dc0d37ba93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Apr 2022 03:04:30 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 4206
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 01 Apr 2022 03:04:30 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=cJNH63wrdzFLNjAxL1RjWVU4NnBsOVQ3RzFpUkM2VWNBWjFIVnhsQWVtZnNpaGlyWXJSRUZLVjAvTnBWQjFTVG8zb0tVbmU4ZVRtYmJsamwvOEpkMEFxRW45OTdFYjN5SHdNaW54YUpXSUdOOHJwVnhCUituT2xXYmt6RnBLbU5sT0hzekh0YjdwbXhrbEVJY1Z0eTJhUlFtekd2QlZHN1RZdGwwSzBEK0xUczV3RGdFREZmNVBrVHVUY1ZpOWovZ1BpWWM5aWltSnZ6eThNalFZaHZvNzBZR1lhR3R0d2pzTk1KVktTcFNraUVJeUR3aExUZUc5WUJRdVIzU2loZ1lVTE9nU29ubnVJNmlSek9jNEpaYnFYeHExQT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1688
content-length: 541
expires: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 69B2 0
26 B 93ms
48ms Ping
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssWZTBYjA8frcJ9CSAkaU_7jNzV5JCVoi8g_VnW0GrdmnY7Yyj4jIvPdUlg3FEvIAhX1CTDV3EL3F0V99ayAHJZ4DqXQ_YrypPo4Scx9_-jB9JlX6eC_Lif4LpX8nRofwqXGk9I0xpFGXWXWseL4R_DjWa5acSdfK_hacKKV7vpP2pndaZUN4TwUMuCMJYz7YOiyh1dhYmpmAxR43pHnEM-uManklUfwtmdUhzk6vBF8-mSa-8N3obqFBwRvUfWJL7rFTkHMl8k64F9QEzIl6hMVHt3mqnssnISoo5UwvVDQ4lmCqih2ddlBk_u3p9m_B5Z5Km9EHGbQ4BXW7wKSqECggaciU9TrzBTDKtrB4HOPOQ6FuO_scvM832IVM1jkzBihXxw4mK2i5bj7YBmdfrFQGZNGk1PzabEERT5RVC0zBuXF8Qor16zWS9cUZk0JQtLHOmfxG6EEBKCAUIF39eAfb5uj_p0OgNWwHNKForePxq0lTaB3LQeS_Qb2aA8-DgiemM7-OZ1ygEhuDlVTTdKktPkNYS0KzuYo2VdqmQdyD1cCtqEzwBsre-RC5W-gKLwMmvWLJy-10SbHbmnJSHkGXty9y4-Y-HOKwnhGcBLJHyji8SOwHzpCeMcFZzNUVuTgAPPMVjtwFCinhV2y9Qw0OTYvK12-J-kRkoWmMvrQPjhRhGnvoVnF1OPDZDexNVlBCRuMcmy67nFI_Bi5ZuMOeFrSGfmZQkNyHv6b8KfrKx08azhDVZ6sFkHmeNmsNeSFSNvkseK68lPw0b-d0c6Kgqm3YP4LfOgIXvjkPunKpkH8bSn0O1ynebc8WjV-o7Pzvq882eQVL5kUqVHHJXzB6oMLnxYoHbVEMpKey6i3SIpsrm5OVS1jvdk-QtCg5Y4Z8Bjof_ON1Ec3bFPZEbVOefy1cuU9NDods9WSVW0ZFw3mnAm_verkVn9jgwrWiixrlrxe2fxp7xJoi4guGXwjekAttiWyDoEgV1D9wfa1898OSaRak5Eq1y0lqT7iFgy-Gq9VG0nrBV1WrTjNMyurCE4fVRTVIUQ3Zc3zRBzMoWNAAeSqvu2A6uPkUmPO18JACEcVzV8qA_I1K_v_WL65JnIgqCA-Vzlc-JLiSXXYaKBUrQ_RfjTWdPKp7T6D3vwfCj6NlOJUkE7GrIQXhpVzgdQrwZ97CsOoIbkehY_iH2JxKcTZZIdD0irvw6ttvlvvyG8FytClSrUCnXs5EpUCqfikWocoYdRUalYwqoEK30-hmD52zsLlhkXjfIOuMW1YtFlTTznTAl-0JqqEbYWm2ZqXts6wlFeIuo&sai=AMfl-YQPpDrmKWbrM9RjOPiSnPiVFViTJhXb7cuu5w8bdbwZd2d660Y6z8XMyVg9yrOF0ZHNi5SDOFV8Lmdkfsd1SZFvie_a40Rnj0mvC-Bq_HYD8gMcOmFTA14JbFQr6KWutyqSAaAdVHTb81xaQ982_VP8HfeKT2MzvWEiBHVP-pUgiYw02fHY5iroEedZddNOv_1lHIWeKqhCmmIoSCfxqBpV0CgB3kmQZ5V7Oc6qKkVw&sig=Cg0ArKJSzHE579hRDy6REAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=547&vt=11&dtpt=253&dett=3&cstd=291&cisv=r20220330.92375&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 01 Apr 2022 03:04:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK index.html Show response
cdn.flashtalking.com/142462/3451573/ Frame AD99 11 KB
4 KB 43ms
42ms Document
text/html 2.21.140.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/142462/3451573/index.html
Requested by: Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/xre/633/6331239/3451573/js/j-6331239-3451573.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.140.103 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-140-103.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: b4515688f265837dbab2624f3c517b986be2247ac65e8f1e79066ba37db1c453

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Access-Control-Max-Age: 3000
Cache-Control: max-age=1200
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 3497
Content-Type: text/html
Date: Fri, 01 Apr 2022 03:04:30 GMT
ETag: W/"17e70d57c9f0761dede67ac175fc76e0"
Expires: Fri, 01 Apr 2022 03:24:30 GMT
Last-Modified: Thu, 13 May 2021 15:41:34 GMT
Server: Flashtalking (AKA)
Vary: Accept-Encoding
X-Varnish: 4387431

GET
H2 200 moatad.js Show response
z.moatads.com/allresponsemediaglobalftdisplay739160694092/ Frame E737 299 KB
102 KB 140ms
42ms Script
application/x-javascript 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/allresponsemediaglobalftdisplay739160694092/moatad.js
Requested by: Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/xre/633/6331239/3451573/js/j-6331239-3451573.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 99469201e9dbf15a407c751143dd1bf1b6fdc491b0dc8539cabb69b0034bd48b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:04:30 GMT
content-encoding: gzip
last-modified: Thu, 24 Mar 2022 16:00:56 GMT
server: AmazonS3
x-amz-request-id: C60CQ43N89TQNGQC
etag: "d5387431e231129a58e6af4cac5b94f9"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=45774
accept-ranges: bytes
content-length: 103540
x-amz-id-2: P8sPi2XfcWU5iPDa064GhMv5OHBI5BbZgAyF5aqHyF5riTi7QHWa4Hy7X1OIWnIur1uTSJVCN7M=

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 3AC2 1 KB
749 B 34ms
33ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com
URL: https://f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

age: 49098
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 31 Mar 2022 13:26:12 GMT
etag: 48472445140208031
expires: Fri, 01 Apr 2022 13:26:12 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame E737 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ Frame E737 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 878bbd8f1e9dacabae4c83e5afc3fc474a3e0120b731ef3c6482f00dba31335e

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK createjs-2015.11.26.min.js Show response
cdn.flashtalking.com/frameworks/js/createjs/ Frame AD99 186 KB
49 KB 61ms
61ms Script
text/javascript 2.21.140.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/frameworks/js/createjs/createjs-2015.11.26.min.js
Requested by: Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/142462/3451573/index.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.140.103 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-140-103.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: 575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://cdn.flashtalking.com/142462/3451573/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 01 Apr 2022 03:04:30 GMT
Content-Encoding: gzip
Last-Modified: Fri, 26 Feb 2016 19:43:04 GMT
Server: Flashtalking (AKA)
ETag: W/"54e1c3722102182bb133912ad4442e19"
Vary: Accept-Encoding
X-Varnish: 399127846 393952857
Cache-Control: max-age=11710
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
Accept-Ranges: bytes
Content-Type: text/javascript
Expires: Fri, 01 Apr 2022 06:19:40 GMT

GET
H/1.1 200
OK index.js Show response
cdn.flashtalking.com/142462/3451573/ Frame AD99 50 KB
12 KB 118ms
44ms Script
application/x-javascript 2.21.140.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/142462/3451573/index.js
Requested by: Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/142462/3451573/index.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.140.103 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-140-103.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: 37768930f1dae851a39c4eca987f48318b06c6da1cbc93b51034f794115161c1

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://cdn.flashtalking.com/142462/3451573/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 01 Apr 2022 03:04:30 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Connection: keep-alive
Content-Length: 11328
Last-Modified: Thu, 13 May 2021 15:41:34 GMT
Server: Flashtalking (AKA)
ETag: W/"65511033cb8f4b0810121a898a1ad0ab"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
X-Varnish: 12592473
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control: max-age=1200
Accept-Ranges: bytes
Content-Type: application/x-javascript
Expires: Fri, 01 Apr 2022 03:24:30 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3AC2
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESELANwllJQZIk0wA6IXVCDfc&google_cver=1&google_push=AYg5qPJz9-_56j3SKTQGIeVvABOylmcKpEqGbeiP8y6PO5hAfdyrWiAAV2...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPJz9-_56j3SKTQGIeVvABOylmcKpEqGbeiP8y6PO5hAfdyrWiAAV2lUL7kt6fOeeK0IiyLPw9aOckondFe8QNAy0pfh1zzL&google_hm=df9DmtaNYd8B...

170 B
188 B

49ms
48ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPJz9-_56j3SKTQGIeVvABOylmcKpEqGbeiP8y6PO5hAfdyrWiAAV2lUL7kt6fOeeK0IiyLPw9aOckondFe8QNAy0pfh1zzL&google_hm=df9DmtaNYd8BrKzjQlVmQg

Requested by

Host: f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com
URL: https://f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Apr 2022 03:04:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPJz9-_56j3SKTQGIeVvABOylmcKpEqGbeiP8y6PO5hAfdyrWiAAV2lUL7kt6fOeeK0IiyLPw9aOckondFe8QNAy0pfh1zzL&google_hm=df9DmtaNYd8BrKzjQlVmQg
pragma: no-cache
date: Fri, 01 Apr 2022 03:04:30 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3AC2
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPJXygab...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPJXygab...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA0MDEwMzA0MzEwMDA2ODMzNTM0NjE0MA%3D%3D&google_push=AYg5qPJXygabmUeAPbM3DsH4sspabCu9f_q8j9WBA9-Nnq1HdcrFdSjOt5tIVGWdBPTZuZ...

170 B
188 B

67ms
66ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA0MDEwMzA0MzEwMDA2ODMzNTM0NjE0MA%3D%3D&google_push=AYg5qPJXygabmUeAPbM3DsH4sspabCu9f_q8j9WBA9-Nnq1HdcrFdSjOt5tIVGWdBPTZuZzB7DTKWUjIzstpryYHgt2HKPVrjIcr

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Apr 2022 03:04:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA0MDEwMzA0MzEwMDA2ODMzNTM0NjE0MA%3D%3D&google_push=AYg5qPJXygabmUeAPbM3DsH4sspabCu9f_q8j9WBA9-Nnq1HdcrFdSjOt5tIVGWdBPTZuZzB7DTKWUjIzstpryYHgt2HKPVrjIcr
pragma: no-cache
date: Fri, 01 Apr 2022 03:04:31 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
strict-transport-security: max-age=2628000
expires: Fri, 01 Apr 2022 03:04:31 GMT

GET
H3 200 dds
rtb.openx.net/sync/ Frame 3AC2 43 B
64 B 55ms
29ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEONuWIi8Mq9XzOXmP3_JtjI&google_cver=1&google_push=AYg5qPJTbCEoiIpkSp8Ft2uwGEeDSDnMit-H4bu9Vc9SRAqLB_ztnHHGHepsMKSPvaHhirqelWlZlrqvQ7ydhzaF9fujaUfE8HI
Requested by: Host: f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com
URL: https://f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Apr 2022 03:04:30 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: fsn6e7drh0jca0k8998iqcibsdfh0huv

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3AC2
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=xW0Ji2pFSTW_UIhVn8Elmw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

47ms
46ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=xW0Ji2pFSTW_UIhVn8Elmw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKKyeyeQicJrnA_micJPx-QZpAycg_Rj5jaKwoirwAI96hE6jBkAc_cm0W-VDrOizGdBzu9wQ16h7M3_1jJfEZedc1Cqpid

Requested by

Host: f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com
URL: https://f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Apr 2022 03:04:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=xW0Ji2pFSTW_UIhVn8Elmw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKKyeyeQicJrnA_micJPx-QZpAycg_Rj5jaKwoirwAI96hE6jBkAc_cm0W-VDrOizGdBzu9wQ16h7M3_1jJfEZedc1Cqpid
date: Fri, 01 Apr 2022 03:04:29 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3AC2
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEA7eX2GfwpkjPP9bv2t3F9I&google_cver=1&google_push=AYg5qPIiAJeNeseUahtmST7XmbER8UwJl7_idZaSWMhdc36-4OEw2ituGjunCa6_1MCBNI_EdHn...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFGVUU0R0wtTC02VzA4&google_push=AYg5qPIiAJeNeseUahtmST7XmbER8UwJl7_idZaSWMhdc36-4OEw2ituGjunCa6_1MCBNI_EdHn03DO9SOFtYLjELK3T1eUnlgHr

170 B
188 B

52ms
51ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFGVUU0R0wtTC02VzA4&google_push=AYg5qPIiAJeNeseUahtmST7XmbER8UwJl7_idZaSWMhdc36-4OEw2ituGjunCa6_1MCBNI_EdHn03DO9SOFtYLjELK3T1eUnlgHr

Requested by

Host: f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com
URL: https://f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Apr 2022 03:04:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFGVUU0R0wtTC02VzA4&google_push=AYg5qPIiAJeNeseUahtmST7XmbER8UwJl7_idZaSWMhdc36-4OEw2ituGjunCa6_1MCBNI_EdHn03DO9SOFtYLjELK3T1eUnlgHr
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame 3AC2
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEF89o8l59D4W8uBqGZl6jVY&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkZrvow8lSLu187KqcEwggAAAOgAAAIB&google_cver=1&google_gid=CAESEF89o8l59D4W8uBqGZl6jVY&google_push=AYg5qPJ025eR6tvKbh7Dobu1f36sRMwHaVFif...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkZrvow8lSLu187KqcEwggAAAOgAAAIB&google_cver=1&google_gid=CAESEF89o8l59D4W8uBqGZl6jVY&google_push=AYg5qPJ025eR6tvKbh7Dobu1f36sRMwHaVFif...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkZrvow8lSLu187KqcEwggAAAOgAAAIB&google_cver=1&google_gid=CAESEF89o8l59D4W8uBqGZl6jVY&google_push=AYg5qPJ025eR6tvKbh7Dobu1f36sRMwHaVFif...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkZrvow8lSLu187KqcEwggAAAOgAAAIB&google_cver=1&google_gid=CAESEF89o8l59D4W8uBqGZl6jVY&google_push=AYg5qPJ025eR6tvKbh7Dobu1f36sRMwHaVFif...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkZrvow8lSLu187KqcEwggAAAOgAAAIB&google_cver=1&google_gid=CAESEF89o8l59D4W8uBqGZl6jVY&google_push=AYg5qPJ025eR6tvKbh7Dobu1f36sRMwHaVFif...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkZrvow8lSLu187KqcEwggAAAOgAAAIB&google_cver=1&google_gid=CAESEF89o8l59D4W8uBqGZl6jVY&google_push=AYg5qPJ025eR6tvKbh7Dobu1f36sRMwHaVFif...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkZrvow8lSLu187KqcEwggAAAOgAAAIB&google_cver=1&google_gid=CAESEF89o8l59D4W8uBqGZl6jVY&google_push=AYg5qPJ025eR6tvKbh7Dobu1f36sRMwHaVFif...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkZrvow8lSLu187KqcEwggAAAOgAAAIB&google_cver=1&google_gid=CAESEF89o8l59D4W8uBqGZl6jVY&google_push=AYg5qPJ025eR6tvKbh7Dobu1f36sRMwHaVFif...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkZrvow8lSLu187KqcEwggAAAOgAAAIB&google_cver=1&google_gid=CAESEF89o8l59D4W8uBqGZl6jVY&google_push=AYg5qPJ025eR6tvKbh7Dobu1f36sRMwHaVFif...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkZrvow8lSLu187KqcEwggAAAOgAAAIB&google_cver=1&google_gid=CAESEF89o8l59D4W8uBqGZl6jVY&google_push=AYg5qPJ025eR6tvKbh7Dobu1f36sRMwHaVFif...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkZrvow8lSLu187KqcEwggAAAOgAAAIB&google_cver=1&google_gid=CAESEF89o8l59D4W8uBqGZl6jVY&google_push=AYg5qPJ025eR6tvKbh7Dobu1f36sRMwHaVFif...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkZrvow8lSLu187KqcEwggAAAOgAAAIB&google_cver=1&google_gid=CAESEF89o8l59D4W8uBqGZl6jVY&google_push=AYg5qPJ025eR6tvKbh7Dobu1f36sRMwHaVFif...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkZrvow8lSLu187KqcEwggAAAOgAAAIB&google_cver=1&google_gid=CAESEF89o8l59D4W8uBqGZl6jVY&google_push=AYg5qPJ025eR6tvKbh7Dobu1f36sRMwHaVFif...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkZrvow8lSLu187KqcEwggAAAOgAAAIB&google_cver=1&google_gid=CAESEF89o8l59D4W8uBqGZl6jVY&google_push=AYg5qPJ025eR6tvKbh7Dobu1f36sRMwHaVFif...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkZrvow8lSLu187KqcEwggAAAOgAAAIB&google_cver=1&google_gid=CAESEF89o8l59D4W8uBqGZl6jVY&google_push=AYg5qPJ025eR6tvKbh7Dobu1f36sRMwHaVFif...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkZrvow8lSLu187KqcEwggAAAOgAAAIB&google_cver=1&google_gid=CAESEF89o8l59D4W8uBqGZl6jVY&google_push=AYg5qPJ025eR6tvKbh7Dobu1f36sRMwHaVFif...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkZrvow8lSLu187KqcEwggAAAOgAAAIB&google_cver=1&google_gid=CAESEF89o8l59D4W8uBqGZl6jVY&google_push=AYg5qPJ025eR6tvKbh7Dobu1f36sRMwHaVFif...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkZrvow8lSLu187KqcEwggAAAOgAAAIB&google_cver=1&google_gid=CAESEF89o8l59D4W8uBqGZl6jVY&google_push=AYg5qPJ025eR6tvKbh7Dobu1f36sRMwHaVFif...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkZrvow8lSLu187KqcEwggAAAOgAAAIB&google_cver=1&google_gid=CAESEF89o8l59D4W8uBqGZl6jVY&google_push=AYg5qPJ025eR6tvKbh7Dobu1f36sRMwHaVFif...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkZrvow8lSLu187KqcEwggAAAOgAAAIB&google_cver=1&google_gid=CAESEF89o8l59D4W8uBqGZl6jVY&google_push=AYg5qPJ025eR6tvKbh7Dobu1f36sRMwHaVFif...

0
0

GET
H2 200 trk
ag.innovid.com/ Frame 3AC2 43 B
297 B 137ms
26ms Image
image/gif 2a05:d01c:1d8:8102:a946:f0fe:2301:5b7a
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEH663VKQtW83OAIiqHrkN_4&google_cver=1&google_push=AYg5qPLWn3FPjTNU0EErJ_3GLigq6Zik2wbLqkuME8FZFfRM2v06vyXDj7FNjNOwnabDajZL0XiqQ1kN7EZJ9dX07aPRH31gO39E
Requested by: Host: f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com
URL: https://f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8102:a946:f0fe:2301:5b7a London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Apr 2022 03:04:30 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 0
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 3AC2 0
12 B 45ms
44ms Image
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JZU1aXtI7NwjUmLfh2jS9pW5JykncBo1pI3NkaFmql7jtamL5UDYAo1Mnj2F58hv8smRpu

Requested by

Host: f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com
URL: https://f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:04:30 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H/1.1 200
OK assets_160x600_1.png
cdn.flashtalking.com/142462/3451573/images/ Frame AD99 124 KB
124 KB 40ms
40ms Image
image/png 2.21.140.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.flashtalking.com/142462/3451573/images/assets_160x600_1.png?1618613408309
Requested by: Host: f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com
URL: https://f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.140.103 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-140-103.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: 80236c95de7bbb46fb49a5644e8309d1800cef27f678525ee7548c5adebf9540

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://cdn.flashtalking.com/142462/3451573/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 01 Apr 2022 03:04:30 GMT
Last-Modified: Thu, 13 May 2021 15:41:34 GMT
Server: Flashtalking (AKA)
ETag: W/"e6aecb38431b2e036316a8b0c8e1c9c0"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
X-Varnish: 94096722
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control: max-age=1200
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 126755
Expires: Fri, 01 Apr 2022 03:24:30 GMT

GET
H/1.1 200
OK consumer-privacy-logo.png
secure.flashtalking.com/oba/icon/ Frame E737 6 KB
6 KB 201ms
56ms Image
image/png 2.21.140.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.flashtalking.com/oba/icon/consumer-privacy-logo.png
Requested by: Host: f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com
URL: https://f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.140.103 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-140-103.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: 49b19f7f2d3d0fc9d2270cd1ebd79d468ca86cf308f33b063595863e3f392e98

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 01 Apr 2022 03:04:31 GMT
Last-Modified: Thu, 11 Feb 2021 15:39:51 GMT
Server: Flashtalking (AKA)
ETag: W/"d675694ab4d4d2eb56cca854c25d9c36"
X-Varnish: 124288944
Cache-Control: max-age=672
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 5953
Expires: Fri, 01 Apr 2022 03:15:43 GMT

GET
H2 200 lato.woff2
cdn.gravitec.net/fonts/ 14 KB
14 KB 65ms
65ms Font
application/octet-stream 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.net/fonts/lato.woff2
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6

Request headers

Referer: https://buhgalter.com.ua/
Origin: https://buhgalter.com.ua
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:04:30 GMT
last-modified: Wed, 02 Feb 2022 09:01:35 GMT
server: nginx
etag: "61fa486f-36dc"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
expires: Wed, 02 Feb 2022 09:06:28 GMT
cache-control: max-age=10
accept-ranges: bytes
content-length: 14044
x-proxy-cache: HIT

GET
H2 200 pixel.gif
px.moatads.com/ Frame E737 43 B
260 B 87ms
58ms Image
image/gif 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=ALLRESPONSEMEDIA_GLOBAL_FT_DISPLAY1&dMoatBDS=0&hp=1&ra=1&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fbuhgalter.com.ua&lp=https%3A%2F%2Fbuhgalter.com.ua&t=1648782270946&de=371398483697&m=0&ar=9f397fe3151-clean&iw=5b1803a&q=2&cb=0&ym=0&cu=1648782270946&ll=2&lm=1&ln=1&em=0&en=0&d=18966%3A170420%3A6331239%3A3451573&zGSRC=1&gu=https%3A%2F%2Fbuhgalter.com.ua%2F&id=0&ii=3&bo=18330&bd=buhgalter.com.ua&zMoatOrigSlicer1=18330&zMoatOrigSlicer2=N%2FA&gw=allresponsemediaglobalftdisplay739160694092&fd=1&ac=1&it=500&ti=0&ih=1&pe=0%3A339%3A339%3A0%3A1063&fs=197724&na=1541101929&cs=0
Requested by: Host: f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com
URL: https://f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Apr 2022 03:04:31 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 01 Apr 2022 03:04:31 GMT

GET
H/1.1 200
OK bg_160x600_1.jpg
cdn.flashtalking.com/142462/3451573/images/ Frame AD99 31 KB
31 KB 61ms
60ms Image
image/jpeg 2.21.140.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.flashtalking.com/142462/3451573/images/bg_160x600_1.jpg?1618613408309
Requested by: Host: f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com
URL: https://f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.140.103 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-140-103.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: 18bb6c6ea0530de70e86d32a97a568151c04d6b82e10d0308ebe0141ca4d93c0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://cdn.flashtalking.com/142462/3451573/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 01 Apr 2022 03:04:31 GMT
Last-Modified: Thu, 13 May 2021 15:41:34 GMT
Server: Flashtalking (AKA)
ETag: W/"273f9791a9c18f7a20986a4f29a55f1e"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
X-Varnish: 12326018 12386872
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control: max-age=1200
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/jpeg
Content-Length: 31334
Expires: Fri, 01 Apr 2022 03:24:31 GMT

GET
H2 200 sourcesanspro.woff2
cdn.gravitec.net/fonts/ 8 KB
8 KB 50ms
50ms Font
application/octet-stream 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.net/fonts/sourcesanspro.woff2
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 2bc69c1c1c4bf49e80a77f83010c01e575fd6922229943b9feb8864a492ac441

Request headers

Referer: https://buhgalter.com.ua/
Origin: https://buhgalter.com.ua
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:04:31 GMT
last-modified: Wed, 02 Feb 2022 09:01:35 GMT
server: nginx
etag: "61fa486f-1e44"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
expires: Wed, 02 Feb 2022 09:06:29 GMT
cache-control: max-age=10
accept-ranges: bytes
content-length: 7748
x-proxy-cache: HIT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 69B2 42 B
64 B 125ms
63ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss7BMSJAKBoWbgxL4fplYSemfPme0zRy3STTQz2bKSC-Dhyi3MzuM6s_7w_e9f48EMhemvo6NlpSSOnhmcp2ilbaNCGnDKJfF_uQGPC&sai=AMfl-YT7pxg1_z7tPJ2J2Gww8uRfn_CZvH9W9GfEidnF9JkQYxxH5-DsK3IoJOWZgSiIbZDzoEQQm7SaZpvO6xduMggyzVWLEF_3AmdsEI1Qq-fhSKlfWdIsO8FvNWE&sig=Cg0ArKJSzIJ-xTMlnKrbEAE&cid=CAASJORo8rjzb5d8B4dRzz55Wy41Hc6jDAJp9H8Fm49uhfFNtvWyzw&id=lidar2&mcvt=1003&p=40,436,130,1164&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20220330&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1472868681&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1648782269642&rpt=442&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Apr 2022 03:04:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 266733644.jpeg
cdn.gravitec.net/images/users/1641839148018958336/ 9 KB
9 KB 48ms
47ms Image
image/jpeg 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.gravitec.net/images/users/1641839148018958336/266733644.jpeg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: cd27dc3c0cc40b5e5691a2317a7a03e4189fa6d32becac6f390a0dceccb80205

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Fri, 01 Apr 2022 03:04:31 GMT
last-modified: Tue, 15 Jun 2021 13:39:31 GMT
server: nginx
etag: "60c8ad93-2343"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 9027
x-proxy-cache: HIT

GET
H2 200 pixel.gif
px.moatads.com/ Frame E737 43 B
260 B 56ms
55ms Image
image/gif 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&dMoatBDS=0&hp=1&ra=1&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=https%3A%2F%2Fcdn.flashtalking.com%2F142462%2F3451573%2Findex.html&i=ALLRESPONSEMEDIA_GLOBAL_FT_DISPLAY1&ol=2227843410&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-kex2djWwZ10QbMk%2BqjMratT%2F8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-DGgZfkPjUIRx5A%3D%3D&sc=1&os=1-Rw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=160&qe=600&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&h=600&w=160&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fbuhgalter.com.ua%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fbuhgalter.com.ua&lp=https%3A%2F%2Fbuhgalter.com.ua&t=1648782270946&de=371398483697&cu=1648782270946&m=130&ar=9f397fe3151-clean&iw=5b1803a&cb=0&ym=0&ll=2&lm=1&ln=1&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=604&le=1&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=-&vx=-%3A-%3A-&pe=0%3A339%3A339%3A0%3A1063&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&ic=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=63&cd=0&ah=63&am=0&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=18966%3A170420%3A6331239%3A3451573&bo=18330&bd=buhgalter.com.ua&gw=allresponsemediaglobalftdisplay739160694092&zMoatOrigSlicer1=18330&zMoatOrigSlicer2=N%2FA&hv=findIframeAds&ab=2&ac=1&fd=1&kt=sframe&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=197724&na=870776026&cs=0
Requested by: Host: f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com
URL: https://f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Apr 2022 03:04:31 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 01 Apr 2022 03:04:31 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E737 42 B
64 B 68ms
68ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvBAl_rUOUuPwSSg5XtjU8jnmjbMPFNCSMP4nRS4cd9_KLbF_2-DYDf5w0h_Ly2oSPHSm_MyzcMLjvf4F0TxNEG7maqoqKmomrLJfNY&sai=AMfl-YSkl9n4LfNj7n4CVYEBK910u08lJ69BK6HF3TMklaIO7nA6Yxd3j3y_DHPiRakW5i_bWTNyuBdSj7jEtAoMSgAVE3QNqv3kFKeq4D6vDFkNuOtZarOoLnJQ7eY&sig=Cg0ArKJSzI7fnN6CO9opEAE&cid=CAASJORoJZ9fpOKXP4aAPw5JKaUSF6YToTYLh019IxF_0ZgAPEC2Gw&id=lidar2&mcvt=1000&p=889,1205,1489,1365&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&v=20220330&bin=7&avms=nio&bs=0,0&mc=0.52&if=1&app=0&itpl=20&adk=2541184592&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1648782269655&rpt=1053&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Apr 2022 03:04:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 180ms
64ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fbuhgalter.com.ua%2F&domain=buhgalter.com.ua&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://buhgalter.com.ua
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://buhgalter.com.ua
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Fri, 01 Apr 2022 03:04:31 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 1408
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fbuhgalter.com.ua%2F&domain=buhgalter.com.ua&cw=1&pbt=1&lsw=1
https://mug.criteo.com/sid?cpp=QEvlhnxENSsrTzZNcFN2TDFDQVY2RWpOYTBoc2ZESkpWSWZqQU8wT1U4dERMdTg5anJPdWVEVVhCakN6OEZFanNtSlQwTlpaemVxUkNqdUhVVVNGL3hXMkNMNTdMRFJ4dVV4MS9HOHRCT0J2SXprSGl6Z3BvMzM5R2dVYW...

433 B
676 B

66ms
66ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=QEvlhnxENSsrTzZNcFN2TDFDQVY2RWpOYTBoc2ZESkpWSWZqQU8wT1U4dERMdTg5anJPdWVEVVhCakN6OEZFanNtSlQwTlpaemVxUkNqdUhVVVNGL3hXMkNMNTdMRFJ4dVV4MS9HOHRCT0J2SXprSGl6Z3BvMzM5R2dVYWNmd0JleVZLclJBYS84YlNWbWhlOXBoWmYwczF3dlhIWDQwekt5dnBubFVxKzR2QnY5ZHd4ajV1V2JnTVA3ajNzZWJtVGVpVS9neHdhZnRFWTdNaFMza1ltQytNSUVmUFozSm5vRm5ZYnkvemdSejRTSCtuSE5TTy8zcTdPSUtXN0NHYWhuSUN4R2JZNTFzcFl1NDJmWmNPRzMxYVBOZz09fA&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

85e0a3183aa2f87b8f05ab34a9c6b33d5acfd13413d0f108ea974496eb4218ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Apr 2022 03:04:32 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 5685
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 01 Apr 2022 03:04:32 GMT
location: https://mug.criteo.com/sid?cpp=QEvlhnxENSsrTzZNcFN2TDFDQVY2RWpOYTBoc2ZESkpWSWZqQU8wT1U4dERMdTg5anJPdWVEVVhCakN6OEZFanNtSlQwTlpaemVxUkNqdUhVVVNGL3hXMkNMNTdMRFJ4dVV4MS9HOHRCT0J2SXprSGl6Z3BvMzM5R2dVYWNmd0JleVZLclJBYS84YlNWbWhlOXBoWmYwczF3dlhIWDQwekt5dnBubFVxKzR2QnY5ZHd4ajV1V2JnTVA3ajNzZWJtVGVpVS9neHdhZnRFWTdNaFMza1ltQytNSUVmUFozSm5vRm5ZYnkvemdSejRTSCtuSE5TTy8zcTdPSUtXN0NHYWhuSUN4R2JZNTFzcFl1NDJmWmNPRzMxYVBOZz09fA&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2280
content-length: 541
expires: 0

POST
H/1.1 200 692.json Show response
id5-sync.com/g/v2/ 213 B
534 B 259ms
68ms XHR
application/json 51.89.7.205
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/692.json

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19083/hb_299506_4371.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.89.7.205 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

p28.id5-sync.com

Software

Resource Hash

91e2a25216275f33e60654a38d8f962b8a56b69234e82fa6a51fe5a38f47b484

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://buhgalter.com.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://buhgalter.com.ua
Date: Fri, 01 Apr 2022 03:04:31 GMT
Access-Control-Allow-Credentials: true
Vary: Origin
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: application/json;charset=UTF-8

GET
H2 200 pixel.gif
px.moatads.com/ Frame E737 43 B
260 B 70ms
70ms Image
image/gif 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&dMoatBDS=0&hp=1&ra=1&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=ALLRESPONSEMEDIA_GLOBAL_FT_DISPLAY1&ol=2227843410&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-kex2djWwZ10QbMk%2BqjMratT%2F8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-DGgZfkPjUIRx5A%3D%3D&sc=1&os=1-Rw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=160&qe=600&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&h=600&w=160&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fbuhgalter.com.ua%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fbuhgalter.com.ua&lp=https%3A%2F%2Fbuhgalter.com.ua&t=1648782270946&de=371398483697&cu=1648782270946&m=1220&ar=9f397fe3151-clean&iw=5b1803a&cb=0&ym=0&ll=2&lm=1&ln=1&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=604&le=1&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=52&vx=-%3A52%3A-&pe=0%3A339%3A339%3A1588%3A1063&aa=1&ad=1076&cn=0&gk=0&gl=0&ik=0&ic=0&ez=1&co=1076&cp=1005&cq=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1005&cd=63&ah=1005&am=63&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=18966%3A170420%3A6331239%3A3451573&bo=18330&bd=buhgalter.com.ua&gw=allresponsemediaglobalftdisplay739160694092&zMoatOrigSlicer1=18330&zMoatOrigSlicer2=N%2FA&hv=findIframeAds&ab=2&ac=1&fd=1&kt=sframe&it=500&oq=0&ot=cc&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=197724&na=1301487761&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Apr 2022 03:04:32 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 01 Apr 2022 03:04:32 GMT

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 185ms
57ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Fri, 01 Apr 2022 03:04:31 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 1177
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: buhgalter.com.ua
URL: https://buhgalter.com.ua/push-worker.js?version=6&appKey=c77ccd81f8480b85adc1e41419254e96&track_inactive=true

Domain: ad.invamia.com
URL: https://ad.invamia.com/invamia/invocation.min.js

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkZrvow8lSLu187KqcEwggAAAOgAAAIB&google_gid=CAESEF89o8l59D4W8uBqGZl6jVY&google_push=AYg5qPJPqcGxv_ahWoZ55rSvKu_m99LIB-m5zrTen0f1Vfo1PaXrW4IcpqS2mPDHDWxL7NbEHdmdbSHWUWt5dUa0q39TQc_UXXX6kg&google_cver=1

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkZrvow8lSLu187KqcEwggAAAOgAAAIB&google_cver=1&google_gid=CAESEF89o8l59D4W8uBqGZl6jVY&google_push=AYg5qPJ025eR6tvKbh7Dobu1f36sRMwHaVFif6dORm_zsYuT-ewPUiz-eGXGHm-RFiY0Yz_DTJ7rAv3dsDY3Ofd6G2z8p0dxSrzv

Verdicts & Comments Add Verdict or Comment

173 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

57 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
buhgalter.com.ua/	1970-01-20 02:42:54	Name: leads Value: a%3A1%3A%7Bs%3A13%3A%22subscr_source%22%3Ba%3A3%3A%7Bs%3A11%3A%22create_date%22%3Bs%3A10%3A%222022-04-01%22%3Bs%3A6%3A%22source%22%3Ba%3A4%3A%7Bs%3A10%3A%22utm_source%22%3Bs%3A6%3A%22direct%22%3Bs%3A10%3A%22utm_medium%22%3Bs%3A4%3A%22none%22%3Bs%3A3%3A%22url%22%3Bs%3A25%3A%22https%3A%2F%2Fbuhgalter.com.ua%2F%22%3Bs%3A11%3A%22refererData%22%3Ba%3A2%3A%7Bs%3A11%3A%22refererPath%22%3Bs%3A25%3A%22https%3A%2F%2Fbuhgalter.com.ua%2F%22%3Bs%3A7%3A%22referer%22%3Bs%3A16%3A%22buhgalter.com.ua%22%3B%7D%7Ds%3A2%3A%22ga%22%3Ba%3A1%3A%7Bs%3A3%3A%22cid%22%3Bs%3A36%3A%2298886fb2-1700-4349-baa8-186174ad96f0%22%3B%7D%7D%7D
.buhgalter.com.ua/	1969-12-31 23:59:59	Name: U7XynyZ Value: 1
.buhgalter.com.ua/	1970-02-25 13:59:42	Name: __fp2_f2 Value: 4yQa8P3Jrd6xG1EtNU5j6lSxjLqDqYhG
.buhgalter.com.ua/	1969-12-31 23:59:59	Name: cuBNDj1 Value: 1
.buhgalter.com.ua/	1970-02-25 13:59:42	Name: _faguid Value: 4yQa8P3Jrd6xG1EtNU5j6lSxjLqDqYhG
buhgalter.com.ua/	1970-01-20 02:04:01	Name: __factor_utm Value: %7B%22utm_medium%22%3A%22none%22%2C%22utm_source%22%3A%22direct%22%2C%22utm_campaign%22%3Anull%2C%22utm_content%22%3Anull%2C%22utm_term%22%3Anull%2C%22url_path%22%3A%22https%3A%2F%2Fbuhgalter.com.ua%2F%22%2C%22refer%22%3A%22%22%2C%22site%22%3A%22buhgalter.com.ua%22%7D
.buhgalter.com.ua/	1970-01-20 19:30:54	Name: _ga_6VVQ37Y1T2 Value: GS1.1.1648782267.1.0.1648782267.60
.buhgalter.com.ua/	1970-01-20 19:30:54	Name: _ga Value: GA1.3.912416073.1648782267
.buhgalter.com.ua/	1970-01-20 02:01:08	Name: _gid Value: GA1.3.222964816.1648782268
.buhgalter.com.ua/	1970-01-20 01:59:42	Name: _gat_gtag_UA_35985798_1 Value: 1
.buhgalter.com.ua/	1970-01-20 01:59:42	Name: _gat_UA-53572572-5 Value: 1
.buhgalter.com.ua/	1970-01-20 01:59:42	Name: _gat_UA-35985798-1 Value: 1
buhgalter.com.ua/	1970-01-25 07:39:25	Name: cbtYmTName Value: 0qnwu7bw6PCxt7Tnsee25uvmt+Dh5uDm8K/r
.buhgalter.com.ua/	1970-01-20 04:09:18	Name: _fbp Value: fb.2.1648782267825.382864134
buhgalter.com.ua/	1970-01-20 02:42:54	Name: _pbjs_userid_consent_data Value: 3524755945110770
.buhgalter.com.ua/	1970-01-20 10:45:18	Name: _pubcid Value: f5afa93e-1b10-408c-8b14-f3a4a7634827
loadercdn.net/	1970-01-23 17:35:42	Name: vui Value: 8cd2168470da4d158a55beb5b71a2207
a4p.adpartner.pro/	1970-01-20 03:26:06	Name: apuid Value: 49030dc5-4be6-471b-bff7-26ccf201d0e9
.doubleclick.net/	1970-01-20 11:21:18	Name: IDE Value: AHWqTUnQWDIsYtel4Bdjm-YgeZ5THK2gfWn8Y57xwnDRG2GF09Ua9nmEINuPH-fqVh4
.buhgalter.com.ua/	1970-01-20 11:21:18	Name: __gads Value: ID=09f83b899e50814e:T=1648782268:S=ALNI_MZyUiQYptI09DuTqPX0l2ATTLOEkA
pbjs.e-planning.net/	1969-12-31 23:59:59	Name: CT Value: 1
.e-planning.net/	1970-01-22 15:18:54	Name: E Value: AN-9k17K0fUhXSIH
.adtelligent.com/	1970-01-20 03:28:59	Name: vmuid Value: 9f5d559d1786be6d
.adnxs.com/	1970-01-20 04:09:18	Name: icu Value: ChgI4axaEAoYASABKAEwvNeZkgY4AUABSAEQvNeZkgYYAA..
.adnxs.com/	1970-01-20 04:09:18	Name: uuid2 Value: 5166963162455779183
.rubiconproject.com/	1970-01-20 10:45:18	Name: khaos Value: L1FUE4GL-L-6W08
.rubiconproject.com/	1970-01-20 10:45:18	Name: audit Value: 1\|naVuGyos1qpfzgxSMD5xqKJvvWgC/Qcxgndhc+y7+ZBIdnkYNjvcPzyWCXXToq8Xe8x9FX/SGzLD4PlHyE3qACYbB5SW5XQ3vWRd+B4fy7Gma+WVcS1g3g==
.adtelligent.com/	1970-01-20 03:28:59	Name: a307558 Value: 49030dc5-4be6-471b-bff7-26ccf201d0e9
.adnxs.com/	1970-01-20 04:09:18	Name: anj Value: dTM7k!M41.D>6NRF']wIg2Ildm@%#K!]tbPl1M>e)ZlrFUfJ+tGXxp)DA4N!a^Hw)CA_[m_cJfDUB]=H`dX[G4JOK!3If)y3KL9D3I?+<r4tIx
.casalemedia.com/	1970-01-20 04:09:18	Name: CMPS Value: 687
.rlcdn.com/	1970-01-20 10:45:18	Name: rlas3 Value: c3eOLkuFVqPzkuNe8Dmu19W3eQSZtXkPKOcB35qKZRs=
.rlcdn.com/	1970-01-20 03:26:06	Name: pxrc Value: CL7XmZIGEgUI6AcQABIGCOndKhAA
.casalemedia.com/	1970-01-20 02:01:08	Name: CMST Value: YkZrvmJGa74A
.quantserve.com/	1970-01-20 04:09:18	Name: d Value: EFsBCQHmJYEA
.quantserve.com/	1970-01-20 11:29:56	Name: mc Value: 62466bbe-55644-fe327-789c2
.casalemedia.com/	1970-01-20 04:09:18	Name: CMPRO Value: 232
.casalemedia.com/	1970-01-20 10:45:18	Name: CMRUM3 Value: 2d62466bbe2760CAESEHAm7xsh7QTqzlpLFqspUgk
.casalemedia.com/	1970-01-20 10:45:18	Name: CMID Value: YkZrvow8lSLu187KqcEwggAA
.criteo.com/	1970-01-20 11:21:18	Name: uid Value: dea1bb6b-7ce1-4995-9bad-3c300fa0478f
.insightexpressai.com/	1970-01-20 07:54:51	Name: TID Value: 00000000-0000-000f-1a59-b91648782270
.insightexpressai.com/	1970-01-20 19:31:26	Name: IXAI58923 Value: FTF
.insightexpressai.com/	1970-01-20 07:54:51	Name: DW_Time Value: 1648782270
.insightexpressai.com/	1970-01-20 07:54:51	Name: DW Value: 00000000-0000-000f-1a59-b91648782270
.pubmatic.com/	1970-01-20 02:01:08	Name: KTPCACOOKIE Value: YES
.pubmatic.com/	1970-01-20 04:09:18	Name: KADUSERCOOKIE Value: 2D82352C-A6F6-4361-AB4E-393B7D5A553A
.innovid.com/	1970-01-20 04:09:18	Name: uuid Value: a0579b32-ec14-44fe-967d-2406036baa14-20220331 23:04:30
.e.dlx.addthis.com/	1970-01-20 11:29:56	Name: na_tc Value: Y
.addthis.com/	1970-01-20 11:29:56	Name: na_id Value: 2022040103043100068335346140
.addthis.com/	1970-01-20 11:29:56	Name: na_tc Value: Y
.addthis.com/	1970-01-20 11:29:56	Name: uid Value: 62466bbf21798382
.addthis.com/	1970-01-20 11:29:56	Name: ouid Value: 62466bbf000100c2686811a0b10237491a5b587bcc892082de7b
.dlx.addthis.com/	1970-01-20 02:42:54	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-20 02:42:54	Name: na_sr Value: 20220401
.dlx.addthis.com/	1970-01-20 01:59:42	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-20 02:42:54	Name: na_sc_e Value: 0
.buhgalter.com.ua/	1970-01-20 11:21:18	Name: cto_bundle Value: SGG4WV9iMlc4V2NWQ3UlMkI0RlVmeVNVRXYzViUyRkpsVTAxayUyRjQ1aFJ2QlJ4THZMd0ZIZm41c1RrR0RIYyUyQmZkTXd1NzVLSWdjYTVHYTNaUHdsN1JWbUhSaEJuNDFaSE9CQ2lQZ3ZZOU5hZHRpOHpKSXdzMyUyRnQlMkZrc3FoRXNNWGM4UnJpTWVMZE1pS2tHOGtLSXJGd1BZNWQ5TU9kdnclM0QlM0Q
.buhgalter.com.ua/	1970-01-20 11:21:18	Name: cto_bidid Value: IFhNOF9pbXFGNUNZMHE5VE9qNFRrRHo3Z3RrMllDVGZlbmF0RXIwdHZvOTl1STRsS0Z1UVZUNmpUOVJpck5TM1ZhSGYzS0k3OGFVa3dKTVZ5QjVUTkk2SDdjVVZJWk9rVG50TkVYd2tYZVUzZVNra2MxNGVUOXE5NENVc2YzNXdIYjYxaA

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://buhgalter.com.ua/assets/templates/base/js/js.cookie.min.js Message: Failed to load resource: the server responded with a status of 404 ()
javascript	warning	URL: https://www.googleadservices.com/pagead/conversion.js(Line 26) Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript	warning	URL: https://z.moatads.com/allresponsemediaglobalftdisplay739160694092/moatad.js(Line 133) Message: The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkZrvow8lSLu187KqcEwggAAAOgAAAIB&google_gid=CAESEF89o8l59D4W8uBqGZl6jVY&google_push=AYg5qPJPqcGxv_ahWoZ55rSvKu_m99LIB-m5zrTen0f1Vfo1PaXrW4IcpqS2mPDHDWxL7NbEHdmdbSHWUWt5dUa0q39TQc_UXXX6kg&google_cver=1 Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkZrvow8lSLu187KqcEwggAAAOgAAAIB&google_cver=1&google_gid=CAESEF89o8l59D4W8uBqGZl6jVY&google_push=AYg5qPJ025eR6tvKbh7Dobu1f36sRMwHaVFif6dORm_zsYuT-ewPUiz-eGXGHm-RFiY0Yz_DTJ7rAv3dsDY3Ofd6G2z8p0dxSrzv Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=15768000; includeSubdomains;
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a4p.adpartner.pro
ad.invamia.com
adservice.google.co.uk
adservice.google.com
ag.innovid.com
analytics.factor.ua
analytics.google.com
bidder.criteo.com
buhgalter.com.ua
cdn.flashtalking.com
cdn.gravitec.net
cdn.jsdelivr.net
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
dsum-sec.casalemedia.com
e.dlx.addthis.com
f29b309aa0586d6ec7c5adf82506db2c.safeframe.googlesyndication.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
ghb.adtelligent.com
ghb1.adtelligent.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
googlecm.hit.gemius.pl
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id.gravitec.net
id.rlcdn.com
id5-sync.com
image6.pubmatic.com
jsonip.com
l.getsitecontrol.com
loadercdn.net
mug.criteo.com
pagead2.googlesyndication.com
pbjs.e-planning.net
pixel.rubiconproject.com
player.adtelligent.com
prebid-eu.creativecdn.com
px.moatads.com
reactive.factor.ua
rtb.adxpremium.services
rtb.openx.net
s.zmctrack.net
s0.2mdn.net
scontent-lhr8-1.xx.fbcdn.net
secure.flashtalking.com
secure.insightexpressai.com
securepubads.g.doubleclick.net
servedby.flashtalking.com
static.criteo.net
static.xx.fbcdn.net
stats.g.doubleclick.net
sync.adtelligent.com
sync.teads.tv
t.trafmag.com
tpc.googlesyndication.com
us-u.openx.net
use.fontawesome.com
www.facebook.com
www.google-analytics.com
www.google.co.uk
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
z.moatads.com
ad.invamia.com
buhgalter.com.ua
cm.g.doubleclick.net
104.111.242.245
136.144.183.196
137.74.6.209
141.94.242.148
142.250.181.226
142.250.186.66
148.251.121.152
172.217.16.130
178.250.0.157
178.250.0.165
185.184.8.90
185.187.81.40
185.33.221.52
185.64.189.112
193.200.65.5
198.47.127.19
2.21.140.103
209.197.3.19
216.58.212.130
23.227.139.243
23.32.59.34
23.35.236.247
23.35.237.151
2600:3c01::f03c:91ff:fe79:43b
2602:803:c003:200::51
2606:4700::6810:5514
2620:116:800d:21:ee05:6a01:4b41:8c89
2a00:1450:4001:802::2001
2a00:1450:4001:803::2002
2a00:1450:4001:808::2001
2a00:1450:4001:808::200e
2a00:1450:4001:809::2002
2a00:1450:4001:828::2002
2a00:1450:4001:829::2006
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2004
2a00:1450:4001:82f::2008
2a00:1450:4001:830::2002
2a00:1450:4001:830::2003
2a00:1450:400c:c04::9d
2a02:2638::1c
2a02:2638::3
2a02:26f0:fb:5a4::1ec4
2a02:6ea0:c700::10
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f058:f:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a05:d01c:1d8:8102:a946:f0fe:2301:5b7a
2a06:98c1:3121::7
2a0c:5c81:5142::2
34.98.64.218
35.186.253.211
35.244.174.68
37.97.131.40
45.133.44.3
45.133.44.4
46.249.52.248
51.89.7.205
69.173.144.165
69.192.160.219
84.17.46.53
95.170.82.90
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
060bb8520b20eb55d3627c997fb70a310ee7340fca81019d845ec4d411f1f28d
061543b6ada60edddffd9f7c3f5a4fd1fa7c37e0f023816dbe1a8d4091daf49e
0673a67906e341eb7c6158899b672c6701aa4febb161fc0dfbd440ead60f30aa
0678f2209fb16c1c4305379918aee1ff4c6b48f4ec824a0be87eb7dc0d37ba93
07ab47c07bab62e7d7ff7bc8ec64936785a7e488438074dd3510227aa5c466b0
07b382d14e2714223655f23745e8bfad2b87de32d3bc5d145403ed07dbcce891
08e04409d774299c7ac6fbbd18203bb89d0febac102760ed40a76864a6bb4066
09bf76bf9a693f6d1ff70fb63a0f530e6d880240a4cf8b53baa070cb244852c0
09cf7684a243dfc294f30f108a7a97ad7807efebc4699aeff4baf8b94c65d749
0a1ae4c33916870c08157d6570248dd85f2abfcc42a0974bba02080370943125
0a91fbed903c7ee569d116adee58d579d0c64775a469ee86d3cc4281f913bda1
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c593b478bac40d4bd1c30ccf349c6e118c347e0ed9881ff7e70a7c5de86493e
0d1aa534990a50585edfa6d99331c0a8a38c602b37b9032eafe72bc95be5fb2d
0dc4a90093e413fcbd18cc489a69a84465edcb5f81ec7229065cb135a6fdd7db
0e5b66a959fea501a734824f70aa077d915830dfd1a627bc7b5a31ebd5212b16
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
110b303089a71f1b1c392a22406acdad508b9b0d39a1f39626827e86f3a5a78f
11c218596cc6e20a1492060c81a96ba6b4c3e1e2b3f574d42ee5aed2a807c124
121c2db4893e288f08458cf3571762c887647298620ec0e8e74f85f515c1bf82
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
135d61e6a484f98a225e6c68264d7021f18ace3f1ce0ae8611b7c2b0c256f209
159210f9ceb6561cae10aa34238d9c3d4a601a5ac825ff6d9f3e669d8bd0df0e
17380452670e8c3216bc2cf483c28eec5059a45c47cabf1b216e09a6815f12cb
188fc2045c73ceb0931b06357ec5c0a8c0b93045b831c79e557c25e4c8959d01
18bb6c6ea0530de70e86d32a97a568151c04d6b82e10d0308ebe0141ca4d93c0
19b6ace87358eb0ceedc2712ac67650a839f9045876629ac9b2cd98675d0ce49
1d0008fbf94fa0a01ab709061cdf3f19def4715c47da75dd06ef342364e959f9
20f4d4d78f44d11e4b7547eab67a424465e4f5ef94ac04e5bd5e6b1d81365c92
22816a00dfe9fcdc30063d22717ab9cbab3aeb2a8e9844e9d774d256dc48b7c8
22ef740962bc0b112be9cf31438b5f65689bee5ea052a5538cf05d959cd4d96c
2388df780f154980d5f334830101f63540ae55f3601ed8a2d3eb4053a6a9f4e3
23a87173901f02a95fe4861a0056fab6a391563ff11ab5473013edefa70c9bf5
23b89bb3578573b474d7a69e2df32e8f0ee7839a44392edb040e4117a07ce6fa
24bbe137f237a6630db0061ede2daa44c062a28761b6c5375653a26a45a8dc6f
24c2b2f7841732ddd0cbea2353609e12aa6339a6a24d224b8dc0e509ce7a8211
24c9c31520b41a77a783be86d3023478308bd028bbe36d1de491a6f63eaf8ecf
259c000134f1b62928de5c6c5b2fbd055aa9c1133a3d95ae6794acf455f86458
25ba457235ce8334294e71e4de5677b47d4dd7eaf9b49eae676e815b47e9c1cf
2794e4bee8b85e3e25f439d6e2eff996da14eee39f04ccd2ab65436562be1fe9
28dd2440e87c316c22aa97988f21bfbdd899d2278dd7cd428857345586971911
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
29398a01e1ab5b4e039a9d372a1f1c8cc1355bbd08f2029aa342bee21e44716d
2ae5fd4e41224a9263409907c74a7db5d7c80bc9aad0b609a4a238f8b7a1d479
2bc69c1c1c4bf49e80a77f83010c01e575fd6922229943b9feb8864a492ac441
2c30bce9316a009e9a17785731b7c5b52af0e3f3f162efbc5787513b54cea138
2d27a1810a9c43b17603247c2757dba5e852432b29416d66de79bf6a3bbd1fd3
2d97ecc3fc54beb500cfdfaab6e611f49e22c5dbaf368ede1c612e50bfd5099f
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ee69f515b17f5b570b287e1d92f35e94e76139440dbd97db70805430ffda58d
2fe27427c31970b671afe1575f74045da7a63972c49caabdae8b93471330f59c
3061a71d8be14bbf325156cea941da0e53ef184eef60c14331e15b4145b4dc7e
311f12283591ddf862c5164f47f2b1cff87aa739385d785b9a7d37f61dfbf5f3
314627072eed744a7751f13b4060fe6c5510437b8376bbeb9e3f00bc14c80953
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33469539b582e93d9b98eecbae3c3cc48965f030aeaad68cc56cbbf20f774923
36bfcbfb8c235969f901acae944343611139ad8fe2ab577e907cbd2ca7cbef55
37768930f1dae851a39c4eca987f48318b06c6da1cbc93b51034f794115161c1
37bbd667b3cff3432ebd22ba68b2e18b7abcd5a4682be549cb61c67542caf117
3971a86564fe25b2262b78bf830d8af076f7cde4fe7b2167585b38571b3f180a
3a4529b12c7684943d7612770b24292a5a5cf199e1ad370eff2c56a53f56461a
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
3ccd6d179d794aa7c17db153db0d32bad1137073b79755487cced22dce68c37e
3efcfeea9618e7f0b2fd4ba692bc893b7d33d4a54c08885f022770b83f4dc5a5
40cf551965abb3907196d630825291b27d1b77dd499bbbf12e07905a25afcf59
424bacdef5fec4f25bbbdf3426f6163f8cb9149c0f28fbebf3438f7de0160c0f
42a19d98efbb64845bf7ea7482fc3a852d0c8de8b5bdf2cbb781630ad76f3482
4434af4fb7f6dcd25c06a6979ee9d9965188ba85e7860e8ded9d730a3419afb6
448f7fb85b4c5699d46f1899d90c7d3266413020bffa738ac33b6b0ba21d2399
44efff41d0d15b2c8a71e9b0363c1da9b56af5b022813522d3495f6bccc29855
481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a
48af1b1fa59053a1dcfde1e87b30889954ee392ed2401c52f92cded2bb4fce69
49b19f7f2d3d0fc9d2270cd1ebd79d468ca86cf308f33b063595863e3f392e98
4a18b0faf6a447454e134730303202f8416b72f1d4f744b1d3b4646636240eb7
4a332e4376303ca434ff138b0872d64fc86a45101b51065c776206afe66c015a
4a724ff2a95b5a54c343317baf6090f082980a1989788544c59c24c70f0e125d
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c79b7769d37ba6aa2b8c0f48052c75287819ef2343659ec85122e9247819b7d
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e54a4e1093719499f227854e31568e062cbb3eb158697d3a4ab56df81450ce6
4f1e2fbf7a7df4c0045fb6a384d94ad9f76679cebe5e1658cfb439fd0bb39549
4f9695de838f580539a55fb51b39700729e469625f429ef612e7e3173bd004bc
4fa18ae7faa4c864e0c14d23b00a46e5cb48f7509335d3d9ece052ff93c328d5
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
52db729bbfda2646c18d63f4ad32c8bb07ab396a30c8cd49b22d0481af5310c2
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55df2c659e1d6b7d622fdb3e08175c5d8f9655f4cfe7963a88a933e1c19d0e33
57433e1293341458165bf38974563d349e5c2116f089af926afe7bf6a4e4a49c
575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e
57ff02f9cc3a7cabe1221cc44a07430be10791247794496ebbefe4f89b29c22a
5833f676a69a7385d07b129f61b2545762ac94c5691a5c8fc82b1eff66d74737
585577abe91b88ad3c7e8ee6353fb2e6e1821fb1b73f321a387a7eb6fe3dff1d
5869f8b7a0c1419b0f8793234ae47779f4e1d46bc1aaf914bd037fe55d84ae6b
5931264f10bf7fee4426124666333354889fc4eed0199df908b84ad213ab60b3
59930862af8eeece2cdac39829c922e109f0eebed8049ae6229ad25deb8089f0
5b4b9c179a5e46f2042fcdd625d8e65c0de92dd2c5f22e422a3192dbb3d63640
5e1055767f6d4ebc018c9e2386d3ca843ce1cc24daf9add01c652a15b7fdaf4d
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61e59f58e78d2acbb57ba61102b314703e98c05d898d452da6895c3693054da3
625614d0c74d2cd49b55966090b740556a74d6f81fab60a6ba40cbeb2a328ebd
6356465097a91fe7436546d26b9a0575a5092cdea33572d65d1ee447777890c5
65aaf368eff8bb912508da2339794eac91621bb6b9f912302d2faa2f0eee456c
662dae67065bef1763ed6d671404e7e86e7488a05c82147f7e2df1ef1809b1a4
6689b10d16d6c6f738c2fae6e209c53d7b4ad2d597ba712e0ecc2f1852a280ac
679449bd06f6cbbe46b129b5009ce6b490d323677b02fac4a62b10bdfc678ddb
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
69768ececc08139a577e3382f14cdec2f0c549663ab259f280e2f83e709065a2
6aa60dd23a74b3701f5ed911709abd25ac4e7f4a8cbd13d777fda48db32915f8
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6e337204ed03b6e4418d9b9b436cd2614831b06c4e1a9ca156d47ece9ad0951c
741cb5b795c866f5aef2c01f64bf8eda484c92bfebe3ee309c9ed35cd252f033
74c3d6e4e68a777357e0779c0dac3ab4b146a1b9f95f5884893f453e703ef745
7535435b268eceb5a194a8a6065e853af11815cedcbe1769155617d3a8487d60
75471d692aeb9322e75a041dcb0c363657eb51db495b14d5555c5e7a907fa799
7570a584f3553fa0880b829b1ecd928cace3e57f9c64bfe41b01d144824cd2ce
7704281ee0b386ac39b9b1f6ca82401efc3500b75ac160e9a46ab6246974d9a5
78658042fdb8ea68a095ea08d114e3776309bbed41ead7e185c69f4666826ebd
7a3c3481de257dc5d922b2b92851be28dfdaaef01ba33ae039ccfce541a4788d
7b63f721e824f90d7f3144b2458f93b1697419fc8790f35537a064ed757a1b80
7cc646a81da660d874a020dc839ce9dd25de3de1c4bb12d592e59e5caed5c392
7d5bed178d04622ad95cab658071133ce2ea6b1b394fd71179ec07b5de122bc5
7d68bf16f9dfd99f7fa09fc4a5eecdac68c35c88acd20d442c69715e0e125ef6
80236c95de7bbb46fb49a5644e8309d1800cef27f678525ee7548c5adebf9540
81ba1ee0ac9dd087f7bf1f9cd2b5e30d04487a018b52061323dc7c8728557d7f
823068b6b6a39cad32cf89edbec0d116531302e077b701ef7837ae95d6873d64
82a4df0a6f0f70b0df90aeef7e01e356a0a5859da073e4139145dffd0844b226
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83f2963ac96def32a52b88d46767a0e6b4f7d5deeabe40bdcd795ce25b99217a
8429d286889a500a6549279dbb7135387b5c3167421d6f703d929f06910cf617
84cc71e6f3793bf27e9ddd04481fd1a476dd04aa4057410caefda377b00ce878
84d368b23e95809600d8e96a8532cc3b88c49cecd69a058d249b4ec0024073ba
85e0a3183aa2f87b8f05ab34a9c6b33d5acfd13413d0f108ea974496eb4218ba
878bbd8f1e9dacabae4c83e5afc3fc474a3e0120b731ef3c6482f00dba31335e
87a156566bf61f245a0b0d6c16f0446eb7cc4a36a9350be545fa37259a40b71a
8a109b74b240d241933b3e01970cbd4b242035e1c476f7ff4b394b7926fb00e4
8d08002698e3eea9504529fb40cb7ee307d4bfcb79b26e6b7a9f0d88583ae8ae
8ff294af494f628f10f247ce8a14ad10273d27e3ddc3e3f8bc80763c6bd25211
90b2c189be5f0290cd8d7003c28c08de7df1eb1d6240b24f699fc75a4132b70e
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
91e2a25216275f33e60654a38d8f962b8a56b69234e82fa6a51fe5a38f47b484
9616865a4344d7bd7631fb93925d422d89ea1db93bc52f9d217354841c2bdf3a
96e970758e57ddf48726b2e8a9680be23ae650acbaac94d68935c36a781fab52
99469201e9dbf15a407c751143dd1bf1b6fdc491b0dc8539cabb69b0034bd48b
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9abc711251b1d5c2d93f34ff71a32b27cbd7002b3a15411ac13f210b6428a6dc
9ce75ed467996485eace448fc8554374409488e31678c2e1efb995c77449c0e4
9d1cb86ec27e86dfdefab39206fb510070d00b81d91f11ddc6720e3c62629d32
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a18472ae86a7b20ced524d98ed60a37cc38d222dd6891200a0edcc335d3d9350
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1b43339886c2df3f1451af8474e95a8923085ef0fc240820e7a8218110d573b
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a31a9769677c0e5e9f40a8ad5f40ece87ab2e1a27371caaa0abf52539f5225c8
a33a18d3ade364ae94fdc88f786c869ff8b45cae9bf98f2e2a16dd1459d98cdc
a3492ab3d262a82e24fbabfecd777c0800964578ca1e00a363307bd3e590dc77
a4991d87ebaea362f7b779eb0e62f6664d2b0bfb83aada173b6dbdc6ed587a7b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4f9fa103935fadea54ea87412c9697a65d9545e2b4d67b3b3f984590c1f0dea
a56602d44222ff0e9c9c9d8faa30c87de0a0b053145aff4a43be4588d216157f
a7175d1d334c622399772f16264ac7a80176047397f32836b6e0b004a59969e8
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a74d051cb4f10fc6e724eafd37adaf9dd951c9e1786c48158d14c44a7c948a7c
a84684c392beb111f1ffc575860f0fd182e14aa8953829b5655a90cf5094e898
a9180ced898eb829fea14d607d45f69be8ec52828769835b0bc20fab45bff1f5
aa7d00eefe0b4610697ae7d4bdd52e0fcc48e82806bafb322e16e7ee66678ace
aac16f954d581bdc9117839285ab45c1e9c71133dbdf18d0e72f420f18d99f13
aac32479b7e00e374a47b5c6daeb907574805cd3320d6d2c520764c6ee96c12d
ab1e1d2c3241edd8bba108a3351245d03b469ca6b7cb82e92995bac6f37dc2b1
ab7d4fc44fda610b424117f678a138d8e05b2a0ed04ec111c9d8effa8c69a428
ac0bfdfd9117cea6f4aae76353d0aeed281d4d63242d067ce2a972dac5707435
ac1806c547b33c96ca5c52c8a6ef807e01c05baff00f993742e974d509065932
ac6702f48f6f1e8d56c606210d7d02fa5f1083cd8832a5a5cf594e26368955e6
ae9dc62c51a79132774aa19bec7fea733c24b5a200d3ce68ba362ba7ead54396
b003d9352600682b23649cd757ca88a601667ccee1cd9e78da932862912ec0d6
b044100db87d9ea6f2baea5b4c2cacbd92d3f76a8fb521cdcddca8c26c196c1f
b0dd739c0e029cf3ccc53afcfaeac9d062ffe27325823314d830689726c8a034
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b265408716dbe3e1a43a7bb536defb88b2a4df5e02fd12f1262ded3e46b2c9c2
b272da8532a2532b094eb8b01d0c38fac4cb5cbc2a48e620f40cdf886db497a1
b31fe2b6af2b697209125a16140b060c511bdec34f3ea28c8c56976beacdaefb
b3513b034d0ecb8f59408a1ca4b9b3a8ba63c68f07f877b2e1e1f34da644afe1
b35b72ac1876a9d5ec1b9955529f4070e971ce9439a1394970143145b499117f
b36e2f24c228d4aa3773ac182616c0cf6835f37725be8de6ce7305caa2a99348
b3d7d3c47dc2ed2229601da34d1b8d1a9f7e7405e2a495c582544cd4fe82dc20
b4515688f265837dbab2624f3c517b986be2247ac65e8f1e79066ba37db1c453
b4b6d898c081feaaf31175668b7a4837cf08ee6480fce388cbb93fc710646d07
b5cfb2ebe32805d7643546c8906515cd6f8c70f29597fb9abaf46e029044c496
b61c483c1ef272649d59390899f6ba6dacc4a0047fd5f31fb66a5a4bcb5af0ea
b6681c00074d8e62bb49a4c31444da8096a55f8830f62e4e8cf7b00882ba6cdb
b6802ed3c9a13e4e0c4be93749ab1ffdfbf488638b05ed7e18ad3896b1a1748e
b7e5a16afe5493961690e4e41f66a8031db0bc3065aebbe95414494837ccd23c
b85b745fa489a54767288f43654aa568b94813c1b46c4edcac86df0fbd0d22bc
bb1f1665d7d36ff738dcb494fb38266ebc6a0c9de10887324006b9e0b7e4c539
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bda57657e18fe9533bbcc9e1aee5f305fd6c19f271b478639b9f25455dd27ce6
be625afbc485e960e06e97f06fd611767c597ec27ec976a899408074d2a78078
bfbdf8d87df823b9780a01f70ab265dbfd717bfffc70535a9b4ed94d28949e7e
c1862f5fa7dd3945e2bab43995b64fa4f720581a0b070afea4dc9431b9cfabd8
c1ccf8f543009a813c29e737c9d9b1c5348169995360fbab23c402ab35c93374
c1dffd59aa695c7624ba66ca5c2a1f152f44821259b74a05a3e76f59e84331fb
c4a5a12744673c5a2dbb3653fcf99e1d86f9630f2a49ff4aa892cc5018794720
c52a8264c8a4dfb27b101c226b29ed7df32bd643d17550a6aabf8d44d880c75d
c52ea3c0b9b1233a70ed9ee281fec4418c13f8688c556ba31e587e0570cc2b43
c5a7e1a01e97fddf0d6fea76f7a895d53516d76728a4615816a71afa8141d8df
c691e14dcd01f0d0a301e401c5de5fc0a822061336e2a50b2fd34c48563755ea
c6f02ea61b580dd0d3d5fd8b473d8584ab32e741a5a969704928df2d2753a44e
c8d70946c3b971f61a3a24a011463ea1fd30a1490a34eed4a58b8685441172f4
ca30c33aa5f114d6c4810f2546893395a3047705d5a8b23cb60bba9a157a77ef
ca3144caaa4d11bb957c265e45c11f17339f5c4a7bb3206c825ed10345fb5eaf
cd27dc3c0cc40b5e5691a2317a7a03e4189fa6d32becac6f390a0dceccb80205
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0405a16ba84804ddb07a9a25afa0dab7d9a387bd0095a88aedd8d808ad1441e
d0e59aaca8c9a62d2ae97808a1d7c958012a860f486ecf0f35c73308ac3623cb
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d2584c2f4bdc69a755732b678339b0f69b151ddc7aa7e4ee30a0a7eb8079bb2c
d285ddb67b0c0d1642d8dbc0d6c122085eaf32cc6df3f165febbb4a47d05c9b5
d2bb534da7b37d06e90464d7710ea8e7f4b42d32fe3d04d0ee4dc9bc105778b1
d453778582484007a5a8c9b610fbe6a12a863260562fadd46f8e402f740ab12e
d4c5780344a410ba6f301b65ec5a0fff84b5ff87bdf3e65c7f6f52958beba7e0
d564e795aec94a8c74308ecec87cb269c8b536135086e36ba14ffa7f22434264
d593fdf64289375adaa96b87ebf4c4beec2995d730e3601254e0a226808bfe57
d691477018d0f0957939aa725df7f8a979d42731cd24ffc4b2a91e8cb456db82
d6b329563ab2466783f3b47eecbe503544948991015d8ce711e3168d99f3adf3
d7c3c74331e4f9fb71ff4d85d4544db3af7e0ea4c9c7d4e59e4d97ea2213892c
d80bd54f6f01cdaa4f9b4bf238a45def7223316f3613971da9a6a417c62b5364
d95fccc8a4d3363801ea0564fce8cd0ef5938d2f3aae4bfd873b192a8b2667ba
dadc342d66fe74c55e27087590362734cad1eb09b0b788032e47a8211252f99c
dd9366b123766ecaeec85d47719aaa8ddbd3b68aa7e1fae5434fec5133ebd7cd
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de845987f3459366a295fa160b916e6945c7b96961d7ba73d441b03f211811e8
de934a085817710cb3bbd98d33e5b0c91709425d89eada2a2c55909c8b3443de
df352596341aef158df4b1735cf3b02723951a0a584685f896ce3782f6e33f29
e027435211ef2a57f103c525775456d802bd6ad5acaa62117d45e10930c7af7e
e08bc9b80996769fbd4d7f7275dbf0bbd477a433f4621ec04be63110cb6896f6
e0adf17596ac91562dbb30238f456eccacdd267e095eef6fded8a6ec9a6f640f
e146a0e178f40cdbe3c7c3da10f63ae100c6e07f11830092f5ee6e4113f86f2b
e1b794cc9478098a88362aeb9c2ee3c0f84a4c55d1eb34d72f5b41dc0c602ad5
e2278104b49720a432453998bbbb45829d7a8a07c2f928375c1eecaf784a3303
e310ee2ad9c393f1c2276d3df52177b76f2b5196adeb738f0718b68823984126
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6fce2657668d80c13f0b61064202b609505fedeaf02cbc1f83ef1b8fff6cb8a
e904243c8ba54726547afae3e2cf80dd5394b98841b54716a5deae86f3d67aa8
e94d0e2d56d7e7d35935918e549a374568fad167f2c8f4e5189104fa6546d8d5
e955ea3c7cea5f641e22b09184850d60c3a4a8eef354d739ca9e0ac25daebfaf
ea35c5d1362d678749f64a9e5e667ff8e8cde215869401caa753c5e6585f568f
ec7cf723e138fd1ced41f6f1c2c0d724c43183a65b54ebaef160e9635fc222d6
ec88cf0db5b8b5eb893e68f74045ff0c523a7ad75ffc5b4ba09ccf3eabd916dd
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
ecc36cc1d2a1b39c6dcc4d23c5e1c029f1d2c78e8f696e094c8ea8db964e5664
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f096d74315432ccdfbb5dfd564a72e47b587b55e287fbbd193d002a78cb6d8bf
f1b4809c02c833ef4a89170232005bdb3b7b825cd4a1b16e1f7868fdcef834d7
f1f2c754697a52684fccacaa9e300ac3268d6c13837b9ac7f46475cc67de8d4c
f268e67bed4c1584ddf22b804ba2e482c2ed18c8905a1f032406bf846d7887dc
f3fb84ac22d9aa3bcb4eb5a032abb61f745d15a6e89e4b5c87a60d08bb48bbd8
f419ad7a4477f36ce73c74a23dce784150ca38fa5075a8e06109709cbb716903
f447d61fcc469934a877b4b75120cdef375c02bacd928a0998e877da6fd89482
f4a200874570c195f6c49b82b17fe002032c87eb697b19c70f5c049b32bb2b91
f51bb0a546dbfbf40dcc606a2fc94638be16302deb3ac982c55c76f43d3bb528
f77bdfc493418da1a85260cc1b790bd02c9d0a09426ed1ad89a9613aa16e5758
f780d57d59e3b45ccc4ff262589e1594db999470e6f4c3bfe6d44a71dcc30f29
f7c81f756187282cde04eb081009912e336f388013eb18b70b9895f4cefb6a79
f7ec7b8677014393b78f8e512a7b08dd6227d6d54fb6c145ab0ccc5a71b11600
f7ec9f64994c0f12acd8ab801d6709a5373b161d22752d64c316fc4dc6b04026
f8636f840e55868b04f7621502a452351269ffd7ce2fa600c15dda7fafb66da0
f957f0996053d409ed93207c211a1538f97466ba02605ed96fa6a66c42cc1c9c
f9e4089d0bb8b4ee69afde81ee2de2e321f74f6fd6c766837109e2c1fabd47ee
fa730e45f1461662728ed590039a2cb0900eee5486af662670dccca0e7f0ddd6
fce47c008bc1eedf3d2f5efe16ffee0aa0e5ac44254b5ecce2c7de7273e54e12
fd3eec52805f5b6243e9fe47efb617a37254f80fdeafe26f9d39e007635e0266
fe23534f40e3eb2e38895107f594b627b5b23a9d98e0cd7fa7351ec6d024242c
ff6956c6d9b77bdecabeef7eafb5625c810cf5694db1204d0a48e102ecd73c89
ff901b835d08f449d1c8b0b16dfc0e37d49571a5e1a1747db1491f858ec9c224
ffa2e149a7cb4362696d47b85863b157283c7225b648bf0ea43e0591165e4c2d

buhgalter.com.ua Open in urlscan Pro 136.144.183.196 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

269 Requests

91 %HTTPS

46 %IPv6

47 Domains

71 Subdomains

60 IPs

8 Countries

2876 kBTransfer

7693 kBSize

57 Cookies

16 Outgoing links

Page URL History

Redirected requests

269 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 89 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

buhgalter.com.ua Open in urlscan Pro
136.144.183.196 Public Scan

Screenshot
Live screenshot

Full Image

269
Requests

91 %
HTTPS

46 %
IPv6

47
Domains

71
Subdomains

60
IPs

8
Countries

2876 kB
Transfer

7693 kB
Size

57
Cookies

269 HTTP transactions
89 data transactions