buhgalter.com.ua Open in urlscan Pro
136.144.183.196 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://buhgalter.com.ua/
Effective URL:
https://buhgalter.com.ua/
Submission: On December 15 via api (December 15th 2022, 1:09:55 am UTC) from GB — Scanned from GB

Summary HTTP 350 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 93 IPs in 13 countries across 92 domains to perform 350 HTTP transactions. The main IP is 136.144.183.196, located in Netherlands and belongs to TRANSIP-AS Amsterdam, the Netherlands, NL. The main domain is buhgalter.com.ua.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on October 31st 2022. Valid for: a year.

This is the only time buhgalter.com.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 39	136.144.183.196 136.144.183.196	20857 (TRANSIP-A...) (TRANSIP-AS Amsterdam)
8	45.133.44.3 45.133.44.3	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
3	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
5	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	95.170.82.90 95.170.82.90	20857 (TRANSIP-A...) (TRANSIP-AS Amsterdam)
2	185.187.81.41 185.187.81.41	43332 (IDSTRATEG...) (IDSTRATEGY-AS)
1	45.79.77.20 45.79.77.20	63949 (LINODE-AP...) (LINODE-AP Linode)
4	2606:4700:e2:... 2606:4700:e2::ac40:840f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
1	2a02:6ea0:c70... 2a02:6ea0:c700::11	60068 (CDN77 ^_^) (CDN77 ^_^)
4	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
6	2a0c:5c81:514... 2a0c:5c81:5142::2	55081 (24SHELLS) (24SHELLS)
5	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400c:c1b::9d	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
1	185.187.81.40 185.187.81.40	43332 (IDSTRATEG...) (IDSTRATEGY-AS)
1	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
1	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1	80.77.87.114 80.77.87.114	46636 (NATCOWEB) (NATCOWEB)
1	52.18.174.19 52.18.174.19	16509 (AMAZON-02) (AMAZON-02)
2 3	209.191.163.208 209.191.163.208	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
2 2	51.83.220.94 51.83.220.94	16276 (OVH) (OVH)
2	62.149.1.122 62.149.1.122	15497 (COLOCALL ...) (COLOCALL Internet Data Center ColoCALL)
1	34.107.148.139 34.107.148.139	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	185.172.90.251 185.172.90.251	49981 (WORLDSTREAM) (WORLDSTREAM)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	34.149.50.64 34.149.50.64	15169 (GOOGLE) (GOOGLE)
3	172.64.154.237 172.64.154.237	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2602:803:c004... 2602:803:c004:200::140	26667 (RUBICONPR...) (RUBICONPROJECT)
36	35.157.246.167 35.157.246.167	16509 (AMAZON-02) (AMAZON-02)
1	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	2a02:2638:1::1a 2a02:2638:1::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	52.57.180.35 52.57.180.35	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
14 28	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
6 12	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
6 9	185.89.210.180 185.89.210.180	29990 (ASN-APPNEX) (ASN-APPNEX)
11	2a00:1450:400... 2a00:1450:4001:831::2006	15169 (GOOGLE) (GOOGLE)
4	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
3	2a02:fa8:8806... 2a02:fa8:8806:13::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 3	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 3	151.101.2.49 151.101.2.49	54113 (FASTLY) (FASTLY)
7 7	213.19.147.45 213.19.147.45	26120 (RHYTHMONE) (RHYTHMONE)
1 2	51.89.9.251 51.89.9.251	16276 (OVH) (OVH)
8 9	18.158.138.18 18.158.138.18	16509 (AMAZON-02) (AMAZON-02)
2 3	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
2	34.98.67.61 34.98.67.61	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 3	104.18.33.19 104.18.33.19	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2600:9000:223... 2600:9000:223f:8c00:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	23.218.209.56 23.218.209.56	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	162.19.138.117 162.19.138.117	16276 (OVH) (OVH)
2	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
2	104.18.36.94 104.18.36.94	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.109.78.125 104.109.78.125	16625 (AKAMAI-AS) (AKAMAI-AS)
1	184.30.20.22 184.30.20.22	16625 (AKAMAI-AS) (AKAMAI-AS)
18	2606:4700:10:... 2606:4700:10::6816:1957	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5 6	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
2 3	37.157.4.28 37.157.4.28	198622 (ADFORM) (ADFORM)
5	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:200... 2a04:4e42:200::300	54113 (FASTLY) (FASTLY)
1	2600:1f16:e61... 2600:1f16:e61:3f01:9802:108e:78ba:29ea	() ()
1 3	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	2a05:d018:24:... 2a05:d018:24:b001:f5c1:a58:c5c6:d8ee	16509 (AMAZON-02) (AMAZON-02)
2 2	54.217.130.182 54.217.130.182	16509 (AMAZON-02) (AMAZON-02)
2 3	18.198.69.109 18.198.69.109	16509 (AMAZON-02) (AMAZON-02)
1 1	151.1.205.165 151.1.205.165	3242 (ASN-ITNET) (ASN-ITNET)
2 2	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 3	34.111.131.239 34.111.131.239	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	185.15.245.81 185.15.245.81	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1	3.248.128.187 3.248.128.187	16509 (AMAZON-02) (AMAZON-02)
1 1	212.82.100.182 212.82.100.182	34010 (YAHOO-IRD) (YAHOO-IRD)
3 3	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
1 1	54.74.181.165 54.74.181.165	16509 (AMAZON-02) (AMAZON-02)
2	54.77.217.9 54.77.217.9	16509 (AMAZON-02) (AMAZON-02)
1	138.201.8.249 138.201.8.249	24940 (HETZNER-AS) (HETZNER-AS)
1 1	184.30.20.207 184.30.20.207	() ()
1 1	3.220.237.202 3.220.237.202	() ()
4 7	67.220.226.234 67.220.226.234	16509 (AMAZON-02) (AMAZON-02)
1	2.23.197.190 2.23.197.190	() ()
1 1	52.210.36.224 52.210.36.224	() ()
7 9	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
3 5	52.46.155.104 52.46.155.104	() ()
2 2	185.89.211.116 185.89.211.116	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	34.96.71.22 34.96.71.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	54.229.65.185 54.229.65.185	16509 (AMAZON-02) (AMAZON-02)
2	64.95.96.108 64.95.96.108	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1	2620:1ec:21::14 2620:1ec:21::14	() ()
1 2	2a05:d018:d29... 2a05:d018:d29:3601:a85c:a571:e676:b675	() ()
1 1	185.29.134.248 185.29.134.248	() ()
17	185.64.189.110 185.64.189.110	() ()
2 2	213.155.156.168 213.155.156.168	() ()
1	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	2620:116:800d... 2620:116:800d:21:7eb1:3826:be7e:d981	16509 (AMAZON-02) (AMAZON-02)
1 1	52.86.222.203 52.86.222.203	() ()
1 1	35.214.223.115 35.214.223.115	() ()
1	195.5.165.20 195.5.165.20	() ()
1	162.55.120.196 162.55.120.196	24940 (HETZNER-AS) (HETZNER-AS)
1 1	141.94.240.141 141.94.240.141	16276 (OVH) (OVH)
2 2	141.94.171.213 141.94.171.213	() ()
1	54.75.190.240 54.75.190.240	16509 (AMAZON-02) (AMAZON-02)
1 1	34.111.129.221 34.111.129.221	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.204.158.49 35.204.158.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	3.65.214.252 3.65.214.252	() ()
1	198.47.127.20 198.47.127.20	() ()
2 2	98.98.134.242 98.98.134.242	21859 (ZEN-ECN) (ZEN-ECN)
1 1	178.62.202.251 178.62.202.251	() ()
1 1	34.102.253.54 34.102.253.54	() ()
350	93

39 136.144.183.196 (Netherlands) 1 redirects

ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL)
PTR: 136-144-183-196.colo.transip.net

buhgalter.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 45.133.44.3 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

cdn.gravitec.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
player.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.170.82.90 (Amsterdam, Netherlands)

ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL)
PTR: 95-170-82-90.colo.transip.net

analytics.factor.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.187.81.41 (Ukraine)

ASN43332 (IDSTRATEGY-AS, UA)

s.zmctrack.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.79.77.20 (Fremont, United States)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1176-20.members.linode.com

jsonip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:e2::ac40:840f (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::11 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

id.gravitec.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a0c:5c81:5142::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)

ghb.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ghb1.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c1b::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.187.81.40 (Ukraine)

ASN43332 (IDSTRATEGY-AS, UA)

loadercdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

63660938f67a3637d11923d5813dffce.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.77.87.114 (Clifton, United States)

ASN46636 (NATCOWEB, US)

sync.kiviads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.18.174.19 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-174-19.eu-west-1.compute.amazonaws.com

rtb.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 209.191.163.208 (United States) 2 redirects

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.83.220.94 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: app-ngx-pl-03.adpartner.pro

a4p.adpartner.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 62.149.1.122 (Vyshhorod, Ukraine)

ASN15497 (COLOCALL Internet Data Center ColoCALL, UA)

sync.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.172.90.251 (Naaldwijk, Netherlands) 1 redirects

ASN49981 (WORLDSTREAM, NL)
PTR: ads.us.e-plannning.net

pbjs.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.149.50.64 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 64.50.149.34.bc.googleusercontent.com

s.seedtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.64.154.237 (United States)

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2602:803:c004:200::140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 35.157.246.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com

c2shb.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.57.180.35 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-180-35.eu-central-1.compute.amazonaws.com

grid.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 142.250.184.226 (United States) 14 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 185.80.39.216 (Canada) 6 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 185.89.210.180 (Frankfurt am Main, Germany) 6 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:831::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:fa8:8806:13::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pubmatic-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:18ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.2.49 (United States) 3 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 213.19.147.45 (United Kingdom) 7 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.89.9.251 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 18.158.138.18 (Frankfurt am Main, Germany) 8 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-138-18.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:678:cb4:bbbb::11 (United Kingdom) 2 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.67.61 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.33.19 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223f:8c00:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.218.209.56 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-209-56.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::1c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.19.138.117 (France)

ASN16276 (OVH, FR)
PTR: ns31533568.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.36.94 (None, )

ASN13335 (CLOUDFLARENET, US)

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.20.22 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-22.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.227.248.159 (Kansas City, United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.4.28 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::300 (United States)

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f16:e61:3f01:9802:108e:78ba:29ea (None, )

ASN- ()

dmp.v.fwmrm.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.190.78 (United Kingdom) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:24:b001:f5c1:a58:c5c6:d8ee (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

sync.tidaltv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.217.130.182 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-217-130-182.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.198.69.109 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com

loadeu.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
loada.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.1.205.165 (Rogeno, Italy) 1 redirects

ASN3242 (ASN-ITNET, IT)

bn01.er.bemail.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.114.159.118 (Tuttlingen, Germany) 2 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.111.131.239 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com

idsync.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.15.245.81 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

dmp.theadex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.248.128.187 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-128-187.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.182 (Dublin, Ireland) 1 redirects

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.126.56.137 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.74.181.165 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-74-181-165.eu-west-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.77.217.9 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-217-9.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.201.8.249 (Lohkirchen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.249.8.201.138.clients.your-server.de

sync.richaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.20.207 (None, ) 1 redirects

ASN- ()

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.220.237.202 (None, ) 1 redirects

ASN- ()

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 67.220.226.234 (Dublin, Ireland) 4 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.23.197.190 (None, )

ASN- ()

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.210.36.224 (None, ) 1 redirects

ASN- ()

obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 69.173.144.165 (Frankfurt am Main, Germany) 7 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.46.155.104 (None, ) 3 redirects

ASN- ()

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.211.116 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.71.22 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com

s.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.229.65.185 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-65-185.eu-west-1.compute.amazonaws.com

ads.avct.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.95.96.108 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (None, )

ASN- ()

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:d29:3601:a85c:a571:e676:b675 (None, ) 1 redirects

ASN- ()

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.134.248 (None, ) 1 redirects

ASN- ()

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 185.64.189.110 (None, )

ASN- ()

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.168 (None, ) 2 redirects

ASN- ()

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:7eb1:3826:be7e:d981 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.86.222.203 (None, ) 1 redirects

ASN- ()

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.214.223.115 (None, ) 1 redirects

ASN- ()

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.5.165.20 (None, )

ASN- ()

core.iprom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.55.120.196 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.196.120.55.162.clients.your-server.de

matching.truffle.bid	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.94.240.141 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: bixel-12.cloudy.ovh

green.erne.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.94.171.213 (None, ) 2 redirects

ASN- ()

pixel-eu.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.75.190.240 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-75-190-240.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.129.221 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com

cr.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.158.49 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.65.214.252 (None, ) 1 redirects

ASN- ()

sonata-notifications.taptapnetworks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.20 (None, )

ASN- ()

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 98.98.134.242 (United States) 2 redirects

ASN21859 (ZEN-ECN, US)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.62.202.251 (None, ) 1 redirects

ASN- ()

match.adsby.bidtheatre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.253.54 (None, ) 1 redirects

ASN- ()

ads.playground.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
47	doubleclick.net 14 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 34 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 193 stats.g.doubleclick.net — Cisco Umbrella Rank: 81 cm.g.doubleclick.net — Cisco Umbrella Rank: 215 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 297	223 KB
42	yahoo.com 5 redirects c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 1104 cms.analytics.yahoo.com — Cisco Umbrella Rank: 869 ups.analytics.yahoo.com — Cisco Umbrella Rank: 287 pr-bh.ybp.yahoo.com	6 KB
39	buhgalter.com.ua 1 redirects buhgalter.com.ua	648 KB
27	googlesyndication.com 63660938f67a3637d11923d5813dffce.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 103 tpc.googlesyndication.com — Cisco Umbrella Rank: 139	153 KB
24	pubmatic.com 1 redirects hbopenbid.pubmatic.com — Cisco Umbrella Rank: 440 ads.pubmatic.com — Cisco Umbrella Rank: 470 image6.pubmatic.com — Cisco Umbrella Rank: 680 simage2.pubmatic.com image2.pubmatic.com image4.pubmatic.com	33 KB
21	rubiconproject.com 7 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 451 eus.rubiconproject.com — Cisco Umbrella Rank: 547 pixel.rubiconproject.com — Cisco Umbrella Rank: 321 token.rubiconproject.com — Cisco Umbrella Rank: 551	20 KB
18	zeotap.com spl.zeotap.com — Cisco Umbrella Rank: 3199 mwzeom.zeotap.com — Cisco Umbrella Rank: 2637	5 KB
18	casalemedia.com 7 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 478 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 507 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 413 dsum.casalemedia.com — Cisco Umbrella Rank: 1329	15 KB
12	amazon-adsystem.com 7 redirects aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1090 s.amazon-adsystem.com	9 KB
12	adtelligent.com player.adtelligent.com — Cisco Umbrella Rank: 6261 ghb.adtelligent.com — Cisco Umbrella Rank: 6038 sync.adtelligent.com — Cisco Umbrella Rank: 4234 ghb1.adtelligent.com — Cisco Umbrella Rank: 7358	148 KB
11	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 269	307 KB
11	adnxs.com 8 redirects ib.adnxs.com — Cisco Umbrella Rank: 218 secure.adnxs.com — Cisco Umbrella Rank: 430	9 KB
10	bidswitch.net 8 redirects grid.bidswitch.net — Cisco Umbrella Rank: 853 x.bidswitch.net — Cisco Umbrella Rank: 290	3 KB
10	google.com region1.analytics.google.com — Cisco Umbrella Rank: 6986 www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 72	2 KB
8	google.de www.google.de — Cisco Umbrella Rank: 7952 adservice.google.de — Cisco Umbrella Rank: 11832	2 KB
6	tapad.com 5 redirects pixel.tapad.com — Cisco Umbrella Rank: 400	2 KB
6	criteo.com 1 redirects bidder.criteo.com — Cisco Umbrella Rank: 734 gum.criteo.com — Cisco Umbrella Rank: 399 mug.criteo.com — Cisco Umbrella Rank: 3032 dis.criteo.com — Cisco Umbrella Rank: 700	2 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 28	65 KB
5	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 323	1 KB
5	1rx.io 5 redirects sync.1rx.io — Cisco Umbrella Rank: 503	4 KB
5	facebook.net connect.facebook.net — Cisco Umbrella Rank: 152	202 KB
5	gravitec.net cdn.gravitec.net — Cisco Umbrella Rank: 24096 id.gravitec.net — Cisco Umbrella Rank: 168970	32 KB
4	weborama.fr 3 redirects idsync.frontend.weborama.fr — Cisco Umbrella Rank: 35447 cr.frontend.weborama.fr — Cisco Umbrella Rank: 33645	1 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 113	233 B
4	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 849	179 KB
3	krxd.net 1 redirects beacon.krxd.net — Cisco Umbrella Rank: 549 usermatch.krxd.net	943 B
3	exelator.com 2 redirects loadeu.exelator.com — Cisco Umbrella Rank: 7379 loada.exelator.com	2 KB
3	adform.net 2 redirects dmp.adform.net — Cisco Umbrella Rank: 4620 c1.adform.net — Cisco Umbrella Rank: 639	1 KB
3	turn.com 2 redirects ad.turn.com — Cisco Umbrella Rank: 743 r.turn.com — Cisco Umbrella Rank: 3406	1 KB
3	everesttech.net 3 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 572	1 KB
3	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 795 s.tribalfusion.com — Cisco Umbrella Rank: 1875	2 KB
3	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 2681 pubmatic-match.dotomi.com — Cisco Umbrella Rank: 2963	310 B
3	lijit.com 2 redirects ap.lijit.com — Cisco Umbrella Rank: 604	2 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 192	121 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 47	190 KB
2	sitescout.com 2 redirects pixel-sync.sitescout.com — Cisco Umbrella Rank: 591	946 B
2	onaudience.com 2 redirects pixel-eu.onaudience.com	1010 B
2	de17a.com 2 redirects d5p.de17a.com	562 B
2	adgrx.com cm.adgrx.com — Cisco Umbrella Rank: 1368	565 B
2	avct.cloud 2 redirects ads.avct.cloud — Cisco Umbrella Rank: 2917	888 B
2	mathtag.com 2 redirects pixel.mathtag.com sync.mathtag.com	1 KB
2	crwdcntrl.net bcp.crwdcntrl.net — Cisco Umbrella Rank: 880 sync.crwdcntrl.net — Cisco Umbrella Rank: 752	531 B
2	adition.com 2 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1494	1 KB
2	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 206	2 KB
2	tidaltv.com 2 redirects sync.tidaltv.com — Cisco Umbrella Rank: 1376	752 B
2	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 605 cdn.indexww.com — Cisco Umbrella Rank: 1503	2 KB
2	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 448	1 KB
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 662	57 KB
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1250	462 B
2	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 951	417 B
2	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 727	490 B
2	unrulymedia.com 2 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 936	1 KB
2	gstatic.com fonts.gstatic.com	32 KB
2	e-planning.net 1 redirects pbjs.e-planning.net — Cisco Umbrella Rank: 7181	2 KB
2	media.net prebid.media.net — Cisco Umbrella Rank: 1130 contextual.media.net — Cisco Umbrella Rank: 553	9 KB
2	adpartner.pro 2 redirects a4p.adpartner.pro — Cisco Umbrella Rank: 9870	517 B
2	zmctrack.net s.zmctrack.net — Cisco Umbrella Rank: 205739	24 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 37	2 KB
1	playground.xyz 1 redirects ads.playground.xyz	464 B
1	bidtheatre.com 1 redirects match.adsby.bidtheatre.com	555 B
1	taptapnetworks.com 1 redirects sonata-notifications.taptapnetworks.com	322 B
1	simpli.fi um.simpli.fi — Cisco Umbrella Rank: 810	610 B
1	erne.co 1 redirects green.erne.co — Cisco Umbrella Rank: 22617	367 B
1	truffle.bid matching.truffle.bid — Cisco Umbrella Rank: 6185
1	iprom.net core.iprom.net	277 B
1	loopme.me 1 redirects csync.loopme.me	226 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com	615 B
1	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 644	588 B
1	linkedin.com px.ads.linkedin.com	708 B
1	company-target.com 1 redirects s.company-target.com — Cisco Umbrella Rank: 2188	420 B
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1119	403 B
1	imrworldwide.com 1 redirects obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com	215 B
1	bluekai.com tags.bluekai.com	145 B
1	richaudience.com sync.richaudience.com — Cisco Umbrella Rank: 1837	361 B
1	agkn.com 1 redirects aa.agkn.com — Cisco Umbrella Rank: 424	529 B
1	theadex.com dmp.theadex.com — Cisco Umbrella Rank: 29461	84 B
1	bemail.it 1 redirects bn01.er.bemail.it — Cisco Umbrella Rank: 184090	659 B
1	fwmrm.net dmp.v.fwmrm.net	411 B
1	taboola.com trc.taboola.com — Cisco Umbrella Rank: 693	166 B
1	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 677	447 B
1	creativecdn.com prebid-eu.creativecdn.com — Cisco Umbrella Rank: 6590	179 B
1	seedtag.com s.seedtag.com — Cisco Umbrella Rank: 6373	406 B
1	gumgum.com rtb.gumgum.com — Cisco Umbrella Rank: 1523	135 B
1	kiviads.com sync.kiviads.com — Cisco Umbrella Rank: 12515	197 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 350	140 B
1	loadercdn.net loadercdn.net — Cisco Umbrella Rank: 796086	170 B
1	jsonip.com jsonip.com — Cisco Umbrella Rank: 22767	448 B
1	factor.ua analytics.factor.ua	242 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 171	17 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 396	12 KB
0	contextweb.com Failed bh.contextweb.com Failed
0	admanmedia.com Failed cs.admanmedia.com Failed
350	92

	Domain	Requested by
39	buhgalter.com.ua	1 redirects buhgalter.com.ua
36	c2shb.ssp.yahoo.com	player.adtelligent.com
28	cm.g.doubleclick.net	14 redirects googleads.g.doubleclick.net buhgalter.com.ua 63660938f67a3637d11923d5813dffce.safeframe.googlesyndication.com spl.zeotap.com
15	mwzeom.zeotap.com	buhgalter.com.ua spl.zeotap.com ads.pubmatic.com
14	pagead2.googlesyndication.com	63660938f67a3637d11923d5813dffce.safeframe.googlesyndication.com buhgalter.com.ua googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
12	dsum-sec.casalemedia.com	6 redirects googleads.g.doubleclick.net ssum-sec.casalemedia.com
11	simage2.pubmatic.com	ads.pubmatic.com
11	s0.2mdn.net	googleads.g.doubleclick.net buhgalter.com.ua s0.2mdn.net 63660938f67a3637d11923d5813dffce.safeframe.googlesyndication.com
10	tpc.googlesyndication.com	63660938f67a3637d11923d5813dffce.safeframe.googlesyndication.com buhgalter.com.ua googleads.g.doubleclick.net tpc.googlesyndication.com
10	fastlane.rubiconproject.com	player.adtelligent.com
9	x.bidswitch.net	8 redirects buhgalter.com.ua
9	ib.adnxs.com	6 redirects googleads.g.doubleclick.net spl.zeotap.com
7	aax-eu.amazon-adsystem.com	4 redirects buhgalter.com.ua ads.pubmatic.com
7	www.google.com	buhgalter.com.ua 63660938f67a3637d11923d5813dffce.safeframe.googlesyndication.com
6	image2.pubmatic.com	ads.pubmatic.com
6	pixel.tapad.com	5 redirects buhgalter.com.ua
6	www.google.de	buhgalter.com.ua
6	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com buhgalter.com.ua
6	googleads.g.doubleclick.net	www.googleadservices.com www.googletagmanager.com 63660938f67a3637d11923d5813dffce.safeframe.googlesyndication.com buhgalter.com.ua
5	s.amazon-adsystem.com	3 redirects ssum-sec.casalemedia.com buhgalter.com.ua
5	pixel.rubiconproject.com	3 redirects buhgalter.com.ua
5	match.adsrvr.org	spl.zeotap.com ssum-sec.casalemedia.com buhgalter.com.ua ads.pubmatic.com
5	sync.1rx.io	5 redirects
5	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net
5	ghb.adtelligent.com	player.adtelligent.com
5	connect.facebook.net	buhgalter.com.ua www.googletagmanager.com connect.facebook.net
4	token.rubiconproject.com	4 redirects
4	googleads4.g.doubleclick.net	googleads.g.doubleclick.net buhgalter.com.ua
4	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
4	www.facebook.com	buhgalter.com.ua
4	use.fontawesome.com	buhgalter.com.ua use.fontawesome.com
4	player.adtelligent.com	buhgalter.com.ua player.adtelligent.com
4	cdn.gravitec.net	buhgalter.com.ua cdn.gravitec.net
3	ups.analytics.yahoo.com	3 redirects
3	idsync.frontend.weborama.fr	2 redirects ads.pubmatic.com
3	image6.pubmatic.com	1 redirects spl.zeotap.com ads.pubmatic.com
3	spl.zeotap.com	player.adtelligent.com spl.zeotap.com
3	ssum-sec.casalemedia.com	1 redirects js-sec.indexww.com ssum-sec.casalemedia.com
3	sync-tm.everesttech.net	3 redirects
3	ap.lijit.com	2 redirects buhgalter.com.ua
3	63660938f67a3637d11923d5813dffce.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	www.googletagservices.com	buhgalter.com.ua 63660938f67a3637d11923d5813dffce.safeframe.googlesyndication.com
3	www.googletagmanager.com	buhgalter.com.ua www.googletagmanager.com
2	pixel-sync.sitescout.com	2 redirects
2	c1.adform.net	2 redirects
2	loada.exelator.com	2 redirects
2	pixel-eu.onaudience.com	2 redirects
2	d5p.de17a.com	2 redirects
2	pr-bh.ybp.yahoo.com	1 redirects ads.pubmatic.com
2	cm.adgrx.com	ssum-sec.casalemedia.com ads.pubmatic.com
2	ads.avct.cloud	2 redirects
2	dsum.casalemedia.com	ssum-sec.casalemedia.com
2	secure.adnxs.com	2 redirects
2	beacon.krxd.net	spl.zeotap.com buhgalter.com.ua
2	dsp.adfarm1.adition.com	2 redirects
2	dpm.demdex.net	2 redirects
2	sync.tidaltv.com	2 redirects
2	eus.rubiconproject.com	player.adtelligent.com eus.rubiconproject.com
2	ads.pubmatic.com	player.adtelligent.com ads.pubmatic.com
2	id5-sync.com	player.adtelligent.com
2	mug.criteo.com	buhgalter.com.ua
2	gum.criteo.com	1 redirects
2	static.criteo.net	player.adtelligent.com static.criteo.net
2	sync.teads.tv	1 redirects 63660938f67a3637d11923d5813dffce.safeframe.googlesyndication.com
2	odr.mookie1.com	63660938f67a3637d11923d5813dffce.safeframe.googlesyndication.com spl.zeotap.com
2	ad.turn.com	2 redirects
2	onetag-sys.com	1 redirects buhgalter.com.ua
2	sync.targeting.unrulymedia.com	2 redirects
2	a.tribalfusion.com	1 redirects ads.pubmatic.com
2	dclk-match.dotomi.com	63660938f67a3637d11923d5813dffce.safeframe.googlesyndication.com
2	fonts.gstatic.com	fonts.googleapis.com
2	pbjs.e-planning.net	1 redirects buhgalter.com.ua
2	sync.adtelligent.com	buhgalter.com.ua
2	a4p.adpartner.pro	2 redirects
2	adservice.google.com	securepubads.g.doubleclick.net
2	adservice.google.de	securepubads.g.doubleclick.net
2	s.zmctrack.net	buhgalter.com.ua
2	fonts.googleapis.com	buhgalter.com.ua s0.2mdn.net
1	ads.playground.xyz	1 redirects
1	match.adsby.bidtheatre.com	1 redirects
1	pubmatic-match.dotomi.com	ads.pubmatic.com
1	image4.pubmatic.com	ads.pubmatic.com
1	sonata-notifications.taptapnetworks.com	1 redirects
1	um.simpli.fi	ads.pubmatic.com
1	cr.frontend.weborama.fr	1 redirects
1	sync.crwdcntrl.net	ads.pubmatic.com
1	green.erne.co	1 redirects
1	matching.truffle.bid	ads.pubmatic.com
1	core.iprom.net	ads.pubmatic.com
1	csync.loopme.me	1 redirects
1	sync.srv.stackadapt.com	1 redirects
1	cms.quantserve.com	1 redirects
1	dis.criteo.com	ads.pubmatic.com
1	sync.mathtag.com	1 redirects
1	px.ads.linkedin.com	buhgalter.com.ua
1	cdn.indexww.com	ssum-sec.casalemedia.com
1	s.company-target.com	1 redirects
1	lb.eu-1-id5-sync.com	player.adtelligent.com
1	obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com	1 redirects
1	tags.bluekai.com	spl.zeotap.com
1	usermatch.krxd.net	1 redirects
1	pixel.mathtag.com	1 redirects
1	sync.richaudience.com	spl.zeotap.com
1	aa.agkn.com	1 redirects
1	cms.analytics.yahoo.com	1 redirects
1	bcp.crwdcntrl.net	spl.zeotap.com
1	dmp.theadex.com	spl.zeotap.com
1	bn01.er.bemail.it	1 redirects
1	loadeu.exelator.com	spl.zeotap.com
1	dmp.v.fwmrm.net	spl.zeotap.com
1	trc.taboola.com	spl.zeotap.com
1	dmp.adform.net	spl.zeotap.com
1	contextual.media.net	player.adtelligent.com
1	js-sec.indexww.com	player.adtelligent.com
1	s.ad.smaato.net	1 redirects
1	r.turn.com	63660938f67a3637d11923d5813dffce.safeframe.googlesyndication.com
1	s.tribalfusion.com	buhgalter.com.ua
1	grid.bidswitch.net	player.adtelligent.com
1	bidder.criteo.com	player.adtelligent.com
1	prebid-eu.creativecdn.com	player.adtelligent.com
1	htlb.casalemedia.com	player.adtelligent.com
1	s.seedtag.com	player.adtelligent.com
1	hbopenbid.pubmatic.com	player.adtelligent.com
1	prebid.media.net	player.adtelligent.com
1	ghb1.adtelligent.com	player.adtelligent.com
1	rtb.gumgum.com	player.adtelligent.com
1	sync.kiviads.com	player.adtelligent.com
1	eb2.3lift.com	player.adtelligent.com
1	loadercdn.net	buhgalter.com.ua
1	region1.analytics.google.com	www.googletagmanager.com
1	id.gravitec.net	cdn.gravitec.net
1	jsonip.com	buhgalter.com.ua
1	analytics.factor.ua	buhgalter.com.ua
1	www.googleadservices.com	buhgalter.com.ua
1	cdn.jsdelivr.net	buhgalter.com.ua
0	bh.contextweb.com Failed	ads.pubmatic.com
0	cs.admanmedia.com Failed	player.adtelligent.com
350	137

This site contains links to these domains. Also see Links.

Domain
i.factor.ua
factor.academy
buhgalter911.com
reklama.factor.ua
bit.ly
fit.com.ua
www.youtube.com

Subject Issuer	Validity	Valid
buhgalter.com.ua Sectigo RSA Domain Validation Secure Server CA	`2022-10-31` - `2023-10-31`	a year	crt.sh
*.gravitec.net AlphaSSL CA - SHA256 - G2	`2022-03-22` - `2023-04-23`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-02` - `2023-06-01`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
player.adtelligent.com R3	`2022-11-18` - `2023-02-16`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-09-23` - `2022-12-22`	3 months	crt.sh
*.factor.ua Sectigo RSA Domain Validation Secure Server CA	`2022-12-10` - `2023-12-10`	a year	crt.sh
s.zmctrack.net Sectigo RSA Domain Validation Secure Server CA	`2022-04-20` - `2023-04-25`	a year	crt.sh
jsonip.com R3	`2022-11-12` - `2023-02-10`	3 months	crt.sh
ghb.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2022-12-03` - `2023-03-03`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
loadercdn.net R3	`2022-10-12` - `2023-01-10`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.3lift.com Amazon	`2022-05-13` - `2023-06-11`	a year	crt.sh
*.kiviads.com Sectigo RSA Domain Validation Secure Server CA	`2022-07-25` - `2023-07-25`	a year	crt.sh
*.gumgum.com Amazon	`2022-05-06` - `2023-06-04`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2022-06-27` - `2023-06-05`	a year	crt.sh
ghb1.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2022-12-06` - `2023-03-06`	3 months	crt.sh
*.media.net Sectigo RSA Domain Validation Secure Server CA	`2022-04-06` - `2023-05-04`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.seedtag.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-28` - `2023-04-28`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-08-02` - `2023-01-25`	6 months	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-17` - `2023-04-12`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-31` - `2023-01-26`	3 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2022-04-05` - `2023-05-04`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-24` - `2023-03-27`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-11-08` - `2023-02-04`	3 months	crt.sh
*.id5-sync.com R3	`2022-11-09` - `2023-02-07`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
*.v.fwmrm.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-09` - `2023-12-10`	a year	crt.sh
*.exelator.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-08` - `2023-06-10`	a year	crt.sh
dmp.theadex.com R3	`2022-10-26` - `2023-01-24`	3 months	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2022-05-01` - `2023-06-02`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2022-10-20` - `2023-10-19`	a year	crt.sh
*.richaudience.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-11` - `2023-03-10`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-26` - `2023-03-01`	a year	crt.sh
*.eu-1-id5-sync.com R3	`2022-11-09` - `2023-02-07`	3 months	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-01` - `2023-03-28`	a year	crt.sh
aax-eu.amazon-adsystem.com Amazon	`2022-07-20` - `2023-07-19`	a year	crt.sh
*.iprom.net R3	`2022-12-05` - `2023-03-05`	3 months	crt.sh
truffle.bid R3	`2022-10-03` - `2023-01-01`	3 months	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2022-11-07` - `2023-12-08`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-11-08` - `2023-05-03`	6 months	crt.sh

This page contains 43 frames:

Primary Page: https://buhgalter.com.ua/
Frame ID: 4D72F6EB6F202F6663FD647ACC665965
Requests: 253 HTTP requests in this frame

Frame: https://s.zmctrack.net/z
Frame ID: B342387FE15A11BDF4D2AB45749C3B19
Requests: 1 HTTP requests in this frame

Frame: https://id.gravitec.net/
Frame ID: 04D3507975F5269C0C48E38B1A298C1E
Requests: 1 HTTP requests in this frame

Frame: https://63660938f67a3637d11923d5813dffce.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E563377BC0DE2DB71674D2247CD04891
Requests: 1 HTTP requests in this frame

Frame: https://cs.admanmedia.com/981e2a0ec1c40493e59b139b8db4f728.gif?puid=[UID]&redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D737612%26extuid%3D%5BUID%5D
Frame ID: 24A1A54AC6EE2408FC5ECC6101401F9F
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D738167%26extuid%3D%24UID
Frame ID: EB3BFE5D309BA5E49DB5B662CFC0D3BB
Requests: 1 HTTP requests in this frame

Frame: https://sync.kiviads.com/8d39819b61aa03f45b0ece15913fb28c.gif?puid=[UID]&redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D739302%26extuid%3D%5BUID%5D
Frame ID: 15F3D351A546B8F673DBDDE77F6BF63E
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/prbds2s?gdpr={&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D739542%26extuid%3D%24%7BUID%7D}&gdpr_consent={&us_privacy={us_privacy}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D739542%26extuid%3D%24%7BUID%7D}&us_privacy={&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D739542%26extuid%3D%24%7BUID%7D}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D739542%26extuid%3D%24%7BUID%7D
Frame ID: 9E0D250F26078EFAE8BBCD16B6127D0F
Requests: 1 HTTP requests in this frame

Frame: https://s.zmctrack.net/z
Frame ID: 6F320960C9C566D96E7DFB347CE8AF2A
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: A8D0F40BC9CDDA8DFD62FE7C1D43335F
Requests: 1 HTTP requests in this frame

Frame: https://63660938f67a3637d11923d5813dffce.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 95F333D0B6ADB42BCBBDCE74FD893A69
Requests: 16 HTTP requests in this frame

Frame: https://63660938f67a3637d11923d5813dffce.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B82B88E0508468550BBC3F7BB2991B82
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJrvERDJ3dqUAxjk_bzBATAB&v=APEucNVPKINiO9iDfEpaCS0x6hoBsHUxDib-jBxCmiqkEkgKdUK4VH3OK1poZENYUZEkLGGrk8-AgT4UBbcTI6LhqdLHkAoY2XLivwe-t7ivTJe4UtAVRjGRbP9oBJy-Xsv_A47nsz88OPXYoNLxStuju02jC278Xnj84Vad4bUeaL0yqNFXqFY
Frame ID: 1254FBC3B40AAD60F139CA70CF538426
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJLb8f8CEPiFm4EDGN7SzdsBMAE&v=APEucNVIpNbFxY3XVgj0D6OW8APmq_G_DFt8JYCcoBAjF2M8ZiaxduZv6IK5Mt2XKEYRuHXkC85G7SIIxWnBzxfxBc6cNzh79JO20ZdAcgxNTNcchusNqd7pU9PmFhqIMP5X21apEv5-aYYJEKYIi8VJas6r-zmhMtzyGl4G249OTESzrdemTJw
Frame ID: 2FDDB772823D0706ED00681755573C57
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AyWwIB2j41Fb7-zd3NPXRjBFOpZrKzAJWSv6tHIALYxwuijKViBU23JvGMJKqmGtM_6UOvX6VEvNwObjeN3mLyQfMAi6Vl-Ckuy4nWOGVpaTQKe23axj2h4JdtGQq-rqIQBJkOWrgaeBpukumvBg5dX1GZSpWab2jStOnJ0ZcPK5NDbPs&cry=1&dbm_d=AKAmf-BMRSkxFMq2NwclizECFNWC8FEsXjRCO0NA0cxXVmJtXtmbiqPFcN-vVR8JL0pr2dxJE4_fU2sT-kkmJfVaf1PzDX4DbXKJEh61c6WMhUGicXlXmoE-Bv0d8onSl_PG4sIIqi_F8jJN5pTje9LVigyB87WFB7I3uC5aNzZsMcgZOagGhCTkX-t4hqtkJgblI3ge82OO0WAgeRCOxkkLvuEKnqkv7pp_qFK6uTE9ZOlqrWHDd5v-kMuZYDYiq-VerS-Y1PM5V5v-7YbNWwVnVlRvPju2pUH_1r5p5WKc9UvgaqYwQjybPoTlWYoNSCzmOzWi7P7p4EVTQm-w80NmoPMuwDCB1-wsuZiaEg_20zEjh0WcSNlW9CJ8xYZDNAa8wIX2Rx7WD8qJmgDT-RvFz1ofIsX4qVoM9-gdqA7sKQbNPmQHYZYKMjQUm9BQ5NsGC82QEV1tQFRa_yzAZrYBXdLLlPVccmYClCVRcJ0hLl-61mFrGMI3mVS4GqkUKDdETQu55op-h8OaGBfGCre9WLmWnGv2M1U9Ti1MOvRgsfPJFNgjzUMC6c9firxvikiDliyQi5dl1BLEIISU4_6iAo4yzN3fvh6XqmpcwMHCCi-hIsnwy3xNw-mADf_LkLm8XKO0n04e4bYEW3c2b7mp-IHakal-EiS_Z7qgDRJjlSeoRqQ-aH1OYRd9TcXVGtPw3__C7LSJ4HzJbn1irFMAbtvP4KC5EhcYbQo4bUridl0X2ljT9YMg1ZVyWvmuFUibhL3OTPrlfFREs2FjwgBrhep0N0WaNMoJisMRm26Vlb7rdlhc82NLxXde2VI7InFnbMgR4zUj3NZwnuM23LKP2xdthjuvupuHthwtGKsaV8eN3mZTkEQrY77nFbh9xSukikwh6pWenactnu-ZLbCa9jaExko5OIuyNWGF4ggpiryPSlbGTqfasw2zW5kmgrIf1PmibkX0Tq1qGQX8p0MukEJIITGkIEhTlImc_ywoZW-7jW7NE18mFI53wGc6CZPGhiaeDI_jL7ehsv2QEiS6On_GDnp7c368vcJP_-Xb_7FjE7IJThOl3Q2TEje8ZEsbjWEzhweONncf0qpV_k1PBxu_ZhZ2QZrVOtdSzjRqViYWKK2t22-F6SPBBcVrtwx2vvmBClU2UMLw_VTVDOGXXfEVOMKuNDKUVsBNOeJo2wEG6q20A5sGKZc1N3CAHVqU3Ea3Y51vkKB3z9SmJ8Df1_P0rA31oRHBSHnhwPa5RrLyS57OFZNQYG1YOv6EODpsnvKOzEuODWc05f2T0KQhMoGZa3g1ANbEVt3mzzTwjJlwodZdBnD1cloh8og-pFhC_vFiowqMxGNyOnU4uYINNo-5rxypM7DZrG20CV9ouiT7qFOI3UH6j8lRCNxRfPxp1c43zowYz2h4JXtv5HeiPS-oUV7RzHdv6FZDkyLtB-jpqbyyOjSeJQN8QAQRT5lBCoxlt575NXs_8xZAqtumZir7tLTSSfyRM9ljjPDjUSIfVmeob9i-HXEvQh99cMRg_8mAcdc-xpir7Zdc8VGbGTd8CVK5-dEHV99tDgJfVVkQzTSzBFGSiahWFrCXcnUkWIZSlLbZ35Zfrwne0wz4CKdIuxDLNSRXcp_Hht2tuOwo8hLBfm7_CXLTfFKt5PrxKws3RgdaQPJLbheJuvGWz0tgHUgRgeDcum_giwiwj6l_H6S7tYuwiA6CSr2vkhmLRJsIDyYbRR1QZXy3FnUSUx5RK0nzLcFwBdg2VnYFyDJ60T58guMPbYDs83YojOn0foWnzbnJPFFM5HcsOXzDf3Xfjvk9cY9xXRzyt2-B8cEBJE-nlTDdeE30nn8wKq30oqS2hjDq0qFGePCDtjMBAaJl8LsvaUveqeqV01L0dMYJwL8osBLYxAORUJDa4yw20uSHDw5zN2hjE3n1NKY2pIjhYQlephNRQpJyAnUJBP223JR0VLBmySdUR_v8I01HyJaxLE__AWz9Pdbmu6QeD8crlMJa9t2tx0yXqdFvjbe7wUY39zVBNrNtxGlButuPKH5X9UaYsKntGbrWzyk2Wpklor-ZRhb6VuBVDnAPXe1Hy1lp9xP0VR61q9s8p2I8tnu7ndL6f8IutPFgVDvrVjyPGW-4vDqyx1t1ptv_hsmuAjrhv41lIzpb8QmP1nFrMSLCInFTHgbHFcdbNoZdEplVOVg8cQHd8iVK2IhYjDSXrJF0JmjYWlcqGHDNXQF-lB7CMo-5jI_kDnWFTSqYpl-qxURmVyjm6PsOEcPpwF2rJ6DI_aPoaYMOtPVvvWPrcVQxBj54vEkSdMHhiKP386zATuS5TXUyOCkNVqyvQzFd4keU4zdPFqalIAh9rHv3aKOzfJ8nv2Je6mMd4nBpPeo6dgcKMqbBTpDIeFMfQg-I5iS5k2Nx9Bs-UdaqIwVYhbKcx3r970n1j1dcs5OmPXL8zDyoRncdJ-Yst00wRNwVLXLlzryIdELyfxRUYRv8NIDMpC9zll_3PfjIDJnsyTN6YP2FPP2totOezpFU3JTMin2aqaydt5-goRKo0ky4tNCDrsoBCoO-eUa3VLdaUVir6FariacfpvTA9Mp21uW97FyVKbk51wDdg_UeNyP2D0Go22mHuCdv7_pGvjfvmWAnF7juAF74g60G7Zs7WdXmJKI0FI4Rid1W7SIv0HRydj8gToGg7UPlmdRD31Z1YvGNIvq53ozA_5bwQ7Byf8KFRrmlR3gbznZ9rneC6fxEiMvBcillulkAPVp04MlZiUkFYmsdIMhUJhuG1gnODD6zv4yngvMCVB6V0dlRPwNMQSHzECRsW5vxrl1whqW3LL1HxudIMG24Efk2sGuVAFtwHc8zuHGuRU0gZkWjTnqoUwGUmVvBI2JecEiuZ0i2ojgZqR-KqKo88RRFhAH98IYNv7KHT9We-SWhkcFuzo7VRloxQYE9fyiIvGINBbhAuMjaupRz9SKa8Fcr0q9dVT7qWBQ2-IVTcXOHhj7IlAFfZ80sUnsibOEZZGaWzJ6tsmf6FtfVakNn1uYEvmkMwz7r_qJPBQ2qAuZ4bYdCwomb6g13ecoV9SkxS4Dw5K3m9HnCrCnMpwaktXmaWXvI8RQ8DaHW5GgHU7blmO9WKmev7GD0AMHLSmEjvjQV7Lh4M2bCFxUxHG1YiCSsuxmlWpQ-UijB9vOydHnw1e2sEZTwActRuHgTvtWW_1LV_EGF46iR-mT9DTXNmwRqx1wfJKPxp6YPaG5qp0qaDXVMJ_5mqe0TJYqJKvpeDjsRSAuLUpGo2Al9K2DuCBoMbFrWTd_KKs1oeihrGavh4kBymxmaejudE9ZRopfx4rJNuO-W4EdwNi4hOZuGN1uQDQ9H002JuQlGwI1W2Mf6aC_3rGM_K18Ebgep8iTPBCgtdjBPvdXJ1jU6DeT7GaM28TpTILAaxlfrRoboPv3XVYadLPR46ni2ezn7PvcpTyDa5yF3eqyT8uz00jl4vNt7kaNV9CQI9WQINzRPsrHZJ1flaUFty2UfSRFXPM5vF_ePU1ItaPauHuAZhDZWaHNuXtYyoWnOEmpE-5C7eHjcbz_Y80pZOC1Mx7aSLgIk5IlWU1-hjqyHmb3yRf9f19Af2drcbF3seU2Q4wbr-kFJoGb4u_ZQ8td7cRIkqlhmfCtoG2DneyRz1mJp3dXVYKFeFhbHD7agKTCECKQZqzSpKHs-unQOzM09kfObM7Y-oohhxmsZy7xEgPAfUc_y7SbDq5ujkK4rGZeXLZbvoyTWKO_dPqNQBBIbpN9QKd7A_AtBQH9tGGoVeebxG1u5HwpaVnuNn9ODzT5ovDtIijRSmOk5gjbMwf4yGu1GO9UPMgz7Gwg9UY_oZTAIc7AQJFJ_T_rON62wv3NTwEHqK25X3XDh_vKdueKBl0Tdrs3bYnJfQobOlU3FjeTMrmOspjhAOGqh78y__NRA1VCYrZuOPgbOjZLY0k70XrIxRxceSRNX3j2BQp6Dzv9q3Q&cid=CAQSPADq26N9lJLg7VxNs-dSZz-4U8NPiILjgHDY43R8_Yjh_trA_iLaFPp_G6aoUr8Tvk9n-qLA9FLgYeS-OBgBIBM&rfl=2%2Chttps%253A%252F%252Fbuhgalter.com.ua%252F%240
Frame ID: 1FCD485A7320D47E5A5FCEC568ADF232
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0E20A9F0838C7EDA975299EEA8F6CD00
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 912826B144C3D7B2019B25DAF4387300
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 653225071355C10B69A33C942F95E3A7
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/4095438321315498643/index.html
Frame ID: 3416B56A2576CECB272B37D970D7BF0C
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 48787F91AB6929A074F9666FFC6940B6
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Frame ID: AFD3CBE99902375E602BBF20C56AD028
Requests: 19 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 2C57377270B2E97C7A7B1910319ED42A
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=0
Frame ID: CFD581F5CAE01058A0DC3388FF6F3854
Requests: 10 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU816538&prvid=2034%2C2011%2C2033%2C3022%2C2030%2C3020%2C251%2C273%2C175%2C2009%2C178%2C255%2C2028%2C3018%2C2027%2C3017%2C214%2C2025%2C237%2C117%2C3014%2C97%2C99%2C77%2C38%2C3012%2C3011%2C182%2C3010%2C261%2C141%2C222%2C201%2C3007%2C246%2C301%2C4%2C203%2C225%2C10000%2C80%2C108%2C9&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 01567D7CE4AD6D4157C162250895CF49
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=064e9932-3f55-42d0-7d35-1765ffd6a85c&reqId=c8c10f56-8495-4ae7-51f6-d0824dda76f2&zdid=1361&cmp=0
Frame ID: 60C7B40BEA18F11F8DB1E92E65D86D1E
Requests: 34 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fbuhgalter.com.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: DE70FBAD0487685A2D064183BD6102A2
Requests: 10 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:f808639a-73e2-4f00-912a-46dbf885b260&gdpr=0&gdpr_consent=
Frame ID: 159E6CC1C652EBC91C1F9324FEF4320D
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5696810804952334747
Frame ID: 17290656075813CCEF480C8E5D651CC7
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 431EB1176042A859FB7DABD0EEEF5C4C
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=D050161B-22FA-4ABA-8A36-568D0D9A28EF&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: B25EC9461C125AA5922E6CC712BCEEBA
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1092344996700675478&gdpr=0&gdpr_consent=
Frame ID: 704A9AA26E12CE04358FE7CFFC8C7F10
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=97cBS_a3XRjstVtMouYVGqPmDx3stFwT8LN-aMdA
Frame ID: B9755459AC99323E9E5F18EA720FF9BF
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7177176366390769809&gdpr=0&gdpr_consent=
Frame ID: 7DADEC5739E18B33AF0DA80EA21FB638
Requests: 1 HTTP requests in this frame

Frame: https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAEvbE7HNOgAACEBXfWENg&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D2248455061056628094%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0
Frame ID: F927B620EFCDC4E1C1749F32C0BEE079
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=Jhf9F5nuQKxQoXby6XAzd1LHgis
Frame ID: C0E61DF7F90790775EC73B6C151317BF
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y5pz3wADgMfYFgAe&gdpr=0&gdpr_consent=
Frame ID: 5B41EC7BCD8CC47BF4ED33F9C1709250
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: FEC153F538B41A5A8FDDA0822A6AD742
Requests: 1 HTTP requests in this frame

Frame: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 2AA037A2C9B46D8FF8C36D6AD2609D06
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: B914A2E2ADD4D02186882AD7A79D53E2
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=501187715
Frame ID: 8B9FF18C387F21641F25524D1DD6459F
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 3AA5A7E2573C76C624044609B8CF3913
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: 0F5EE65D4DE9701FBA6E0EFE7C95E507
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=39puKE4JaUMYnTQYaRXTXWUX
Frame ID: F63DED21AFB02146D365D0470827A611
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Сайт для бухгалтерів бюджетних установ

Page URL History Show full URLs

http://buhgalter.com.ua/ HTTP 301
https://buhgalter.com.ua/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

350
Requests

81 %
HTTPS

31 %
IPv6

92
Domains

137
Subdomains

93
IPs

13
Countries

2510 kB
Transfer

6615 kB
Size

88
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://i.factor.ua/?utm_source=all-sites&utm_medium=top-menu&utm_campaign=from-top-menu
Title: Factor Електронні версії бухгалтерських журналів

Search URL Search Domain Scan URL

URL: https://factor.academy/?utm_source=all-sites&utm_medium=top-menu&utm_campaign=from-top-menu
Title: FactorAcademy Онлайн курси, вебінари для бухгалтера

Search URL Search Domain Scan URL

URL: https://buhgalter911.com/?utm_source=all-sites&utm_medium=top-menu&utm_campaign=from-top-menu
Title: Бухгалтер 911 Бухгалтерський облік, оподаткування, звітність

Search URL Search Domain Scan URL

URL: https://reklama.factor.ua/?utm_source=all-sites&utm_medium=top-menu&utm_campaign=from-top-menu
Title: РЕКЛАМОДАВЦЯМ

Search URL Search Domain Scan URL

URL: https://bit.ly/2Xc9ih4
Title: Відео

Search URL Search Domain Scan URL

URL: https://fit.com.ua/?utm_source=buhgalter.com.ua&utm_medium=top-menu&utm_campaign=fit-budget-2
Title: FIT-Бюджет

Search URL Search Domain Scan URL

URL: https://i.factor.ua/ukr/complect/premium/?utm_source=buhgalter.com.ua&utm_medium=left-button&utm_campaign=pro-2022
Title: PRO-доступ

Search URL Search Domain Scan URL

URL: https://bit.ly/2TJ43qe
Title: Архів чату

Search URL Search Domain Scan URL

URL: https://fit.com.ua/?utm_source=buhgalter.com.ua&utm_medium=footer-menu&utm_campaign=fit-budget-2
Title: FIT-Бюджет

Search URL Search Domain Scan URL

URL: https://i.factor.ua/complect/premium/
Title: PRO-доступ

Search URL Search Domain Scan URL

URL: https://bit.ly/3eOTfff

Search URL Search Domain Scan URL

URL: https://bit.ly/2XonSCj

Search URL Search Domain Scan URL

URL: https://bit.ly/2XoPSWH

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCmwRxt86epRSvAdM_Crlp3Q

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://buhgalter.com.ua/ HTTP 301
https://buhgalter.com.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 105

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=f911df3a-fde1-472d-98a3-9fd51c9b7037

Request Chain 114

https://pbjs.e-planning.net/pbjs/1/2e43c/1/buhgalter.com.ua/ROS?rnd=0.9799779929174219&e=728x90_0%3A728x90%2C970x90%2C1x1%2B468x60_0%3A468x60%2C610x90%2C620x90%2B160x600_0%3A160x600%2C250x600%2C250x500%2C250x250%2C240x400%2C240x500%2C250x400%2B160x600_1%3A160x600%2C250x600%2C250x500%2C250x250%2C240x400%2C240x500%2C250x400%2B970x90_0%3A970x90%2C1420x90%2C1420x180&ur=https%3A%2F%2Fbuhgalter.com.ua%2F&pbv=6.25.4&ncb=1&vs=FFFFF&crs=UTF-8&fr=https%3A%2F%2Fbuhgalter.com.ua%2F&gdpr=0&e_pubcid=e3415b79-cd05-4e4b-84d3-010ed87fe589 HTTP 302
https://pbjs.e-planning.net/hb/1/2e43c/1/buhgalter.com.ua/ROS?ct=1&r=pbjs&rnd=0.9799779929174219&e=728x90_0%3A728x90%2C970x90%2C1x1%2B468x60_0%3A468x60%2C610x90%2C620x90%2B160x600_0%3A160x600%2C250x600%2C250x500%2C250x250%2C240x400%2C240x500%2C250x400%2B160x600_1%3A160x600%2C250x600%2C250x500%2C250x250%2C240x400%2C240x500%2C250x400%2B970x90_0%3A970x90%2C1420x90%2C1420x180&ur=https%3A%2F%2Fbuhgalter.com.ua%2F&pbv=6.25.4&ncb=1&vs=FFFFF&crs=UTF-8&fr=https%3A%2F%2Fbuhgalter.com.ua%2F&gdpr=0&e_pubcid=e3415b79-cd05-4e4b-84d3-010ed87fe589

Request Chain 270

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGLxJaf_7TMcsXhvJzCBFI4&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGLxJaf_7TMcsXhvJzCBFI4&google_cver=1&C=1

Request Chain 271

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y5pz3456teAAY4OSEXIGQwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGLxJaf_7TMcsXhvJzCBFI4&google_cver=1

Request Chain 272

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEEg59MCtO9qM6BPaaFjOFPo&google_cver=1

Request Chain 273

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTA5MjM0NDk5NjcwMDY3NTQ3OA%3D%3D

Request Chain 274

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGLxJaf_7TMcsXhvJzCBFI4&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGLxJaf_7TMcsXhvJzCBFI4&google_cver=1&C=1

Request Chain 275

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y5pz32lSShwiiuUtlx.O.QAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGLxJaf_7TMcsXhvJzCBFI4&google_cver=1&google_hm=2

Request Chain 276

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEEg59MCtO9qM6BPaaFjOFPo&google_cver=1

Request Chain 277

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTA5MjM0NDk5NjcwMDY3NTQ3OA%3D%3D

Request Chain 295

https://a.tribalfusion.com/i.match?p=b6&u=CAESEMYWvnCIr8d8yB1ufMqwRLE&google_cver=1&google_push=ASkJ3FZm5s-ixI0JM5IUk_7Y2R9t8D35-eah3elqbk0A30zNLSpLFSWSRezyTUkf3V3qZegx6y9jvknpClWz8JIdgABtMbYLhRQ2&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DASkJ3FZm5s-ixI0JM5IUk_7Y2R9t8D35-eah3elqbk0A30zNLSpLFSWSRezyTUkf3V3qZegx6y9jvknpClWz8JIdgABtMbYLhRQ2%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMYWvnCIr8d8yB1ufMqwRLE&google_cver=1&google_push=ASkJ3FZm5s-ixI0JM5IUk_7Y2R9t8D35-eah3elqbk0A30zNLSpLFSWSRezyTUkf3V3qZegx6y9jvknpClWz8JIdgABtMbYLhRQ2&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DASkJ3FZm5s-ixI0JM5IUk_7Y2R9t8D35-eah3elqbk0A30zNLSpLFSWSRezyTUkf3V3qZegx6y9jvknpClWz8JIdgABtMbYLhRQ2%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 296

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEN5fNXu2VP7Q5TODGxZd3g0&google_cver=1&google_push=ASkJ3FYi97j9DmAsF0wXw9FkyJ5XafgetQpLsjD3PTg7inUUV92caz6QLrXJS0h7Hq2BS-WbzTaZXWgliCCCmigJeWTKXFVNz9qbnA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEN5fNXu2VP7Q5TODGxZd3g0&google_push=ASkJ3FYi97j9DmAsF0wXw9FkyJ5XafgetQpLsjD3PTg7inUUV92caz6QLrXJS0h7Hq2BS-WbzTaZXWgliCCCmigJeWTKXFVNz9qbnA

Request Chain 297

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEBpSfM7fPvMu1yVdJ4K40f8&google_cver=1&google_push=ASkJ3Fbx9tTZ0cmC2mA5FTUNaU417wkclONGl2d9FIvMM2HAUffLKtn77_WaseamBNSAPPUAUsibZUx_wBJovhmFweRrNnQVmi64 HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEBpSfM7fPvMu1yVdJ4K40f8&google_cver=1&google_push=ASkJ3Fbx9tTZ0cmC2mA5FTUNaU417wkclONGl2d9FIvMM2HAUffLKtn77_WaseamBNSAPPUAUsibZUx_wBJovhmFweRrNnQVmi64&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ASkJ3Fbx9tTZ0cmC2mA5FTUNaU417wkclONGl2d9FIvMM2HAUffLKtn77_WaseamBNSAPPUAUsibZUx_wBJovhmFweRrNnQVmi64&google_hm=F0UlCGZHxdQjbuqIQzyIGmoa

Request Chain 298

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEPFdrJYRsyZJ2wyl-b68z1A&google_cver=1&google_push=ASkJ3Fb1PkcEA3bXxy_1Tw4cvJ4WKY7drH9uMJmRL8MKEvbGCTk8VSsvy6caalLLiogu2crBU3ij0QDUFjSxXJGd3oCeIpeskUgX HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=ASkJ3Fb1PkcEA3bXxy_1Tw4cvJ4WKY7drH9uMJmRL8MKEvbGCTk8VSsvy6caalLLiogu2crBU3ij0QDUFjSxXJGd3oCeIpeskUgX&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1671066591801 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-fc43c8e5-2e98-4280-8243-0b83583ac071-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DASkJ3Fb1PkcEA3bXxy_1Tw4cvJ4WKY7drH9uMJmRL8MKEvbGCTk8VSsvy6caalLLiogu2crBU3ij0QDUFjSxXJGd3oCeIpeskUgX%26google_hm%3DA_xDyOUumEKAgkMLg1g6wHE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ASkJ3Fb1PkcEA3bXxy_1Tw4cvJ4WKY7drH9uMJmRL8MKEvbGCTk8VSsvy6caalLLiogu2crBU3ij0QDUFjSxXJGd3oCeIpeskUgX&google_hm=A_xDyOUumEKAgkMLg1g6wHE

Request Chain 299

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEOzmRrCAmVq3GHPiMUiyWrA&google_cver=1&google_push=ASkJ3FaLeUDrtM1QeFDiTvTRhHzHX8HjiiAPSDVg7csFW5Al-tsBOI7NSDFUZwmrlToeQ7-xaCQ7ZRhUw1HFP7k6lWUHzWisYuoaSWk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ASkJ3FaLeUDrtM1QeFDiTvTRhHzHX8HjiiAPSDVg7csFW5Al-tsBOI7NSDFUZwmrlToeQ7-xaCQ7ZRhUw1HFP7k6lWUHzWisYuoaSWk HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 300

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEJOiJfIAu1IDj8F2TfsIQgA&google_cver=1&google_push=ASkJ3FZuCbZ_R4Tshtey1tWpyoeRWwXOJR_XD7U5b5KeSTgKAwZwu7UsBKfnMqjsKyoWol-RD9MAItFi1ASfjuTFIZfoGiZU0BTn67Y HTTP 302
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEJOiJfIAu1IDj8F2TfsIQgA&google_cver=1&google_push=ASkJ3FZuCbZ_R4Tshtey1tWpyoeRWwXOJR_XD7U5b5KeSTgKAwZwu7UsBKfnMqjsKyoWol-RD9MAItFi1ASfjuTFIZfoGiZU0BTn67Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=04d829f4-4230-497d-a318-8bb385a64aad&%%GOOGLE_PUSH_PAIR%%

Request Chain 305

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEI-zQ3K585djV2EZoNjYe6M&google_cver=1&google_push=ASkJ3FY8EghWYXQD6-ysVrWA7AtcMdD_onMZVUl2Cc_EuRwbfGqWMU5L4DZSxMrymm4_tME-M2UrdHKHr4BCBHqugICFpfI00qMwsj4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Nzk5NDQ1NzI2NTQzNTg2MTk0OA==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEI-zQ3K585djV2EZoNjYe6M&google_cver=1

Request Chain 308

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEIpVOVbrE_oTfkyJR8Qb0nM&google_cver=1&google_push=ASkJ3FYmSuuedspladQshAUZUGjLG0bAiVoR91qDrhEt3_dhaipx7CNm_I9c9RhEmDFXFTUkGllckInsfD19vcWOH8a1_HYts9TD7w HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIpVOVbrE_oTfkyJR8Qb0nM&google_hm=Y5pz32lSShwiiuUtlx-O-gAADTgAAAAB&google_nid=index&google_push=ASkJ3FYmSuuedspladQshAUZUGjLG0bAiVoR91qDrhEt3_dhaipx7CNm_I9c9RhEmDFXFTUkGllckInsfD19vcWOH8a1_HYts9TD7w

Request Chain 309

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEMVN-PH5zRVdkPfFZo7kadU&google_cver=1&google_push=ASkJ3FYEHcfytkyLSwyOsWYPXR0VtcjkStvZXrCD5MBlHb6jO1Mf2xTJf6Rg6RzQ2Y0ZGN9_U3pmiK-Hey-YjsuRKYlOAdHFZ5tOx1Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ASkJ3FYEHcfytkyLSwyOsWYPXR0VtcjkStvZXrCD5MBlHb6jO1Mf2xTJf6Rg6RzQ2Y0ZGN9_U3pmiK-Hey-YjsuRKYlOAdHFZ5tOx1Y

Request Chain 310

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEPFdrJYRsyZJ2wyl-b68z1A&google_cver=1&google_push=ASkJ3FaSK2k5vB1V6-y9uG51KLdkFB99ymx5Flc_rQ7scnuyE0d69Jdz9yvyBQC1HLRPW1MgZ8IXfBILxw8hpxCF0Uj9eI4GJNVZSw HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=ASkJ3FaSK2k5vB1V6-y9uG51KLdkFB99ymx5Flc_rQ7scnuyE0d69Jdz9yvyBQC1HLRPW1MgZ8IXfBILxw8hpxCF0Uj9eI4GJNVZSw&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1671066591801 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-fc43c8e5-2e98-4280-8243-0b83583ac071-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DASkJ3FaSK2k5vB1V6-y9uG51KLdkFB99ymx5Flc_rQ7scnuyE0d69Jdz9yvyBQC1HLRPW1MgZ8IXfBILxw8hpxCF0Uj9eI4GJNVZSw%26google_hm%3DA_xDyOUumEKAgkMLg1g6wHE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ASkJ3FaSK2k5vB1V6-y9uG51KLdkFB99ymx5Flc_rQ7scnuyE0d69Jdz9yvyBQC1HLRPW1MgZ8IXfBILxw8hpxCF0Uj9eI4GJNVZSw&google_hm=A_xDyOUumEKAgkMLg1g6wHE

Request Chain 311

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEIwx7sAgnmfvNGrG5Xgxzjg&google_cver=1&google_push=ASkJ3FYMiKYjrlbEvAEcvaE-VpRkC4d97wnlDAxkDr8QIgbSwWy8TiZ6tlB7J7KDV4IQzdNFrquvbWYUuHayRRuZ4mKG0dBvmSs9g6Wp HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ASkJ3FYMiKYjrlbEvAEcvaE-VpRkC4d97wnlDAxkDr8QIgbSwWy8TiZ6tlB7J7KDV4IQzdNFrquvbWYUuHayRRuZ4mKG0dBvmSs9g6Wp HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 333

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fbuhgalter.com.ua%2F&domain=buhgalter.com.ua&cw=1&pbt=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=EYCf1HxCYjJDemJneVg3eTU4MHAvZ29pNGRXeXFEU0JPOTZxVEU1dkg2UGQ0VXpESE5lUG9HakZTVm5CTEZISDhjcDJqVlNrK1NUci9zbFEyWHMyWE5Qemd0RnJtdklOTzFDZzNvWVNlclNzTm02SDcwbUt4V1dWeHlaVS85c1JWSFhRWkx4dGYrOFN1SVE5OTNsZjQ0d2dXdmZhU1UwWlFrYUJkbE5MdzdrTTUwTHUvWFkxTDZBSy9SSEtGK2ZLTllzRk5yT1p5T1hxR0lGaDFKTjN0YjZ4aVJyTkczYXZTQXZoK0hmSlNObnJxWTJzPXw&cppv=2

Request Chain 340

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=f911df3a-fde1-472d-98a3-9fd51c9b7037

Request Chain 341

https://x.bidswitch.net/sync?ssp=themediagrid&gdpr=0 HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=3205&partner_device_id=04d829f4-4230-497d-a318-8bb385a64aad&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D437%26ssp%3Dthemediagrid%26user_id%3D HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3205&partner_device_id=04d829f4-4230-497d-a318-8bb385a64aad&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D437%26ssp%3Dthemediagrid%26user_id%3D HTTP 302
https://x.bidswitch.net/sync?dsp_id=437&ssp=themediagrid&user_id=

Request Chain 345

https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D064e9932-3f55-42d0-7d35-1765ffd6a85c%26reqId%3Dc8c10f56-8495-4ae7-51f6-d0824dda76f2%26zdid%3D1361 HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D064e9932-3f55-42d0-7d35-1765ffd6a85c%26reqId%3Dc8c10f56-8495-4ae7-51f6-d0824dda76f2%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=0032f070-bd52-47d6-9fd5-539a3e23b76c&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=064e9932-3f55-42d0-7d35-1765ffd6a85c&reqId=c8c10f56-8495-4ae7-51f6-d0824dda76f2&zdid=1361

Request Chain 351

https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=064e9932-3f55-42d0-7d35-1765ffd6a85c&reqId=c8c10f56-8495-4ae7-51f6-d0824dda76f2&zdid=1361 HTTP 302
https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=064e9932-3f55-42d0-7d35-1765ffd6a85c&reqId=c8c10f56-8495-4ae7-51f6-d0824dda76f2&zdid=1361&s_h=1 HTTP 302
https://mwzeom.zeotap.com/mw?cid=7a7e4350-f5da-4649-b2cd-a578c3daaf6a&zpartnerid=317&gdpr=1&gdpr_consent=

Request Chain 352

https://dpm.demdex.net/ibs:dpid=199624&dpuuid=064e9932-3f55-42d0-7d35-1765ffd6a85c&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D064e9932-3f55-42d0-7d35-1765ffd6a85c%26reqId%3Dc8c10f56-8495-4ae7-51f6-d0824dda76f2%26zdid%3D1361 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=064e9932-3f55-42d0-7d35-1765ffd6a85c&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D064e9932-3f55-42d0-7d35-1765ffd6a85c%26reqId%3Dc8c10f56-8495-4ae7-51f6-d0824dda76f2%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=25072404297636441812359700926046217577&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=064e9932-3f55-42d0-7d35-1765ffd6a85c&reqId=c8c10f56-8495-4ae7-51f6-d0824dda76f2&zdid=1361

Request Chain 354

https://bn01.er.bemail.it/zeotap.php?_bid=064e9932-3f55-42d0-7d35-1765ffd6a85c&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=064e9932-3f55-42d0-7d35-1765ffd6a85c&reqId=c8c10f56-8495-4ae7-51f6-d0824dda76f2&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=BE1-2022121502-73311-0.851714001671066593-ba38aed38c2bd308df567db09e555af0&zdid=533&env=mWeb

Request Chain 355

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D064e9932-3f55-42d0-7d35-1765ffd6a85c%26reqId%3Dc8c10f56-8495-4ae7-51f6-d0824dda76f2%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=7177176366390769809&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=064e9932-3f55-42d0-7d35-1765ffd6a85c&reqId=c8c10f56-8495-4ae7-51f6-d0824dda76f2&zdid=1361

Request Chain 356

https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=064e9932-3f55-42d0-7d35-1765ffd6a85c HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=064e9932-3f55-42d0-7d35-1765ffd6a85c

Request Chain 357

https://idsync.frontend.weborama.fr/ids?key=zeotap&value=064e9932-3f55-42d0-7d35-1765ffd6a85c&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D064e9932-3f55-42d0-7d35-1765ffd6a85c%26reqId%3Dc8c10f56-8495-4ae7-51f6-d0824dda76f2%26zdid%3D1361 HTTP 302
https://idsync.frontend.weborama.fr/ids?key=zeotap&value=064e9932-3f55-42d0-7d35-1765ffd6a85c&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D064e9932-3f55-42d0-7d35-1765ffd6a85c%26reqId%3Dc8c10f56-8495-4ae7-51f6-d0824dda76f2%26zdid%3D1361&bounce=1&random=2169112540 HTTP 302
https://mwzeom.zeotap.com/mw?webouuid=4cJ8T4ojxz1Q8Snhawi77e&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=064e9932-3f55-42d0-7d35-1765ffd6a85c&reqId=c8c10f56-8495-4ae7-51f6-d0824dda76f2&zdid=1361

Request Chain 360

https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
https://ups.analytics.yahoo.com/ups/58697/cms?partner_id=ZTAP HTTP 302
https://mwzeom.zeotap.com/mw?cid=y-V7py4U5E2oo1LJKzavclVLdbVHC0et.NWQ--~A&zpartnerid=570&env=mWeb

Request Chain 361

https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=064e9932-3f55-42d0-7d35-1765ffd6a85c&reqId=c8c10f56-8495-4ae7-51f6-d0824dda76f2&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=dxDSvG56TBytcCMETCdVXJeD3L%2BmV8Iq%2BS41iYitP1U%3D

Request Chain 365

https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D064e9932-3f55-42d0-7d35-1765ffd6a85c%26reqId%3Dc8c10f56-8495-4ae7-51f6-d0824dda76f2%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=Y5pz3wADgMfYFgAe&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=064e9932-3f55-42d0-7d35-1765ffd6a85c&reqId=c8c10f56-8495-4ae7-51f6-d0824dda76f2&zdid=1361

Request Chain 366

https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D064e9932-3f55-42d0-7d35-1765ffd6a85c%26reqId%3Dc8c10f56-8495-4ae7-51f6-d0824dda76f2%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=4d2e639a-73e2-4800-888b-f96db2ec618c&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=064e9932-3f55-42d0-7d35-1765ffd6a85c&reqId=c8c10f56-8495-4ae7-51f6-d0824dda76f2&zdid=1361

Request Chain 367

https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=064e9932-3f55-42d0-7d35-1765ffd6a85c&reqId=c8c10f56-8495-4ae7-51f6-d0824dda76f2&zdid=1361 HTTP 302
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=064e9932-3f55-42d0-7d35-1765ffd6a85c&reqId=c8c10f56-8495-4ae7-51f6-d0824dda76f2&zdid=1361

Request Chain 368

https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=064e9932-3f55-42d0-7d35-1765ffd6a85c&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=064e9932-3f55-42d0-7d35-1765ffd6a85c&reqId=c8c10f56-8495-4ae7-51f6-d0824dda76f2&zdid=1361 HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=064e9932-3f55-42d0-7d35-1765ffd6a85c&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=064e9932-3f55-42d0-7d35-1765ffd6a85c&reqId=c8c10f56-8495-4ae7-51f6-d0824dda76f2&zdid=1361&dcc=t

Request Chain 370

https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D064e9932-3f55-42d0-7d35-1765ffd6a85c%26reqId%3Dc8c10f56-8495-4ae7-51f6-d0824dda76f2%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=064e9932-3f55-42d0-7d35-1765ffd6a85c&reqId=c8c10f56-8495-4ae7-51f6-d0824dda76f2&zdid=1361

Request Chain 371

https://pixel.rubiconproject.com/token?pid=41544&puid=064e9932-3f55-42d0-7d35-1765ffd6a85c&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=064e9932-3f55-42d0-7d35-1765ffd6a85c&reqId=c8c10f56-8495-4ae7-51f6-d0824dda76f2&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=LBODWH56-1K-1J9U&env=mWeb&zpartnerid=1770&gdpr=1

Request Chain 372

https://x.bidswitch.net/syncd?dsp_id=461&user_group=1&expires=5&user_id=064e9932-3f55-42d0-7d35-1765ffd6a85c&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BBSW_UID%7D%26env%3DmWeb%26zpartnerid%3D1771%26gdpr%3D1%26gdpr_consent%3D%7Bconsent_string%7D%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D064e9932-3f55-42d0-7d35-1765ffd6a85c%26reqId%3Dc8c10f56-8495-4ae7-51f6-d0824dda76f2%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=04d829f4-4230-497d-a318-8bb385a64aad&env=mWeb&zpartnerid=1771&gdpr=1&gdpr_consent={consent_string}&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=064e9932-3f55-42d0-7d35-1765ffd6a85c&reqId=c8c10f56-8495-4ae7-51f6-d0824dda76f2&zdid=1361

Request Chain 379

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y5pz32lSShwiiuUtlx-O-gAADTgAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEIpVOVbrE_oTfkyJR8Qb0nM&google_cver=1

Request Chain 380

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y5pz32lSShwiiuUtlx-O-gAADTgAAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y5pz32lSShwiiuUtlx-O-gAADTgAAAAB&dcc=t

Request Chain 382

https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=1092344996700675478

Request Chain 383

https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=1092344996700675478

Request Chain 384

https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1686791393&external_user_id=e27221f6-c1b9-44e6-9f4e-333d974a109c

Request Chain 385

https://x.bidswitch.net/sync?ssp=index HTTP 302
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dindex HTTP 307
https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dindex HTTP 302
https://x.bidswitch.net/sync?dsp_id=59&user_id=01c3473b-bd41-4117-b860-63fb96660b83&ssp=index HTTP 302
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=04d829f4-4230-497d-a318-8bb385a64aad&gdpr=&gdpr_consent=&us_privacy=

Request Chain 390

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESECZZV2F_Vd_t8u0vVNcaLf0&google_cver=1

Request Chain 391

https://token.rubiconproject.com/token?pid=25470&gdpr=0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJPRFdINTYtMUstMUo5VQ==&gdpr=0

Request Chain 392

https://token.rubiconproject.com/token?pid=36584&gdpr=0 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LBODWH56-1K-1J9U&gdpr=0

Request Chain 393

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0 HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=_vMwHWymRb-80gUWDO-n8g&rk=usync-other&gdpr=0 HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=_vMwHWymRb-80gUWDO-n8g&gdpr=0

Request Chain 394

https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTljMjg1Mzg2MzJmYmZiNjI3Mzg2M2JlNWEzZTJkOGNmYjk1NTA4YQ&gdpr=0

Request Chain 396

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/CuVpPbDwTIozQFU0UweF58n5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=0 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-C_ryKoFE2oI5Fod8KHoX4dWUoMRAugAS3k.jnQ--~A

Request Chain 397

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0 HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=uKTM9hiKSdi5lJPMnCv-8g&rk=usync-na&gdpr=0 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=uKTM9hiKSdi5lJPMnCv-8g&gdpr=0

Request Chain 398

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:f808639a-73e2-4f00-912a-46dbf885b260&gdpr=0&gdpr_consent=

Request Chain 399

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5696810804952334747

Request Chain 401

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=D050161B-22FA-4ABA-8A36-568D0D9A28EF&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=D050161B-22FA-4ABA-8A36-568D0D9A28EF&redir=true&gdpr=0&gdpr_consent=&dcc=t

Request Chain 402

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1092344996700675478&gdpr=0&gdpr_consent=

Request Chain 403

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=97cBS_a3XRjstVtMouYVGqPmDx3stFwT8LN-aMdA

Request Chain 404

https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7177176366390769809&gdpr=0&gdpr_consent=

Request Chain 405

https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFdmJFN0hOT2dBQUNFQlhmV0VOZw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAEvbE7HNOgAACEBXfWENg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=2248455061056628094&gdpr=0&gdpr_consent= HTTP 303
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAEvbE7HNOgAACEBXfWENg&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D2248455061056628094%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0

Request Chain 406

https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=Jhf9F5nuQKxQoXby6XAzd1LHgis

Request Chain 407

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y5pz3wADgMfYFgAe&gdpr=0&gdpr_consent=

Request Chain 408

https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}

Request Chain 411

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=501187715

Request Chain 414

https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253D39puKE4JaUMYnTQYaRXTXWUX HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253D39puKE4JaUMYnTQYaRXTXWUX&xl8blockcheck=1 HTTP 302
https://pixel-eu.onaudience.com/?partner=161&icm&cver&mapped=43ee062b59d8e4649865f420f463bce2&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D39puKE4JaUMYnTQYaRXTXWUX HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=39puKE4JaUMYnTQYaRXTXWUX

Request Chain 415

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=0FAWGyL6SrqKNlaNDZoo7w%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

Request Chain 418

https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=D050161B-22FA-4ABA-8A36-568D0D9A28EF

Request Chain 419

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RDA1MDE2MUItMjJGQS00QUJBLThBMzYtNTY4RDBEOUEyOEVG&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 420

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEF8wlaZzFRnUZ7lMpQM-kfM&google_cver=1

Request Chain 422

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5702126016313188058

Request Chain 424

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=04d829f4-4230-497d-a318-8bb385a64aad&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
https://x.bidswitch.net/sync?dsp_id=413&ssp=pubmatic&user_id=csonata_5f67e7ce-0003-4c94-96f8-a167bf46eae7&bsw_param=04d829f4-4230-497d-a318-8bb385a64aad&expires=10 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=04d829f4-4230-497d-a318-8bb385a64aad&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 426

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=D050161B-22FA-4ABA-8A36-568D0D9A28EF&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=D050161B-22FA-4ABA-8A36-568D0D9A28EF&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-AFylmRhE2uU.8eh3Of7JfoKrEpD7GOM-~A&gdpr=0&gdpr_consent=

Request Chain 428

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=572c99e9-eb15-4896-adcb-cbb5e4187260-639a73e2-4348&gdpr=0&gdpr_consent=

Request Chain 429

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7994457265435861948&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 430

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:ce4e9b25-91bd-4778-a5f6-1a6678b560bb&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

Request Chain 431

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1092344996700675478

350 HTTP transactions
83 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
buhgalter.com.ua/
Redirect Chain

http://buhgalter.com.ua/
https://buhgalter.com.ua/

105 KB
29 KB

262ms
138ms

Document
text/html

136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL

https://buhgalter.com.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),

Reverse DNS

136-144-183-196.colo.transip.net

Software

nginx /

Resource Hash

1d4f265537a0fe0a2d8c8518cb6c450960e8099dbf89a344535f25ccac8ac344

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=15768000; includeSubdomains;
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate, max-age=0 no-transform
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Thu, 15 Dec 2022 01:09:48 GMT
expires: Thu, 15 Dec 2022 02:09:48 GMT
last-modified: Thu, 28 May 2020 12:12:45 GMT
server: nginx
strict-transport-security: max-age=15768000; includeSubdomains;
vary: Accept-Encoding
x-content-type-options: nosniff nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block 1; mode=block

Redirect headers

Connection: Keep-Alive
Content-Length: 233
Content-Type: text/html; charset=iso-8859-1
Date: Thu, 15 Dec 2022 01:09:48 GMT
Keep-Alive: timeout=5, max=100
Location: https://buhgalter.com.ua/
Server: Apache
Strict-Transport-Security: max-age=15768000; includeSubdomains;
x-xss-protection: 1; mode=block

GET
H2 200 jquery.min.js Show response
buhgalter.com.ua/assets/templates/base/js/ 94 KB
33 KB 114ms
113ms Script
application/javascript 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://buhgalter.com.ua/assets/templates/base/js/jquery.min.js?1548420380
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 01:09:48 GMT
content-encoding: gzip
last-modified: Fri, 25 Jan 2019 12:46:20 GMT
server: nginx
etag: W/"5c4b051c-1762a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1209600, public, no-transform
expires: Thu, 29 Dec 2022 01:09:48 GMT

GET
H2 200 client.js Show response
cdn.gravitec.net/storage/c77ccd81f8480b85adc1e41419254e96/ 64 KB
18 KB 244ms
114ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.net/storage/c77ccd81f8480b85adc1e41419254e96/client.js
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: b272da8532a2532b094eb8b01d0c38fac4cb5cbc2a48e620f40cdf886db497a1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires: Mon, 31 Oct 2022 20:13:10 GMT
date: Thu, 15 Dec 2022 01:09:48 GMT
content-encoding: gzip
last-modified: Mon, 31 Oct 2022 19:57:34 GMT
server: nginx
etag: W/"636028ae-100fb"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=10
x-proxy-cache: REVALIDATED

GET
H2 200 main.js Show response
buhgalter.com.ua/assets/templates/base/js/ 31 KB
8 KB 123ms
119ms Script
application/javascript 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://buhgalter.com.ua/assets/templates/base/js/main.js?1665486999
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: c4a6f381a5dfdcf76a9c61b3aeec81e4899cf5b2141eeb80db87a81ecc4e1d21

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 01:09:48 GMT
content-encoding: gzip
last-modified: Tue, 11 Oct 2022 11:16:39 GMT
server: nginx
etag: W/"63455097-7b37"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1209600, public, no-transform
expires: Thu, 29 Dec 2022 01:09:48 GMT

GET
H2 200 advert.js Show response
buhgalter.com.ua/assets/templates/base/js/ 2 KB
1 KB 124ms
120ms Script
application/javascript 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://buhgalter.com.ua/assets/templates/base/js/advert.js?1482134876
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: 22ef740962bc0b112be9cf31438b5f65689bee5ea052a5538cf05d959cd4d96c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 01:09:48 GMT
content-encoding: gzip
last-modified: Mon, 19 Dec 2016 08:07:56 GMT
server: nginx
etag: W/"5857955c-947"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1209600, public, no-transform
expires: Thu, 29 Dec 2022 01:09:48 GMT

GET
H2 200 custom_branding.css
buhgalter.com.ua/assets/templates/base/css/ 2 KB
798 B 115ms
114ms Stylesheet
text/css 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://buhgalter.com.ua/assets/templates/base/css/custom_branding.css?1645010085
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: 3061a71d8be14bbf325156cea941da0e53ef184eef60c14331e15b4145b4dc7e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 01:09:48 GMT
content-encoding: gzip
last-modified: Wed, 16 Feb 2022 11:14:45 GMT
server: nginx
etag: W/"620cdca5-90d"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1209600, public, no-transform
expires: Thu, 29 Dec 2022 01:09:48 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
43 KB 185ms
66ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-35985798-1

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

25ac498afc5276fa8ec59f6357c58415499286f3dd7e5638ceee497dc46e6fa2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 01:09:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43611
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 15 Dec 2022 01:09:48 GMT

GET
H2 200 config_accounts.js Show response
buhgalter.com.ua/assets/templates/base/js/ 676 B
885 B 124ms
121ms Script
application/javascript 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://buhgalter.com.ua/assets/templates/base/js/config_accounts.js
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: a84684c392beb111f1ffc575860f0fd182e14aa8953829b5655a90cf5094e898

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 01:09:48 GMT
last-modified: Thu, 11 Nov 2021 09:07:41 GMT
server: nginx
etag: "618cdd5d-2a4"
content-type: application/javascript
cache-control: max-age=1209600, public, no-transform
accept-ranges: bytes
content-length: 676
expires: Thu, 29 Dec 2022 01:09:48 GMT

GET
H2 200 all-sites.js Show response
buhgalter.com.ua/assets/templates/base/js/ 31 KB
7 KB 124ms
121ms Script
application/javascript 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://buhgalter.com.ua/assets/templates/base/js/all-sites.js?v=20072022
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: e2375265c2c58ff376a5b20241c598a2822e043c80935b4a27b50306b4338280

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 01:09:48 GMT
content-encoding: gzip
last-modified: Wed, 20 Jul 2022 07:26:46 GMT
server: nginx
etag: W/"62d7ae36-7c31"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1209600, public, no-transform
expires: Thu, 29 Dec 2022 01:09:48 GMT

GET
H2 200 buy-access.css
buhgalter.com.ua/assets/templates/base/css/ 14 KB
3 KB 70ms
69ms Stylesheet
text/css 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://buhgalter.com.ua/assets/templates/base/css/buy-access.css?1666712570
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: 0945e4fad72d0c08a7eeb945cd19a38c4e1b159550a38336f397fd408223b8ad

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 01:09:48 GMT
content-encoding: gzip
last-modified: Tue, 25 Oct 2022 15:42:50 GMT
server: nginx
etag: W/"635803fa-39e0"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1209600, public, no-transform
expires: Thu, 29 Dec 2022 01:09:48 GMT

GET
H2 200 sockjs.min.js Show response
cdn.jsdelivr.net/sockjs/0.3.4/ 33 KB
12 KB 147ms
53ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/sockjs/0.3.4/sockjs.min.js

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4b6d898c081feaaf31175668b7a4837cf08ee6480fce388cbb93fc710646d07

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 01:09:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 23209854
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19169-FRA, cache-lcy19241-LCY
server: cloudflare
etag: W/"845f-2xqGtL6IkSLNx0THukpBdUC8xho"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QN%2Fxo45rhTTEcE%2FHUiMEuFow1BzNv58KdwUAan5pjn%2FeYxYr4Z3RGz7D1UpCeUapXPx0mT82fUH%2FrzZ7rCh%2FX9qswVhZ02f%2Bkx%2Fpj6WtUAF7mfmm66Vv2esUL7ydarDhEjHcyXTTKpzbu7ngDpE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 779b4bc439ae8e2a-LHR

GET
H2 200 subscribe_form_newsone.css
buhgalter.com.ua/assets/templates/base/css/ 2 KB
817 B 70ms
70ms Stylesheet
text/css 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://buhgalter.com.ua/assets/templates/base/css/subscribe_form_newsone.css?1665485092
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: 1e18095b9d6ac7a64d0acc19a7691ceac4bb92f0da943acbe4183c75ab07f27e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 01:09:48 GMT
content-encoding: gzip
last-modified: Tue, 11 Oct 2022 10:44:52 GMT
server: nginx
etag: W/"63454924-72c"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1209600, public, no-transform
expires: Thu, 29 Dec 2022 01:09:48 GMT

GET
H2 200 bcom_logo_footer.png
buhgalter.com.ua/assets/templates/base/images/ 9 KB
10 KB 125ms
122ms Image
image/png 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buhgalter.com.ua/assets/templates/base/images/bcom_logo_footer.png
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: 27bf5587dcdf6b46c008ea961d5a4792d2d7b8cdff11db21f9251425e4c1c20b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 01:09:48 GMT
last-modified: Tue, 25 Oct 2022 07:24:51 GMT
server: nginx
etag: "63578f43-25e7"
content-type: image/png
cache-control: max-age=1209600, public, no-transform
accept-ranges: bytes
content-length: 9703
expires: Thu, 29 Dec 2022 01:09:48 GMT

GET
H2 200 payment_types.svg
buhgalter.com.ua/assets/templates/base/images/ 3 KB
3 KB 125ms
122ms Image
image/svg+xml 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buhgalter.com.ua/assets/templates/base/images/payment_types.svg
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: cb89401c31c55eaf5d321b8d956d8b26717e2fe7663101a173619f642cb11d63

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 01:09:48 GMT
content-encoding: gzip
last-modified: Tue, 25 Oct 2022 07:26:26 GMT
server: nginx
etag: W/"63578fa2-c9b"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=1209600, public, no-transform
expires: Thu, 29 Dec 2022 01:09:48 GMT

GET
H2 200 footer_logo_forum.svg
buhgalter.com.ua/assets/templates/base/images/ 5 KB
4 KB 126ms
123ms Image
image/svg+xml 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buhgalter.com.ua/assets/templates/base/images/footer_logo_forum.svg
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: 7cb32d973638c94c708c3bfd9d908d9c899f1f77930c149059a1ce06ef4cefb0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 01:09:48 GMT
content-encoding: gzip
last-modified: Tue, 25 Oct 2022 07:26:44 GMT
server: nginx
etag: W/"63578fb4-1554"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=1209600, public, no-transform
expires: Thu, 29 Dec 2022 01:09:48 GMT

GET
H2 200 js.cookie.min.js Show response
buhgalter.com.ua/assets/templates/base/js/ 2 KB
1 KB 64ms
59ms Script
application/javascript 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://buhgalter.com.ua/assets/templates/base/js/js.cookie.min.js?1651056762
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: 94d7ec1ea563f6e407c32352b0a74f09bb645a4c4a4805951c3a168e57fbb554

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 01:09:48 GMT
content-encoding: gzip
last-modified: Wed, 27 Apr 2022 10:52:42 GMT
server: nginx
etag: W/"6269207a-690"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1209600, public, no-transform
expires: Thu, 29 Dec 2022 01:09:48 GMT

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ 45 KB
17 KB 201ms
70ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

1e598350485430106ce15a2db0eefa83278a3ec8470a540711321e527c420188

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 01:09:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16824
x-xss-protection: 0
server: cafe
etag: 9000569688538989929
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 15 Dec 2022 01:09:48 GMT

GET
H2 200 chat2.js Show response
buhgalter.com.ua/assets/templates/base/chat/js/ 14 KB
5 KB 126ms
124ms Script
application/javascript 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://buhgalter.com.ua/assets/templates/base/chat/js/chat2.js?1575636222
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: 2794e4bee8b85e3e25f439d6e2eff996da14eee39f04ccd2ab65436562be1fe9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 01:09:48 GMT
content-encoding: gzip
last-modified: Fri, 06 Dec 2019 12:43:42 GMT
server: nginx
etag: W/"5dea4cfe-375c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1209600, public, no-transform
expires: Thu, 29 Dec 2022 01:09:48 GMT

GET
H2 200 favorites.js Show response
buhgalter.com.ua/assets/templates/base/js/ 5 KB
1 KB 71ms
66ms Script
application/javascript 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://buhgalter.com.ua/assets/templates/base/js/favorites.js?1549530983
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: b044100db87d9ea6f2baea5b4c2cacbd92d3f76a8fb521cdcddca8c26c196c1f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 01:09:48 GMT
content-encoding: gzip
last-modified: Thu, 07 Feb 2019 09:16:23 GMT
server: nginx
etag: W/"5c5bf767-140a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1209600, public, no-transform
expires: Thu, 29 Dec 2022 01:09:48 GMT

GET
H2 200 ads_remove_popup.js Show response
buhgalter.com.ua/assets/templates/base/js/ 3 KB
1 KB 72ms
67ms Script
application/javascript 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://buhgalter.com.ua/assets/templates/base/js/ads_remove_popup.js?1551773669
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: 060bb8520b20eb55d3627c997fb70a310ee7340fca81019d845ec4d411f1f28d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 01:09:48 GMT
content-encoding: gzip
last-modified: Tue, 05 Mar 2019 08:14:29 GMT
server: nginx
etag: W/"5c7e2fe5-c04"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1209600, public, no-transform
expires: Thu, 29 Dec 2022 01:09:48 GMT

GET
H2 200 analytics.js Show response
buhgalter.com.ua/assets/templates/base/js/ 9 KB
2 KB 73ms
68ms Script
application/javascript 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://buhgalter.com.ua/assets/templates/base/js/analytics.js?1626441437
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: d80bd54f6f01cdaa4f9b4bf238a45def7223316f3613971da9a6a417c62b5364

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 01:09:48 GMT
content-encoding: gzip
last-modified: Fri, 16 Jul 2021 13:17:17 GMT
server: nginx
etag: W/"60f186dd-22ed"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1209600, public, no-transform
expires: Thu, 29 Dec 2022 01:09:48 GMT

GET
H2 200 content_breaker.js Show response
buhgalter.com.ua/assets/templates/base/js/ 785 B
994 B 74ms
69ms Script
application/javascript 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://buhgalter.com.ua/assets/templates/base/js/content_breaker.js?1638465638
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: aac16f954d581bdc9117839285ab45c1e9c71133dbdf18d0e72f420f18d99f13

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 01:09:48 GMT
last-modified: Thu, 02 Dec 2021 17:20:38 GMT
server: nginx
etag: "61a90066-311"
content-type: application/javascript
cache-control: max-age=1209600, public, no-transform
accept-ranges: bytes
content-length: 785
expires: Thu, 29 Dec 2022 01:09:48 GMT

GET
H2 200 check_access.js Show response
buhgalter.com.ua/assets/templates/base/js/ 302 B
511 B 74ms
69ms Script
application/javascript 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://buhgalter.com.ua/assets/templates/base/js/check_access.js?1638465374
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: a7175d1d334c622399772f16264ac7a80176047397f32836b6e0b004a59969e8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 01:09:48 GMT
last-modified: Thu, 02 Dec 2021 17:16:14 GMT
server: nginx
etag: "61a8ff5e-12e"
content-type: application/javascript
cache-control: max-age=1209600, public, no-transform
accept-ranges: bytes
content-length: 302
expires: Thu, 29 Dec 2022 01:09:48 GMT

GET
H2 200 ads_turn_off.css
buhgalter.com.ua/assets/templates/base/css/ 5 KB
1 KB 75ms
70ms Stylesheet
text/css 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://buhgalter.com.ua/assets/templates/base/css/ads_turn_off.css?v=20200507
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: 52b55ae47fb6f7ce41328be63dce372ff1e2c28be04a4d1e7a3ba68152acfa7c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 01:09:48 GMT
content-encoding: gzip
last-modified: Mon, 29 Aug 2022 11:00:26 GMT
server: nginx
etag: W/"630c9c4a-12ce"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1209600, public, no-transform
expires: Thu, 29 Dec 2022 01:09:48 GMT

GET
H2 200 accounts_manager.js Show response
buhgalter.com.ua/assets/templates/base/js/ 2 KB
740 B 76ms
71ms Script
application/javascript 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://buhgalter.com.ua/assets/templates/base/js/accounts_manager.js?v=02022021
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: f268e67bed4c1584ddf22b804ba2e482c2ed18c8905a1f032406bf846d7887dc

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 01:09:48 GMT
content-encoding: gzip
last-modified: Mon, 25 Jan 2021 07:56:35 GMT
server: nginx
etag: W/"600e79b3-609"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1209600, public, no-transform
expires: Thu, 29 Dec 2022 01:09:48 GMT

GET
H2 200 ads_turn_off.js Show response
buhgalter.com.ua/assets/templates/base/js/ 3 KB
1 KB 76ms
72ms Script
application/javascript 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://buhgalter.com.ua/assets/templates/base/js/ads_turn_off.js?1661763183
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: abf2a4b981439fd1bfd908b09d480d4ddcd77b220c5d68f2aa342e7582396db8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 01:09:48 GMT
content-encoding: gzip
last-modified: Mon, 29 Aug 2022 08:53:03 GMT
server: nginx
etag: W/"630c7e6f-b0a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1209600, public, no-transform
expires: Thu, 29 Dec 2022 01:09:48 GMT

GET
H2 200 lw.css
buhgalter.com.ua/assets/templates/base/css/ 2 KB
834 B 77ms
73ms Stylesheet
text/css 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://buhgalter.com.ua/assets/templates/base/css/lw.css?1642000502
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: ec7cf723e138fd1ced41f6f1c2c0d724c43183a65b54ebaef160e9635fc222d6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 01:09:48 GMT
content-encoding: gzip
last-modified: Wed, 12 Jan 2022 15:15:02 GMT
server: nginx
etag: W/"61def076-73c"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1209600, public, no-transform
expires: Thu, 29 Dec 2022 01:09:48 GMT

GET
H2 200 wrapper_hb_299506_4371.js Show response
player.adtelligent.com/prebid/ 2 KB
1 KB 192ms
56ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/prebid/wrapper_hb_299506_4371.js?cb=19341
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: e142124087c412eef969cd891c1fc1e1629fc878fc1641dbfe44bf9ef38b187c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires: Sat, 17 Dec 2022 01:09:48 GMT
date: Thu, 15 Dec 2022 01:09:48 GMT
content-encoding: gzip
last-modified: Thu, 08 Dec 2022 01:44:07 GMT
server: nginx
etag: W/"63914167-6c4"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=172800
x-proxy-cache: HIT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 205 KB
72 KB 255ms
138ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WVLD3W

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

463bfa0e94e1405a4e865713ee334314aa7d4c39fdb4ac12c07134ae35797cd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 01:09:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 73285
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 15 Dec 2022 01:09:48 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
1 KB 191ms
67ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@500&display=swap

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/assets/templates/base/css/buy-access.css?1666712570

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3b542bc706a41d36ca02e27cc3a6165104c2b7fdc57aa9a23ca63e164495c2c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 15 Dec 2022 01:09:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 14 Dec 2022 23:53:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 15 Dec 2022 01:09:48 GMT

GET
H2 200 resource_icons_v7.png
buhgalter.com.ua/assets/templates/base/images/accounts/ 4 KB
4 KB 107ms
106ms Image
image/png 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buhgalter.com.ua/assets/templates/base/images/accounts/resource_icons_v7.png
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: c5a7e1a01e97fddf0d6fea76f7a895d53516d76728a4615816a71afa8141d8df

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 01:09:48 GMT
last-modified: Thu, 17 Jun 2021 10:19:17 GMT
server: nginx
etag: "60cb21a5-f41"
content-type: image/png
cache-control: max-age=1209600, public, no-transform
accept-ranges: bytes
content-length: 3905
expires: Thu, 29 Dec 2022 01:09:48 GMT

GET
H2 200 configs Show response
cdn.gravitec.net/sdk/web/ 2 KB
1 KB 183ms
69ms Fetch
application/json 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.net/sdk/web/configs?appKey=c77ccd81f8480b85adc1e41419254e96
Requested by: Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/c77ccd81f8480b85adc1e41419254e96/client.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: dafaa937eadd710a78845e1e43b6facb9b04efd0c94ef1b5d0639b70a9e4b76c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 01:09:48 GMT
x-correlation-id: 25f3ebd36e9d14ce44f1b897649ab274
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-proxy-cache: MISS

GET
H2 200 hbw_release_299506_4371.js Show response
player.adtelligent.com/prebidlink/19341/ 127 KB
34 KB 158ms
157ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/prebidlink/19341/hbw_release_299506_4371.js
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebid/wrapper_hb_299506_4371.js?cb=19341
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 2529114a46f3952987efa80e97724451fc5d840998c44229a286aa7e91760e25

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires: Sat, 17 Dec 2022 01:09:49 GMT
date: Thu, 15 Dec 2022 01:09:49 GMT
content-encoding: gzip
last-modified: Thu, 08 Dec 2022 01:43:30 GMT
server: nginx
etag: W/"63914142-1fac6"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=172800
x-proxy-cache: MISS

GET
H2 200 hb_299506_4371.js Show response
player.adtelligent.com/prebidlink/19341/ 350 KB
108 KB 203ms
202ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/prebidlink/19341/hb_299506_4371.js
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebid/wrapper_hb_299506_4371.js?cb=19341
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: e4d808bad95e4317de730ff30cb286cbe71f03a65d49d59b65bfc8c58bbc1ffc

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires: Sat, 17 Dec 2022 01:09:49 GMT
date: Thu, 15 Dec 2022 01:09:49 GMT
content-encoding: gzip
last-modified: Thu, 08 Dec 2022 01:43:30 GMT
server: nginx
etag: W/"63914142-57680"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=172800
x-proxy-cache: MISS

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 80 KB
27 KB 178ms
62ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7eabd269d94046e76c744518aa01578a00047c238727208cded024567d7a0974

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 01:09:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27544
x-xss-protection: 0
server: sffe
etag: "1422 / 310 of 1000 / last-modified: 1670587582"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 15 Dec 2022 01:09:49 GMT

GET
H2 200 logo_event_n.png
buhgalter.com.ua/assets/templates/base/images/ 9 KB
10 KB 61ms
61ms Image
image/png 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buhgalter.com.ua/assets/templates/base/images/logo_event_n.png
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: d564e795aec94a8c74308ecec87cb269c8b536135086e36ba14ffa7f22434264

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 01:09:48 GMT
last-modified: Thu, 17 Nov 2022 11:31:17 GMT
server: nginx
etag: "63761b85-25c4"
content-type: image/png
cache-control: max-age=1209600, public, no-transform
accept-ranges: bytes
content-length: 9668
expires: Thu, 29 Dec 2022 01:09:48 GMT

GET
H2 200 fbds.js Show response
connect.facebook.net/en_US/ 4 KB
3 KB 176ms
59ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbds.js

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

937a606b62cd79020f88acd43058ffabf9653ab56eee87f6c1dff4a78a66a130

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 15 Dec 2022 01:09:49 GMT
content-md5: i3U6gYFZY4k57YTDTWQOQg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2166
x-fb-rlafr: 0
x-fb-debug: suEdwxS8JNcmGAyyB852Bj0p2LtKKJKaIXmEJpbIdtQsYNJU4Qh/bXssUaPnyIm5Nfeza81kbGCB4ayF92H2Qw==
x-fb-trip-id: 917726464
x-fb-content-md5: 75cffe0e97906c6c801211d6a03ebf12
cross-origin-opener-policy: same-origin-allow-popups
etag: "553da4ce907273b8b65c8c953834f634"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 15 Dec 2022 01:20:24 GMT

POST
H/1.1 200
OK add Show response
analytics.factor.ua/analytics/ 0
242 B 463ms
325ms XHR
text/html 95.170.82.90
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.factor.ua/analytics/add
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/assets/templates/base/js/analytics.js?1626441437
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.170.82.90 Amsterdam, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 95-170-82-90.colo.transip.net
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: https://buhgalter.com.ua
Date: Thu, 15 Dec 2022 01:09:49 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 0
Content-Type: text/html; charset=UTF-8

POST
H2 200 z Show response
s.zmctrack.net/ Frame B342 50 KB
23 KB 353ms
165ms XHR
text/javascript 185.187.81.41
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.zmctrack.net/z
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.41 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: openresty /
Resource Hash: 93ed0fdfbb18dc96087612576338123c4042c8f2faa0178cb279a10ea54db66e

Request headers

Referer
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 15 Dec 2022 01:09:49 GMT
content-encoding: gzip
server: openresty
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: X-Location, X-Meta-Status, X-Set-Cookie, X-Cookie, X-Check
cache-control: no-cache, no-store
access-control-allow-headers: X-Request-Data, X-Headers, X-Url, Accept-Encoding, Accept-Language, Content-Language, Accept, Content-Type, Cookie, Origin, User-Agent
content-length: 23450
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK / Show response
jsonip.com/ 147 B
448 B 921ms
202ms Script
application/json 45.79.77.20
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL

https://jsonip.com/?callback=jQuery1111012655873414389074_1671066588718&_=1671066588719

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/assets/templates/base/js/jquery.min.js?1548420380

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.79.77.20 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),

Reverse DNS

li1176-20.members.linode.com

Software

nginx/1.20.2 /

Resource Hash

a8e029e3c59f822df699fa3b2537d29de79b57e05c07abf7c02e86381c18aadf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 15 Dec 2022 01:09:49 GMT
Strict-Transport-Security: max-age=31536000;
Server: nginx/1.20.2
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Connection: keep-alive

GET
H2 200 acceptcookies.css
buhgalter.com.ua/assets/templates/base/css/ 2 KB
744 B 60ms
60ms Stylesheet
text/css 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://buhgalter.com.ua/assets/templates/base/css/acceptcookies.css
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/assets/templates/base/js/jquery.min.js?1548420380
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: f009046c8dfa738f7b73d46544595b6d47858c62f8af8c9a1fa87be048d17330

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 01:09:49 GMT
content-encoding: gzip
last-modified: Wed, 02 Nov 2022 14:51:17 GMT
server: nginx
etag: W/"636283e5-662"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1209600, public, no-transform
expires: Thu, 29 Dec 2022 01:09:49 GMT

GET
H2 200 acceptcookies.js Show response
buhgalter.com.ua/assets/templates/base/js/ 3 KB
1 KB 60ms
60ms XHR
application/javascript 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://buhgalter.com.ua/assets/templates/base/js/acceptcookies.js?_=1671066588720
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/assets/templates/base/js/jquery.min.js?1548420380
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: 24d2d062a3432cd4d5b5079a056eaa1c0267f7ac8299bbff426395d70d081f2d

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://buhgalter.com.ua/
X-Requested-With: XMLHttpRequest
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 01:09:49 GMT
content-encoding: gzip
last-modified: Wed, 02 Nov 2022 14:51:31 GMT
server: nginx
etag: W/"636283f3-ba8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1209600, public, no-transform
expires: Thu, 29 Dec 2022 01:09:49 GMT

GET
H2 200 main.css
buhgalter.com.ua/assets/templates/base/chat/css/ 849 KB
458 KB 63ms
62ms Stylesheet
text/css 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://buhgalter.com.ua/assets/templates/base/chat/css/main.css?1625654744
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/assets/templates/base/js/jquery.min.js?1548420380
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: 5e1055767f6d4ebc018c9e2386d3ca843ce1cc24daf9add01c652a15b7fdaf4d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 01:09:49 GMT
content-encoding: gzip
last-modified: Wed, 07 Jul 2021 10:45:44 GMT
server: nginx
etag: W/"60e585d8-d4267"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1209600, public, no-transform
expires: Thu, 29 Dec 2022 01:09:49 GMT

GET
H2 200 favourites.css
buhgalter.com.ua/assets/templates/base/css/ 5 KB
1 KB 124ms
121ms Stylesheet
text/css 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://buhgalter.com.ua/assets/templates/base/css/favourites.css?1665487532
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/assets/templates/base/js/jquery.min.js?1548420380
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: 1cd795d06d23422370a772ff4f11b2149589c1ef15e91de8194d92403ca2ffdb

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 01:09:49 GMT
content-encoding: gzip
last-modified: Tue, 11 Oct 2022 11:25:32 GMT
server: nginx
etag: W/"634552ac-15ec"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1209600, public, no-transform
expires: Thu, 29 Dec 2022 01:09:49 GMT

GET
H2 200 notyfy_popups.css
buhgalter.com.ua/assets/templates/base/css/ 3 KB
973 B 124ms
121ms Stylesheet
text/css 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://buhgalter.com.ua/assets/templates/base/css/notyfy_popups.css?1551775774
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/assets/templates/base/js/jquery.min.js?1548420380
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: 7b63f721e824f90d7f3144b2458f93b1697419fc8790f35537a064ed757a1b80

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 01:09:49 GMT
content-encoding: gzip
last-modified: Tue, 05 Mar 2019 08:49:34 GMT
server: nginx
etag: W/"5c7e381e-a18"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1209600, public, no-transform
expires: Thu, 29 Dec 2022 01:09:49 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.6.3/css/ 52 KB
12 KB 149ms
55ms Stylesheet
text/css 2606:4700:e2::ac40:840f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.6.3/css/all.css
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/assets/templates/base/js/jquery.min.js?1548420380
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a

Request headers

Referer: https://buhgalter.com.ua/
Origin: https://buhgalter.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 01:09:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 3V161PYDH4JC447N
age: 118127
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: GU1A7f7xIC5K5fv7tW4nNDeUHBTXd8vi+WvxqG8sJMJeUO0gVdaFjMTn9yZcKSDFIiC0DIpWKRE=
last-modified: Wed, 30 Jun 2021 15:44:33 GMT
server: cloudflare
etag: W/"dc93d584e41f8417f6b7163320d34329"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LwKAHlQMTqaEnSI96LpbngvoIWayaBxtFNWSvAkARLcNAwNipEZ6E7liPxRez3WGkqi6VQFYCuKS%2FPA%2FKlsbUvrTff7jeKf3HsChhhjh7ec9m0uuiaIcL9BGIIsshZaenZb6pCVaWT05nVN%2FUYVLqIUY"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 779b4bc6389472e4-LHR

GET
H2 200 media.css
buhgalter.com.ua/assets/templates/base/css/ 121 KB
42 KB 123ms
121ms Stylesheet
text/css 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://buhgalter.com.ua/assets/templates/base/css/media.css?1667293624
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/assets/templates/base/js/jquery.min.js?1548420380
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: e20e767839f09483c5eae25b181b720e31943d94a40dda6e7a6ea1e2809dcdb7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 01:09:49 GMT
content-encoding: gzip
last-modified: Tue, 01 Nov 2022 09:07:04 GMT
server: nginx
etag: W/"6360e1b8-1e459"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1209600, public, no-transform
expires: Thu, 29 Dec 2022 01:09:49 GMT

GET
H2 200 subscribe_form.css
buhgalter.com.ua/assets/templates/base/css/ 2 KB
784 B 123ms
122ms Stylesheet
text/css 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://buhgalter.com.ua/assets/templates/base/css/subscribe_form.css?1562068831
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/assets/templates/base/js/jquery.min.js?1548420380
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: f7ec9f64994c0f12acd8ab801d6709a5373b161d22752d64c316fc4dc6b04026

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 01:09:49 GMT
content-encoding: gzip
last-modified: Tue, 02 Jul 2019 12:00:31 GMT
server: nginx
etag: W/"5d1b475f-656"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1209600, public, no-transform
expires: Thu, 29 Dec 2022 01:09:49 GMT

GET
H2 200 newsinfocus.css
buhgalter.com.ua/assets/templates/base/css/ 12 KB
6 KB 123ms
122ms Stylesheet
text/css 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://buhgalter.com.ua/assets/templates/base/css/newsinfocus.css?1629355568
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/assets/templates/base/js/jquery.min.js?1548420380
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: a4f9fa103935fadea54ea87412c9697a65d9545e2b4d67b3b3f984590c1f0dea

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 01:09:49 GMT
content-encoding: gzip
last-modified: Thu, 19 Aug 2021 06:46:08 GMT
server: nginx
etag: W/"611dfe30-2fc1"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1209600, public, no-transform
expires: Thu, 29 Dec 2022 01:09:49 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/975200280/ 2 KB
1 KB 190ms
68ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/975200280/?random=1671066589049&cv=9&fst=1671066589049&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fbuhgalter.com.ua%2F&tiba=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D0%B1%D1%83%D1%85%D0%B3%D0%B0%D0%BB%D1%82%D0%B5%D1%80%D1%96%D0%B2%20%D0%B1%D1%8E%D0%B4%D0%B6%D0%B5%D1%82%D0%BD%D0%B8%D1%85%20%D1%83%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57fb8dbf805f4ef6f98ecb285fe1a059799810678c0c589dce03a14c00a6098b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 01:09:49 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 976
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 175ms
53ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-35985798-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 14 Dec 2022 23:24:37 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 6312
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Thu, 15 Dec 2022 01:24:37 GMT

GET
H2 200 / Show response
id.gravitec.net/ Frame 04D3 621 B
761 B 188ms
57ms Document
text/html 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://id.gravitec.net/
Requested by: Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/c77ccd81f8480b85adc1e41419254e96/client.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 9d1cb86ec27e86dfdefab39206fb510070d00b81d91f11ddc6720e3c62629d32

Request headers

Referer: https://buhgalter.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-origin: *
cache-control: max-age=315360000 public
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 15 Dec 2022 01:09:49 GMT
etag: W/"5e9485b6-26d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Mon, 13 Apr 2020 15:31:02 GMT
pragma: public
server: CDN77-Turbo
x-77-cache: HIT
x-77-nzt: AcO1rgUG6c7/EqLhAg
x-77-nzt-ray: 25b02131b698961bdd739a638a579d0e
x-77-pop: frankfurtDE
x-accel-expires: @1938085067
x-age: 48341522
x-cache: HIT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/977649145/ 2 KB
2 KB 135ms
67ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/977649145/?random=1671066589099&cv=11&fst=1671066589099&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fbuhgalter.com.ua%2F&tiba=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D0%B1%D1%83%D1%85%D0%B3%D0%B0%D0%BB%D1%82%D0%B5%D1%80%D1%96%D0%B2%20%D0%B1%D1%8E%D0%B4%D0%B6%D0%B5%D1%82%D0%BD%D0%B8%D1%85%20%D1%83%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVLD3W

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

af3cdf289b70a8a5e93335d93422a5382298d567a49357000d0caee0cdc7d002

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 01:09:49 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 917
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 optimize.js Show response
www.google-analytics.com/gtm/ 114 KB
44 KB 183ms
107ms Script
application/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/optimize.js?id=GTM-WMZFGRB

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVLD3W

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

37da347c659368788bc175b4e7a2d04c02d21ce8295dfa6a94ec22e39a16fa5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 01:09:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 45277
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 15 Dec 2022 01:09:49 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/uk_UA/ 3 KB
2 KB 58ms
58ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/uk_UA/sdk.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVLD3W

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

83b1d8d20ebfbcaf63853a41a115073a07c52e3d46d8202da03c6f4380761f36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 15 Dec 2022 01:09:49 GMT
content-md5: 18GjBFC1gk5OMoUyhMBaJg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1688
x-fb-rlafr: 0
x-fb-debug: JEEOxA0juMl5Gput/9TOV5BgzzWpK9lZkTP1TyLt61bU+H95LAPcsc5iBbTLBuTMctnjM1xKFA5YLOz5naqyaw==
x-fb-trip-id: 917726464
x-fb-content-md5: 30a601014f48469010b9dcbe34890afa
cross-origin-opener-policy: same-origin-allow-popups
etag: "9b26d1cdb3d52ddf0a8c1405df9278f1"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 15 Dec 2022 01:28:21 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 103 KB
27 KB 61ms
61ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 15 Dec 2022 01:09:49 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27298
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 6qcw12qKUAVz9Jh9eKibEaJ9e9vBj3heReUZ7CBbs0+mj/pL7+NFmgyiJJSnDVktJJPMGuLW5maWxqUqELiahw==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 216 KB
75 KB 77ms
76ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-6VVQ37Y1T2&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVLD3W

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7753c6ffe72748466fed6e2038cb9a3262861494b5e8ac0de2616b6d4dd04077

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 01:09:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76935
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 15 Dec 2022 01:09:49 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 177ms
58ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1495025544106981&ev=PixelInitialized&dl=https%3A%2F%2Fbuhgalter.com.ua%2F&rl=&if=false&ts=1671066589132

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 15 Dec 2022 01:09:49 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H/1.1 200
OK / Show response
ghb.adtelligent.com/geo/ 134 B
406 B 194ms
52ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/geo/
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19341/hbw_release_299506_4371.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 8deb67254751f43461a98ec68fecb5e540791222bef1d4c6fe182a6e18d3a0e2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 15 Dec 2022 01:09:48 GMT
Server: Adtelligent
Content-Type: application/json
Access-Control-Allow-Origin: https://buhgalter.com.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 134

GET
H/1.1 200
OK tracking Show response
ghb.adtelligent.com/adunit/ 43 B
433 B 195ms
53ms XHR
image/gif 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/adunit/tracking?event=11&type=0&client_id=299506&site_id=4371&full_page_url=https%3A%2F%2Fbuhgalter.com.ua%2F&adid=odwgd7.4p&features=147488&vpbv=R098&tte=235&lifecycle_tte=962
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19341/hbw_release_299506_4371.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 15 Dec 2022 01:09:48 GMT
Server: Adtelligent
Content-Type: image/gif
Access-Control-Allow-Origin: https://buhgalter.com.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 43

GET
H2 200 pubads_impl_2022120501.js Show response
securepubads.g.doubleclick.net/gpt/ 380 KB
129 KB 186ms
57ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 21:38:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12665
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131905
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 09:36:10 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 14 Dec 2023 21:38:44 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 287 B
763 B 184ms
63ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=buhgalter.com.ua

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c29d67f4e9401f25dc64727b141330574b2392bfd7713ee2c2346c89d7c0d09e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 01:09:49 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 128
x-xss-protection: 0
expires: Thu, 15 Dec 2022 01:09:49 GMT

GET
DATA 200
OK truncated
/ 383 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f3fb84ac22d9aa3bcb4eb5a032abb61f745d15a6e89e4b5c87a60d08bb48bbd8

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ic_video.png
buhgalter.com.ua/assets/templates/base/images/ico-social/ 424 B
624 B 63ms
61ms Image
image/png 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buhgalter.com.ua/assets/templates/base/images/ico-social/ic_video.png
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/assets/templates/base/css/media.css?1667293624
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: 8d08002698e3eea9504529fb40cb7ee307d4bfcb79b26e6b7a9f0d88583ae8ae

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/assets/templates/base/css/media.css?1667293624
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 01:09:49 GMT
last-modified: Thu, 28 May 2020 12:05:04 GMT
server: nginx
etag: "5ecfa8f0-1a8"
content-type: image/png
cache-control: max-age=1209600, public, no-transform
accept-ranges: bytes
content-length: 424
expires: Thu, 29 Dec 2022 01:09:49 GMT

GET
H2 200 fit_logo_site.svg
buhgalter.com.ua/assets/templates/base/images/ 5 KB
2 KB 64ms
63ms Image
image/svg+xml 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buhgalter.com.ua/assets/templates/base/images/fit_logo_site.svg
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/assets/templates/base/css/media.css?1667293624
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: 296a988d4d9033be4c070388508bd7d4e7e2d149bd3f985ef21bf8de7cff2f9c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/assets/templates/base/css/media.css?1667293624
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 01:09:49 GMT
content-encoding: gzip
last-modified: Tue, 26 Jul 2022 10:17:26 GMT
server: nginx
etag: W/"62dfbf36-12ba"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=1209600, public, no-transform
expires: Thu, 29 Dec 2022 01:09:49 GMT

GET
DATA 200
OK truncated
/ 425 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2d27a1810a9c43b17603247c2757dba5e852432b29416d66de79bf6a3bbd1fd3

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 468 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b265408716dbe3e1a43a7bb536defb88b2a4df5e02fd12f1262ded3e46b2c9c2

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 106 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 74c3d6e4e68a777357e0779c0dac3ab4b146a1b9f95f5884893f453e703ef745

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 408 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 259c000134f1b62928de5c6c5b2fbd055aa9c1133a3d95ae6794acf455f86458

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 357 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d8ee6435761532684a8d1d79368bfadcc4ebc56c653721a4c2a3e649b69922df

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 337 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 26a3f227747bef076f84745aff171a08badd022bfbe1f74197dbca9bc443354b

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 93 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f1f2c754697a52684fccacaa9e300ac3268d6c13837b9ac7f46475cc67de8d4c

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 107 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4fa18ae7faa4c864e0c14d23b00a46e5cb48f7509335d3d9ece052ff93c328d5

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 fa-brands-400.woff2
use.fontawesome.com/releases/v5.6.3/webfonts/ 73 KB
73 KB 104ms
54ms Font
font/woff2 2606:4700:e2::ac40:840f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.6.3/webfonts/fa-brands-400.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.6.3/css/all.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eed474a49bdbf745c19e463f070e67977c1ab27835603eb749d9e5c249cf81f8

Request headers

Referer: https://use.fontawesome.com/releases/v5.6.3/css/all.css
Origin: https://buhgalter.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 01:09:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 6H6C3R5B5PTX03HB
age: 178889
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 74288
x-amz-id-2: 4CfMt4T96FSfmiPnQCQ7dItyMWREzLbyG/NN1tHruKRgYNmZFjd660B2MpmX63q7lw7HKyOoPl0=
last-modified: Wed, 30 Jun 2021 15:44:54 GMT
server: cloudflare
etag: "eac60e8a656781e13d2a674b4d9051c0"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jO9Fr2M3U5vgJ1pzI3J9ZAiNLuQ%2BW0dAjUMgKUKdAj1RxesrFxZ9LSPvJP3PuIHcT5PQK6aTTT7pRiUVKwFX8eHPR3ZVvMnF562nB4%2FFUBbo0K37k8jJKV5AqxzmQpSvRJa7e5Lcaq2ot3DY25ICjE2e"}],"group":"cf-nel","max_age":604800}
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 779b4bc74c1a886e-LHR

GET
H3 200 fa-regular-400.woff2
use.fontawesome.com/releases/v5.6.3/webfonts/ 15 KB
15 KB 192ms
139ms Font
font/woff2 2606:4700:e2::ac40:840f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.6.3/webfonts/fa-regular-400.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.6.3/css/all.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ecdc6188a4b2ec48e2ebf84a2a6584e78473f1216d7119832b5dc109bec7492

Request headers

Referer: https://use.fontawesome.com/releases/v5.6.3/css/all.css
Origin: https://buhgalter.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 01:09:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 20C07W3Z6S4Z9W9V
age: 606911
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14872
x-amz-id-2: tluJHWNjgH7DiGcr9eo/CfS0xx3nju7BtZSGuY/tnbBgLg9JYpgbZs9SkqNpAWidE7a0sAbxygI=
last-modified: Wed, 30 Jun 2021 15:44:54 GMT
server: cloudflare
etag: "4b218302f9057d02864d4909661831e9"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=65qTJORH%2BtxcdgmqSaDNZip54l2IC%2BbcQZsd9BKq01PWqr%2FM0aRpzKw2qe76koJw1%2BwcJQqKqe9zD6tnVLlmK3DT%2F9eje9ljRNeZ5V7kkYxmnWW6j%2BDSQi3zs5E2nZXpOvJ4SWLhBv2eW%2BKDuYKDd%2Bxa"}],"group":"cf-nel","max_age":604800}
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 779b4bc74c1f886e-LHR

GET
H2 200 user.png
buhgalter.com.ua/assets/templates/base/chat/img/ 631 B
831 B 67ms
65ms Image
image/png 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buhgalter.com.ua/assets/templates/base/chat/img/user.png
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/assets/templates/base/chat/css/main.css?1625654744
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: fa730e45f1461662728ed590039a2cb0900eee5486af662670dccca0e7f0ddd6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/assets/templates/base/chat/css/main.css?1625654744
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 01:09:49 GMT
last-modified: Fri, 25 Jan 2019 12:16:54 GMT
server: nginx
etag: "5c4afe36-277"
content-type: image/png
cache-control: max-age=1209600, public, no-transform
accept-ranges: bytes
content-length: 631
expires: Thu, 29 Dec 2022 01:09:49 GMT

GET
H2 200 smyle.png
buhgalter.com.ua/assets/templates/base/chat/img/ 816 B
1016 B 67ms
66ms Image
image/png 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buhgalter.com.ua/assets/templates/base/chat/img/smyle.png
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/assets/templates/base/chat/css/main.css?1625654744
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: 5833f676a69a7385d07b129f61b2545762ac94c5691a5c8fc82b1eff66d74737

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/assets/templates/base/chat/css/main.css?1625654744
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 01:09:49 GMT
last-modified: Fri, 25 Jan 2019 12:16:54 GMT
server: nginx
etag: "5c4afe36-330"
content-type: image/png
cache-control: max-age=1209600, public, no-transform
accept-ranges: bytes
content-length: 816
expires: Thu, 29 Dec 2022 01:09:49 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/uk_UA/ 306 KB
87 KB 125ms
63ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/uk_UA/sdk.js?hash=92d7979255747a3667b026ab5e003223

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/uk_UA/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8ec634f8aefa36b17286a364f9fcfeec31beffc07a283feda4a200e0e332e6ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://buhgalter.com.ua/
Origin: https://buhgalter.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 15 Dec 2022 01:09:49 GMT
content-md5: E50gQnfCfLlUPhvutVcDOA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88620
x-fb-rlafr: 0
x-fb-debug: 3tfpmXB10yMnp3EEW64y4Ex8hmL0TlS8i20u/NCgFat/o+mSNhmSFZiU1ZeRxByyjPy7kwUPgzOnjQezzkM+iw==
x-fb-content-md5: 0992858da3164d60771e9d24c9f77081
cross-origin-opener-policy: same-origin-allow-popups
etag: "e322a9d4e8994e1ebc64cdee03e28515"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 15 Dec 2023 00:35:37 GMT

GET
H3 200 1495025544106981 Show response
connect.facebook.net/signals/config/ 292 KB
84 KB 157ms
97ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1495025544106981?v=2.9.90&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

35e7f8f7928b3e3d000f44bfb363c048fafc63acc19c02dc05345eec924a271b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 15 Dec 2022 01:09:49 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: XlglzWmm4DSDylMRrKqXd5OxSsp1fwvvWY+P2ivue5rFeQH5u00TTfgPEvrqlrIAwzKNvAJvcT6Vnbtm8MTcuw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
347 B 189ms
64ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-6VVQ37Y1T2&gtm=2oebu0&_p=1157599031&_gaz=1&cid=245198460.1671066589&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1671066589&sct=1&seg=0&dl=https%3A%2F%2Fbuhgalter.com.ua%2F&dt=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D0%B1%D1%83%D1%85%D0%B3%D0%B0%D0%BB%D1%82%D0%B5%D1%80%D1%96%D0%B2%20%D0%B1%D1%8E%D0%B4%D0%B6%D0%B5%D1%82%D0%BD%D0%B8%D1%85%20%D1%83%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6VVQ37Y1T2&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 01:09:49 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://buhgalter.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
347 B 172ms
56ms Ping
text/plain 2a00:1450:400c:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-6VVQ37Y1T2&cid=245198460.1671066589&gtm=2oebu0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6VVQ37Y1T2&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c1b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 01:09:49 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://buhgalter.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 200ms
73ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-6VVQ37Y1T2&cid=245198460.1671066589&gtm=2oebu0&aip=1&z=435701159

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 01:09:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/977649145/ 42 B
548 B 203ms
68ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/977649145/?random=1671066589099&cv=11&fst=1671066000000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fbuhgalter.com.ua%2F&tiba=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D0%B1%D1%83%D1%85%D0%B3%D0%B0%D0%BB%D1%82%D0%B5%D1%80%D1%96%D0%B2%20%D0%B1%D1%8E%D0%B4%D0%B6%D0%B5%D1%82%D0%BD%D0%B8%D1%85%20%D1%83%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2&fmt=3&is_vtc=1&random=3228859011&rmt_tld=0&ipr=y

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 01:09:49 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/977649145/ 42 B
108 B 100ms
74ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/977649145/?random=1671066589099&cv=11&fst=1671066000000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fbuhgalter.com.ua%2F&tiba=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D0%B1%D1%83%D1%85%D0%B3%D0%B0%D0%BB%D1%82%D0%B5%D1%80%D1%96%D0%B2%20%D0%B1%D1%8E%D0%B4%D0%B6%D0%B5%D1%82%D0%BD%D0%B8%D1%85%20%D1%83%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2&fmt=3&is_vtc=1&random=3228859011&rmt_tld=1&ipr=y

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 01:09:49 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/975200280/ 42 B
108 B 198ms
69ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/975200280/?random=1671066589049&cv=9&fst=1671066000000&num=1&guid=ON&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fbuhgalter.com.ua%2F&tiba=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D0%B1%D1%83%D1%85%D0%B3%D0%B0%D0%BB%D1%82%D0%B5%D1%80%D1%96%D0%B2%20%D0%B1%D1%8E%D0%B4%D0%B6%D0%B5%D1%82%D0%BD%D0%B8%D1%85%20%D1%83%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2&fmt=3&is_vtc=1&random=370642319&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 01:09:49 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/975200280/ 42 B
548 B 86ms
67ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/975200280/?random=1671066589049&cv=9&fst=1671066000000&num=1&guid=ON&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fbuhgalter.com.ua%2F&tiba=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D0%B1%D1%83%D1%85%D0%B3%D0%B0%D0%BB%D1%82%D0%B5%D1%80%D1%96%D0%B2%20%D0%B1%D1%8E%D0%B4%D0%B6%D0%B5%D1%82%D0%BD%D0%B8%D1%85%20%D1%83%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2&fmt=3&is_vtc=1&random=370642319&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 01:09:49 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 182ms
62ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1157599031&t=pageview&_s=1&dl=https%3A%2F%2Fbuhgalter.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D0%B1%D1%83%D1%85%D0%B3%D0%B0%D0%BB%D1%82%D0%B5%D1%80%D1%96%D0%B2%20%D0%B1%D1%8E%D0%B4%D0%B6%D0%B5%D1%82%D0%BD%D0%B8%D1%85%20%D1%83%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=4CDACUABRAAAACAAI~&jid=1144628663&gjid=598324234&cid=245198460.1671066589&tid=UA-35985798-1&_gid=1857449955.1671066590&_r=1&gtm=2oubu0&z=632608435

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 01:09:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://buhgalter.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 171ms
54ms Image
image/gif 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=1157599031&t=event&_s=2&dl=https%3A%2F%2Fbuhgalter.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D0%B1%D1%83%D1%85%D0%B3%D0%B0%D0%BB%D1%82%D0%B5%D1%80%D1%96%D0%B2%20%D0%B1%D1%8E%D0%B4%D0%B6%D0%B5%D1%82%D0%BD%D0%B8%D1%85%20%D1%83%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=general&ea=event2&_u=4CDACUABRAAAACAAI~&jid=&gjid=&cid=245198460.1671066589&tid=UA-35985798-1&_gid=1857449955.1671066590&cd2=%D0%BD%D0%B5%D1%82&gtm=2oubu0&cd1=%D0%BD%D0%B5%D1%82&z=927658493

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 09:42:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 55631
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK csyncs Show response
ghb.adtelligent.com/ 1 KB
794 B 47ms
47ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/csyncs?aid1=443991
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19341/hbw_release_299506_4371.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 4b0f35f95fc755a668df4a9a4523b3d1bc4af9e5cd0d625ee25dfb8359e0897f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 15 Dec 2022 01:09:48 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://buhgalter.com.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 483

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 151ms
62ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1157599031&t=pageview&_s=1&dl=https%3A%2F%2Fbuhgalter.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D0%B1%D1%83%D1%85%D0%B3%D0%B0%D0%BB%D1%82%D0%B5%D1%80%D1%96%D0%B2%20%D0%B1%D1%8E%D0%B4%D0%B6%D0%B5%D1%82%D0%BD%D0%B8%D1%85%20%D1%83%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=6CDACUABRAAAACAAI~&jid=926896525&gjid=1417111425&cid=245198460.1671066589&tid=UA-53572572-5&_gid=1857449955.1671066590&_r=1&gtm=2wgbu0WVLD3W&z=1722504695

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 01:09:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://buhgalter.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 130ms
63ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1157599031&t=pageview&_s=1&dl=https%3A%2F%2Fbuhgalter.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D0%B1%D1%83%D1%85%D0%B3%D0%B0%D0%BB%D1%82%D0%B5%D1%80%D1%96%D0%B2%20%D0%B1%D1%8E%D0%B4%D0%B6%D0%B5%D1%82%D0%BD%D0%B8%D1%85%20%D1%83%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=6CDACUABRAAAACAAI~&jid=376353454&gjid=1607300621&cid=245198460.1671066589&tid=UA-35985798-1&_gid=1857449955.1671066590&_r=1&gtm=2wgbu0WVLD3W&z=1779381619

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 01:09:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://buhgalter.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 /
loadercdn.net/ 0
170 B 307ms
86ms Image
text/plain 185.187.81.40
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadercdn.net/?r=1&u=bde0908c406c388f&d=buhgalter.com.ua
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.40 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 15 Dec 2022 01:09:49 GMT
server: openresty

GET
H2 200 0.bundle.js Show response
cdn.gravitec.net/modules/ 9 KB
4 KB 62ms
59ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.net/modules/0.bundle.js
Requested by: Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/c77ccd81f8480b85adc1e41419254e96/client.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 0a91fbed903c7ee569d116adee58d579d0c64775a469ee86d3cc4281f913bda1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires: Wed, 02 Feb 2022 09:06:29 GMT
date: Thu, 15 Dec 2022 01:09:49 GMT
content-encoding: gzip
last-modified: Wed, 02 Feb 2022 09:01:35 GMT
server: nginx
etag: W/"61fa486f-2550"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=10
x-proxy-cache: HIT

GET
H2 200 1.bundle.js Show response
cdn.gravitec.net/modules/ 32 KB
8 KB 70ms
68ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.net/modules/1.bundle.js
Requested by: Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/c77ccd81f8480b85adc1e41419254e96/client.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 23b89bb3578573b474d7a69e2df32e8f0ee7839a44392edb040e4117a07ce6fa

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires: Wed, 02 Feb 2022 09:06:29 GMT
date: Thu, 15 Dec 2022 01:09:49 GMT
content-encoding: gzip
last-modified: Wed, 02 Feb 2022 09:01:35 GMT
server: nginx
etag: W/"61fa486f-8092"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=10
x-proxy-cache: HIT

GET
H2 200 config.json Show response
player.adtelligent.com/exchange_rates/299481/ 2 KB
1 KB 173ms
57ms XHR
application/json 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/exchange_rates/299481/config.json?cb=https%3A%2F%2Fbuhgalter.com.ua%2F
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19341/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: afe20a28083424f3ba1db21be7e5b560e56df65d5722ecec0e163abffb442a47

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

expires: Sat, 17 Dec 2022 01:09:49 GMT
date: Thu, 15 Dec 2022 01:09:49 GMT
content-encoding: gzip
last-modified: Tue, 13 Dec 2022 12:01:13 GMT
server: nginx
etag: W/"63986989-8a8"
content-type: application/json
access-control-allow-origin: https://buhgalter.com.ua
cache-control: max-age=172800
x-proxy-cache: HIT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 17380452670e8c3216bc2cf483c28eec5059a45c47cabf1b216e09a6815f12cb

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 188ms
63ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=buhgalter.com.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 01:09:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 181ms
62ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=buhgalter.com.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 01:09:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 690 B
386 B 211ms
92ms XHR
text/plain 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2406569675175663&correlator=3899453243291251&eid=31070872%2C31071221%2C31061166&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fifs&iu_parts=141806220%2Cbuhgalter-brand-custom&enc_prev_ius=%2F0%2F1&prev_iu_szs=1920x1080&ifi=1&adks=2347397124&didk=1293715577&sfv=1-0-40&prev_scp=excl_cat%3DPREPOST&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1671066589759&lmt=1590667965&dlt=1671066588588&idt=1066&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fbuhgalter.com.ua%2F&frm=20&vis=1&psz=1600x2822&msz=1920x-1&fws=640&ohw=0&ga_vid=245198460.1671066589&ga_sid=1671066590&ga_hid=1157599031&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d3233a6485acc4ec5fde5863aab9239b6440bf1cf57e458b2307f5f05dcc715

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 01:09:49 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 355
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://buhgalter.com.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 550 B
313 B 213ms
95ms XHR
text/plain 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2406569675175663&correlator=2100776615975412&eid=31070872%2C31071221%2C31061166&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fifs&iu_parts=430837318%2CTOTAL_TAS%2CAdtelligent&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=2&adks=1413638297&didk=607409652&sfv=1-0-40&prev_scp=tmPtS%3DINSERT_UTM_SOURCE_HERE%26tmPtM%3DINSERT_UTM_MEDIUM_HERE%26tmDmn%3DINSERT_DOMAIN_HERE%26tmClnt%3DAdtelligent%26excl_cat%3DPREPOST&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1671066589770&lmt=1590667965&dlt=1671066588588&idt=1066&adxs=0&adys=2823&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fbuhgalter.com.ua%2F&frm=20&vis=1&psz=1600x2822&msz=1600x0&fws=0&ohw=0&ga_vid=245198460.1671066589&ga_sid=1671066590&ga_hid=1157599031&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2e7459cc0f9e8b4c539ebbb3da87f4fb2aadbcc26f12fa542c4156a887fc468d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 01:09:49 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 282
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://buhgalter.com.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
63660938f67a3637d11923d5813dffce.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E563 6 KB
3 KB 236ms
62ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://63660938f67a3637d11923d5813dffce.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://buhgalter.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 15 Dec 2022 01:09:49 GMT
expires: Fri, 15 Dec 2023 01:09:49 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET 981e2a0ec1c40493e59b139b8db4f728.gif
cs.admanmedia.com/ Frame 24A1 0
0

GET
H2 200 getuid Show response
eb2.3lift.com/ Frame EB3B 37 B
140 B 178ms
60ms Document
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D738167%26extuid%3D%24UID
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19341/hbw_release_299506_4371.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://buhgalter.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Thu, 15 Dec 2022 01:09:49 GMT

GET
H/1.1 400
Bad Request 8d39819b61aa03f45b0ece15913fb28c.gif Show response
sync.kiviads.com/ Frame 15F3 20 B
197 B 537ms
119ms Document
text/plain 80.77.87.114
NATCOWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.kiviads.com/8d39819b61aa03f45b0ece15913fb28c.gif?puid=[UID]&redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D739302%26extuid%3D%5BUID%5D
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19341/hbw_release_299506_4371.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 80.77.87.114 Clifton, United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: /
Resource Hash: c1e253200f916f76ff84eed9148f10f19670158475f152653d064f4c6127558d

Request headers

Referer: https://buhgalter.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Connection: keep-alive
Content-Type: text/plain
Date: Thu, 15 Dec 2022 01:09:50 GMT
Keep-Alive: timeout=5
Transfer-Encoding: chunked

GET
H2 400 prbds2s Show response
rtb.gumgum.com/usync/ Frame 9E0D 66 B
135 B 186ms
54ms Document
text/plain 52.18.174.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usync/prbds2s?gdpr={&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D739542%26extuid%3D%24%7BUID%7D}&gdpr_consent={&us_privacy={us_privacy}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D739542%26extuid%3D%24%7BUID%7D}&us_privacy={&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D739542%26extuid%3D%24%7BUID%7D}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D739542%26extuid%3D%24%7BUID%7D
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19341/hbw_release_299506_4371.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.174.19 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-174-19.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 548380e122d803f48793944b0647688a3ca81ac214f1865ab2c5f54c07bdb4f3

Request headers

Referer: https://buhgalter.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

content-length: 66
date: Thu, 15 Dec 2022 01:09:49 GMT
server: nginx

GET
H/1.1 204
No Content pixel
ap.lijit.com/ 0
277 B 602ms
186ms Image
text/plain 209.191.163.208
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 209.191.163.208 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 15 Dec 2022 01:09:50 GMT
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2sfo1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT

GET
H/1.1

200
OK

csync
sync.adtelligent.com/
Redirect Chain

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=f911df3a-fde1-472d-98a3-9fd51c9b7037

0
404 B

490ms
189ms

Image
text/plain

62.149.1.122
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=f911df3a-fde1-472d-98a3-9fd51c9b7037
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: HTTP/1.1
Server: 62.149.1.122 Vyshhorod, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 15 Dec 2022 01:09:50 GMT
Server: Adtelligent
Etag: 39ceda586c0ef01b
Content-Length: 0

Redirect headers

location: https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=f911df3a-fde1-472d-98a3-9fd51c9b7037
date: Thu, 15 Dec 2022 01:09:49 GMT
cache-control: no-store no-transform
server: nginx
content-length: 166
content-type: text/html; charset=utf-8

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 168ms
56ms XHR
text/plain 2a00:1450:400c:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-35985798-1&cid=245198460.1671066589&jid=1144628663&gjid=598324234&_gid=1857449955.1671066590&_u=4CDACUAARAAAACAAI~&z=2129291314

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c1b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 15 Dec 2022 01:09:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://buhgalter.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 169ms
57ms XHR
text/plain 2a00:1450:400c:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-53572572-5&cid=245198460.1671066589&jid=926896525&gjid=1417111425&_gid=1857449955.1671066590&_u=6CDACUABRAAAACAAI~&z=260453337

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c1b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 15 Dec 2022 01:09:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://buhgalter.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 157ms
57ms XHR
text/plain 2a00:1450:400c:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-35985798-1&cid=245198460.1671066589&jid=376353454&gjid=1607300621&_gid=1857449955.1671066590&_u=6CDACUABRAAAACAAI~&z=1381703223

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c1b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 15 Dec 2022 01:09:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://buhgalter.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 120ms
54ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1495025544106981&ev=PageView&dl=https%3A%2F%2Fbuhgalter.com.ua%2F&rl=&if=false&ts=1671066589835&sw=1600&sh=1200&v=2.9.90&r=stable&ec=0&o=30&fbp=fb.2.1671066589833.1470394213&it=1671066589366&coo=false&rqm=GET

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 15 Dec 2022 01:09:49 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 119ms
56ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1264355410382750&ev=fb_page_view&dl=https%3A%2F%2Fbuhgalter.com.ua%2F&rl=&if=false&ts=1671066589838&sw=1600&sh=1200&at=

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 15 Dec 2022 01:09:49 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

POST
H/1.1 200
OK / Show response
ghb.adtelligent.com/v2/auction/ 3 KB
697 B 71ms
71ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/v2/auction/
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19341/hb_299506_4371.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: dd4854435065d48731b98521609df5871811b42678e96969ef0dccdc4432c853

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 15 Dec 2022 01:09:48 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://buhgalter.com.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 386

POST
H/1.1 200
OK / Show response
ghb1.adtelligent.com/v2/auction/ 1 KB
615 B 183ms
71ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb1.adtelligent.com/v2/auction/
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19341/hb_299506_4371.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 5a1b9d6d1b5dc426eab22aeadcfedc4778b00e8c23a11b080ac0aa1b6018f367

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 15 Dec 2022 01:09:49 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://buhgalter.com.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 304

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
932 B 269ms
147ms XHR
application/json 34.107.148.139
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CU816538
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19341/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 80c6347d3180d4cae140a9662cb207dd88a30b5cb41e860aa4e3201f1aa61d6d

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 01:09:50 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://buhgalter.com.ua
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
expires: Thu, 15 Dec 2022 01:09:50 GMT

GET
H2

200

ROS Show response
pbjs.e-planning.net/hb/1/2e43c/1/buhgalter.com.ua/
Redirect Chain

https://pbjs.e-planning.net/pbjs/1/2e43c/1/buhgalter.com.ua/ROS?rnd=0.9799779929174219&e=728x90_0%3A728x90%2C970x90%2C1x1%2B468x60_0%3A468x60%2C610x90%2C620x90%2B160x600_0%3A160x600%2C250x600%2C250...
https://pbjs.e-planning.net/hb/1/2e43c/1/buhgalter.com.ua/ROS?ct=1&r=pbjs&rnd=0.9799779929174219&e=728x90_0%3A728x90%2C970x90%2C1x1%2B468x60_0%3A468x60%2C610x90%2C620x90%2B160x600_0%3A160x600%2C250...

581 B
996 B

53ms
52ms

XHR
application/json

185.172.90.251
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://pbjs.e-planning.net/hb/1/2e43c/1/buhgalter.com.ua/ROS?ct=1&r=pbjs&rnd=0.9799779929174219&e=728x90_0%3A728x90%2C970x90%2C1x1%2B468x60_0%3A468x60%2C610x90%2C620x90%2B160x600_0%3A160x600%2C250x600%2C250x500%2C250x250%2C240x400%2C240x500%2C250x400%2B160x600_1%3A160x600%2C250x600%2C250x500%2C250x250%2C240x400%2C240x500%2C250x400%2B970x90_0%3A970x90%2C1420x90%2C1420x180&ur=https%3A%2F%2Fbuhgalter.com.ua%2F&pbv=6.25.4&ncb=1&vs=FFFFF&crs=UTF-8&fr=https%3A%2F%2Fbuhgalter.com.ua%2F&gdpr=0&e_pubcid=e3415b79-cd05-4e4b-84d3-010ed87fe589
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Server: 185.172.90.251 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: ads.us.e-plannning.net
Software: openresty /
Resource Hash: 8a82709cbed53757323e79a428da4e82560cd950d67a23bca49ede0801cdbb98

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires: Thu, 15 Dec 2022 01:09:50 GMT
date: Thu, 15 Dec 2022 01:09:50 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://buhgalter.com.ua
content-type: application/json
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-length: 581
x-sid: AMS-936

Redirect headers

date: Thu, 15 Dec 2022 01:09:50 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://buhgalter.com.ua
location: /hb/1/2e43c/1/buhgalter.com.ua/ROS?ct=1&r=pbjs&rnd=0.9799779929174219&e=728x90_0%3A728x90%2C970x90%2C1x1%2B468x60_0%3A468x60%2C610x90%2C620x90%2B160x600_0%3A160x600%2C250x600%2C250x500%2C250x250%2C240x400%2C240x500%2C250x400%2B160x600_1%3A160x600%2C250x600%2C250x500%2C250x250%2C240x400%2C240x500%2C250x400%2B970x90_0%3A970x90%2C1420x90%2C1420x180&ur=https%3A%2F%2Fbuhgalter.com.ua%2F&pbv=6.25.4&ncb=1&vs=FFFFF&crs=UTF-8&fr=https%3A%2F%2Fbuhgalter.com.ua%2F&gdpr=0&e_pubcid=e3415b79-cd05-4e4b-84d3-010ed87fe589
content-type: text/html; charset=iso-8859-1
access-control-allow-credentials: true
x-sid: AMS-936

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
116 B 312ms
143ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19341/hb_299506_4371.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://buhgalter.com.ua
date: Thu, 15 Dec 2022 01:09:49 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 bid Show response
s.seedtag.com/c/hb/ 11 B
406 B 402ms
283ms XHR
application/json 34.149.50.64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.seedtag.com/c/hb/bid
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19341/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 64.50.149.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 15 Dec 2022 01:09:50 GMT
via: 1.1 google
server: nginx
etag: W/"b-OSzRjQUfcriHUprCmY2lR0nxM48"
vary: X-HTTP-Method-Override
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 11
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 37 B
570 B 238ms
139ms XHR
application/json 172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=863026&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22367a1f882a0f36a%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fbuhgalter.com.ua%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A5%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A5%2C%22ren%22%3Afalse%2C%22version%22%3A%226.25.4%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22381a870b6a13da7%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22863026%22%2C%22sid%22%3A%22970x90%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F141806220%2Fbuhgalter.com.ua_top_banner%23div-gpt-ad-top-banner%22%7D%7D%2C%7B%22id%22%3A%224153a2a993fa143%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A620%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22863026%22%2C%22sid%22%3A%22620x90%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F141806220%2Fbuhgalter.com.ua_bottom%23div-gpt-ad-bottom%22%7D%7D%2C%7B%22id%22%3A%2247db9795ef6b9be%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A250%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22863026%22%2C%22sid%22%3A%22250x600%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F141806220%2Fbuhgalter.com.ua_right_banner%23div-gpt-ad-right-banner%22%7D%7D%2C%7B%22id%22%3A%22529ce3c709fa74d%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A250%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22863026%22%2C%22sid%22%3A%22250x600%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F141806220%2Fbuhgalter.com.ua_left_banner%23div-gpt-ad-left-banner%22%7D%7D%2C%7B%22id%22%3A%22535e9dccf1df5c3%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22863026%22%2C%22sid%22%3A%22970x90%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F141806220%2Fbuhgalter_catfish_banner%23div-gpt-ad-buhgalter_catfish_banner%22%7D%7D%5D%2C%22at%22%3A1%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22e3415b79-cd05-4e4b-84d3-010ed87fe589%22%7D%5D%7D%5D%2C%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%7D
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19341/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9e43e7995a86f38fd683b9cd0ad1a12f911969dc1b58c302e95682c89124d61

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 01:09:50 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rnWB%2BzpE7MdNKlOPneMe6MX%2BQJSxwNPfGLJ1%2B9ohvJcn41g8YEwDFkn5zoWFYSlpLsxDjvgG5XP%2FgYBRJscP6l2CwlZm3qUZyhe%2BKAH6nrmJl6oLjUiGK1jTWxu5mjw6gFo%2BRI7a"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://buhgalter.com.ua
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 779b4bcb7a0376d2-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
expires: 0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 343 B
677 B 307ms
118ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2126352&size_id=2&alt_size_ids=55%2C221&gdpr=0&eid_pubcid.org=e3415b79-cd05-4e4b-84d3-010ed87fe589%5E1&rf=https%3A%2F%2Fbuhgalter.com.ua%2F&tg_i.pbadslot=%2F141806220%2Fbuhgalter.com.ua_top_banner%23div-gpt-ad-top-banner&tk_flint=pbjs_lite_v6.25.4&x_source.tid=6d1e59e7-e389-46c6-bd7a-8d6ba0342fa6&l_pb_bid_id=55484cdeb8fc56a&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F141806220%2Fbuhgalter.com.ua_top_banner%23div-gpt-ad-top-banner&slots=1&rand=0.3488327727502212
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19341/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: d6b2aa7cacca20fd34241e7282178408115655af28e7c5f668d33093473d0a58

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 01:09:50 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://buhgalter.com.ua
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 343
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 311 B
645 B 305ms
117ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2126352&size_id=1&gdpr=0&eid_pubcid.org=e3415b79-cd05-4e4b-84d3-010ed87fe589%5E1&rf=https%3A%2F%2Fbuhgalter.com.ua%2F&tg_i.pbadslot=%2F141806220%2Fbuhgalter.com.ua_bottom%23div-gpt-ad-bottom&tk_flint=pbjs_lite_v6.25.4&x_source.tid=d2f1c82f-d16b-49a3-8ef1-9c9248b3dc4b&l_pb_bid_id=569265b7210cb7d&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F141806220%2Fbuhgalter.com.ua_bottom%23div-gpt-ad-bottom&slots=1&rand=0.03844941100348587
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19341/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 985b3bfc35b7c9e0a5e686fdd4a251828b4e2599cee09b057167c552a685f319

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 01:09:50 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://buhgalter.com.ua
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 311
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 323 B
657 B 303ms
115ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2126352&size_id=9&alt_size_ids=14%2C17%2C179&gdpr=0&eid_pubcid.org=e3415b79-cd05-4e4b-84d3-010ed87fe589%5E1&rf=https%3A%2F%2Fbuhgalter.com.ua%2F&tg_i.pbadslot=%2F141806220%2Fbuhgalter.com.ua_right_banner%23div-gpt-ad-right-banner&tk_flint=pbjs_lite_v6.25.4&x_source.tid=2fae4d9e-45be-4bca-84a1-678a31fe103c&l_pb_bid_id=579dc4e88fdbd84&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F141806220%2Fbuhgalter.com.ua_right_banner%23div-gpt-ad-right-banner&slots=1&rand=0.9959389783602699
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19341/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 6e2665418e0df34ced2de716737db5950a9568a1057d4e8f31e2d2ff3a863ef3

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 01:09:50 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://buhgalter.com.ua
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 323
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 321 B
882 B 301ms
114ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2126352&size_id=9&alt_size_ids=14%2C17%2C179&gdpr=0&eid_pubcid.org=e3415b79-cd05-4e4b-84d3-010ed87fe589%5E1&rf=https%3A%2F%2Fbuhgalter.com.ua%2F&tg_i.pbadslot=%2F141806220%2Fbuhgalter.com.ua_left_banner%23div-gpt-ad-left-banner&tk_flint=pbjs_lite_v6.25.4&x_source.tid=74ce4792-f714-4465-be3c-0732879ac07c&l_pb_bid_id=586c5564c7e8793&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F141806220%2Fbuhgalter.com.ua_left_banner%23div-gpt-ad-left-banner&slots=1&rand=0.9103921792357486
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19341/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 775d443b7e2675d3902ca99dc88b89439ad04cef38d641b7b33a3e0626db1174

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 01:09:50 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://buhgalter.com.ua
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 321
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 331 B
666 B 303ms
116ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2126352&size_id=55&gdpr=0&eid_pubcid.org=e3415b79-cd05-4e4b-84d3-010ed87fe589%5E1&rf=https%3A%2F%2Fbuhgalter.com.ua%2F&tg_i.pbadslot=%2F141806220%2Fbuhgalter_catfish_banner%23div-gpt-ad-buhgalter_catfish_banner&tk_flint=pbjs_lite_v6.25.4&x_source.tid=830b37c9-c835-4134-8f39-482a11e901de&l_pb_bid_id=59d7feae4cdeb5a&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F141806220%2Fbuhgalter_catfish_banner%23div-gpt-ad-buhgalter_catfish_banner&slots=1&rand=0.3470553528208613
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19341/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: eb590b7254a384bfc0df1b77c5f86bff593451eedfb77ec7e98de0e8f7718d70

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 01:09:50 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://buhgalter.com.ua
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 331
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 353ms
200ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969134018383a88c53ad784fa4006c&cmd=bid&secure=1
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19341/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 83523c345859644189806baf5aadeb7c5817c6e351309f472c47e0aa3f152470

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 15 Dec 2022 01:09:50 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 224ms
71ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969134018383a88c53ad80c1690073&cmd=bid&secure=1
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19341/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 208d7670bfbcfbda1c4e41b34ad00bb0f55458ac1e390bfde7f3634129a37178

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 15 Dec 2022 01:09:50 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 262ms
110ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969ce4018383a88820ad8173e00067&cmd=bid&secure=1
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19341/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 4add04572e7373a6d6e2f12ab6104d0095d40b254dca097bac3da06fa2ba249c

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 15 Dec 2022 01:09:50 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 226ms
74ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969ce4018383a88820ad81ad100068&cmd=bid&secure=1
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19341/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 5b733c639ef5297518e0114f568394da68c7a86ff1d02fa96a8df46c71a53ed2

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 15 Dec 2022 01:09:50 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 223ms
72ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969134018383a88c53ad81dedc0075&cmd=bid&secure=1
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19341/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 992827ede07d6866de2e1f02fdd6fc5d09040009cbed9474a9c93b53d754f33c

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 15 Dec 2022 01:09:50 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 220ms
69ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a9694a6018383a89128ad822331007d&cmd=bid&secure=1
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19341/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: dff58454aec949f0389c068dddbb9f134997ac75c1d8a673d554bd83534e36d5

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 15 Dec 2022 01:09:50 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 224ms
73ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969ce4018383a88820ad8253e00069&cmd=bid&secure=1
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19341/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: a8550a94685f06ab1aef92ea68d8fe7e47237beb1bb95334f25a4f36463bb809

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 15 Dec 2022 01:09:50 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
293 B 217ms
67ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969134018383a88c53ad8103460074&cmd=bid&secure=1
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19341/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 19f6c9e8bd713bf7286b327a846117f7fd9fc83a898664d89335b06dcce67450

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 15 Dec 2022 01:09:50 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 268ms
119ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a9694a6018383a89128ad829262007e&cmd=bid&secure=1
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19341/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 607d0422a5347365b22aef6d939cdac218c2f94d29b151bb45f406e1f5776a3f

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 15 Dec 2022 01:09:50 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 267ms
117ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969ce4018383a88820ad81ad100068&cmd=bid&secure=1
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19341/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 7f0d58f8de983038fc2e9611c2a5125438cca28c3f970fe033f15917ad688e16

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 15 Dec 2022 01:09:50 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 269ms
119ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969ce4018383a88820ad8253e00069&cmd=bid&secure=1
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19341/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: e04a21817c4abe4d43fa4b2858c3e469b5da139742bcd6a6261ad6592f078b23

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 15 Dec 2022 01:09:50 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 266ms
117ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969134018383a88c53ad80c1690073&cmd=bid&secure=1
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19341/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 4eb180eb069de31197b52541710c9a40f3d060fdfd032dac515efd1ad7b524ef

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 15 Dec 2022 01:09:50 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 390ms
242ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969134018383a88c53ad82f4990077&cmd=bid&secure=1
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19341/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 5df1c782e6b4c31324e47bf91e7e8084ab9e1ca64f99b74e811e1ee6249d5f47

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 15 Dec 2022 01:09:50 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 263ms
116ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a9694a6018383a89128ad84e4b00081&cmd=bid&secure=1
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19341/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 1aa31ba22434cb7026165d529ff0d24580e0dafaf3310ecce65bd8785e8142b9

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 15 Dec 2022 01:09:50 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 268ms
121ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969134018383a88c53ad805d2c0071&cmd=bid&secure=1
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19341/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: b332bf092a6ec4e18066cd5474c3b23c6d707287102de240eb9c1bd21ea1a1ac

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 15 Dec 2022 01:09:50 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 298ms
152ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969134018383a88c53ad784fa4006c&cmd=bid&secure=1
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19341/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 92f92a1ebc824f2525cb1842c197af9e446817fd691f893de3426995a81f6fd6

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 15 Dec 2022 01:09:50 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 288ms
142ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969ce4018383a88820ad8095670064&cmd=bid&secure=1
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19341/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 44730f760642d44ee6e109005f57f7e72d802e872ff66ef86bf9c81a0e8b2bdb

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 15 Dec 2022 01:09:50 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 260ms
115ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a9694a6018383a89128ad813cb7007b&cmd=bid&secure=1
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19341/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 76576793bc91f4453395c874e246782c27c68e96e7ba20b97770051bbb05a0c6

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 15 Dec 2022 01:09:50 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 273ms
128ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969ce4018383a88820ad84331b006b&cmd=bid&secure=1
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19341/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 1430ea5bee9ada7f0ac31c257d07e39063fa5ef2a2b0dbc8c5bbc59f5b275bae

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 15 Dec 2022 01:09:50 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 279ms
133ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969134018383a88c53ad847394007a&cmd=bid&secure=1
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19341/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: b85d7fa055e8b665569d2d787b707d7a97f2be2d74571a62349a94cbc54a29e4

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 15 Dec 2022 01:09:50 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 269ms
124ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a9694a6018383a89128ad84af220080&cmd=bid&secure=1
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19341/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 5d3c11e85a33eaeb4a97b508eaf47b37b5a6a2b02dcb0a51d073e66987efe795

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 15 Dec 2022 01:09:50 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 288ms
143ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969134018383a88c53ad784fa4006c&cmd=bid&secure=1
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19341/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 1b5d93c7fde9494b51649178dc37a45611b2578dbe1d7e851077f711cb377154

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 15 Dec 2022 01:09:50 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 275ms
130ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969ce4018383a88820ad8095670064&cmd=bid&secure=1
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19341/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 63354c29108539d0f4a83da6b7e76c664d7fca30f74b1a897994f1ce1e52e1d3

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 15 Dec 2022 01:09:50 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 281ms
136ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a9694a6018383a89128ad813cb7007b&cmd=bid&secure=1
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19341/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 56de3400b5bd516c0c4f1b166e6d15ac0fd56a6fbf69b1d5c41e214b09a7468c

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 15 Dec 2022 01:09:50 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 276ms
132ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969134018383a88c53ad805d2c0071&cmd=bid&secure=1
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19341/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 1c31b93ae89d6a88250940037e9c66ac3007045ed5e421097534ab301a47b031

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 15 Dec 2022 01:09:50 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 280ms
136ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969ce4018383a88820ad84331b006b&cmd=bid&secure=1
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19341/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 3ef4dab451e8353a9e8c16f22a793e446a8b540d5076c28e6f8cdc16dbb39164

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 15 Dec 2022 01:09:50 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 279ms
135ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969134018383a88c53ad847394007a&cmd=bid&secure=1
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19341/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 3a900e01d0fe1aff657c4bd76b444d95a928d4212f0ca42f93ec2df924353981

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 15 Dec 2022 01:09:50 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 266ms
122ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a9694a6018383a89128ad84af220080&cmd=bid&secure=1
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19341/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: e4c0f1f5cf1875367cc8b71351f8c98ab96a6eb94dd3143174aec93d16deb57a

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 15 Dec 2022 01:09:50 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 493ms
350ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969134018383a88c53ad784fa4006c&cmd=bid&secure=1
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19341/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: c726060f1620cade494fe569028becc09f3b85f736740ed9bf5fe05d43b8d809

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 15 Dec 2022 01:09:50 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 284ms
141ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969134018383a88c53ad81dedc0075&cmd=bid&secure=1
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19341/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 4b433c028dffa29bd11b814dc7818c0e1ffb5a35e5d06717d8f5d6665903498c

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 15 Dec 2022 01:09:50 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 274ms
131ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a9694a6018383a89128ad822331007d&cmd=bid&secure=1
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19341/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 81176c534052a3626cda2890a500863f570d84e5c4c0535c71c441442e143a37

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 15 Dec 2022 01:09:50 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 277ms
134ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969ce4018383a88820ad8253e00069&cmd=bid&secure=1
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19341/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: b69fdfa4e18734db7fededfa6c5c66f51d4a69abbc4c14086904dac3282a82b9

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 15 Dec 2022 01:09:50 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 272ms
129ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969ce4018383a88820ad81ad100068&cmd=bid&secure=1
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19341/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: ee536e5369e815ef105334cd9b44dbd9ad3a9a0f107756a2aa40085075b7dace

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 15 Dec 2022 01:09:50 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 271ms
129ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969134018383a88c53ad80c1690073&cmd=bid&secure=1
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19341/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 82e668b64963f64e2024d3aff5c6d69b9c603717cf22d3f001d0011e7641d467

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 15 Dec 2022 01:09:50 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 338ms
195ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969ce4018383a88820ad851b23006c&cmd=bid&secure=1
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19341/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 0a3e02b46fda4a5716fc628ae07ae1b5661f5b7155282103f0c64d4ba912394a

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 15 Dec 2022 01:09:50 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 302ms
160ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969134018383a88c53ad82f4990077&cmd=bid&secure=1
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19341/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: dfc9e310e3e2c3214a7d741b07c5c0a9bbe19e3aa3fb8371019e09c518aebe62

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 15 Dec 2022 01:09:50 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
content-length: 62

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
179 B 183ms
53ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19341/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://buhgalter.com.ua
date: Thu, 15 Dec 2022 01:09:50 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
218 B 313ms
65ms XHR
text/plain 2a02:2638:1::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.25.4&cb=98159841196

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19341/hb_299506_4371.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 15 Dec 2022 01:09:49 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 338 B
672 B 306ms
138ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48254&zone_id=1767334&size_id=2&alt_size_ids=55%2C221&gdpr=0&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=e3415b79-cd05-4e4b-84d3-010ed87fe589%5E1&rf=https%3A%2F%2Fbuhgalter.com.ua%2F&tg_i.pbadslot=%2F141806220%2Fbuhgalter.com.ua_top_banner%23div-gpt-ad-top-banner&tk_flint=pbjs_lite_v6.25.4&x_source.tid=6d1e59e7-e389-46c6-bd7a-8d6ba0342fa6&l_pb_bid_id=110e4483657cf2b2&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F141806220%2Fbuhgalter.com.ua_top_banner%23div-gpt-ad-top-banner&slots=1&rand=0.2066074122976631
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19341/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 5d594ba26ee416b204c8a7929d69d39e29630ecb77b3e086d77e0d810bc2083c

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 01:09:50 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://buhgalter.com.ua
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 338
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 310 B
644 B 285ms
117ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48254&zone_id=1767334&size_id=1&gdpr=0&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=e3415b79-cd05-4e4b-84d3-010ed87fe589%5E1&rf=https%3A%2F%2Fbuhgalter.com.ua%2F&tg_i.pbadslot=%2F141806220%2Fbuhgalter.com.ua_bottom%23div-gpt-ad-bottom&tk_flint=pbjs_lite_v6.25.4&x_source.tid=d2f1c82f-d16b-49a3-8ef1-9c9248b3dc4b&l_pb_bid_id=111988f6b43ea026&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F141806220%2Fbuhgalter.com.ua_bottom%23div-gpt-ad-bottom&slots=1&rand=0.34864516134002543
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19341/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: dd93828e32c2bb1f749cf9b3744181c7788a3fd20ec69d807a373e2015fae631

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 01:09:50 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://buhgalter.com.ua
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 310
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 342 B
677 B 301ms
133ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48254&zone_id=1767334&size_id=9&alt_size_ids=14%2C17%2C179&gdpr=0&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=e3415b79-cd05-4e4b-84d3-010ed87fe589%5E1&rf=https%3A%2F%2Fbuhgalter.com.ua%2F&tg_i.pbadslot=%2F141806220%2Fbuhgalter.com.ua_right_banner%23div-gpt-ad-right-banner&tk_flint=pbjs_lite_v6.25.4&x_source.tid=2fae4d9e-45be-4bca-84a1-678a31fe103c&l_pb_bid_id=112066b8ef559db4&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F141806220%2Fbuhgalter.com.ua_right_banner%23div-gpt-ad-right-banner&slots=1&rand=0.8279962233851828
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19341/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 4525487494301ffb0f55f67d2aa50d686f513dcf900c8bf54c35fa5f3fffcd1c

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 01:09:50 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://buhgalter.com.ua
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 342
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 340 B
674 B 352ms
185ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48254&zone_id=1767334&size_id=9&alt_size_ids=14%2C17%2C179&gdpr=0&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=e3415b79-cd05-4e4b-84d3-010ed87fe589%5E1&rf=https%3A%2F%2Fbuhgalter.com.ua%2F&tg_i.pbadslot=%2F141806220%2Fbuhgalter.com.ua_left_banner%23div-gpt-ad-left-banner&tk_flint=pbjs_lite_v6.25.4&x_source.tid=74ce4792-f714-4465-be3c-0732879ac07c&l_pb_bid_id=113f63646d1a5d82&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F141806220%2Fbuhgalter.com.ua_left_banner%23div-gpt-ad-left-banner&slots=1&rand=0.3485554249744538
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19341/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 067c05e2c7753d239ee78b17453d28e62eea2c94f0bc9a3f79a66260cbc44bd3

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 01:09:50 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://buhgalter.com.ua
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 340
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 330 B
664 B 346ms
178ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48254&zone_id=1767334&size_id=55&gdpr=0&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=e3415b79-cd05-4e4b-84d3-010ed87fe589%5E1&rf=https%3A%2F%2Fbuhgalter.com.ua%2F&tg_i.pbadslot=%2F141806220%2Fbuhgalter_catfish_banner%23div-gpt-ad-buhgalter_catfish_banner&tk_flint=pbjs_lite_v6.25.4&x_source.tid=830b37c9-c835-4134-8f39-482a11e901de&l_pb_bid_id=114abb9b4b7c809&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F141806220%2Fbuhgalter_catfish_banner%23div-gpt-ad-buhgalter_catfish_banner&slots=1&rand=0.47003506990052046
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19341/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 62d2676484e2e6f0f9b3b10c8f12b5d23d73af1494de32cfb6d36da94a698992

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 01:09:50 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://buhgalter.com.ua
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 330
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 hbjson Show response
grid.bidswitch.net/ 25 B
241 B 445ms
149ms XHR
application/json 52.57.180.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://grid.bidswitch.net/hbjson
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19341/hb_299506_4371.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.180.35 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-180-35.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 6556bb5bcb9f747306ab57541a8a3c4827df131c381bd1003b950888de5fde82

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://buhgalter.com.ua
date: Thu, 15 Dec 2022 01:09:50 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
content-length: 50
content-type: application/json

POST
H2 200 z Show response
s.zmctrack.net/ Frame 6F32 102 B
451 B 87ms
87ms XHR
text/plain 185.187.81.41
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.zmctrack.net/z
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.41 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: openresty /
Resource Hash: d92d296d6911b11f67b74a7a40064dc8b9e6d28084a25146302969da82721a30

Request headers

Content-language: eyJ4LXBvc3QiOiIxIn0=
Referer
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 15 Dec 2022 01:09:49 GMT
server: openresty
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-expose-headers: X-Meta-Request-Id, X-Location, X-Meta-Status, X-Check, X-Cookie
access-control-allow-headers: X-Request-Data, X-Headers, X-Url, Accept-Encoding, Accept-Language, Content-Language, Accept, Content-Type, Cookie, Origin, User-Agent
content-length: 102

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 222ms
97ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-35985798-1&cid=245198460.1671066589&jid=1144628663&_u=4CDACUAARAAAACAAI~&z=1992508246

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 01:09:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 223ms
107ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-35985798-1&cid=245198460.1671066589&jid=1144628663&_u=4CDACUAARAAAACAAI~&z=1992508246

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 01:09:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 215ms
97ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-35985798-1&cid=245198460.1671066589&jid=376353454&_u=6CDACUABRAAAACAAI~&z=200531469

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 01:09:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 173ms
64ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-35985798-1&cid=245198460.1671066589&jid=376353454&_u=6CDACUABRAAAACAAI~&z=200531469

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 01:09:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 213ms
96ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-53572572-5&cid=245198460.1671066589&jid=926896525&_u=6CDACUABRAAAACAAI~&z=1320852522

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 01:09:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 215ms
107ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-53572572-5&cid=245198460.1671066589&jid=926896525&_u=6CDACUABRAAAACAAI~&z=1320852522

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 01:09:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.6.3/webfonts/ 77 KB
78 KB 51ms
50ms Font
font/woff2 2606:4700:e2::ac40:840f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.6.3/webfonts/fa-solid-900.woff2
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f419ad7a4477f36ce73c74a23dce784150ca38fa5075a8e06109709cbb716903

Request headers

Referer: https://buhgalter.com.ua/
Origin: https://buhgalter.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 01:09:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 20CDXA14PDEEJBSQ
age: 607400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 79100
x-amz-id-2: m/wmN9HcgA0S59q1Wk0GMYyqx2f0JDH4ZLC0NrNYFFYG9UkwycSpdRsPzB7yJP3slizU3eibFsw=
last-modified: Wed, 30 Jun 2021 15:44:54 GMT
server: cloudflare
etag: "5dc01cfcd5336f696cb85da7ce53fa9b"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YUNqovwMeb38jCBW%2FfUQvbZqMOP7k9oj6S7l7I2tshUjjD6yyIZlc4ryWq3El5%2BTYa0g4mfb5K%2F2%2Bx4CQZFAdhrzfc4ROiekakHYQteJKuJnirLLJAq2bATQa9O6Z%2F%2BW3SPDqiT%2B9lQ8dxAQflTcngIZ"}],"group":"cf-nel","max_age":604800}
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 779b4bcbff2a886e-LHR

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ecc36cc1d2a1b39c6dcc4d23c5e1c029f1d2c78e8f696e094c8ea8db964e5664

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 9 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: de845987f3459366a295fa160b916e6945c7b96961d7ba73d441b03f211811e8

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 16 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f7c81f756187282cde04eb081009912e336f388013eb18b70b9895f4cefb6a79

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 13 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ea35c5d1362d678749f64a9e5e667ff8e8cde215869401caa753c5e6585f568f

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 8 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d691477018d0f0957939aa725df7f8a979d42731cd24ffc4b2a91e8cb456db82

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 16 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 09cf7684a243dfc294f30f108a7a97ad7807efebc4699aeff4baf8b94c65d749

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 29 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c52ea3c0b9b1233a70ed9ee281fec4418c13f8688c556ba31e587e0570cc2b43

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 13 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c4a5a12744673c5a2dbb3653fcf99e1d86f9630f2a49ff4aa892cc5018794720

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7535435b268eceb5a194a8a6065e853af11815cedcbe1769155617d3a8487d60

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c1ccf8f543009a813c29e737c9d9b1c5348169995360fbab23c402ab35c93374

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 69768ececc08139a577e3382f14cdec2f0c549663ab259f280e2f83e709065a2

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 10 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e955ea3c7cea5f641e22b09184850d60c3a4a8eef354d739ca9e0ac25daebfaf

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 8 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f1b4809c02c833ef4a89170232005bdb3b7b825cd4a1b16e1f7868fdcef834d7

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 14 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7d5bed178d04622ad95cab658071133ce2ea6b1b394fd71179ec07b5de122bc5

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0c593b478bac40d4bd1c30ccf349c6e118c347e0ed9881ff7e70a7c5de86493e

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 36bfcbfb8c235969f901acae944343611139ad8fe2ab577e907cbd2ca7cbef55

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 8 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fd3eec52805f5b6243e9fe47efb617a37254f80fdeafe26f9d39e007635e0266

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e94d0e2d56d7e7d35935918e549a374568fad167f2c8f4e5189104fa6546d8d5

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 6 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c52a8264c8a4dfb27b101c226b29ed7df32bd643d17550a6aabf8d44d880c75d

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 6 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ca30c33aa5f114d6c4810f2546893395a3047705d5a8b23cb60bba9a157a77ef

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 09bf76bf9a693f6d1ff70fb63a0f530e6d880240a4cf8b53baa070cb244852c0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 14 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d0e59aaca8c9a62d2ae97808a1d7c958012a860f486ecf0f35c73308ac3623cb

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b3513b034d0ecb8f59408a1ca4b9b3a8ba63c68f07f877b2e1e1f34da644afe1

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 14 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c1dffd59aa695c7624ba66ca5c2a1f152f44821259b74a05a3e76f59e84331fb

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 14 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 87a156566bf61f245a0b0d6c16f0446eb7cc4a36a9350be545fa37259a40b71a

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 36 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6e337204ed03b6e4418d9b9b436cd2614831b06c4e1a9ca156d47ece9ad0951c

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 16 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f77bdfc493418da1a85260cc1b790bd02c9d0a09426ed1ad89a9613aa16e5758

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 28 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 741cb5b795c866f5aef2c01f64bf8eda484c92bfebe3ee309c9ed35cd252f033

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 08e04409d774299c7ac6fbbd18203bb89d0febac102760ed40a76864a6bb4066

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 12 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b6681c00074d8e62bb49a4c31444da8096a55f8830f62e4e8cf7b00882ba6cdb

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 6 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b36e2f24c228d4aa3773ac182616c0cf6835f37725be8de6ce7305caa2a99348

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2c30bce9316a009e9a17785731b7c5b52af0e3f3f162efbc5787513b54cea138

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d453778582484007a5a8c9b610fbe6a12a863260562fadd46f8e402f740ab12e

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7704281ee0b386ac39b9b1f6ca82401efc3500b75ac160e9a46ab6246974d9a5

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 061543b6ada60edddffd9f7c3f5a4fd1fa7c37e0f023816dbe1a8d4091daf49e

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6aa60dd23a74b3701f5ed911709abd25ac4e7f4a8cbd13d777fda48db32915f8

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dd9366b123766ecaeec85d47719aaa8ddbd3b68aa7e1fae5434fec5133ebd7cd

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 159210f9ceb6561cae10aa34238d9c3d4a601a5ac825ff6d9f3e669d8bd0df0e

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 16 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a1b43339886c2df3f1451af8474e95a8923085ef0fc240820e7a8218110d573b

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 9 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 07b382d14e2714223655f23745e8bfad2b87de32d3bc5d145403ed07dbcce891

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d285ddb67b0c0d1642d8dbc0d6c122085eaf32cc6df3f165febbb4a47d05c9b5

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 10 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aac32479b7e00e374a47b5c6daeb907574805cd3320d6d2c520764c6ee96c12d

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 9 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: df352596341aef158df4b1735cf3b02723951a0a584685f896ce3782f6e33f29

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 9 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 679449bd06f6cbbe46b129b5009ce6b490d323677b02fac4a62b10bdfc678ddb

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 6 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4f9695de838f580539a55fb51b39700729e469625f429ef612e7e3173bd004bc

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 83f2963ac96def32a52b88d46767a0e6b4f7d5deeabe40bdcd795ce25b99217a

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b35b72ac1876a9d5ec1b9955529f4070e971ce9439a1394970143145b499117f

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 57433e1293341458165bf38974563d349e5c2116f089af926afe7bf6a4e4a49c

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 18 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b61c483c1ef272649d59390899f6ba6dacc4a0047fd5f31fb66a5a4bcb5af0ea

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 30 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a3492ab3d262a82e24fbabfecd777c0800964578ca1e00a363307bd3e590dc77

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 110b303089a71f1b1c392a22406acdad508b9b0d39a1f39626827e86f3a5a78f

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9ce75ed467996485eace448fc8554374409488e31678c2e1efb995c77449c0e4

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 10 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a56602d44222ff0e9c9c9d8faa30c87de0a0b053145aff4a43be4588d216157f

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 6 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3971a86564fe25b2262b78bf830d8af076f7cde4fe7b2167585b38571b3f180a

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 11 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6689b10d16d6c6f738c2fae6e209c53d7b4ad2d597ba712e0ecc2f1852a280ac

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e027435211ef2a57f103c525775456d802bd6ad5acaa62117d45e10930c7af7e

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d4c5780344a410ba6f301b65ec5a0fff84b5ff87bdf3e65c7f6f52958beba7e0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 11 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 188fc2045c73ceb0931b06357ec5c0a8c0b93045b831c79e557c25e4c8959d01

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 9 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 75471d692aeb9322e75a041dcb0c363657eb51db495b14d5555c5e7a907fa799

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 07ab47c07bab62e7d7ff7bc8ec64936785a7e488438074dd3510227aa5c466b0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ffa2e149a7cb4362696d47b85863b157283c7225b648bf0ea43e0591165e4c2d

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 11 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f7ec7b8677014393b78f8e512a7b08dd6227d6d54fb6c145ab0ccc5a71b11600

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 82a4df0a6f0f70b0df90aeef7e01e356a0a5859da073e4139145dffd0844b226

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 489 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 84d368b23e95809600d8e96a8532cc3b88c49cecd69a058d249b4ec0024073ba

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 11 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c1862f5fa7dd3945e2bab43995b64fa4f720581a0b070afea4dc9431b9cfabd8

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 1000 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b3d7d3c47dc2ed2229601da34d1b8d1a9f7e7405e2a495c582544cd4fe82dc20

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6356465097a91fe7436546d26b9a0575a5092cdea33572d65d1ee447777890c5

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 14 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 52db729bbfda2646c18d63f4ad32c8bb07ab396a30c8cd49b22d0481af5310c2

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 13 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 625614d0c74d2cd49b55966090b740556a74d6f81fab60a6ba40cbeb2a328ebd

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 16 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a18472ae86a7b20ced524d98ed60a37cc38d222dd6891200a0edcc335d3d9350

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 arr.png
buhgalter.com.ua/assets/templates/base/chat/img/ 1 KB
1 KB 71ms
70ms Image
image/png 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buhgalter.com.ua/assets/templates/base/chat/img/arr.png
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/assets/templates/base/chat/css/main.css?1625654744
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: 40cf551965abb3907196d630825291b27d1b77dd499bbbf12e07905a25afcf59

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/assets/templates/base/chat/css/main.css?1625654744
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 01:09:50 GMT
last-modified: Tue, 13 Dec 2016 08:59:45 GMT
server: nginx
etag: "584fb881-490"
content-type: image/png
cache-control: max-age=1209600, public, no-transform
accept-ranges: bytes
content-length: 1168
expires: Thu, 29 Dec 2022 01:09:50 GMT

GET
DATA 200
OK truncated
/ 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2ee69f515b17f5b570b287e1d92f35e94e76139440dbd97db70805430ffda58d

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 181ms
53ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://buhgalter.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 20:10:25 GMT
x-content-type-options: nosniff
age: 17965
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Dec 2023 20:10:25 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame A8D0 0
15 B 54ms
54ms Document
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://buhgalter.com.ua
Referer: https://buhgalter.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://buhgalter.com.ua
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Thu, 15 Dec 2022 01:09:50 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 180ms
63ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=buhgalter.com.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 01:09:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 173ms
64ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=buhgalter.com.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 01:09:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 68 KB
22 KB 449ms
449ms XHR
text/plain 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2406569675175663&correlator=3498676228479831&eid=31070872%2C31071221%2C31061166&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fifs&iu_parts=141806220%2Cbuhgalter.com.ua_top_banner%2Cbuhgalter.com.ua_bottom%2Cbuhgalter.com.ua_right_banner%2Cbuhgalter.com.ua_left_banner%2Cbuhgalter_catfish_banner&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5&prev_iu_szs=970x90%7C728x90%7C1x1%2C468x60%7C610x90%7C620x90%2C160x600%7C250x600%7C250x500%7C250x250%7C240x400%7C240x500%7C250x400%2C160x600%7C250x600%7C250x500%7C250x250%7C240x400%7C240x500%7C250x400%2C970x90%7C1420x90%7C1420x180&ifi=3&adks=1472868681%2C377900176%2C2541184592%2C2347727364%2C3757304322&didk=2486344417~4277630285~2963346524~3126075531~1899677630&sfv=1-0-40&prev_scp=hb_rfBid%3D0%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&sc=1&cookie=ID%3D9d9abc8fd40be364%3AT%3D1671066589%3AS%3DALNI_MZtqx8GguZ40Ds7aVDa11jq2KoV6Q&gpic=UID%3D00000b92a543bd03%3AT%3D1671066589%3ART%3D1671066589%3AS%3DALNI_MZ46AxNaeYTwK0lM9cwxcudp8anHQ&abxe=1&dt=1671066590405&lmt=1590667965&dlt=1671066588588&idt=1066&adxs=315%2C500%2C1160%2C210%2C0&adys=40%2C2527%2C898%2C1393%2C1200&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C2%7C0%7C3%7C4&ucis=3%7C4%7C5%7C6%7C7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fbuhgalter.com.ua%2F&frm=20&vis=1&psz=1600x-1%7C620x0%7C250x0%7C250x0%7C1600x-1&msz=1600x-1%7C620x0%7C250x0%7C250x0%7C1600x-1&fws=0%2C0%2C0%2C0%2C512&ohw=0%2C0%2C0%2C0%2C0&psts=AMjMPc1XkJAHNXt9UNW-Mep-d7_V&ga_vid=245198460.1671066589&ga_sid=1671066590&ga_hid=1157599031&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

71fc757e22b129ab13e9544ee9d197a52cd4e69524302c44f6588b8117ad2fcd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 01:09:50 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22025
x-xss-protection: 0
google-lineitem-id: -1,-2,-2,-2,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-2,-2,-2,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://buhgalter.com.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
63660938f67a3637d11923d5813dffce.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 95F3 6 KB
3 KB 170ms
54ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://63660938f67a3637d11923d5813dffce.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://buhgalter.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 15 Dec 2022 01:09:49 GMT
expires: Fri, 15 Dec 2023 01:09:49 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
63660938f67a3637d11923d5813dffce.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B82B 6 KB
3 KB 168ms
57ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://63660938f67a3637d11923d5813dffce.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://buhgalter.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 15 Dec 2022 01:09:49 GMT
expires: Fri, 15 Dec 2023 01:09:49 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 1254 624 B
242 B 183ms
67ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJrvERDJ3dqUAxjk_bzBATAB&v=APEucNVPKINiO9iDfEpaCS0x6hoBsHUxDib-jBxCmiqkEkgKdUK4VH3OK1poZENYUZEkLGGrk8-AgT4UBbcTI6LhqdLHkAoY2XLivwe-t7ivTJe4UtAVRjGRbP9oBJy-Xsv_A47nsz88OPXYoNLxStuju02jC278Xnj84Vad4bUeaL0yqNFXqFY

Requested by

Host: 63660938f67a3637d11923d5813dffce.safeframe.googlesyndication.com
URL: https://63660938f67a3637d11923d5813dffce.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://63660938f67a3637d11923d5813dffce.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 15 Dec 2022 01:09:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 95F3 64 KB
30 KB 204ms
89ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CwtBApcGdTXyGDkL2ZY1MFlKU6JOEC572KBcO0ljrVHpLm47NjuTq4pOSJ2M03w_O4vzpchkpbVLTHLQgTeQPnuaLWGQ&cry=1&dbm_d=AKAmf-CbyEGTZJQitA2wQEoXttjWhhfNO_du42LYe0TGg6ZEzZp1kIQK62bwOVw5jbxRwF9HpeRTDmUrEba6OJ4Vjd9MUoPT-pL0WO0XN9xx2XHazn230H1wR7ef2SaA1KA8HWvwK4_ZnbJ1prdWipjBhIn3HBsUMOI4P7EIoFllrFHUrg0vrFJDa8G3IC1qOTVHvUvp_hrhuABdMEEmGGg2-ZrICI27XWhQ7NXW8D3Z87r-4L9sE4wawGsX_c446LqQI1OMy4SQ7OL7tA4xAudkQTjoQTV4Xe66UXHsbouMKb5HLI7I_cI2IQKgDNbDEh8JNb6KnXAo9-cumipIJe8L3b_kmuxOx86M5hWTkVAYbTlaFQHTLaLZclA7iIqbil_ebI14gQ-UXMG-I1GuZCOtHyfE4QNlfmDoA6zug33pHwxR5pad52krmymShXAUXkZP3bmUUG86YeL32icuqmtoTdh8RkHPgNdkAiU1mWjyylrmCjs1mdV8dv6wWrceHoyt0scH6Lp7zr4cfw7f7urFHK5Y2HOizAycPNV6j_b17HPSub3FVTORa0wTDW2YCX0dAFU_0yesyrV0CNebFnmQrNgxf08PvynqrYbvlOEOJ35tmYzf5mgoxtTX3ZUWym4RwTnEVKQpMDa2CFpxsgFg0-UHbDngl5EmvydoWLpkV85E_sR4Nu4vCdncWh_A4ER-MuF-Nv0HcLf-LRE4XA4UjRHjMpvbkyoqMPO9P7AfHTVJVZTZ4AY7bpUQMphw4dwHG_STQ6u88eCCs3p1Xm2coAdQ2M35ebOZuczy_pI5oAklc4wuQ7yl8wWHgF-vndKv3-m5cdgvDS7edIfrfUxbY9sZdicUmg4BIixZ7stfdS2-pO3N0XIyIyYai-IMCdjDdcjy4WBWP78yWq1STnjVx7oj9t4sTF4XSy-DIFg42EEIfE52Vr7pNZNUavIpDELo5J9QvXYT4RewCVZHlCITAWH4_5Gf1df_pUxwyGxolpdba04X7Zzu86g8Mmzz_uRzUkuMyViPawm2GKJuWDUgVH_XIJncVmfu4uo3Up93-E1kaR_DnpzmJVAbKDbn1zHZjRmH1wT-Op0kuRtfpd_fyvwLNRCtCndPmyYJazSvhsvmMJgtkHB0DX-OFN0jbOxiQZnpaegb_tYg7pHUOoMd11u4497VeZw8tldDo5ddkwvVAqZ163jTZlbdNA43Wu9Sjm_qxSHeg6X_-uNzqMCjwKOV_UTDBHbKSYLJjt9FFjTAiRC9yp_dsv3nmX2k77Q1ccCTx9bDOXRee3KQMFmL02CaX0BPq7P5ZHa9hLHH9ckVzzTeaEtcPVMWVGJq-bYbepMmm-oqI_v-WkSKWS7HdisD9LUrclFpEV2xo_Ar0NlJqsIofQFIxwgf3vkf7uU4xeBK7E8zgKkfHM_NzFR6cH4uGKeBvF-rF8IbdBhntcF94PIhyF8GbaEgn4TAMuFVCgR3NtAmZs1g3_wqU3XhLdqjy9wC7BjP57jWCceTSaPn-9J0Wo4fNx4ZCrLPEu8KMzHUX13Oi-rHhnP5Z6jZxkbocC5rQ5pNCfDitp1U_Mbj5rD2IB04boSjrjA_eJgZ4DdsgR6CRn85AwRQYbV-zjo4UDv59ajZfPWUsIIaf4XIVb5R0MEsHSW88PdR7cyUblAib_25Hj3rqo0QpdQt0hpKIu0CY7Htd2646wvEduFjd4hZtSEPJFks06TsqA_LnNkK4W2G8xSpuaWvdZ7ltthtq4lw73gTt6Jt1G7Hw61Z9lctmtRnew4gKNOiRla47wlksBsjLTE6-pCqHjZF0-VOt0rCiroRcQw8M78tyTePNEYY6xNkJR2SyBN7twmJVCAEMhFgk4a2w8JuBHMH747rrw2NLVl-zlN6lKVP-qKVUtg595XSWWRToJhDo8mYY2vxA6CsuEv02ozQZJbOJgtDUr6mvx4rbvdCYZAZm-IVfRn_3PLNf8q9wOsgYyhICziEisIKTP_eCbcNijEKk0FxnV6N0b6-5ttdctFMzG0dJxkGO4fnSr1PNS00ANlizc1bv9iOlb13OMwZ5c3rJ5z4z3XT7T77vXsl1D237MepkG0hgksg3VgDN1cFUnOSS4PZDECJxZTynzqdW2oa_oxPmFWo8SLYmvR7-B8PIBi1trcOANpstJ0iIjXzCalh0cDFbODCTWAwPQaSGkT5nvyifquWm7eNp40L76UeUBlowiQFApwERiZqIRxdcakg3BeTFZ-Mi40PzvPjE6CIoKiQlfHT3xzU38cue8vzZoSfQQ4P7rwgwkWTxKKkCzMy-SWg9Hce3d6matgoflUd6xa4gHcXPqnUa0dosGee093I8Ych91dL-jCkRrl1y3X9R4fx_5YM_2sugyCPfU2ESt03nx9ooDVWHEtzFdw__bjp5JGHCwaAmBxgcudisqLq4cEq1LFW1M2G11P_dCvsABSsEKPJG5NRHBLs_1VOTZ8eXt3wKHQI1KriGzrAwkVGX70UamO8tvPdFKuqzPyRAJWSO62pnYHr7eAI8k5b_Yxs9SFi_2JSGxjQNAV3jh-z-qXtaBuHTvJrOhZy6y6wYUnAXEcs9Ztgcl5lsKbtPC3xgqP1G0RK7zWlOC-GLz70iI4GN3AAcx0X1gCGa3c6AIDfKdY_y7W7kUBfxu2HNq-vrRJPRL8tyeWY_wU4oLwJ6FvL6NJFhoC4LPtpE4JX03XHKwruSSwz9y4xv9wkNvCyeSjfxaRzhhYGSLt20N_3sAM4UA4vZGZoP9EpYz7fIzBYTKPh9riqWaAwerjpuY0-r1hpdJbm_gMx5DjjKbo5x1SvqUxNBBi9lRrJHNf1vzMH6VNbsXyUtlJWAkMuhd5ulshD5d05pgOQiaGtvbRvdiB1IElsqsFRrdK_sQSkNnKSqUI6UCRyyZriDfee7RrrdBOKufqVyWKUOflmQpRLVTqHn7vRPw_N5ZL_-SC8Ys-1W9u7pzVNPh2ehqQIIo2r3_i9hiG17B1_P2ogbwO0kzg6uo4g4gDkVIYMdMcpzdrNL27yWkkfnaRKosjHKJTNiVNHSHYcTEsxM41Tbpec96UgLiLC9gzACpvwVfhByQIS6zZ4rsV2y0gX1GO1nOH-SCXpu3okTw6oz_Z9WBv4JQxIiXAo4hJ1DE6JbEOuNOTk2jka8pupiZeN0C2SMWuS0JDI1V-x56P1IAC_Xgwy5MgUT7ov-f88ylxFsCk9E66DGsiqs2QcYKcsZTgAdr3V94xHprHqlNPr0UMEyb2_gQ9_MfMFUGtQG1OAxR4-hLeP1LnpP06IqM23-ODkhyO1FCqfXfwB-uxQKaO6f1yzoTju-rkFQyO6UpvJfGGQMwPERe1sZbdpn4SpV9Y8EdPXJkcFE7dAxZ__XiVGAffJ78HSvEeIV9fvb7cyu-oUiVwVMlTAbxNMkrdlP4ELH5iEY-P2SRY3zu5rqJ5e4GnoXL_XVaFQlGbVLg2jBeBpNchrWTgQ_YwZLDSvlaZHtrzGZAjId3WvtRK5n6zQVtd4z5aBk969obxmroPIFHwbYrqTVt2z0GRDCQi3Y0nf2BLB8EeXLWsjUIavtvTxZ0cicpR4AIbP&cid=CAQSPADq26N9lJLg7VxNs-dSZz-4U8NPiILjgHDY43R8_Yjh_trA_iLaFPp_G6aoUr8Tvk9n-qLA9FLgYeS-OBgBIBM&rfl=1%2Chttps%253A%252F%252Fbuhgalter.com.ua%252F%240

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b08698275b6b0557ca70ae5f736a6c2b37299963d6765add79f7263d6cbf74a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://63660938f67a3637d11923d5813dffce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 01:09:51 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30202
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 95F3 42 B
494 B 204ms
87ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DaIVUD3RjY648K0_5SUHYwjr0QoavG3KyarsjyeILVwN4_5vwDFwW4H2qLUpMRN2UrXMGxCC9U4JunX_DvL_fTZcRoddBafGmmi6ThOOn3cxGVBbI

Requested by

Host: 63660938f67a3637d11923d5813dffce.safeframe.googlesyndication.com
URL: https://63660938f67a3637d11923d5813dffce.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://63660938f67a3637d11923d5813dffce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 01:09:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 95F3 3 KB
1 KB 237ms
119ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Host: 63660938f67a3637d11923d5813dffce.safeframe.googlesyndication.com
URL: https://63660938f67a3637d11923d5813dffce.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://63660938f67a3637d11923d5813dffce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 21:17:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13939
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Dec 2022 21:17:32 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 95F3 18 KB
8 KB 171ms
53ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 63660938f67a3637d11923d5813dffce.safeframe.googlesyndication.com
URL: https://63660938f67a3637d11923d5813dffce.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://63660938f67a3637d11923d5813dffce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 22:04:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11102
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Dec 2022 22:04:49 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 95F3 0
0 63ms
62ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRjeQnGV8UwIlUN7gbu_s-Yqayi-Mw0o7zZZy5fVXTvXOKOILfQeTNC0bAjEg14QtPrt_RDSyDOQV6Rxei6jzKM9_X73A
Requested by: Host: 63660938f67a3637d11923d5813dffce.safeframe.googlesyndication.com
URL: https://63660938f67a3637d11923d5813dffce.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://63660938f67a3637d11923d5813dffce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 95F3 153 KB
47 KB 191ms
76ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 63660938f67a3637d11923d5813dffce.safeframe.googlesyndication.com
URL: https://63660938f67a3637d11923d5813dffce.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://63660938f67a3637d11923d5813dffce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 01:09:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 15 Dec 2022 01:09:51 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 95F3 23 KB
9 KB 176ms
59ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js

Requested by

Host: 63660938f67a3637d11923d5813dffce.safeframe.googlesyndication.com
URL: https://63660938f67a3637d11923d5813dffce.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://63660938f67a3637d11923d5813dffce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 08:26:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60225
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Dec 2022 08:26:06 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 2FDD 624 B
242 B 172ms
68ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJLb8f8CEPiFm4EDGN7SzdsBMAE&v=APEucNVIpNbFxY3XVgj0D6OW8APmq_G_DFt8JYCcoBAjF2M8ZiaxduZv6IK5Mt2XKEYRuHXkC85G7SIIxWnBzxfxBc6cNzh79JO20ZdAcgxNTNcchusNqd7pU9PmFhqIMP5X21apEv5-aYYJEKYIi8VJas6r-zmhMtzyGl4G249OTESzrdemTJw

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://63660938f67a3637d11923d5813dffce.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 15 Dec 2022 01:09:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 1FCD 80 KB
34 KB 225ms
122ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AyWwIB2j41Fb7-zd3NPXRjBFOpZrKzAJWSv6tHIALYxwuijKViBU23JvGMJKqmGtM_6UOvX6VEvNwObjeN3mLyQfMAi6Vl-Ckuy4nWOGVpaTQKe23axj2h4JdtGQq-rqIQBJkOWrgaeBpukumvBg5dX1GZSpWab2jStOnJ0ZcPK5NDbPs&cry=1&dbm_d=AKAmf-BMRSkxFMq2NwclizECFNWC8FEsXjRCO0NA0cxXVmJtXtmbiqPFcN-vVR8JL0pr2dxJE4_fU2sT-kkmJfVaf1PzDX4DbXKJEh61c6WMhUGicXlXmoE-Bv0d8onSl_PG4sIIqi_F8jJN5pTje9LVigyB87WFB7I3uC5aNzZsMcgZOagGhCTkX-t4hqtkJgblI3ge82OO0WAgeRCOxkkLvuEKnqkv7pp_qFK6uTE9ZOlqrWHDd5v-kMuZYDYiq-VerS-Y1PM5V5v-7YbNWwVnVlRvPju2pUH_1r5p5WKc9UvgaqYwQjybPoTlWYoNSCzmOzWi7P7p4EVTQm-w80NmoPMuwDCB1-wsuZiaEg_20zEjh0WcSNlW9CJ8xYZDNAa8wIX2Rx7WD8qJmgDT-RvFz1ofIsX4qVoM9-gdqA7sKQbNPmQHYZYKMjQUm9BQ5NsGC82QEV1tQFRa_yzAZrYBXdLLlPVccmYClCVRcJ0hLl-61mFrGMI3mVS4GqkUKDdETQu55op-h8OaGBfGCre9WLmWnGv2M1U9Ti1MOvRgsfPJFNgjzUMC6c9firxvikiDliyQi5dl1BLEIISU4_6iAo4yzN3fvh6XqmpcwMHCCi-hIsnwy3xNw-mADf_LkLm8XKO0n04e4bYEW3c2b7mp-IHakal-EiS_Z7qgDRJjlSeoRqQ-aH1OYRd9TcXVGtPw3__C7LSJ4HzJbn1irFMAbtvP4KC5EhcYbQo4bUridl0X2ljT9YMg1ZVyWvmuFUibhL3OTPrlfFREs2FjwgBrhep0N0WaNMoJisMRm26Vlb7rdlhc82NLxXde2VI7InFnbMgR4zUj3NZwnuM23LKP2xdthjuvupuHthwtGKsaV8eN3mZTkEQrY77nFbh9xSukikwh6pWenactnu-ZLbCa9jaExko5OIuyNWGF4ggpiryPSlbGTqfasw2zW5kmgrIf1PmibkX0Tq1qGQX8p0MukEJIITGkIEhTlImc_ywoZW-7jW7NE18mFI53wGc6CZPGhiaeDI_jL7ehsv2QEiS6On_GDnp7c368vcJP_-Xb_7FjE7IJThOl3Q2TEje8ZEsbjWEzhweONncf0qpV_k1PBxu_ZhZ2QZrVOtdSzjRqViYWKK2t22-F6SPBBcVrtwx2vvmBClU2UMLw_VTVDOGXXfEVOMKuNDKUVsBNOeJo2wEG6q20A5sGKZc1N3CAHVqU3Ea3Y51vkKB3z9SmJ8Df1_P0rA31oRHBSHnhwPa5RrLyS57OFZNQYG1YOv6EODpsnvKOzEuODWc05f2T0KQhMoGZa3g1ANbEVt3mzzTwjJlwodZdBnD1cloh8og-pFhC_vFiowqMxGNyOnU4uYINNo-5rxypM7DZrG20CV9ouiT7qFOI3UH6j8lRCNxRfPxp1c43zowYz2h4JXtv5HeiPS-oUV7RzHdv6FZDkyLtB-jpqbyyOjSeJQN8QAQRT5lBCoxlt575NXs_8xZAqtumZir7tLTSSfyRM9ljjPDjUSIfVmeob9i-HXEvQh99cMRg_8mAcdc-xpir7Zdc8VGbGTd8CVK5-dEHV99tDgJfVVkQzTSzBFGSiahWFrCXcnUkWIZSlLbZ35Zfrwne0wz4CKdIuxDLNSRXcp_Hht2tuOwo8hLBfm7_CXLTfFKt5PrxKws3RgdaQPJLbheJuvGWz0tgHUgRgeDcum_giwiwj6l_H6S7tYuwiA6CSr2vkhmLRJsIDyYbRR1QZXy3FnUSUx5RK0nzLcFwBdg2VnYFyDJ60T58guMPbYDs83YojOn0foWnzbnJPFFM5HcsOXzDf3Xfjvk9cY9xXRzyt2-B8cEBJE-nlTDdeE30nn8wKq30oqS2hjDq0qFGePCDtjMBAaJl8LsvaUveqeqV01L0dMYJwL8osBLYxAORUJDa4yw20uSHDw5zN2hjE3n1NKY2pIjhYQlephNRQpJyAnUJBP223JR0VLBmySdUR_v8I01HyJaxLE__AWz9Pdbmu6QeD8crlMJa9t2tx0yXqdFvjbe7wUY39zVBNrNtxGlButuPKH5X9UaYsKntGbrWzyk2Wpklor-ZRhb6VuBVDnAPXe1Hy1lp9xP0VR61q9s8p2I8tnu7ndL6f8IutPFgVDvrVjyPGW-4vDqyx1t1ptv_hsmuAjrhv41lIzpb8QmP1nFrMSLCInFTHgbHFcdbNoZdEplVOVg8cQHd8iVK2IhYjDSXrJF0JmjYWlcqGHDNXQF-lB7CMo-5jI_kDnWFTSqYpl-qxURmVyjm6PsOEcPpwF2rJ6DI_aPoaYMOtPVvvWPrcVQxBj54vEkSdMHhiKP386zATuS5TXUyOCkNVqyvQzFd4keU4zdPFqalIAh9rHv3aKOzfJ8nv2Je6mMd4nBpPeo6dgcKMqbBTpDIeFMfQg-I5iS5k2Nx9Bs-UdaqIwVYhbKcx3r970n1j1dcs5OmPXL8zDyoRncdJ-Yst00wRNwVLXLlzryIdELyfxRUYRv8NIDMpC9zll_3PfjIDJnsyTN6YP2FPP2totOezpFU3JTMin2aqaydt5-goRKo0ky4tNCDrsoBCoO-eUa3VLdaUVir6FariacfpvTA9Mp21uW97FyVKbk51wDdg_UeNyP2D0Go22mHuCdv7_pGvjfvmWAnF7juAF74g60G7Zs7WdXmJKI0FI4Rid1W7SIv0HRydj8gToGg7UPlmdRD31Z1YvGNIvq53ozA_5bwQ7Byf8KFRrmlR3gbznZ9rneC6fxEiMvBcillulkAPVp04MlZiUkFYmsdIMhUJhuG1gnODD6zv4yngvMCVB6V0dlRPwNMQSHzECRsW5vxrl1whqW3LL1HxudIMG24Efk2sGuVAFtwHc8zuHGuRU0gZkWjTnqoUwGUmVvBI2JecEiuZ0i2ojgZqR-KqKo88RRFhAH98IYNv7KHT9We-SWhkcFuzo7VRloxQYE9fyiIvGINBbhAuMjaupRz9SKa8Fcr0q9dVT7qWBQ2-IVTcXOHhj7IlAFfZ80sUnsibOEZZGaWzJ6tsmf6FtfVakNn1uYEvmkMwz7r_qJPBQ2qAuZ4bYdCwomb6g13ecoV9SkxS4Dw5K3m9HnCrCnMpwaktXmaWXvI8RQ8DaHW5GgHU7blmO9WKmev7GD0AMHLSmEjvjQV7Lh4M2bCFxUxHG1YiCSsuxmlWpQ-UijB9vOydHnw1e2sEZTwActRuHgTvtWW_1LV_EGF46iR-mT9DTXNmwRqx1wfJKPxp6YPaG5qp0qaDXVMJ_5mqe0TJYqJKvpeDjsRSAuLUpGo2Al9K2DuCBoMbFrWTd_KKs1oeihrGavh4kBymxmaejudE9ZRopfx4rJNuO-W4EdwNi4hOZuGN1uQDQ9H002JuQlGwI1W2Mf6aC_3rGM_K18Ebgep8iTPBCgtdjBPvdXJ1jU6DeT7GaM28TpTILAaxlfrRoboPv3XVYadLPR46ni2ezn7PvcpTyDa5yF3eqyT8uz00jl4vNt7kaNV9CQI9WQINzRPsrHZJ1flaUFty2UfSRFXPM5vF_ePU1ItaPauHuAZhDZWaHNuXtYyoWnOEmpE-5C7eHjcbz_Y80pZOC1Mx7aSLgIk5IlWU1-hjqyHmb3yRf9f19Af2drcbF3seU2Q4wbr-kFJoGb4u_ZQ8td7cRIkqlhmfCtoG2DneyRz1mJp3dXVYKFeFhbHD7agKTCECKQZqzSpKHs-unQOzM09kfObM7Y-oohhxmsZy7xEgPAfUc_y7SbDq5ujkK4rGZeXLZbvoyTWKO_dPqNQBBIbpN9QKd7A_AtBQH9tGGoVeebxG1u5HwpaVnuNn9ODzT5ovDtIijRSmOk5gjbMwf4yGu1GO9UPMgz7Gwg9UY_oZTAIc7AQJFJ_T_rON62wv3NTwEHqK25X3XDh_vKdueKBl0Tdrs3bYnJfQobOlU3FjeTMrmOspjhAOGqh78y__NRA1VCYrZuOPgbOjZLY0k70XrIxRxceSRNX3j2BQp6Dzv9q3Q&cid=CAQSPADq26N9lJLg7VxNs-dSZz-4U8NPiILjgHDY43R8_Yjh_trA_iLaFPp_G6aoUr8Tvk9n-qLA9FLgYeS-OBgBIBM&rfl=2%2Chttps%253A%252F%252Fbuhgalter.com.ua%252F%240

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

becc2f12fc16bcaccd2ab6df5adb333d2001488b3d49423dde53a688d3acc5d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://63660938f67a3637d11923d5813dffce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 01:09:51 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34715
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 1FCD 3 KB
1 KB 227ms
120ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://63660938f67a3637d11923d5813dffce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 21:17:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13939
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Dec 2022 21:17:32 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 1FCD 18 KB
7 KB 175ms
69ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://63660938f67a3637d11923d5813dffce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 22:04:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11102
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Dec 2022 22:04:49 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 1FCD 0
0 62ms
61ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRotWtjeNRd7fgTUyTqpCD7zLSg53rnQcNs2sfAohowCxAKqIqsAFwZMv77ewB0cIBe39YJHh8iMD8LH8UKkxVe1gj4bg
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://63660938f67a3637d11923d5813dffce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1FCD 153 KB
47 KB 169ms
65ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://63660938f67a3637d11923d5813dffce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 01:09:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 15 Dec 2022 01:09:51 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 1FCD 23 KB
9 KB 214ms
108ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://63660938f67a3637d11923d5813dffce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 08:26:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60225
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Dec 2022 08:26:06 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1FCD 42 B
107 B 194ms
88ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BXvIzT3bzLr3GpubotbJu-E_B3Z3YggP_WVfJukdOwjxpV4AxtLPYkeeA2lEUr_pfcfDAZ26kn9QVOa66HFKyFkPEUGKnukHDQC_SKIAhcJ4ZK6VE

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://63660938f67a3637d11923d5813dffce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 01:09:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 1254
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGLxJaf_7TMcsXhvJzCBFI4&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGLxJaf_7TMcsXhvJzCBFI4&google_cver=1&C=1

43 B
766 B

58ms
58ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGLxJaf_7TMcsXhvJzCBFI4&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJrvERDJ3dqUAxjk_bzBATAB&v=APEucNVPKINiO9iDfEpaCS0x6hoBsHUxDib-jBxCmiqkEkgKdUK4VH3OK1poZENYUZEkLGGrk8-AgT4UBbcTI6LhqdLHkAoY2XLivwe-t7ivTJe4UtAVRjGRbP9oBJy-Xsv_A47nsz88OPXYoNLxStuju02jC278Xnj84Vad4bUeaL0yqNFXqFY
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 15 Dec 2022 01:09:51 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Thu, 15 Dec 2022 01:09:51 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESEGLxJaf_7TMcsXhvJzCBFI4&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 1254
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y5pz3456teAAY4OSEXIGQwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGLxJaf_7TMcsXhvJzCBFI4&google_cver=1

43 B
766 B

58ms
58ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGLxJaf_7TMcsXhvJzCBFI4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJrvERDJ3dqUAxjk_bzBATAB&v=APEucNVPKINiO9iDfEpaCS0x6hoBsHUxDib-jBxCmiqkEkgKdUK4VH3OK1poZENYUZEkLGGrk8-AgT4UBbcTI6LhqdLHkAoY2XLivwe-t7ivTJe4UtAVRjGRbP9oBJy-Xsv_A47nsz88OPXYoNLxStuju02jC278Xnj84Vad4bUeaL0yqNFXqFY
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 15 Dec 2022 01:09:51 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 15 Dec 2022 01:09:51 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGLxJaf_7TMcsXhvJzCBFI4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 1254
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEEg59MCtO9qM6BPaaFjOFPo&google_cver=1

43 B
1016 B

99ms
55ms

Image
image/gif

185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEEg59MCtO9qM6BPaaFjOFPo&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJrvERDJ3dqUAxjk_bzBATAB&v=APEucNVPKINiO9iDfEpaCS0x6hoBsHUxDib-jBxCmiqkEkgKdUK4VH3OK1poZENYUZEkLGGrk8-AgT4UBbcTI6LhqdLHkAoY2XLivwe-t7ivTJe4UtAVRjGRbP9oBJy-Xsv_A47nsz88OPXYoNLxStuju02jC278Xnj84Vad4bUeaL0yqNFXqFY

Protocol

HTTP/1.1

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 15 Dec 2022 01:09:51 GMT
AN-X-Request-Uuid: 729bc37e-3714-49f9-84aa-507059b3a848
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 82.199.130.43; 82.199.130.43; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 15 Dec 2022 01:09:51 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEEg59MCtO9qM6BPaaFjOFPo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1254
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTA5MjM0NDk5NjcwMDY3NTQ3OA%3D%3D

170 B
188 B

184ms
68ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTA5MjM0NDk5NjcwMDY3NTQ3OA%3D%3D

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 01:09:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 15 Dec 2022 01:09:51 GMT
AN-X-Request-Uuid: cbf3102f-a374-49b9-886f-197343c9047b
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTA5MjM0NDk5NjcwMDY3NTQ3OA%3D%3D
Connection: keep-alive
X-Proxy-Origin: 82.199.130.43; 82.199.130.43; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 2FDD
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGLxJaf_7TMcsXhvJzCBFI4&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGLxJaf_7TMcsXhvJzCBFI4&google_cver=1&C=1

43 B
766 B

58ms
58ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGLxJaf_7TMcsXhvJzCBFI4&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJLb8f8CEPiFm4EDGN7SzdsBMAE&v=APEucNVIpNbFxY3XVgj0D6OW8APmq_G_DFt8JYCcoBAjF2M8ZiaxduZv6IK5Mt2XKEYRuHXkC85G7SIIxWnBzxfxBc6cNzh79JO20ZdAcgxNTNcchusNqd7pU9PmFhqIMP5X21apEv5-aYYJEKYIi8VJas6r-zmhMtzyGl4G249OTESzrdemTJw
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 15 Dec 2022 01:09:51 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Thu, 15 Dec 2022 01:09:51 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESEGLxJaf_7TMcsXhvJzCBFI4&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 2FDD
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y5pz32lSShwiiuUtlx.O.QAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGLxJaf_7TMcsXhvJzCBFI4&google_cver=1&google_hm=2

43 B
894 B

58ms
57ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGLxJaf_7TMcsXhvJzCBFI4&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJLb8f8CEPiFm4EDGN7SzdsBMAE&v=APEucNVIpNbFxY3XVgj0D6OW8APmq_G_DFt8JYCcoBAjF2M8ZiaxduZv6IK5Mt2XKEYRuHXkC85G7SIIxWnBzxfxBc6cNzh79JO20ZdAcgxNTNcchusNqd7pU9PmFhqIMP5X21apEv5-aYYJEKYIi8VJas6r-zmhMtzyGl4G249OTESzrdemTJw
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 15 Dec 2022 01:09:51 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 15 Dec 2022 01:09:51 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGLxJaf_7TMcsXhvJzCBFI4&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 2FDD
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEEg59MCtO9qM6BPaaFjOFPo&google_cver=1

43 B
1016 B

100ms
56ms

Image
image/gif

185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEEg59MCtO9qM6BPaaFjOFPo&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJLb8f8CEPiFm4EDGN7SzdsBMAE&v=APEucNVIpNbFxY3XVgj0D6OW8APmq_G_DFt8JYCcoBAjF2M8ZiaxduZv6IK5Mt2XKEYRuHXkC85G7SIIxWnBzxfxBc6cNzh79JO20ZdAcgxNTNcchusNqd7pU9PmFhqIMP5X21apEv5-aYYJEKYIi8VJas6r-zmhMtzyGl4G249OTESzrdemTJw

Protocol

HTTP/1.1

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 15 Dec 2022 01:09:51 GMT
AN-X-Request-Uuid: fc3db587-b30e-4205-b126-bba4e52c564c
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 82.199.130.43; 82.199.130.43; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 15 Dec 2022 01:09:51 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEEg59MCtO9qM6BPaaFjOFPo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2FDD
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTA5MjM0NDk5NjcwMDY3NTQ3OA%3D%3D

170 B
188 B

182ms
67ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTA5MjM0NDk5NjcwMDY3NTQ3OA%3D%3D

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 01:09:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 15 Dec 2022 01:09:51 GMT
AN-X-Request-Uuid: 1310d6e3-e953-406e-9133-efd3a851bc3c
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTA5MjM0NDk5NjcwMDY3NTQ3OA%3D%3D
Connection: keep-alive
X-Proxy-Origin: 82.199.130.43; 82.199.130.43; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 95F3 30 KB
11 KB 166ms
56ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CwtBApcGdTXyGDkL2ZY1MFlKU6JOEC572KBcO0ljrVHpLm47NjuTq4pOSJ2M03w_O4vzpchkpbVLTHLQgTeQPnuaLWGQ&cry=1&dbm_d=AKAmf-CbyEGTZJQitA2wQEoXttjWhhfNO_du42LYe0TGg6ZEzZp1kIQK62bwOVw5jbxRwF9HpeRTDmUrEba6OJ4Vjd9MUoPT-pL0WO0XN9xx2XHazn230H1wR7ef2SaA1KA8HWvwK4_ZnbJ1prdWipjBhIn3HBsUMOI4P7EIoFllrFHUrg0vrFJDa8G3IC1qOTVHvUvp_hrhuABdMEEmGGg2-ZrICI27XWhQ7NXW8D3Z87r-4L9sE4wawGsX_c446LqQI1OMy4SQ7OL7tA4xAudkQTjoQTV4Xe66UXHsbouMKb5HLI7I_cI2IQKgDNbDEh8JNb6KnXAo9-cumipIJe8L3b_kmuxOx86M5hWTkVAYbTlaFQHTLaLZclA7iIqbil_ebI14gQ-UXMG-I1GuZCOtHyfE4QNlfmDoA6zug33pHwxR5pad52krmymShXAUXkZP3bmUUG86YeL32icuqmtoTdh8RkHPgNdkAiU1mWjyylrmCjs1mdV8dv6wWrceHoyt0scH6Lp7zr4cfw7f7urFHK5Y2HOizAycPNV6j_b17HPSub3FVTORa0wTDW2YCX0dAFU_0yesyrV0CNebFnmQrNgxf08PvynqrYbvlOEOJ35tmYzf5mgoxtTX3ZUWym4RwTnEVKQpMDa2CFpxsgFg0-UHbDngl5EmvydoWLpkV85E_sR4Nu4vCdncWh_A4ER-MuF-Nv0HcLf-LRE4XA4UjRHjMpvbkyoqMPO9P7AfHTVJVZTZ4AY7bpUQMphw4dwHG_STQ6u88eCCs3p1Xm2coAdQ2M35ebOZuczy_pI5oAklc4wuQ7yl8wWHgF-vndKv3-m5cdgvDS7edIfrfUxbY9sZdicUmg4BIixZ7stfdS2-pO3N0XIyIyYai-IMCdjDdcjy4WBWP78yWq1STnjVx7oj9t4sTF4XSy-DIFg42EEIfE52Vr7pNZNUavIpDELo5J9QvXYT4RewCVZHlCITAWH4_5Gf1df_pUxwyGxolpdba04X7Zzu86g8Mmzz_uRzUkuMyViPawm2GKJuWDUgVH_XIJncVmfu4uo3Up93-E1kaR_DnpzmJVAbKDbn1zHZjRmH1wT-Op0kuRtfpd_fyvwLNRCtCndPmyYJazSvhsvmMJgtkHB0DX-OFN0jbOxiQZnpaegb_tYg7pHUOoMd11u4497VeZw8tldDo5ddkwvVAqZ163jTZlbdNA43Wu9Sjm_qxSHeg6X_-uNzqMCjwKOV_UTDBHbKSYLJjt9FFjTAiRC9yp_dsv3nmX2k77Q1ccCTx9bDOXRee3KQMFmL02CaX0BPq7P5ZHa9hLHH9ckVzzTeaEtcPVMWVGJq-bYbepMmm-oqI_v-WkSKWS7HdisD9LUrclFpEV2xo_Ar0NlJqsIofQFIxwgf3vkf7uU4xeBK7E8zgKkfHM_NzFR6cH4uGKeBvF-rF8IbdBhntcF94PIhyF8GbaEgn4TAMuFVCgR3NtAmZs1g3_wqU3XhLdqjy9wC7BjP57jWCceTSaPn-9J0Wo4fNx4ZCrLPEu8KMzHUX13Oi-rHhnP5Z6jZxkbocC5rQ5pNCfDitp1U_Mbj5rD2IB04boSjrjA_eJgZ4DdsgR6CRn85AwRQYbV-zjo4UDv59ajZfPWUsIIaf4XIVb5R0MEsHSW88PdR7cyUblAib_25Hj3rqo0QpdQt0hpKIu0CY7Htd2646wvEduFjd4hZtSEPJFks06TsqA_LnNkK4W2G8xSpuaWvdZ7ltthtq4lw73gTt6Jt1G7Hw61Z9lctmtRnew4gKNOiRla47wlksBsjLTE6-pCqHjZF0-VOt0rCiroRcQw8M78tyTePNEYY6xNkJR2SyBN7twmJVCAEMhFgk4a2w8JuBHMH747rrw2NLVl-zlN6lKVP-qKVUtg595XSWWRToJhDo8mYY2vxA6CsuEv02ozQZJbOJgtDUr6mvx4rbvdCYZAZm-IVfRn_3PLNf8q9wOsgYyhICziEisIKTP_eCbcNijEKk0FxnV6N0b6-5ttdctFMzG0dJxkGO4fnSr1PNS00ANlizc1bv9iOlb13OMwZ5c3rJ5z4z3XT7T77vXsl1D237MepkG0hgksg3VgDN1cFUnOSS4PZDECJxZTynzqdW2oa_oxPmFWo8SLYmvR7-B8PIBi1trcOANpstJ0iIjXzCalh0cDFbODCTWAwPQaSGkT5nvyifquWm7eNp40L76UeUBlowiQFApwERiZqIRxdcakg3BeTFZ-Mi40PzvPjE6CIoKiQlfHT3xzU38cue8vzZoSfQQ4P7rwgwkWTxKKkCzMy-SWg9Hce3d6matgoflUd6xa4gHcXPqnUa0dosGee093I8Ych91dL-jCkRrl1y3X9R4fx_5YM_2sugyCPfU2ESt03nx9ooDVWHEtzFdw__bjp5JGHCwaAmBxgcudisqLq4cEq1LFW1M2G11P_dCvsABSsEKPJG5NRHBLs_1VOTZ8eXt3wKHQI1KriGzrAwkVGX70UamO8tvPdFKuqzPyRAJWSO62pnYHr7eAI8k5b_Yxs9SFi_2JSGxjQNAV3jh-z-qXtaBuHTvJrOhZy6y6wYUnAXEcs9Ztgcl5lsKbtPC3xgqP1G0RK7zWlOC-GLz70iI4GN3AAcx0X1gCGa3c6AIDfKdY_y7W7kUBfxu2HNq-vrRJPRL8tyeWY_wU4oLwJ6FvL6NJFhoC4LPtpE4JX03XHKwruSSwz9y4xv9wkNvCyeSjfxaRzhhYGSLt20N_3sAM4UA4vZGZoP9EpYz7fIzBYTKPh9riqWaAwerjpuY0-r1hpdJbm_gMx5DjjKbo5x1SvqUxNBBi9lRrJHNf1vzMH6VNbsXyUtlJWAkMuhd5ulshD5d05pgOQiaGtvbRvdiB1IElsqsFRrdK_sQSkNnKSqUI6UCRyyZriDfee7RrrdBOKufqVyWKUOflmQpRLVTqHn7vRPw_N5ZL_-SC8Ys-1W9u7pzVNPh2ehqQIIo2r3_i9hiG17B1_P2ogbwO0kzg6uo4g4gDkVIYMdMcpzdrNL27yWkkfnaRKosjHKJTNiVNHSHYcTEsxM41Tbpec96UgLiLC9gzACpvwVfhByQIS6zZ4rsV2y0gX1GO1nOH-SCXpu3okTw6oz_Z9WBv4JQxIiXAo4hJ1DE6JbEOuNOTk2jka8pupiZeN0C2SMWuS0JDI1V-x56P1IAC_Xgwy5MgUT7ov-f88ylxFsCk9E66DGsiqs2QcYKcsZTgAdr3V94xHprHqlNPr0UMEyb2_gQ9_MfMFUGtQG1OAxR4-hLeP1LnpP06IqM23-ODkhyO1FCqfXfwB-uxQKaO6f1yzoTju-rkFQyO6UpvJfGGQMwPERe1sZbdpn4SpV9Y8EdPXJkcFE7dAxZ__XiVGAffJ78HSvEeIV9fvb7cyu-oUiVwVMlTAbxNMkrdlP4ELH5iEY-P2SRY3zu5rqJ5e4GnoXL_XVaFQlGbVLg2jBeBpNchrWTgQ_YwZLDSvlaZHtrzGZAjId3WvtRK5n6zQVtd4z5aBk969obxmroPIFHwbYrqTVt2z0GRDCQi3Y0nf2BLB8EeXLWsjUIavtvTxZ0cicpR4AIbP&cid=CAQSPADq26N9lJLg7VxNs-dSZz-4U8NPiILjgHDY43R8_Yjh_trA_iLaFPp_G6aoUr8Tvk9n-qLA9FLgYeS-OBgBIBM&rfl=1%2Chttps%253A%252F%252Fbuhgalter.com.ua%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4d60e53476012ab254ca2f3f479903a6be9ead3cb39a9ea353c51ec75c618c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://63660938f67a3637d11923d5813dffce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 09:27:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56551
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11387
x-xss-protection: 0
server: cafe
etag: 8197878782792770439
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Dec 2022 09:27:20 GMT

GET
H2 200 14326495692031233630
s0.2mdn.net/simgad/ Frame 95F3 23 KB
24 KB 205ms
57ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/14326495692031233630

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

251ef24a03bbd337691ac5091b17ecaa8ca0f3c3fd7ad895aa86cdd057c9f954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://63660938f67a3637d11923d5813dffce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 18:08:53 GMT
x-content-type-options: nosniff
age: 457258
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23619
x-xss-protection: 0
last-modified: Fri, 22 Jul 2022 14:43:18 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 09 Dec 2023 18:08:53 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/ Frame 95F3 8 KB
3 KB 190ms
81ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://63660938f67a3637d11923d5813dffce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 12:41:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44887
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2986
x-xss-protection: 0
server: cafe
etag: 3296546412363819624
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Dec 2022 12:41:44 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 95F3 0
0 230ms
102ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstZs2jBKu40kdNeks7fFO3WKX6nY2tsXGdAF8dZnzpFkyUpJ-ziVz7__sZMtKZCQIffPzjquVaqf7XLEL53V4RO2regW_u3ABnyL2-fs6vy11Fs_pChBxxjBVLANfpLqABF8mncaBDwhxien60exesLkLYxrih5uaB1KYMk6hjyDI9VMpE3n7bCzFJXYXyQEVtKoMTqatbfwhp-IzX9Bzv0q9QYmZqOhMQfhRUnZ0p3w3UIUmJYZnFU4Zms8WiWfzITxPtb6SQ-U4SLMl-M2W9VZeIStVtEhDxGwWg_OzaJJ9BlAE0F07l2xrxCrJsWbTtfO5rN1VsyNoNFc3slJZr7dVbqG7eL3oWavOzLtmPnqkkB-W6T_bpIyBUUgIyonddEEmYNQ85QUqzDeZ4YmrfGxnIAafknihleKVML_JrY56c9OpwZVRBozUAvQ2Izhr964V5uzq0t7CNZoSsDqO6qc38KPpp_qURrqmZxeGN4qyr4FJbbsv_S-0fMjIqZ_FijTWYaDBSsqQraSBUWVEntmjkXQG4nL2Y4UEQBhWMyYu_vw0XNu8HZunZJE6xsropWNjZDAMFQ101W2Y2ozUleqaQG8s19JDaZbIgecvyENbzq-Rl3YFG2-gRGdAbFC3SVnY1rv0napmKFOFHYApkT5MNZwPxJBYsZmSogQW9ZHVmd8F-Ji_UTcflsG6gE8MZweNm5-irXroFYng5Nm4geBjLZcd7TMOZkIlzPXuNHtFB8_g-eMQjMP781crJugk_glhvm3iLMEjHYn6nWzN8RhzyxApElUYCJG9d0yJOu8X7ccvYXS55jjXn1cw9HkW5idmiDD88JWOuuHL-2z-OnZQMDnLHeKQNU2cYNjDebjyzcfsjRIaHDAQ58gMP_ETRUunhTW6bxtgK6nCr9sBjL-RMs3X28WmJoZd7yKetAtVb_-N_MexswAxbuD2B1dhMAP7xGE7pd0hKUfk5KzJw5lF1YKnjIbxf16pjzwzamWYalNFrdvTmlpe7856X10lXtzMRAyHcw8QggOIzZ1zl872GOq7xH0apwWXCQv-vLwG9bIQNKNpaLW4FjxePUlAAndcWZW90q-KDq9EFEIN7TvZ1-EHfcXwnKUSBQfcxN1s2U3fcBsyl8oCLDx0GStbVYffp3iqTM_iwyGjnlwegyCkMYbAhWnUZ21ocfq0jiiwMGGv9SNE5aCLys_uzl2yP4xLcd8SaU0IjdUGWMpEV2NW4_0R-wlnLU0MRvMWuXehtgHx2s&sai=AMfl-YR3VHoa_Io2qmQsmj1UEK-5LqXZAcPP1G_cHkW2lqgpRjNQAoA-CD2IaHRsgXSOcffWNW0O9KU-WrSpY6CQ3RpPXcd9KyYSdVch4GnyKyFjgqpq7PLqgIA239CaRwKNL5P-QOvlxEtyVUxcxHOkkjSkD6MONE0aSe4iyZEloxKftVNoEpwaUVBEQxoFs2PtheP7gBJcZKkAysDPjBoX7c6ou6rXcN17Dqx96OA6pooP9DC4q0XB6Gy6VUcumjXafU2h7RNg8DFjHw&sig=Cg0ArKJSzAYsTy9whKJFEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20221207.58772&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://63660938f67a3637d11923d5813dffce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 15 Dec 2022 01:09:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 15 Dec 2022 01:09:51 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 95F3 41 KB
15 KB 170ms
54ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://63660938f67a3637d11923d5813dffce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 07:06:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 497006
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Dec 2023 07:06:25 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 1FCD 106 KB
38 KB 185ms
56ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://63660938f67a3637d11923d5813dffce.safeframe.googlesyndication.com/
Origin: https://63660938f67a3637d11923d5813dffce.safeframe.googlesyndication.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 10:10:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53941
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 15 Dec 2022 10:10:50 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/ Frame 1FCD 8 KB
3 KB 168ms
78ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AyWwIB2j41Fb7-zd3NPXRjBFOpZrKzAJWSv6tHIALYxwuijKViBU23JvGMJKqmGtM_6UOvX6VEvNwObjeN3mLyQfMAi6Vl-Ckuy4nWOGVpaTQKe23axj2h4JdtGQq-rqIQBJkOWrgaeBpukumvBg5dX1GZSpWab2jStOnJ0ZcPK5NDbPs&cry=1&dbm_d=AKAmf-BMRSkxFMq2NwclizECFNWC8FEsXjRCO0NA0cxXVmJtXtmbiqPFcN-vVR8JL0pr2dxJE4_fU2sT-kkmJfVaf1PzDX4DbXKJEh61c6WMhUGicXlXmoE-Bv0d8onSl_PG4sIIqi_F8jJN5pTje9LVigyB87WFB7I3uC5aNzZsMcgZOagGhCTkX-t4hqtkJgblI3ge82OO0WAgeRCOxkkLvuEKnqkv7pp_qFK6uTE9ZOlqrWHDd5v-kMuZYDYiq-VerS-Y1PM5V5v-7YbNWwVnVlRvPju2pUH_1r5p5WKc9UvgaqYwQjybPoTlWYoNSCzmOzWi7P7p4EVTQm-w80NmoPMuwDCB1-wsuZiaEg_20zEjh0WcSNlW9CJ8xYZDNAa8wIX2Rx7WD8qJmgDT-RvFz1ofIsX4qVoM9-gdqA7sKQbNPmQHYZYKMjQUm9BQ5NsGC82QEV1tQFRa_yzAZrYBXdLLlPVccmYClCVRcJ0hLl-61mFrGMI3mVS4GqkUKDdETQu55op-h8OaGBfGCre9WLmWnGv2M1U9Ti1MOvRgsfPJFNgjzUMC6c9firxvikiDliyQi5dl1BLEIISU4_6iAo4yzN3fvh6XqmpcwMHCCi-hIsnwy3xNw-mADf_LkLm8XKO0n04e4bYEW3c2b7mp-IHakal-EiS_Z7qgDRJjlSeoRqQ-aH1OYRd9TcXVGtPw3__C7LSJ4HzJbn1irFMAbtvP4KC5EhcYbQo4bUridl0X2ljT9YMg1ZVyWvmuFUibhL3OTPrlfFREs2FjwgBrhep0N0WaNMoJisMRm26Vlb7rdlhc82NLxXde2VI7InFnbMgR4zUj3NZwnuM23LKP2xdthjuvupuHthwtGKsaV8eN3mZTkEQrY77nFbh9xSukikwh6pWenactnu-ZLbCa9jaExko5OIuyNWGF4ggpiryPSlbGTqfasw2zW5kmgrIf1PmibkX0Tq1qGQX8p0MukEJIITGkIEhTlImc_ywoZW-7jW7NE18mFI53wGc6CZPGhiaeDI_jL7ehsv2QEiS6On_GDnp7c368vcJP_-Xb_7FjE7IJThOl3Q2TEje8ZEsbjWEzhweONncf0qpV_k1PBxu_ZhZ2QZrVOtdSzjRqViYWKK2t22-F6SPBBcVrtwx2vvmBClU2UMLw_VTVDOGXXfEVOMKuNDKUVsBNOeJo2wEG6q20A5sGKZc1N3CAHVqU3Ea3Y51vkKB3z9SmJ8Df1_P0rA31oRHBSHnhwPa5RrLyS57OFZNQYG1YOv6EODpsnvKOzEuODWc05f2T0KQhMoGZa3g1ANbEVt3mzzTwjJlwodZdBnD1cloh8og-pFhC_vFiowqMxGNyOnU4uYINNo-5rxypM7DZrG20CV9ouiT7qFOI3UH6j8lRCNxRfPxp1c43zowYz2h4JXtv5HeiPS-oUV7RzHdv6FZDkyLtB-jpqbyyOjSeJQN8QAQRT5lBCoxlt575NXs_8xZAqtumZir7tLTSSfyRM9ljjPDjUSIfVmeob9i-HXEvQh99cMRg_8mAcdc-xpir7Zdc8VGbGTd8CVK5-dEHV99tDgJfVVkQzTSzBFGSiahWFrCXcnUkWIZSlLbZ35Zfrwne0wz4CKdIuxDLNSRXcp_Hht2tuOwo8hLBfm7_CXLTfFKt5PrxKws3RgdaQPJLbheJuvGWz0tgHUgRgeDcum_giwiwj6l_H6S7tYuwiA6CSr2vkhmLRJsIDyYbRR1QZXy3FnUSUx5RK0nzLcFwBdg2VnYFyDJ60T58guMPbYDs83YojOn0foWnzbnJPFFM5HcsOXzDf3Xfjvk9cY9xXRzyt2-B8cEBJE-nlTDdeE30nn8wKq30oqS2hjDq0qFGePCDtjMBAaJl8LsvaUveqeqV01L0dMYJwL8osBLYxAORUJDa4yw20uSHDw5zN2hjE3n1NKY2pIjhYQlephNRQpJyAnUJBP223JR0VLBmySdUR_v8I01HyJaxLE__AWz9Pdbmu6QeD8crlMJa9t2tx0yXqdFvjbe7wUY39zVBNrNtxGlButuPKH5X9UaYsKntGbrWzyk2Wpklor-ZRhb6VuBVDnAPXe1Hy1lp9xP0VR61q9s8p2I8tnu7ndL6f8IutPFgVDvrVjyPGW-4vDqyx1t1ptv_hsmuAjrhv41lIzpb8QmP1nFrMSLCInFTHgbHFcdbNoZdEplVOVg8cQHd8iVK2IhYjDSXrJF0JmjYWlcqGHDNXQF-lB7CMo-5jI_kDnWFTSqYpl-qxURmVyjm6PsOEcPpwF2rJ6DI_aPoaYMOtPVvvWPrcVQxBj54vEkSdMHhiKP386zATuS5TXUyOCkNVqyvQzFd4keU4zdPFqalIAh9rHv3aKOzfJ8nv2Je6mMd4nBpPeo6dgcKMqbBTpDIeFMfQg-I5iS5k2Nx9Bs-UdaqIwVYhbKcx3r970n1j1dcs5OmPXL8zDyoRncdJ-Yst00wRNwVLXLlzryIdELyfxRUYRv8NIDMpC9zll_3PfjIDJnsyTN6YP2FPP2totOezpFU3JTMin2aqaydt5-goRKo0ky4tNCDrsoBCoO-eUa3VLdaUVir6FariacfpvTA9Mp21uW97FyVKbk51wDdg_UeNyP2D0Go22mHuCdv7_pGvjfvmWAnF7juAF74g60G7Zs7WdXmJKI0FI4Rid1W7SIv0HRydj8gToGg7UPlmdRD31Z1YvGNIvq53ozA_5bwQ7Byf8KFRrmlR3gbznZ9rneC6fxEiMvBcillulkAPVp04MlZiUkFYmsdIMhUJhuG1gnODD6zv4yngvMCVB6V0dlRPwNMQSHzECRsW5vxrl1whqW3LL1HxudIMG24Efk2sGuVAFtwHc8zuHGuRU0gZkWjTnqoUwGUmVvBI2JecEiuZ0i2ojgZqR-KqKo88RRFhAH98IYNv7KHT9We-SWhkcFuzo7VRloxQYE9fyiIvGINBbhAuMjaupRz9SKa8Fcr0q9dVT7qWBQ2-IVTcXOHhj7IlAFfZ80sUnsibOEZZGaWzJ6tsmf6FtfVakNn1uYEvmkMwz7r_qJPBQ2qAuZ4bYdCwomb6g13ecoV9SkxS4Dw5K3m9HnCrCnMpwaktXmaWXvI8RQ8DaHW5GgHU7blmO9WKmev7GD0AMHLSmEjvjQV7Lh4M2bCFxUxHG1YiCSsuxmlWpQ-UijB9vOydHnw1e2sEZTwActRuHgTvtWW_1LV_EGF46iR-mT9DTXNmwRqx1wfJKPxp6YPaG5qp0qaDXVMJ_5mqe0TJYqJKvpeDjsRSAuLUpGo2Al9K2DuCBoMbFrWTd_KKs1oeihrGavh4kBymxmaejudE9ZRopfx4rJNuO-W4EdwNi4hOZuGN1uQDQ9H002JuQlGwI1W2Mf6aC_3rGM_K18Ebgep8iTPBCgtdjBPvdXJ1jU6DeT7GaM28TpTILAaxlfrRoboPv3XVYadLPR46ni2ezn7PvcpTyDa5yF3eqyT8uz00jl4vNt7kaNV9CQI9WQINzRPsrHZJ1flaUFty2UfSRFXPM5vF_ePU1ItaPauHuAZhDZWaHNuXtYyoWnOEmpE-5C7eHjcbz_Y80pZOC1Mx7aSLgIk5IlWU1-hjqyHmb3yRf9f19Af2drcbF3seU2Q4wbr-kFJoGb4u_ZQ8td7cRIkqlhmfCtoG2DneyRz1mJp3dXVYKFeFhbHD7agKTCECKQZqzSpKHs-unQOzM09kfObM7Y-oohhxmsZy7xEgPAfUc_y7SbDq5ujkK4rGZeXLZbvoyTWKO_dPqNQBBIbpN9QKd7A_AtBQH9tGGoVeebxG1u5HwpaVnuNn9ODzT5ovDtIijRSmOk5gjbMwf4yGu1GO9UPMgz7Gwg9UY_oZTAIc7AQJFJ_T_rON62wv3NTwEHqK25X3XDh_vKdueKBl0Tdrs3bYnJfQobOlU3FjeTMrmOspjhAOGqh78y__NRA1VCYrZuOPgbOjZLY0k70XrIxRxceSRNX3j2BQp6Dzv9q3Q&cid=CAQSPADq26N9lJLg7VxNs-dSZz-4U8NPiILjgHDY43R8_Yjh_trA_iLaFPp_G6aoUr8Tvk9n-qLA9FLgYeS-OBgBIBM&rfl=2%2Chttps%253A%252F%252Fbuhgalter.com.ua%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://63660938f67a3637d11923d5813dffce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 12:41:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44887
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2986
x-xss-protection: 0
server: cafe
etag: 3296546412363819624
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Dec 2022 12:41:44 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 1FCD 30 KB
11 KB 139ms
54ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4d60e53476012ab254ca2f3f479903a6be9ead3cb39a9ea353c51ec75c618c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://63660938f67a3637d11923d5813dffce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 09:27:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56551
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11387
x-xss-protection: 0
server: cafe
etag: 8197878782792770439
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Dec 2022 09:27:20 GMT

POST
H/1.1 204
No Content multitracking Show response
ghb.adtelligent.com/adunit/ 0
227 B 89ms
88ms XHR
text/plain 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/adunit/multitracking
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19341/hbw_release_299506_4371.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://buhgalter.com.ua
Date: Thu, 15 Dec 2022 01:09:50 GMT
Access-Control-Allow-Credentials: true
Server: Adtelligent
Connection: Keep-Alive
X-Robots-Tag: noindex

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 0E20 1 KB
643 B 54ms
53ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 63660938f67a3637d11923d5813dffce.safeframe.googlesyndication.com
URL: https://63660938f67a3637d11923d5813dffce.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://63660938f67a3637d11923d5813dffce.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 41071
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 14 Dec 2022 13:45:20 GMT
etag: 48472445140208031
expires: Thu, 15 Dec 2022 13:45:20 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 95F3 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9d3d2dd6ad732e495ac974bd642bb3f1caa6c62b19ea2dae20ede5d7a2fb06cc

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 1FCD 41 KB
15 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 63660938f67a3637d11923d5813dffce.safeframe.googlesyndication.com
URL: https://63660938f67a3637d11923d5813dffce.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://63660938f67a3637d11923d5813dffce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 07:06:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 497006
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Dec 2023 07:06:25 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 9128 1 KB
643 B 54ms
53ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 63660938f67a3637d11923d5813dffce.safeframe.googlesyndication.com
URL: https://63660938f67a3637d11923d5813dffce.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://63660938f67a3637d11923d5813dffce.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 41071
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 14 Dec 2022 13:45:20 GMT
etag: 48472445140208031
expires: Thu, 15 Dec 2022 13:45:20 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 1FCD 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 66fd61cb73f512d08cc001e8e0e38fdbf56ed1e3fc309dcf35f63ebb281cd6bc

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 6532 22 KB
8 KB 54ms
53ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://63660938f67a3637d11923d5813dffce.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 363877
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 10 Dec 2022 20:05:14 GMT
expires: Sun, 10 Dec 2023 20:05:14 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 95F3 0
0 202ms
92ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstZs2jBKu40kdNeks7fFO3WKX6nY2tsXGdAF8dZnzpFkyUpJ-ziVz7__sZMtKZCQIffPzjquVaqf7XLEL53V4RO2regW_u3ABnyL2-fs6vy11Fs_pChBxxjBVLANfpLqABF8mncaBDwhxien60exesLkLYxrih5uaB1KYMk6hjyDI9VMpE3n7bCzFJXYXyQEVtKoMTqatbfwhp-IzX9Bzv0q9QYmZqOhMQfhRUnZ0p3w3UIUmJYZnFU4Zms8WiWfzITxPtb6SQ-U4SLMl-M2W9VZeIStVtEhDxGwWg_OzaJJ9BlAE0F07l2xrxCrJsWbTtfO5rN1VsyNoNFc3slJZr7dVbqG7eL3oWavOzLtmPnqkkB-W6T_bpIyBUUgIyonddEEmYNQ85QUqzDeZ4YmrfGxnIAafknihleKVML_JrY56c9OpwZVRBozUAvQ2Izhr964V5uzq0t7CNZoSsDqO6qc38KPpp_qURrqmZxeGN4qyr4FJbbsv_S-0fMjIqZ_FijTWYaDBSsqQraSBUWVEntmjkXQG4nL2Y4UEQBhWMyYu_vw0XNu8HZunZJE6xsropWNjZDAMFQ101W2Y2ozUleqaQG8s19JDaZbIgecvyENbzq-Rl3YFG2-gRGdAbFC3SVnY1rv0napmKFOFHYApkT5MNZwPxJBYsZmSogQW9ZHVmd8F-Ji_UTcflsG6gE8MZweNm5-irXroFYng5Nm4geBjLZcd7TMOZkIlzPXuNHtFB8_g-eMQjMP781crJugk_glhvm3iLMEjHYn6nWzN8RhzyxApElUYCJG9d0yJOu8X7ccvYXS55jjXn1cw9HkW5idmiDD88JWOuuHL-2z-OnZQMDnLHeKQNU2cYNjDebjyzcfsjRIaHDAQ58gMP_ETRUunhTW6bxtgK6nCr9sBjL-RMs3X28WmJoZd7yKetAtVb_-N_MexswAxbuD2B1dhMAP7xGE7pd0hKUfk5KzJw5lF1YKnjIbxf16pjzwzamWYalNFrdvTmlpe7856X10lXtzMRAyHcw8QggOIzZ1zl872GOq7xH0apwWXCQv-vLwG9bIQNKNpaLW4FjxePUlAAndcWZW90q-KDq9EFEIN7TvZ1-EHfcXwnKUSBQfcxN1s2U3fcBsyl8oCLDx0GStbVYffp3iqTM_iwyGjnlwegyCkMYbAhWnUZ21ocfq0jiiwMGGv9SNE5aCLys_uzl2yP4xLcd8SaU0IjdUGWMpEV2NW4_0R-wlnLU0MRvMWuXehtgHx2s&sai=AMfl-YR3VHoa_Io2qmQsmj1UEK-5LqXZAcPP1G_cHkW2lqgpRjNQAoA-CD2IaHRsgXSOcffWNW0O9KU-WrSpY6CQ3RpPXcd9KyYSdVch4GnyKyFjgqpq7PLqgIA239CaRwKNL5P-QOvlxEtyVUxcxHOkkjSkD6MONE0aSe4iyZEloxKftVNoEpwaUVBEQxoFs2PtheP7gBJcZKkAysDPjBoX7c6ou6rXcN17Dqx96OA6pooP9DC4q0XB6Gy6VUcumjXafU2h7RNg8DFjHw&sig=Cg0ArKJSzAYsTy9whKJFEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=284&vt=11&dtpt=283&dett=2&cstd=0&cisv=r20221207.58772&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://63660938f67a3637d11923d5813dffce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 01:09:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 15 Dec 2022 01:09:51 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 0E20 0
103 B 244ms
95ms Image
text/plain 2a02:fa8:8806:13::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEHdCm287k3nU9fisBWgWpkI&google_cver=1&google_push=ASkJ3Fa_EYcCMulCtLtHbb4dk0cAmJsiyN2COnCBk9GlG_-IUjBPTYOEInwWDusyjn36MDhj2YJw1vhkyoI-VXzr1Edmk4jWI6YEGw
Requested by: Host: 63660938f67a3637d11923d5813dffce.safeframe.googlesyndication.com
URL: https://63660938f67a3637d11923d5813dffce.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 01:09:51 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 0E20
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEMYWvnCIr8d8yB1ufMqwRLE&google_cver=1&google_push=ASkJ3FZm5s-ixI0JM5IUk_7Y2R9t8D35-eah3elqbk0A30zNLSpLFSWSRezyTUkf3V3qZegx6y9jvknpClWz8JIdgABtMbYLhRQ2&...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMYWvnCIr8d8yB1ufMqwRLE&google_cver=1&google_push=ASkJ3FZm5s-ixI0JM5IUk_7Y2R9t8D35-eah3elqbk0A30zNLSpLFSWSRezyTUkf3V3qZegx6y9jvknpClWz8JIdgABtMbYLhRQ...

43 B
444 B

202ms
192ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMYWvnCIr8d8yB1ufMqwRLE&google_cver=1&google_push=ASkJ3FZm5s-ixI0JM5IUk_7Y2R9t8D35-eah3elqbk0A30zNLSpLFSWSRezyTUkf3V3qZegx6y9jvknpClWz8JIdgABtMbYLhRQ2&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DASkJ3FZm5s-ixI0JM5IUk_7Y2R9t8D35-eah3elqbk0A30zNLSpLFSWSRezyTUkf3V3qZegx6y9jvknpClWz8JIdgABtMbYLhRQ2%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 01:09:52 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 779b4bd7bde3dcbf-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 15 Dec 2022 01:09:51 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 2124
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMYWvnCIr8d8yB1ufMqwRLE&google_cver=1&google_push=ASkJ3FZm5s-ixI0JM5IUk_7Y2R9t8D35-eah3elqbk0A30zNLSpLFSWSRezyTUkf3V3qZegx6y9jvknpClWz8JIdgABtMbYLhRQ2&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DASkJ3FZm5s-ixI0JM5IUk_7Y2R9t8D35-eah3elqbk0A30zNLSpLFSWSRezyTUkf3V3qZegx6y9jvknpClWz8JIdgABtMbYLhRQ2%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 779b4bd67d01dcbf-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0E20
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEN5fNXu2VP7Q5TODGxZd3g0&google_push=ASkJ3FYi97j9DmAsF0wXw9FkyJ5XafgetQpLsjD3PTg7inUUV92caz6QLr...

170 B
188 B

67ms
66ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEN5fNXu2VP7Q5TODGxZd3g0&google_push=ASkJ3FYi97j9DmAsF0wXw9FkyJ5XafgetQpLsjD3PTg7inUUV92caz6QLrXJS0h7Hq2BS-WbzTaZXWgliCCCmigJeWTKXFVNz9qbnA

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 01:09:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-hhn-etou8220069-HHN
pragma: no-cache
date: Thu, 15 Dec 2022 01:09:51 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1671066592.789352,VS0,VE93
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEN5fNXu2VP7Q5TODGxZd3g0&google_push=ASkJ3FYi97j9DmAsF0wXw9FkyJ5XafgetQpLsjD3PTg7inUUV92caz6QLrXJS0h7Hq2BS-WbzTaZXWgliCCCmigJeWTKXFVNz9qbnA
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0E20
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEBpSfM7fPvMu1yVdJ4K40f8&google_cver=1&google_push=ASkJ3Fbx9tTZ0cmC2mA5FTUNaU417wkclONGl2d9FIvMM2HAUffLKtn77_WaseamBNSAPPUAUsibZUx_wBJovhmFw...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEBpSfM7fPvMu1yVdJ4K40f8&google_cver=1&google_push=ASkJ3Fbx9tTZ0cmC2mA5FTUNaU417wkclONGl2d9FIvMM2HAUffLKtn77_WaseamBNSAPPUAUsibZUx_wBJovhmFw...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ASkJ3Fbx9tTZ0cmC2mA5FTUNaU417wkclONGl2d9FIvMM2HAUffLKtn77_WaseamBNSAPPUAUsibZUx_wBJovhmFweRrNnQVmi64&google_hm=F0UlCGZHxdQjbuqIQzyIGmoa

170 B
188 B

67ms
66ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ASkJ3Fbx9tTZ0cmC2mA5FTUNaU417wkclONGl2d9FIvMM2HAUffLKtn77_WaseamBNSAPPUAUsibZUx_wBJovhmFweRrNnQVmi64&google_hm=F0UlCGZHxdQjbuqIQzyIGmoa

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 01:09:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 15 Dec 2022 01:09:51 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ASkJ3Fbx9tTZ0cmC2mA5FTUNaU417wkclONGl2d9FIvMM2HAUffLKtn77_WaseamBNSAPPUAUsibZUx_wBJovhmFweRrNnQVmi64&google_hm=F0UlCGZHxdQjbuqIQzyIGmoa
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2sfo1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0E20
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEP...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=ASkJ3Fb1PkcEA3bXxy_1Tw4cvJ4WKY7drH9uMJmRL8MKEvbGCTk8VSsvy6caalLLiogu2crBU3ij0QDUFjSxXJGd3oCeIpeskUgX&redir=https%3A%2F%2Fcm.g.doubl...
https://sync.targeting.unrulymedia.com/csync/RX-fc43c8e5-2e98-4280-8243-0b83583ac071-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DASkJ3Fb1PkcEA3bXxy_1Tw4cv...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ASkJ3Fb1PkcEA3bXxy_1Tw4cvJ4WKY7drH9uMJmRL8MKEvbGCTk8VSsvy6caalLLiogu2crBU3ij0QDUFjSxXJGd3oCeIpeskUgX&google_hm=A_xDyOUumEKAgkMLg1g6wHE

170 B
188 B

69ms
68ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ASkJ3Fb1PkcEA3bXxy_1Tw4cvJ4WKY7drH9uMJmRL8MKEvbGCTk8VSsvy6caalLLiogu2crBU3ij0QDUFjSxXJGd3oCeIpeskUgX&google_hm=A_xDyOUumEKAgkMLg1g6wHE

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 01:09:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ASkJ3Fb1PkcEA3bXxy_1Tw4cvJ4WKY7drH9uMJmRL8MKEvbGCTk8VSsvy6caalLLiogu2crBU3ij0QDUFjSxXJGd3oCeIpeskUgX&google_hm=A_xDyOUumEKAgkMLg1g6wHE
date: Thu, 15 Dec 2022 01:09:52 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RXfc43c8e52e98428082430b83583ac071003
content-type: text/html

GET
H2

200

/
onetag-sys.com/match/ Frame 0E20
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEOzmRrCAmVq3GHPiMUiyWrA&google_cver=1&google_push=ASkJ3FaLeUDrtM1QeFDiTvTRhHzHX8HjiiAPSDVg7csFW5Al-tsBOI7NSDFUZwmrlToeQ7-xaCQ7ZRhUw1H...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ASkJ3FaLeUDrtM1QeFDiTvTRhHzHX8HjiiAPSDVg7csFW5Al-tsBOI7NSDFUZwmrlToeQ7-xaCQ7ZRhUw1HFP7k6lWUHzWisYuoaSWk
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

62ms
62ms

Image
text/plain

51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Thu, 15 Dec 2022 01:09:51 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0E20
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEJOiJfIAu...
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEJO...
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=04d829f4-4230-497d-a318-8bb385a64aad&%%GOOGLE_PUSH_PAIR%%

170 B
188 B

67ms
67ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=04d829f4-4230-497d-a318-8bb385a64aad&%%GOOGLE_PUSH_PAIR%%

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 01:09:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=04d829f4-4230-497d-a318-8bb385a64aad&%%GOOGLE_PUSH_PAIR%%
date: Thu, 15 Dec 2022 01:09:51 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 0E20 0
12 B 65ms
65ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13ItN3sCwys3CohRWH0qy2f3ppHeH0VzMhBjpj-ix6ANjnGktECqXDYqC8WflM1OLqRj3Q8pVCE

Requested by

Host: 63660938f67a3637d11923d5813dffce.safeframe.googlesyndication.com
URL: https://63660938f67a3637d11923d5813dffce.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 01:09:51 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/4095438321315498643/ Frame 3416 6 KB
2 KB 164ms
55ms Document
text/html 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4095438321315498643/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d2662a875592496f399e5bf9415226f909a9e0c258c9ca13b17eed409cd78f44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://63660938f67a3637d11923d5813dffce.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 227131
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2464
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 12 Dec 2022 10:04:20 GMT
expires: Tue, 12 Dec 2023 10:04:20 GMT
last-modified: Mon, 05 Dec 2022 07:37:03 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 1FCD 0
0 192ms
99ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuNOlBIfbo322WL9PDWijyPuvCkBVtnpeiF3vwKT1cMSO-UCbVcCchreRiMG2eFFCIaREzxO8U63_rk8UUQNhXu2AdIKu7cDu-dHmYylCtnjonzCMFLsRo6jluNOoovnUhjXH2mHktWNF_Es_A0oPM55IpVrsLHXehQ4pchixpDJL5DXszcXE6U0LzDhG98LO-O5sjvWO3kP17UEOh9NIMRsU27miXBbNI6R49cUpKkuvlE18wEZY0_yWrGCQl51d9_8zb06fsckqgRzYYttLVMgDicSrXr2Zgm8AgZzs85B_c0yaEpLyJyS0O_8lHBUaodCpFHsNcc1_IW4e7KoKjTJ0J67WHDY5Cm8zrh3u3dhimgeOcbZ5GLVab1FzpQtZO_aSLetlJMQwDd-ViiyHfVtFoU_vrrOpfvcUB5U4xdRg9HTB1Ng3nS1HnL9LuWH-dman1MrPCKzOxLRhnLFwAxMSDmB-zxP0pTiXuyRP4Rw0Zivm-4MixReazCyqHQy5lBBN33fDWHOevadiDUFI5f2kaAYHRLHPxoj-S7rsn6tg6XZjC6V24LBCkIrG7sspQzUNgC_bqdlLPNqKNYV0jvAhbZ4vTeeXcwpF9lpXvsssUjRBcOBtqQfJsBqzdJmjC1jyvrl07gdsvceWpjT1E9qii4iEH1h_1xyCRUjKxsDZMqpu9Okc4ql2ZdYelg2xmc4wP6UXZPRvT1ODe9H01uspzRGlt-5q1imJpYz5wocXOXXoDcqpPYewSlFlkFhl_YbIXj3bukrrchVY1bM1YaTvMw_32PwagdRTLzlKy2OLH0vkDErm9qgj8H6CziwYE_CI5d4irOsYNe4MKJTiqftQSJ7zbBnFfSGDBYv6RBn_H1m58gPf69wSyxaNvlCqDNCUvdeeqQllX7z3hAwawM-2nLoLr7sMwwhbWHZNrGF1-lSN3WWRit16sAM0dWhzPrrlbHsydiMUR-lVD2Ba4MkI-BRkHuCpnTIw9Ye1OlFJ8SmRqDw5t0WyHqJmzDrVDk0g3QYKQMUcEifLWjkzeFI18HyodnM2BDAW04SMErGk4Is7W8zxZYTDezVGibtQK8y47obHKRpqbLC7cGZmZulKE5MzP6EzXgnF60xswSClXuGJUZ8qO3JLgBFyMaMPnSE0k2J1VYHoloWowlBhBXsXYfbwVE7w6pcA_U0TU5G5GuTbpEqc7bOTvPEretUqwIYUX0BMbWJLze5ZzpmjPGzitvAbXim8t5iQHAaC_N5BeCed_IDbzeY_hehRqQ-Bc_eqa_RmpBCQzIiiG2QZczL7RF6f-W9Jc&sai=AMfl-YSl7k5qKAqyVJ6umef8pHvNYi-uWWfEsJ5L7yM2iGb3EWqSWz3tPRySisFOGEIzMocgsILVxmVQLb9FdRmT74AsBF9HTvAIYrtF98UkusMG8yrzmw07dT8bh48ln49sIiKfmzyiw1F1s7BcT38f6q5f2xNTyAsFZbynxaV3OrDL1D_SVL3tK2cQFFiz4kNSXk8TNJtEbs_j6-i25-55euYYhlY_ZkpyKNEAVr17f-sInTUA2TOqgWVkg-WZWNqquPk5Y5utjXZcLg&sig=Cg0ArKJSzBhVWI46dOBhEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=280&cbvp=1&cstd=277&cisv=r20221207.12046&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://63660938f67a3637d11923d5813dffce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 15 Dec 2022 01:09:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 15 Dec 2022 01:09:51 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 4878 22 KB
8 KB 55ms
53ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://63660938f67a3637d11923d5813dffce.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 363877
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 10 Dec 2022 20:05:14 GMT
expires: Sun, 10 Dec 2023 20:05:14 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 9128
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEI-zQ3K585djV2EZoNjYe6M&google_cver=1&google_push=ASkJ3FY8EghWYXQD6-ysVrWA7AtcMdD_onMZVUl2Cc_EuRwbfGqWMU5L4DZSxMrymm4_tME-M2UrdHKHr4BCBHqugICFpfI00qMwsj4
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Nzk5NDQ1NzI2NTQzNTg2MTk0OA==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEI-zQ3K585djV2EZoNjYe6M&google_cver=1

43 B
398 B

116ms
50ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEI-zQ3K585djV2EZoNjYe6M&google_cver=1
Requested by: Host: 63660938f67a3637d11923d5813dffce.safeframe.googlesyndication.com
URL: https://63660938f67a3637d11923d5813dffce.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 15 Dec 2022 01:09:51 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Thu, 15 Dec 2022 01:09:51 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEI-zQ3K585djV2EZoNjYe6M&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 9128 0
104 B 212ms
95ms Image
text/plain 2a02:fa8:8806:13::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEHdCm287k3nU9fisBWgWpkI&google_cver=1&google_push=ASkJ3Fa7I5n1JIozR3AqqtrqSlbQ4wNEJTvhIO-6_gjhSnTvm6iaN4aj0sr6eB-b0JGY_7NDmqRFbLcyEogxfOqiEAkZqgLe4gUHgQ
Requested by: Host: 63660938f67a3637d11923d5813dffce.safeframe.googlesyndication.com
URL: https://63660938f67a3637d11923d5813dffce.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 01:09:51 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 9128 43 B
356 B 209ms
66ms Image
image/gif 34.98.67.61
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESELUI3f794uXh4V0y77XK0vU&google_push=ASkJ3FZrtqtgEaJ-ShUMPtzM6aVwBHQzV83VlQ687RPRoS8OlEeIg6JLCq2Q1Vg-48Ej9O1LgD8Yx57gnr3TTTok2nO2e9bmMMJvrmk&google_cver=1
Requested by: Host: 63660938f67a3637d11923d5813dffce.safeframe.googlesyndication.com
URL: https://63660938f67a3637d11923d5813dffce.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 01:09:51 GMT
via: 1.1 google
server: Apache
content-type: image/gif;charset=UTF-8
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9128
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEIpVOVbrE_oTfkyJR8Qb0nM&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIpVOVbrE_oTfkyJR8Qb0nM&google_hm=Y5pz32lSShwiiuUtlx-O-gAADTgAAAAB&google_nid=index&google_push=ASkJ3FYmSuuedspladQshAUZUGjLG0bAiVoR9...

170 B
188 B

68ms
67ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIpVOVbrE_oTfkyJR8Qb0nM&google_hm=Y5pz32lSShwiiuUtlx-O-gAADTgAAAAB&google_nid=index&google_push=ASkJ3FYmSuuedspladQshAUZUGjLG0bAiVoR91qDrhEt3_dhaipx7CNm_I9c9RhEmDFXFTUkGllckInsfD19vcWOH8a1_HYts9TD7w

Requested by

Host: 63660938f67a3637d11923d5813dffce.safeframe.googlesyndication.com
URL: https://63660938f67a3637d11923d5813dffce.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 01:09:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 15 Dec 2022 01:09:51 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z6Y1QYE7PNbchvd971RAYLrS7ZaexfYRwWf7jI2tHuyEYqxSjF%2FNjJ8DCBKp5JpCQiTdoWPKy3uWvU7SH54YKAlnXju0F9dKEML9fNHLyYpXoI5et5y44Byw0NTyNU8FkTcHXCH%2FwhRPrw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIpVOVbrE_oTfkyJR8Qb0nM&google_hm=Y5pz32lSShwiiuUtlx-O-gAADTgAAAAB&google_nid=index&google_push=ASkJ3FYmSuuedspladQshAUZUGjLG0bAiVoR91qDrhEt3_dhaipx7CNm_I9c9RhEmDFXFTUkGllckInsfD19vcWOH8a1_HYts9TD7w
cache-control: no-cache
cf-ray: 779b4bd6b85d76fc-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9128
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEMVN-PH5zRVdkPfFZo7kadU&google_cver=1&google_push=ASkJ3FYEHcfytkyLSwyOsWYPXR0VtcjkStvZXrCD5MBlHb6jO1Mf2xTJf6Rg6RzQ2Y0ZGN9_U3pmiK-Hey-YjsuR...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ASkJ3FYEHcfytkyLSwyOsWYPXR0VtcjkStvZXrCD5MBlHb6jO1Mf2xTJf6Rg6RzQ2Y0ZGN9_U3pmiK-Hey-YjsuRKYlOAdHFZ5tOx1Y

170 B
188 B

68ms
68ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ASkJ3FYEHcfytkyLSwyOsWYPXR0VtcjkStvZXrCD5MBlHb6jO1Mf2xTJf6Rg6RzQ2Y0ZGN9_U3pmiK-Hey-YjsuRKYlOAdHFZ5tOx1Y

Requested by

Host: 63660938f67a3637d11923d5813dffce.safeframe.googlesyndication.com
URL: https://63660938f67a3637d11923d5813dffce.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 01:09:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 15 Dec 2022 01:09:51 GMT
via: 1.1 fb49d852ca52c03c834ce98098b51516.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-P5
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ASkJ3FYEHcfytkyLSwyOsWYPXR0VtcjkStvZXrCD5MBlHb6jO1Mf2xTJf6Rg6RzQ2Y0ZGN9_U3pmiK-Hey-YjsuRKYlOAdHFZ5tOx1Y
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: s5HK_ywhRoM8k04AiSN8_ft_bBIAURSxOpJFNBrTvGHsVLmgMTjFXg==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9128
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEP...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=ASkJ3FaSK2k5vB1V6-y9uG51KLdkFB99ymx5Flc_rQ7scnuyE0d69Jdz9yvyBQC1HLRPW1MgZ8IXfBILxw8hpxCF0Uj9eI4GJNVZSw&redir=https%3A%2F%2Fcm.g.dou...
https://sync.targeting.unrulymedia.com/csync/RX-fc43c8e5-2e98-4280-8243-0b83583ac071-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DASkJ3FaSK2k5vB1V6-y9uG51K...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ASkJ3FaSK2k5vB1V6-y9uG51KLdkFB99ymx5Flc_rQ7scnuyE0d69Jdz9yvyBQC1HLRPW1MgZ8IXfBILxw8hpxCF0Uj9eI4GJNVZSw&google_hm=A_xDyOUumEKAgkMLg1g6wHE

170 B
188 B

68ms
68ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ASkJ3FaSK2k5vB1V6-y9uG51KLdkFB99ymx5Flc_rQ7scnuyE0d69Jdz9yvyBQC1HLRPW1MgZ8IXfBILxw8hpxCF0Uj9eI4GJNVZSw&google_hm=A_xDyOUumEKAgkMLg1g6wHE

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 01:09:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ASkJ3FaSK2k5vB1V6-y9uG51KLdkFB99ymx5Flc_rQ7scnuyE0d69Jdz9yvyBQC1HLRPW1MgZ8IXfBILxw8hpxCF0Uj9eI4GJNVZSw&google_hm=A_xDyOUumEKAgkMLg1g6wHE
date: Thu, 15 Dec 2022 01:09:52 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RXfc43c8e52e98428082430b83583ac071003
content-type: text/html

GET
H2

200

report
sync.teads.tv/um/ Frame 9128
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEIwx7sAgnmfvNGrG5Xgxzjg&...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ASkJ3FYMiKYjrlbEvAEcvaE-VpRkC4d97wnlDAxkDr8QIgbSwWy8TiZ6tlB7J7KDV4IQzdNFrquvbWYUuHayRRuZ4mKG0dBvmSs9g6Wp
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
172 B

85ms
85ms

Image
image/gif

23.218.209.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: 63660938f67a3637d11923d5813dffce.safeframe.googlesyndication.com
URL: https://63660938f67a3637d11923d5813dffce.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 23.218.209.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-209-56.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires: Thu, 15 Dec 2022 01:09:52 GMT
pragma: no-cache
date: Thu, 15 Dec 2022 01:09:52 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 15 Dec 2022 01:09:51 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 9128 0
12 B 66ms
64ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KuXlit-3hewHIKXNx5F3ixRUaEyuADE0hD_7uGc_gIDm2mZWR1tUc4eoHQBVeBA5pCoZHxaA

Requested by

Host: 63660938f67a3637d11923d5813dffce.safeframe.googlesyndication.com
URL: https://63660938f67a3637d11923d5813dffce.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 01:09:51 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 6532 36 KB
16 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 06:47:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66123
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16132
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Dec 2023 06:47:48 GMT

GET
H3 200 z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 4878 36 KB
16 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 06:47:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66123
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16132
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Dec 2023 06:47:48 GMT

GET
H3 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 3416 236 KB
63 KB 62ms
62ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4095438321315498643/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4095438321315498643/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 01:09:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 15 Dec 2022 01:09:51 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame 3416 4 KB
609 B 173ms
63ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@300;700&display=swap

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4095438321315498643/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

38d95de33678eb79a5d7632f0dedc17f54defe0da27cba210acb8916e520f8a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 15 Dec 2022 01:09:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 00:05:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 15 Dec 2022 01:09:51 GMT

GET
H3 200 avoury-xmas-728x90.js Show response
s0.2mdn.net/sadbundle/4095438321315498643/ Frame 3416 40 KB
10 KB 55ms
54ms Script
application/x-javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4095438321315498643/avoury-xmas-728x90.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4095438321315498643/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1631fe8086c93e23f9c0fbe009807c6e5c37b3485550469ec2fbc12cdf37209d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4095438321315498643/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:04:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 227131
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10013
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 07:37:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 12 Dec 2023 10:04:20 GMT

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ 87 KB
28 KB 176ms
60ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19341/hb_299506_4371.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 01:09:52 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 29 Dec 2021 12:30:46 GMT
server: nginx
etag: W/"61cc54f6-15c19"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 16 Dec 2022 01:09:52 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6532 0
20 B 93ms
93ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B6EKb33OaY7aIDoOY3gP_xYiIBAAAAAA4AeAEAg&bg=!ODulO3_NAAYgquz3AKo7ACkAdvg8WpEuDzVTCSF3VWYk0EvMaoXqVxnH4OiB4zZ1trfmbu7ueM1pAgIAAACTUgAAAAJoAQeZAvrDtCEaFx39jW7OSIMsry1jtlf8-6dE5qcZiPSmT6lHVu5K8iomO5XluyjlWbdaOW5EWq3qfKosPye6lnGvr8WXdQAvoGiAc_yPeCSAY_sDoQFKqFBlUDluKzwd7eMsknd9lc7Y_i3eHfx3QWnDneCzpfbHDLorhQNJ0uZJf67JDKMPfJ-8vo_YY8cmyL2Xl1XJvLnf_c_dFzjNIdAqiqN00KHQEi8jJKz3DDmODN--etYZV_hAUWvTQ2XC5RTIwMy4NUOjRW8GbVgLhFY3PSBQvnI_sJ9D3UQczl11WkAC7UZrscWJH06QDb10Pw1C1LMgO4RHXGjdZYkKfqW7LWMttkN2U4fWVODf5DsdiiSKGAezdS-pfbL1wcO82tApN-o6ebt1xys87BCi8mHCx_GtexdLXQOQqYOpVVBan_7Jpmg3WTLMaYE9yUSKAi9Vu6g4tcEXaSNGDT8lKn1XTYm6O70QxLWjhvO8dM710nOc1Axy_nbsCO7NqMK62cmRwsTX50eP3WF9UPVonDJVJyk-ZHJYtKDqMIhRfTtzT_v02ey8EoxEgGgMYVPLglAzhpY_bD76Z6FthdOp7ZNrLOKhB0U6n6n60STK7p3xy24iOhcn1H-1j6bBEnKvw4sbB4RoDiDnpJ6iJZSLVg4NEjvO8yflrABxdXzjJCfpLVT7vedkzB61O8HWoay2egyIH4ftof1PVi2ZvwSlkB7qCeOGhuSPCBbv-vCZK-YcZqUAGBULdm7-IjW-uoYo2XS9vpzOyYxZPcJoiBMjKLSZcLUYy91V7J1jIahEm-FHyGzjlO1HHb3EuUUsdbW_X95nA1tXBopo9dN_nEtMo9DLQQjVaf7InviF7CI5HU8m0OI41fPu8sDYsnyysdLoT80atJoNiROA4CNBmPaJ0zkqYJyeTBahUX22ZFJTWKjWB-NnFQ8gjmwIYXlRLKj4Hea2j_2tgq3_ZHnxYHP-WZphXq5GXVF1zI_OEfG8mAAdsaxJuvwQCBRCx1AyYYk

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 01:09:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4878 0
20 B 97ms
97ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BoRal33OaY4KIDtei9u8P4ZGk8A4AAAAAOAHgBAI&bg=!2tml2Z3NAAYgquz3AKo7ACkAdvg8WsfBcYEWPpGJV3spFWUJ_HU7txSTXiDn38UjpK8TLD4TMWX8UQIAAACFUgAAAANoAQeZAzPRrKiPBQ0poZ01WQwBGm93wsWKZ6sEPzuGJfyIVbGC_5SpLoaokPOLvcWp_c7my36JfI31U4pTS98g-1sboNsdwUyin4hD1-L1WJflZb7APf60YKi3AzgaHYjGLAktN7rrz_tprikfJvGWqJgUdheV4UaQ_v0ukL-La9DJrNlwaop9vpslaGxHhx9MminlyE8No2YnOvYwWcIQhPyWbCyTQc4NJuAKZdOr-To2W7ELUhEeQiaBymS5FK_4HRux6tFs4qSW03QC69C4jUU9lRi9k-902ke6LA9POSJf3yfro7fxPLp91YhB0HRSAarftShIbuiDxXdaBX2pDm15v_yGn_lihSx3rUbSrqr59IDCJSaXuz823CfLdZkG6JMtzWzuj0UfekLz-WNuRPzvCHfEa2sZuzKm8hFeY6gYnoa7P976Y3BswHhqrwxn5HjaYKILxTL6TPMJNI9RKqK0Q71gkXXfdd5AGXHVxnjG2ewIF5mwax6Wg8rk5VwovBdoYEmSkminDaRAuX2a8z0S1U6bnR-Wqadsmz0YziIiVzm_ZpeJlCNGEL3V9Eu94DgsGYvqUy5p67vQezESeqQZHgFlXIS9dXZ73vRdt1LA4ygnfBY4-7Fqv9UO0G9xUBXgWleCxzJU7I4udmlSF04VZt5FrsWeMfppOER_xFsTZX9HJEqaa7gQ1Z3WuGSdUxklyaD84BGwT2rRKZRAQZ8AXX57kJhgrBN2O444Oh7EBnHQHs_9xlt3gjLbiKXLu5yTrcdsMch6zsgn4Xf2p0fJDQ0caZglXliUFJKzkQ8OGOtIb5aeYXEiXRaSq89scoICFOPe9sJIrtWORiH-PatD-sw7tGcJN2LcU5W_92s56xzAsI3G8kwU2OFcDQOFOFhE-D1FwrqMWkS_inzPn58U2BlVdCejNFTlwWgCk_xmHEF2b5_lzsoqT5XPhgi5Btvo1SnmkH9GNkLv7IjZOQG22BxE9Y0EuaONyi7kV_h1STxWp7x-r9XzaSTDbSz02p-9O-nBfhEEzonGJ4J8IlvS00PreONxAwsIvVWy0pj6uNbOLsRVyofiInNZpquqgokynZtsjKE

Requested by

Host: 63660938f67a3637d11923d5813dffce.safeframe.googlesyndication.com
URL: https://63660938f67a3637d11923d5813dffce.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 01:09:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 bg500.jpg
s0.2mdn.net/sadbundle/4095438321315498643/images/ Frame 3416 30 KB
30 KB 55ms
54ms Image
image/jpeg 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4095438321315498643/images/bg500.jpg

Requested by

Host: 63660938f67a3637d11923d5813dffce.safeframe.googlesyndication.com
URL: https://63660938f67a3637d11923d5813dffce.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e721117219198469e6833d133eb0fe938c8de9719567707cd056c8fe498ac9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4095438321315498643/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:04:20 GMT
x-content-type-options: nosniff
age: 227132
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30489
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 07:37:03 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 12 Dec 2023 10:04:20 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 1FCD 0
0 93ms
93ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuNOlBIfbo322WL9PDWijyPuvCkBVtnpeiF3vwKT1cMSO-UCbVcCchreRiMG2eFFCIaREzxO8U63_rk8UUQNhXu2AdIKu7cDu-dHmYylCtnjonzCMFLsRo6jluNOoovnUhjXH2mHktWNF_Es_A0oPM55IpVrsLHXehQ4pchixpDJL5DXszcXE6U0LzDhG98LO-O5sjvWO3kP17UEOh9NIMRsU27miXBbNI6R49cUpKkuvlE18wEZY0_yWrGCQl51d9_8zb06fsckqgRzYYttLVMgDicSrXr2Zgm8AgZzs85B_c0yaEpLyJyS0O_8lHBUaodCpFHsNcc1_IW4e7KoKjTJ0J67WHDY5Cm8zrh3u3dhimgeOcbZ5GLVab1FzpQtZO_aSLetlJMQwDd-ViiyHfVtFoU_vrrOpfvcUB5U4xdRg9HTB1Ng3nS1HnL9LuWH-dman1MrPCKzOxLRhnLFwAxMSDmB-zxP0pTiXuyRP4Rw0Zivm-4MixReazCyqHQy5lBBN33fDWHOevadiDUFI5f2kaAYHRLHPxoj-S7rsn6tg6XZjC6V24LBCkIrG7sspQzUNgC_bqdlLPNqKNYV0jvAhbZ4vTeeXcwpF9lpXvsssUjRBcOBtqQfJsBqzdJmjC1jyvrl07gdsvceWpjT1E9qii4iEH1h_1xyCRUjKxsDZMqpu9Okc4ql2ZdYelg2xmc4wP6UXZPRvT1ODe9H01uspzRGlt-5q1imJpYz5wocXOXXoDcqpPYewSlFlkFhl_YbIXj3bukrrchVY1bM1YaTvMw_32PwagdRTLzlKy2OLH0vkDErm9qgj8H6CziwYE_CI5d4irOsYNe4MKJTiqftQSJ7zbBnFfSGDBYv6RBn_H1m58gPf69wSyxaNvlCqDNCUvdeeqQllX7z3hAwawM-2nLoLr7sMwwhbWHZNrGF1-lSN3WWRit16sAM0dWhzPrrlbHsydiMUR-lVD2Ba4MkI-BRkHuCpnTIw9Ye1OlFJ8SmRqDw5t0WyHqJmzDrVDk0g3QYKQMUcEifLWjkzeFI18HyodnM2BDAW04SMErGk4Is7W8zxZYTDezVGibtQK8y47obHKRpqbLC7cGZmZulKE5MzP6EzXgnF60xswSClXuGJUZ8qO3JLgBFyMaMPnSE0k2J1VYHoloWowlBhBXsXYfbwVE7w6pcA_U0TU5G5GuTbpEqc7bOTvPEretUqwIYUX0BMbWJLze5ZzpmjPGzitvAbXim8t5iQHAaC_N5BeCed_IDbzeY_hehRqQ-Bc_eqa_RmpBCQzIiiG2QZczL7RF6f-W9Jc&sai=AMfl-YSl7k5qKAqyVJ6umef8pHvNYi-uWWfEsJ5L7yM2iGb3EWqSWz3tPRySisFOGEIzMocgsILVxmVQLb9FdRmT74AsBF9HTvAIYrtF98UkusMG8yrzmw07dT8bh48ln49sIiKfmzyiw1F1s7BcT38f6q5f2xNTyAsFZbynxaV3OrDL1D_SVL3tK2cQFFiz4kNSXk8TNJtEbs_j6-i25-55euYYhlY_ZkpyKNEAVr17f-sInTUA2TOqgWVkg-WZWNqquPk5Y5utjXZcLg&sig=Cg0ArKJSzBhVWI46dOBhEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=654&vt=11&dtpt=374&dett=3&cstd=277&cisv=r20221207.12046&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://63660938f67a3637d11923d5813dffce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 01:09:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 15 Dec 2022 01:09:52 GMT

GET
H3 200 kapsel75.png
s0.2mdn.net/sadbundle/4095438321315498643/images/ Frame 3416 4 KB
4 KB 54ms
54ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4095438321315498643/images/kapsel75.png

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9993912d3b5ba3ac5c8662d54428458c6a00ce001ea1c179def6d3fe6c3e45f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4095438321315498643/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:04:20 GMT
x-content-type-options: nosniff
age: 227132
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3988
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 07:37:03 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 12 Dec 2023 10:04:20 GMT

GET
H3 200 machine250silver.png
s0.2mdn.net/sadbundle/4095438321315498643/images/ Frame 3416 29 KB
29 KB 54ms
54ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4095438321315498643/images/machine250silver.png

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b359e6245000ade04dafbef2e6075319d92057aac9547c2d6d9e37e296a70c91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4095438321315498643/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:04:20 GMT
x-content-type-options: nosniff
age: 227132
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29483
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 07:37:03 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 12 Dec 2023 10:04:20 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 89 KB
29 KB 166ms
59ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 01:09:52 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Mon, 24 Oct 2022 11:21:19 GMT
server: nginx
etag: W/"6356752f-16294"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 16 Dec 2022 01:09:52 GMT

GET
H3 200 package140.png
s0.2mdn.net/sadbundle/4095438321315498643/images/ Frame 3416 12 KB
12 KB 54ms
54ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4095438321315498643/images/package140.png

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6746a9c24952c674339bee15c931fe98677dfd627a2f4916701b2b59376fb88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4095438321315498643/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:04:20 GMT
x-content-type-options: nosniff
age: 227132
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12485
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 07:37:03 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 12 Dec 2023 10:04:20 GMT

GET
H3 200 texture600.jpg
s0.2mdn.net/sadbundle/4095438321315498643/images/ Frame 3416 43 KB
43 KB 54ms
54ms Image
image/jpeg 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4095438321315498643/images/texture600.jpg

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

880620a7585e7391c2d6049166ba8bffd02e39a9d4c506900cb8dbb993ef51b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4095438321315498643/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:04:20 GMT
x-content-type-options: nosniff
age: 227132
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43755
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 07:37:03 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 12 Dec 2023 10:04:20 GMT

GET
H3 200 charter.woff2
s0.2mdn.net/sadbundle/4095438321315498643/ Frame 3416 53 KB
53 KB 54ms
54ms Font
font/woff2 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4095438321315498643/charter.woff2

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd81384f187e42628894eed4bb384acd8209a3980c45c3ab285ac154f28bf9a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/4095438321315498643/index.html
Origin: https://s0.2mdn.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:04:20 GMT
x-content-type-options: nosniff
age: 227132
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54205
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 07:37:03 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 12 Dec 2023 10:04:20 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 3416 15 KB
15 KB 173ms
57ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 20:22:20 GMT
x-content-type-options: nosniff
age: 449252
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Dec 2023 20:22:20 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1FCD 42 B
64 B 215ms
100ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss-mUn7DPH9cGNZ7pjDIuO_IIzllkT0YlquqEW6Hdysua52YgueUMCNkgz7hwfjAxKeVXjznBcgB44O3IicujZm0gQ1dwssDgwvRhl9_SEPMCZSM1P7bMaFJ7itfhkZAGI0OcvtHA&sai=AMfl-YS5v5JyeItMM-Fv4udOagE02WawSzKAy0lzZZfUm5ns5sJ9cMkD6gTNfWTbt5YtZyG6swizKPZNlKAWGIFzZdYDZHprHDls9wgBueOtUkbMvzVVVA8ScaJBcbtyhtU&sig=Cg0ArKJSzLZdI_NfnW6OEAE&cid=CAQSPADq26N9lJLg7VxNs-dSZz-4U8NPiILjgHDY43R8_Yjh_trA_iLaFPp_G6aoUr8Tvk9n-qLA9FLgYeS-OBgBIBM&id=lidar2&mcvt=1000&p=1110,315,1200,1043&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3757304322&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1671066591081&rpt=517&isd=0&lsd=0&met=ce&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://63660938f67a3637d11923d5813dffce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 01:09:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 95F3 42 B
64 B 189ms
98ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssN_KR-tOAN8RQerSv6G7HvtDKALZV_fPHHC6e8Hkk1WxKGbKmpnva3P3twfnQZANY_1ayRfNZ8BNdOl_LTwOx4lh-lm52U42IPKM6TQt1Nk6LqYHWsGZZ5wi2Gv-txnZHCHzLh-Q&sai=AMfl-YScw4g9nbpJjt0fD9hiSc0a170DXOFUi4J3JzqWleVhC9eO09fEttRql6Vr6MxOLn4ptNQRK6zQJp_yVlwOOR2llkb02yM6xbXh_WYITtFRI312jy8Kla635qJoEv0&sig=Cg0ArKJSzOy8OYmF06c5EAE&cid=CAQSPADq26N9lJLg7VxNs-dSZz-4U8NPiILjgHDY43R8_Yjh_trA_iLaFPp_G6aoUr8Tvk9n-qLA9FLgYeS-OBgBIBM&id=lidar2&mcvt=1000&p=40,315,130,1043&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1472868681&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1671066590889&rpt=743&isd=0&lsd=0&met=ie&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://63660938f67a3637d11923d5813dffce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 01:09:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 171ms
56ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fbuhgalter.com.ua%2F&domain=buhgalter.com.ua&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://buhgalter.com.ua
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://buhgalter.com.ua
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Thu, 15 Dec 2022 01:09:52 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 388278
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fbuhgalter.com.ua%2F&domain=buhgalter.com.ua&cw=1&pbt=1&lsw=1
https://mug.criteo.com/sid?cpp=EYCf1HxCYjJDemJneVg3eTU4MHAvZ29pNGRXeXFEU0JPOTZxVEU1dkg2UGQ0VXpESE5lUG9HakZTVm5CTEZISDhjcDJqVlNrK1NUci9zbFEyWHMyWE5Qemd0RnJtdklOTzFDZzNvWVNlclNzTm02SDcwbUt4V1dWeHlaVS...

354 B
661 B

177ms
58ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=EYCf1HxCYjJDemJneVg3eTU4MHAvZ29pNGRXeXFEU0JPOTZxVEU1dkg2UGQ0VXpESE5lUG9HakZTVm5CTEZISDhjcDJqVlNrK1NUci9zbFEyWHMyWE5Qemd0RnJtdklOTzFDZzNvWVNlclNzTm02SDcwbUt4V1dWeHlaVS85c1JWSFhRWkx4dGYrOFN1SVE5OTNsZjQ0d2dXdmZhU1UwWlFrYUJkbE5MdzdrTTUwTHUvWFkxTDZBSy9SSEtGK2ZLTllzRk5yT1p5T1hxR0lGaDFKTjN0YjZ4aVJyTkczYXZTQXZoK0hmSlNObnJxWTJzPXw&cppv=2

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

973b96bdde304fd414a6cae991ed6315474726193cad87d6be4ccb66058e8c5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 01:09:53 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1240897
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 15 Dec 2022 01:09:53 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-methods: GET
location: https://mug.criteo.com/sid?cpp=EYCf1HxCYjJDemJneVg3eTU4MHAvZ29pNGRXeXFEU0JPOTZxVEU1dkg2UGQ0VXpESE5lUG9HakZTVm5CTEZISDhjcDJqVlNrK1NUci9zbFEyWHMyWE5Qemd0RnJtdklOTzFDZzNvWVNlclNzTm02SDcwbUt4V1dWeHlaVS85c1JWSFhRWkx4dGYrOFN1SVE5OTNsZjQ0d2dXdmZhU1UwWlFrYUJkbE5MdzdrTTUwTHUvWFkxTDZBSy9SSEtGK2ZLTllzRk5yT1p5T1hxR0lGaDFKTjN0YjZ4aVJyTkczYXZTQXZoK0hmSlNObnJxWTJzPXw&cppv=2
access-control-allow-origin: https://buhgalter.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 513577
content-length: 0
expires: 0

POST
H/1.1 200 prebid Show response
id5-sync.com/api/config/ 135 B
545 B 187ms
62ms XHR
application/json 162.19.138.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/config/prebid

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19341/hb_299506_4371.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.117 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

f2a8720de45d6e2afa1037156d17e6b24e05d98b9f3ffb06ea6dbd8faafb3297

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://buhgalter.com.ua
date: Thu, 15 Dec 2022 01:09:53 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame AFD3 15 KB
6 KB 172ms
54ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19341/hb_299506_4371.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://buhgalter.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=48371
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Thu, 15 Dec 2022 01:09:53 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Thu, 15 Dec 2022 14:36:04 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

GET
H2 200 ixmatch.html Show response
js-sec.indexww.com/um/ Frame 2C57 3 KB
2 KB 156ms
51ms Document
text/html 104.18.36.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19341/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.36.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://buhgalter.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 97
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 779b4be18fe8250e-LHR
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 15 Dec 2022 01:09:53 GMT
expires: Thu, 15 Dec 2022 05:09:53 GMT
last-modified: Mon, 25 Jul 2022 19:18:30 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame CFD5 281 B
554 B 207ms
54ms Document
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?gdpr=0
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19341/hb_299506_4371.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://buhgalter.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 15 Dec 2022 01:09:53 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame 0156 22 KB
8 KB 185ms
68ms Document
text/html 184.30.20.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU816538&prvid=2034%2C2011%2C2033%2C3022%2C2030%2C3020%2C251%2C273%2C175%2C2009%2C178%2C255%2C2028%2C3018%2C2027%2C3017%2C214%2C2025%2C237%2C117%2C3014%2C97%2C99%2C77%2C38%2C3012%2C3011%2C182%2C3010%2C261%2C141%2C222%2C201%2C3007%2C246%2C301%2C4%2C203%2C225%2C10000%2C80%2C108%2C9&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19341/hb_299506_4371.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.20.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-20-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

47f6ea42aec2a15bc8de33071b9b54dededd42a35849a37841122af7ca327bb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://buhgalter.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 8185
content-type: text/html; charset=UTF-8
date: Thu, 15 Dec 2022 01:09:53 GMT
expires: Sat, 17 Dec 2022 01:09:53 GMT
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H2 200 / Show response
spl.zeotap.com/ Frame 60C7 9 KB
2 KB 160ms
59ms Document
text/html 2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19341/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5009c32004b280754d4a909be757efbf8c43ff9df959a651beb7e7cce9e0510

Request headers

Referer: https://buhgalter.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://buhgalter.com.ua
cf-cache-status: DYNAMIC
cf-ray: 779b4be188db71e1-LHR
content-encoding: br
content-type: text/html
date: Thu, 15 Dec 2022 01:09:53 GMT
server: cloudflare
vary: Origin
via: 1.1 google

GET
H/1.1

200
OK

csync
sync.adtelligent.com/
Redirect Chain

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=f911df3a-fde1-472d-98a3-9fd51c9b7037

0
404 B

190ms
189ms

Image
text/plain

62.149.1.122
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=f911df3a-fde1-472d-98a3-9fd51c9b7037
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: HTTP/1.1
Server: 62.149.1.122 Vyshhorod, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 15 Dec 2022 01:09:53 GMT
Server: Adtelligent
Etag: 39ceda586c0ef01b
Content-Length: 0

Redirect headers

location: https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=f911df3a-fde1-472d-98a3-9fd51c9b7037
date: Thu, 15 Dec 2022 01:09:53 GMT
cache-control: no-store no-transform
server: nginx
content-length: 166
content-type: text/html; charset=utf-8

GET
H2

200

sync
x.bidswitch.net/
Redirect Chain

https://x.bidswitch.net/sync?ssp=themediagrid&gdpr=0
https://pixel.tapad.com/idsync/ex/receive?partner_id=3205&partner_device_id=04d829f4-4230-497d-a318-8bb385a64aad&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D437%26ssp%3Dthemediagrid...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3205&partner_device_id=04d829f4-4230-497d-a318-8bb385a64aad&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D437%26ssp%3Dthemed...
https://x.bidswitch.net/sync?dsp_id=437&ssp=themediagrid&user_id=

43 B
145 B

63ms
60ms

Image
image/gif

18.158.138.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=437&ssp=themediagrid&user_id=
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Server: 18.158.138.18 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-138-18.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 01:09:53 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

date: Thu, 15 Dec 2022 01:09:53 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://x.bidswitch.net/sync?dsp_id=437&ssp=themediagrid&user_id=
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 usermatch Show response
ssum-sec.casalemedia.com/ Frame DE70 2 KB
1 KB 131ms
83ms Document
text/html 104.18.33.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fbuhgalter.com.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40e9daa92ef2651df72b0c61caf98903a6521a91e95acae8bebf8630f4aa5fa3

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 779b4be23a607488-LHR
content-encoding: br
content-type: text/html
date: Thu, 15 Dec 2022 01:09:53 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gEGr1lp2OTShHhuw4BTHUmqNTjG0ek82ql6r9HEUm3mcwMY67Yr8G0FrII5Z6q%2BiOaPokE7L5klNykQME6i62I4jODnxUpQXPd7SlLCqNkpJcQl8cFX%2B6%2FBSSKkTm8N4iIGwESSUFw9AlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 400
Request failed due to privacy signals getuid
ib.adnxs.com/ Frame 60C7 0
0 55ms
55ms Image
text/html 185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=064e9932-3f55-42d0-7d35-1765ffd6a85c&reqId=c8c10f56-8495-4ae7-51f6-d0824dda76f2&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 60C7 170 B
188 B 68ms
67ms Image
image/png 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=064e9932-3f55-42d0-7d35-1765ffd6a85c&reqId=c8c10f56-8495-4ae7-51f6-d0824dda76f2&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 01:09:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 60C7
Redirect Chain

https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
https://mwzeom.zeotap.com/mw?cid=0032f070-bd52-47d6-9fd5-539a3e23b76c&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=064e9932-3f55-42d0-7d35-1765ffd6a85c&reqId=c8c10f56-8495-4ae7...

95 B
152 B

60ms
57ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=0032f070-bd52-47d6-9fd5-539a3e23b76c&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=064e9932-3f55-42d0-7d35-1765ffd6a85c&reqId=c8c10f56-8495-4ae7-51f6-d0824dda76f2&zdid=1361
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 01:09:53 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 779b4be3399871e1-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

date: Thu, 15 Dec 2022 01:09:53 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://mwzeom.zeotap.com/mw?cid=0032f070-bd52-47d6-9fd5-539a3e23b76c&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=064e9932-3f55-42d0-7d35-1765ffd6a85c&reqId=c8c10f56-8495-4ae7-51f6-d0824dda76f2&zdid=1361
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 403 /
dmp.adform.net/serving/cookie/match/ Frame 60C7 0
331 B 280ms
72ms Image
text/plain 37.157.4.28
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=064e9932-3f55-42d0-7d35-1765ffd6a85c&reqId=c8c10f56-8495-4ae7-51f6-d0824dda76f2&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 01:09:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 60C7 70 B
265 B 184ms
54ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D064e9932-3f55-42d0-7d35-1765ffd6a85c%26reqId%3Dc8c10f56-8495-4ae7-51f6-d0824dda76f2%26zdid%3D1361&gdpr=1&gdpr_consent=
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 15 Dec 2022 01:09:53 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 cm
trc.taboola.com/sg/zeotap/1/ Frame 60C7 0
166 B 152ms
51ms Image
text/plain 2a04:4e42:200::300
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=064e9932-3f55-42d0-7d35-1765ffd6a85c&reqId=c8c10f56-8495-4ae7-51f6-d0824dda76f2&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-vcl-time-ms: 8
date: Thu, 15 Dec 2022 01:09:53 GMT
via: 1.1 varnish
x-cache-hits: 0
server: nginx
x-timer: S1671066594.710735,VS0,VE8
x-cache: MISS
accept-ranges: bytes
content-length: 0
x-served-by: cache-lcy-eglc8600049-LCY

GET
H/1.1 200
OK u
dmp.v.fwmrm.net/ad/ Frame 60C7 0
411 B 600ms
129ms Image
text/html 2600:1f16:e61:3f01:9802:108e:78ba:29ea

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f16:e61:3f01:9802:108e:78ba:29ea -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 15 Dec 2022 01:09:54 GMT
Content-Type: text/html
P3P: policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control: no-store
Connection: keep-alive
Keep-Alive: timeout=300
Content-Length: 0
Expires: 0

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 60C7 0
166 B 341ms
58ms Image
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D064e9932-3f55-42d0-7d35-1765ffd6a85c%26reqId%3Dc8c10f56-8495-4ae7-51f6-d0824dda76f2%26zdid%3D1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Thu, 15 Dec 2022 01:09:52 GMT
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 60C7
Redirect Chain

https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=064e9932-3f55-42d0-7d35-1765ffd6a85c&reqId=c8c10f56-8495-4ae7-51f6-d0824dda76f2&zdid=1361
https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=064e9932-3f55-42d0-7d35-1765ffd6a85c&reqId=c8c10f56-8495-4ae7-51f6-d0824dda76f2&zdid=136...
https://mwzeom.zeotap.com/mw?cid=7a7e4350-f5da-4649-b2cd-a578c3daaf6a&zpartnerid=317&gdpr=1&gdpr_consent=

95 B
152 B

58ms
58ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=7a7e4350-f5da-4649-b2cd-a578c3daaf6a&zpartnerid=317&gdpr=1&gdpr_consent=
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 01:09:53 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 779b4be3da0571e1-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

location: https://mwzeom.zeotap.com/mw?cid=7a7e4350-f5da-4649-b2cd-a578c3daaf6a&zpartnerid=317&gdpr=1&gdpr_consent=
pragma: no-cache
date: Thu, 15 Dec 2022 01:09:53 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
x-xss-protection: 1; mode=block
expires: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 60C7
Redirect Chain

https://dpm.demdex.net/ibs:dpid=199624&dpuuid=064e9932-3f55-42d0-7d35-1765ffd6a85c&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=064e9932-3f55-42d0-7d35-1765ffd6a85c&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
https://mwzeom.zeotap.com/mw?cid=25072404297636441812359700926046217577&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=064e9932-3f55-42d0-7d35-1765ffd6a85c&reqId=c8c10f56-8495-...

95 B
152 B

59ms
59ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=25072404297636441812359700926046217577&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=064e9932-3f55-42d0-7d35-1765ffd6a85c&reqId=c8c10f56-8495-4ae7-51f6-d0824dda76f2&zdid=1361
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 01:09:53 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 779b4be3fa0e71e1-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

DCS: dcs-prod-irl1-1-v045-06601d6e7.edge-irl1.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: d5lQ2AkKSOM=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://mwzeom.zeotap.com/mw?cid=25072404297636441812359700926046217577&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=064e9932-3f55-42d0-7d35-1765ffd6a85c&reqId=c8c10f56-8495-4ae7-51f6-d0824dda76f2&zdid=1361
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 204 /
loadeu.exelator.com/load/ Frame 60C7 0
324 B 254ms
59ms Image
text/plain 18.198.69.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=064e9932-3f55-42d0-7d35-1765ffd6a85c&reqId=c8c10f56-8495-4ae7-51f6-d0824dda76f2&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.69.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 01:09:53 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 60C7
Redirect Chain

https://bn01.er.bemail.it/zeotap.php?_bid=064e9932-3f55-42d0-7d35-1765ffd6a85c&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=064e9932-3f55-42d0-7d35-1765ffd6a85c&reqId=c8c10f56-...
https://mwzeom.zeotap.com/mw?cid=BE1-2022121502-73311-0.851714001671066593-ba38aed38c2bd308df567db09e555af0&zdid=533&env=mWeb

95 B
152 B

55ms
55ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=BE1-2022121502-73311-0.851714001671066593-ba38aed38c2bd308df567db09e555af0&zdid=533&env=mWeb
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 01:09:53 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 779b4be3ea0d71e1-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

Location: https://mwzeom.zeotap.com/mw?cid=BE1-2022121502-73311-0.851714001671066593-ba38aed38c2bd308df567db09e555af0&zdid=533&env=mWeb
Date: Thu, 15 Dec 2022 01:09:53 GMT
Server: nginx/1.10.2
Connection: keep-alive
X-Powered-By: PHP/5.4.16
Transfer-Encoding: chunked
Content-Type: text/html

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 60C7
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
https://mwzeom.zeotap.com/mw?cid=7177176366390769809&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=064e9932-3f55-42d0-7d35-1765ffd6a85c&reqId=c8c10f56-8495-4ae7-51f6-...

95 B
152 B

56ms
56ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=7177176366390769809&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=064e9932-3f55-42d0-7d35-1765ffd6a85c&reqId=c8c10f56-8495-4ae7-51f6-d0824dda76f2&zdid=1361
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 01:09:53 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 779b4be389bb71e1-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

Location: https://mwzeom.zeotap.com/mw?cid=7177176366390769809&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=064e9932-3f55-42d0-7d35-1765ffd6a85c&reqId=c8c10f56-8495-4ae7-51f6-d0824dda76f2&zdid=1361
Date: Thu, 15 Dec 2022 01:09:53 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

check
pixel.tapad.com/idsync/ex/receive/ Frame 60C7
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=064e9932-3f55-42d0-7d35-1765ffd6a85c
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=064e9932-3f55-42d0-7d35-1765ffd6a85c

95 B
122 B

112ms
68ms

Image
image/png

35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=064e9932-3f55-42d0-7d35-1765ffd6a85c

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

159.248.227.35.bc.googleusercontent.com

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 01:09:53 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type: image/png
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

Redirect headers

date: Thu, 15 Dec 2022 01:09:53 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=064e9932-3f55-42d0-7d35-1765ffd6a85c
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 60C7
Redirect Chain

https://idsync.frontend.weborama.fr/ids?key=zeotap&value=064e9932-3f55-42d0-7d35-1765ffd6a85c&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
https://idsync.frontend.weborama.fr/ids?key=zeotap&value=064e9932-3f55-42d0-7d35-1765ffd6a85c&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
https://mwzeom.zeotap.com/mw?webouuid=4cJ8T4ojxz1Q8Snhawi77e&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=064e9932-3f55-42d0-7d35-1765ffd6a85c&reqId=c8c10f56-8495-4a...

95 B
152 B

59ms
58ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?webouuid=4cJ8T4ojxz1Q8Snhawi77e&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=064e9932-3f55-42d0-7d35-1765ffd6a85c&reqId=c8c10f56-8495-4ae7-51f6-d0824dda76f2&zdid=1361
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 01:09:54 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 779b4be55ab971e1-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Thu, 15 Dec 2022 01:09:53 GMT
via: 1.1 google
last-modified: Thu, 15 Dec 2022 01:09:54 GMT
server: Weborama Collect Frontend
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location: https://mwzeom.zeotap.com/mw?webouuid=4cJ8T4ojxz1Q8Snhawi77e&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=064e9932-3f55-42d0-7d35-1765ffd6a85c&reqId=c8c10f56-8495-4ae7-51f6-d0824dda76f2&zdid=1361
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 404 2.gif
dmp.theadex.com/d/949/i/ Frame 60C7 0
84 B 213ms
60ms Image
text/plain 185.15.245.81
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=064e9932-3f55-42d0-7d35-1765ffd6a85c&axd_pid=175
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.15.245.81 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 01:09:53 GMT
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: 0

GET
H2 404 tpid=064e9932-3f55-42d0-7d35-1765ffd6a85c
bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/ Frame 60C7 49 B
265 B 180ms
55ms Image
image/gif 3.248.128.187
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=064e9932-3f55-42d0-7d35-1765ffd6a85c?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=064e9932-3f55-42d0-7d35-1765ffd6a85c&reqId=c8c10f56-8495-4ae7-51f6-d0824dda76f2&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.248.128.187 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-248-128-187.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 01:09:53 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.21.25
content-length: 49
expires: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 60C7
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
https://ups.analytics.yahoo.com/ups/58697/cms?partner_id=ZTAP
https://mwzeom.zeotap.com/mw?cid=y-V7py4U5E2oo1LJKzavclVLdbVHC0et.NWQ--~A&zpartnerid=570&env=mWeb

95 B
152 B

57ms
57ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=y-V7py4U5E2oo1LJKzavclVLdbVHC0et.NWQ--~A&zpartnerid=570&env=mWeb
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 01:09:54 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 779b4be58ad671e1-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

location: https://mwzeom.zeotap.com/mw?cid=y-V7py4U5E2oo1LJKzavclVLdbVHC0et.NWQ--~A&zpartnerid=570&env=mWeb
date: Thu, 15 Dec 2022 01:09:54 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 60C7
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=064e9932-3f55-42d0-7d35-1765ffd6a85c&reqId=c8c10f56-8495-4ae7-51f6-d0824dda76f2&zd...
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=dxDSvG56TBytcCMETCdVXJeD3L%2BmV8Iq%2BS41iYitP1U%3D

95 B
175 B

58ms
55ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=dxDSvG56TBytcCMETCdVXJeD3L%2BmV8Iq%2BS41iYitP1U%3D
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 01:09:54 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 779b4be53aa771e1-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Thu, 15 Dec 2022 01:09:54 GMT
server: AAWebServer
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=dxDSvG56TBytcCMETCdVXJeD3L%2BmV8Iq%2BS41iYitP1U%3D
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires: 0

GET
H3 200 v2
odr.mookie1.com/t/ Frame 60C7 43 B
61 B 125ms
63ms Image
image/gif 34.98.67.61
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=064e9932-3f55-42d0-7d35-1765ffd6a85c&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=064e9932-3f55-42d0-7d35-1765ffd6a85c&reqId=c8c10f56-8495-4ae7-51f6-d0824dda76f2&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 01:09:53 GMT
via: 1.1 google
server: Apache
content-type: image/gif;charset=UTF-8
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 60C7 0
338 B 170ms
56ms Image
text/plain 54.77.217.9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=064e9932-3f55-42d0-7d35-1765ffd6a85c&reqId=c8c10f56-8495-4ae7-51f6-d0824dda76f2&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.217.9 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-217-9.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-served-by: beacon-n020-dub-prod.krxd.net
date: Thu, 15 Dec 2022 01:09:54 GMT
cache-control: private, no-cache, no-store
x-request-time: D=33 t=1671066594
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 /
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame 60C7 95 B
361 B 189ms
61ms Image
image/png 138.201.8.249
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=064e9932-3f55-42d0-7d35-1765ffd6a85c&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=064e9932-3f55-42d0-7d35-1765ffd6a85c&reqId=c8c10f56-8495-4ae7-51f6-d0824dda76f2&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 138.201.8.249 Lohkirchen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.249.8.201.138.clients.your-server.de
Software: nginx/1.14.2 /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/png
date: Thu, 15 Dec 2022 01:09:54 GMT
server: nginx/1.14.2
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 60C7
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=Y5pz3wADgMfYFgAe&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=064e9932-3f55-42d0-7d35-1765ffd6a85c&reqId=c8c10f56-8495-4ae7-51f6-d08...

95 B
152 B

60ms
60ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=Y5pz3wADgMfYFgAe&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=064e9932-3f55-42d0-7d35-1765ffd6a85c&reqId=c8c10f56-8495-4ae7-51f6-d0824dda76f2&zdid=1361
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 01:09:53 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 779b4be2f98471e1-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

x-served-by: cache-hhn-etou8220069-HHN
pragma: no-cache
date: Thu, 15 Dec 2022 01:09:53 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1671066594.621064,VS0,VE89
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=Y5pz3wADgMfYFgAe&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=064e9932-3f55-42d0-7d35-1765ffd6a85c&reqId=c8c10f56-8495-4ae7-51f6-d0824dda76f2&zdid=1361
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 60C7
Redirect Chain

https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
https://mwzeom.zeotap.com/mw?cid=4d2e639a-73e2-4800-888b-f96db2ec618c&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=064e9932-3f55-42d0-7d35-1765ffd6a85c&reqId=c8c10f5...

95 B
152 B

55ms
55ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=4d2e639a-73e2-4800-888b-f96db2ec618c&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=064e9932-3f55-42d0-7d35-1765ffd6a85c&reqId=c8c10f56-8495-4ae7-51f6-d0824dda76f2&zdid=1361
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 01:09:54 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 779b4be61b1a71e1-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

Date: Thu, 15 Dec 2022 01:09:54 GMT
Server: MT3 224 5671b77 master iad-pixel-x17 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Location: https://mwzeom.zeotap.com/mw?cid=4d2e639a-73e2-4800-888b-f96db2ec618c&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=064e9932-3f55-42d0-7d35-1765ffd6a85c&reqId=c8c10f56-8495-4ae7-51f6-d0824dda76f2&zdid=1361
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Expires: Thu, 15 Dec 2022 01:09:53 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 60C7
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=064e9932-3f55-42d0-7d35-1765ffd6a85c&reqId=c8c10f56-8495-4ae7-51f6-d0824dda76f2&zdid=1361
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=064e9932-3f55-42d0-7d35-1765ffd6a85c&reqId=c8c10f56-8495-4ae7-51f6-d0824dda...

0
337 B

56ms
55ms

Image
text/plain

54.77.217.9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=064e9932-3f55-42d0-7d35-1765ffd6a85c&reqId=c8c10f56-8495-4ae7-51f6-d0824dda76f2&zdid=1361
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Server: 54.77.217.9 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-217-9.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-served-by: beacon-n015-dub-prod.krxd.net
date: Thu, 15 Dec 2022 01:09:54 GMT
cache-control: private, no-cache, no-store
x-request-time: D=69 t=1671066594
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=064e9932-3f55-42d0-7d35-1765ffd6a85c&reqId=c8c10f56-8495-4ae7-51f6-d0824dda76f2&zdid=1361
date: Thu, 15 Dec 2022 01:09:54 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a004-ash-prod.krxd.net

GET
H/1.1

200
OK

dcm
aax-eu.amazon-adsystem.com/s/ Frame 60C7
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=064e9932-3f55-42d0-7d35-1765ffd6a85c&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=064e9932-3f55-42d0-7d3...
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=064e9932-3f55-42d0-7d35-1765ffd6a85c&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=064e9932-3f55-42d0-7d3...

43 B
568 B

58ms
58ms

Image
image/gif

67.220.226.234
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=064e9932-3f55-42d0-7d35-1765ffd6a85c&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=064e9932-3f55-42d0-7d35-1765ffd6a85c&reqId=c8c10f56-8495-4ae7-51f6-d0824dda76f2&zdid=1361&dcc=t

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

HTTP/1.1

Server

67.220.226.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 15 Dec 2022 01:09:54 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: WQA8Y7313E8B1SCJ82G0
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 15 Dec 2022 01:09:54 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: DRM766Y5P4HXFS3896K1
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=064e9932-3f55-42d0-7d35-1765ffd6a85c&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=064e9932-3f55-42d0-7d35-1765ffd6a85c&reqId=c8c10f56-8495-4ae7-51f6-d0824dda76f2&zdid=1361&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 400 87734
tags.bluekai.com/site/ Frame 60C7 0
145 B 374ms
234ms Image
text/plain 2.23.197.190

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/87734?id=064e9932-3f55-42d0-7d35-1765ffd6a85c&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=064e9932-3f55-42d0-7d35-1765ffd6a85c&reqId=c8c10f56-8495-4ae7-51f6-d0824dda76f2&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.197.190 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 01:09:54 GMT
content-length: 0
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 60C7
Redirect Chain

https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D064...
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=064e9932-3f55-42d0-7d35-1765ffd6a85c&reqId=c8c10f56-8495-4ae7-51f6-d0824dda76f2&zdid=1361

95 B
152 B

56ms
56ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=064e9932-3f55-42d0-7d35-1765ffd6a85c&reqId=c8c10f56-8495-4ae7-51f6-d0824dda76f2&zdid=1361
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 01:09:54 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 779b4be67b4971e1-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

location: https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=064e9932-3f55-42d0-7d35-1765ffd6a85c&reqId=c8c10f56-8495-4ae7-51f6-d0824dda76f2&zdid=1361
date: Thu, 15 Dec 2022 01:09:54 GMT
cross-origin-resource-policy: cross-origin
content-length: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 60C7
Redirect Chain

https://pixel.rubiconproject.com/token?pid=41544&puid=064e9932-3f55-42d0-7d35-1765ffd6a85c&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=064e9932-3f55-42d0-7d35-1765ffd6...
https://mwzeom.zeotap.com/mw?cid=LBODWH56-1K-1J9U&env=mWeb&zpartnerid=1770&gdpr=1

95 B
152 B

60ms
59ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=LBODWH56-1K-1J9U&env=mWeb&zpartnerid=1770&gdpr=1
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 01:09:54 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 779b4be5dafb71e1-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

Location: https://mwzeom.zeotap.com/mw?cid=LBODWH56-1K-1J9U&env=mWeb&zpartnerid=1770&gdpr=1
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 60C7
Redirect Chain

https://x.bidswitch.net/syncd?dsp_id=461&user_group=1&expires=5&user_id=064e9932-3f55-42d0-7d35-1765ffd6a85c&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BBSW_UID%7D%26env%3DmWeb%26zpart...
https://mwzeom.zeotap.com/mw?cid=04d829f4-4230-497d-a318-8bb385a64aad&env=mWeb&zpartnerid=1771&gdpr=1&gdpr_consent={consent_string}&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=064e9932-3f5...

95 B
163 B

75ms
66ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=04d829f4-4230-497d-a318-8bb385a64aad&env=mWeb&zpartnerid=1771&gdpr=1&gdpr_consent={consent_string}&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=064e9932-3f55-42d0-7d35-1765ffd6a85c&reqId=c8c10f56-8495-4ae7-51f6-d0824dda76f2&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 01:09:53 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 779b4be2895171e1-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

location: https://mwzeom.zeotap.com/mw?cid=04d829f4-4230-497d-a318-8bb385a64aad&env=mWeb&zpartnerid=1771&gdpr=1&gdpr_consent={consent_string}&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=064e9932-3f55-42d0-7d35-1765ffd6a85c&reqId=c8c10f56-8495-4ae7-51f6-d0824dda76f2&zdid=1361
date: Thu, 15 Dec 2022 01:09:53 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 mw
mwzeom.zeotap.com/ Frame 60C7 95 B
152 B 57ms
57ms Image
image/png 2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1353&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=064e9932-3f55-42d0-7d35-1765ffd6a85c&reqId=c8c10f56-8495-4ae7-51f6-d0824dda76f2&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 01:09:54 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 779b4be58ad771e1-LHR
access-control-allow-headers: *
content-length: 95

GET
H2 200 cmp.min.js Show response
spl.zeotap.com/ Frame 60C7 557 B
469 B 61ms
59ms Script
text/plain 2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=064e9932-3f55-42d0-7d35-1765ffd6a85c&reqId=c8c10f56-8495-4ae7-51f6-d0824dda76f2&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93b64576871c35fe8b7bbbc8a8a95c8187c2ad14f33084bd7faf49eac76a6d01

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 01:09:53 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 779b4be2191671e1-LHR
access-control-allow-headers: *

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
403 B 189ms
59ms XHR
application/json 162.19.138.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19341/hb_299506_4371.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.117 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

ce4e5de3c5b84cdfa380f0035885f189f42601ed56c02cfce5a9036ea8950add

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://buhgalter.com.ua
date: Thu, 15 Dec 2022 01:09:53 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame AFD3 5 KB
6 KB 335ms
59ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=5985606&p=156813&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 9c0f53c52e53fab2e2a462466c466fbcbcccea344c93c001a071189f5585d0ea

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Thu, 15 Dec 2022 01:09:53 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame CFD5 34 KB
10 KB 54ms
54ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: ca40af5b7af04cf167937b617182b5d05d3573a6decb868581a9f76979bd2b9e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?gdpr=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 15 Dec 2022 01:09:53 GMT
Content-Encoding: gzip
Last-Modified: Wed, 14 Dec 2022 13:14:04 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=43374
Connection: keep-alive
Content-Length: 10065
Expires: Thu, 15 Dec 2022 13:12:47 GMT

GET
H2 204 cmp
spl.zeotap.com/ Frame 60C7 0
0 60ms
58ms Document
text/plain 2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=064e9932-3f55-42d0-7d35-1765ffd6a85c&reqId=c8c10f56-8495-4ae7-51f6-d0824dda76f2&zdid=1361&cmp=0
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=064e9932-3f55-42d0-7d35-1765ffd6a85c&reqId=c8c10f56-8495-4ae7-51f6-d0824dda76f2&zdid=1361
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://spl.zeotap.com
cf-cache-status: DYNAMIC
cf-ray: 779b4be2895071e1-LHR
date: Thu, 15 Dec 2022 01:09:53 GMT
server: cloudflare
vary: Origin
via: 1.1 google

GET
H3

200

usermatchredir
ssum-sec.casalemedia.com/ Frame DE70
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y5pz32lSShwiiuUtlx-O-gAADTgAAAAB&gdpr_consent=&us_privacy=&gdpr=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEIpVOVbrE_oTfkyJR8Qb0nM&google_cver=1

43 B
846 B

76ms
76ms

Image
image/gif

104.18.33.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEIpVOVbrE_oTfkyJR8Qb0nM&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fbuhgalter.com.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Server: 104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 01:09:53 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rR4WYg3P3CQdclrcfg2gJ1BRtp8%2FphaXiz3yO6eSGJ1LJxEVRRaEgTziTil%2FOw7OiQWx9KnkNqJoagPyL3f4WLCKMORqCFTp4ZKIS8S2Hbk%2FVwUj6EJfTF346RVfQDM%2FMViYk0c%2FWEBbkg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 779b4be33aca7488-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 15 Dec 2022 01:09:53 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEIpVOVbrE_oTfkyJR8Qb0nM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 342
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame DE70
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y5pz32lSShwiiuUtlx-O-gAADTgAAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y5pz32lSShwiiuUtlx-O-gAADTgAAAAB&dcc=t

43 B
855 B

139ms
139ms

Image
image/gif

52.46.155.104

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y5pz32lSShwiiuUtlx-O-gAADTgAAAAB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fbuhgalter.com.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

HTTP/1.1

Server

52.46.155.104 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 15 Dec 2022 01:09:54 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: MV4112CCXC0XVP659E32
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 15 Dec 2022 01:09:54 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: PZC68J0J71QC0FVACHGQ
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y5pz32lSShwiiuUtlx-O-gAADTgAAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame DE70 70 B
264 B 60ms
54ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fbuhgalter.com.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 15 Dec 2022 01:09:53 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame DE70
Redirect Chain

https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=1092344996700675478

43 B
766 B

165ms
55ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=1092344996700675478
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fbuhgalter.com.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 15 Dec 2022 01:09:54 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Thu, 15 Dec 2022 01:09:53 GMT
AN-X-Request-Uuid: ac084d63-12ad-46d5-ae17-b38407aaa13d
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=1092344996700675478
Connection: keep-alive
X-Proxy-Origin: 82.199.130.43; 82.199.130.43; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

crum
dsum.casalemedia.com/ Frame DE70
Redirect Chain

https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=1092344996700675478

43 B
875 B

225ms
108ms

Image
image/gif

172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=1092344996700675478
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fbuhgalter.com.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 01:09:53 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FAdDI%2B2qspYB%2BoxMb2igW0F2mAQP98TXg7LIB1iJ1EbS8GrkenDa%2FSZSZjOfuS%2BNa3HAJ0RjSSFfOhzSgfPg4%2Fbo0Ura2fugJEyusYNVhy5hlyZMlmQP7VQGeL6D7QCh4q3HzgYw"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 779b4be3e83823dd-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

Pragma: no-cache
Date: Thu, 15 Dec 2022 01:09:53 GMT
AN-X-Request-Uuid: 48401ec2-10ec-43f3-8496-418ae3df7d7a
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=1092344996700675478
Connection: keep-alive
X-Proxy-Origin: 82.199.130.43; 82.199.130.43; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame DE70
Redirect Chain

https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1686791393&external_user_id=e27221f6-c1b9-44e6-9f4e-333d974a109c

43 B
766 B

115ms
54ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1686791393&external_user_id=e27221f6-c1b9-44e6-9f4e-333d974a109c
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fbuhgalter.com.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 15 Dec 2022 01:09:54 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

date: Thu, 15 Dec 2022 01:09:53 GMT
via: 1.1 google
access-control-allow-methods: GET,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: *.casalemedia.com
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1686791393&external_user_id=e27221f6-c1b9-44e6-9f4e-333d974a109c
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 157

GET
H3

200

rum
dsum.casalemedia.com/ Frame DE70
Redirect Chain

https://x.bidswitch.net/sync?ssp=index
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dindex
https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dindex
https://x.bidswitch.net/sync?dsp_id=59&user_id=01c3473b-bd41-4117-b860-63fb96660b83&ssp=index
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=04d829f4-4230-497d-a318-8bb385a64aad&gdpr=&gdpr_consent=&us_privacy=

43 B
873 B

126ms
78ms

Image
image/gif

172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=04d829f4-4230-497d-a318-8bb385a64aad&gdpr=&gdpr_consent=&us_privacy=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fbuhgalter.com.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 01:09:54 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8ubwjR%2BYAH9Y0q%2BrepBKEue1X6JmDgBi81jFMKYbXhvQ33mVv1EIFMnlX4F66GRM6IEQEpYOqxx7HasicEzMMqrfYp1sL%2BDW7sdMuMmsCxdv7M1qHGp%2BO%2BBCiN7Y%2BqLtoYRRmEbU"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 779b4be578f07725-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: //dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=04d829f4-4230-497d-a318-8bb385a64aad&gdpr=&gdpr_consent=&us_privacy=
date: Thu, 15 Dec 2022 01:09:54 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 bridge
cm.adgrx.com/ Frame DE70 43 B
283 B 179ms
50ms Image
image/gif 64.95.96.108
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fbuhgalter.com.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 64.95.96.108 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 01:09:53 GMT
server: Cowboy
content-type: image/gif
p3p: CP="NOI OTC OTP OUR NOR"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx: ams-delivery-10
content-length: 43
expires: Thu, 23 Sep 2004 17:42:04 GMT

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame DE70 43 B
352 B 155ms
50ms Image
image/gif 104.18.36.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?Y5pz32lSShwiiuUtlx.O.gAA%263384
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fbuhgalter.com.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.36.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 01:09:53 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
age: 9656
etag: "761e21-2b-546dc3a097100"
vary: Accept-Encoding
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 779b4be37cdcdd77-LHR
content-length: 43
expires: Fri, 16 Dec 2022 01:09:53 GMT

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 201ms
65ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Thu, 15 Dec 2022 01:09:53 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 306345
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

POST
H/1.1 200 692.json Show response
id5-sync.com/g/v2/ 216 B
626 B 179ms
61ms XHR
application/json 162.19.138.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/692.json

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19341/hb_299506_4371.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.117 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

5248fa8a8873f2a208e8934e4c9e6b89d9b9e2d4ca58a7dcddc081830899602a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://buhgalter.com.ua
date: Thu, 15 Dec 2022 01:09:53 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame CFD5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESECZZV2F_Vd_t8u0vVNcaLf0&google_cver=1

0
239 B

224ms
54ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESECZZV2F_Vd_t8u0vVNcaLf0&google_cver=1
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Thu, 15 Dec 2022 01:09:53 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESECZZV2F_Vd_t8u0vVNcaLf0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 337
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CFD5
Redirect Chain

https://token.rubiconproject.com/token?pid=25470&gdpr=0
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJPRFdINTYtMUstMUo5VQ==&gdpr=0

170 B
188 B

69ms
67ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJPRFdINTYtMUstMUo5VQ==&gdpr=0

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 01:09:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJPRFdINTYtMUstMUo5VQ==&gdpr=0
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

setuid
px.ads.linkedin.com/ Frame CFD5
Redirect Chain

https://token.rubiconproject.com/token?pid=36584&gdpr=0
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LBODWH56-1K-1J9U&gdpr=0

0
708 B

294ms
171ms

Image
text/plain

2620:1ec:21::14

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LBODWH56-1K-1J9U&gdpr=0
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Server: 2620:1ec:21::14 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 01:09:53 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: DB98B9C488F54D9BA8DD7F1156D6F8DD Ref B: FRAEDGE1119 Ref C: 2022-12-15T01:09:54Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXv04K+nlSazCVCi0s+Vw==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LBODWH56-1K-1J9U&gdpr=0
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame CFD5
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=_vMwHWymRb-80gUWDO-n8g&rk=usync-other&gdpr=0
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=_vMwHWymRb-80gUWDO-n8g&gdpr=0

43 B
479 B

132ms
132ms

Image
image/gif

67.220.226.234
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=_vMwHWymRb-80gUWDO-n8g&gdpr=0

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

HTTP/1.1

Server

67.220.226.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 15 Dec 2022 01:09:54 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: S6HY2XVABF48QCS7G4YY
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=_vMwHWymRb-80gUWDO-n8g&gdpr=0
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CFD5
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTljMjg1Mzg2MzJmYmZiNjI3Mzg2M2JlNWEzZTJkOGNmYjk1NTA4YQ&gdpr=0

170 B
188 B

69ms
67ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTljMjg1Mzg2MzJmYmZiNjI3Mzg2M2JlNWEzZTJkOGNmYjk1NTA4YQ&gdpr=0

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 01:09:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTljMjg1Mzg2MzJmYmZiNjI3Mzg2M2JlNWEzZTJkOGNmYjk1NTA4YQ&gdpr=0
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame CFD5 70 B
264 B 56ms
54ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 15 Dec 2022 01:09:53 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame CFD5
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0
https://pr-bh.ybp.yahoo.com/sync/rubicon/CuVpPbDwTIozQFU0UweF58n5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=0
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-C_ryKoFE2oI5Fod8KHoX4dWUoMRAugAS3k.jnQ--~A

0
239 B

55ms
54ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-C_ryKoFE2oI5Fod8KHoX4dWUoMRAugAS3k.jnQ--~A
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Thu, 15 Dec 2022 01:09:54 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-C_ryKoFE2oI5Fod8KHoX4dWUoMRAugAS3k.jnQ--~A
content-length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame CFD5
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=uKTM9hiKSdi5lJPMnCv-8g&rk=usync-na&gdpr=0
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=uKTM9hiKSdi5lJPMnCv-8g&gdpr=0

43 B
479 B

123ms
123ms

Image
image/gif

52.46.155.104

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=uKTM9hiKSdi5lJPMnCv-8g&gdpr=0

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

HTTP/1.1

Server

52.46.155.104 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 15 Dec 2022 01:09:54 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: D61XKEAQG0P564DQG2ZW
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=uKTM9hiKSdi5lJPMnCv-8g&gdpr=0
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 159E
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:f808639a-73e2-4f00-912a-46dbf885b260&gdpr=0&gdpr_consent=

42 B
405 B

60ms
59ms

Document
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:f808639a-73e2-4f00-912a-46dbf885b260&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Thu, 15 Dec 2022 01:09:54 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Content-Type: image/gif
Date: Thu, 15 Dec 2022 01:09:54 GMT
Expires: Thu, 15 Dec 2022 01:09:53 GMT
Keep-Alive: timeout=360
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 180 1fd3e2d master cdg-pixel-x34 config:1.0.0
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:f808639a-73e2-4f00-912a-46dbf885b260&gdpr=0&gdpr_consent=

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 1729
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5696810804952334747

42 B
195 B

60ms
59ms

Document
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5696810804952334747
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Thu, 15 Dec 2022 01:09:53 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5696810804952334747
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame 431E 43 B
363 B 191ms
63ms Document
image/gif 178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-cache
content-type: image/gif
cross-origin-resource-policy: cross-origin
date: Thu, 15 Dec 2022 01:09:53 GMT
expires: Thu, 15 Dec 2022 00:00:00 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 515861
strict-transport-security: max-age=31536000; preload;
x-errorlevel: 0

GET
H/1.1

200
OK

dcm Show response
aax-eu.amazon-adsystem.com/s/ Frame B25E
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=D050161B-22FA-4ABA-8A36-568D0D9A28EF&redir=true&gdpr=0&gdpr_consent=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=D050161B-22FA-4ABA-8A36-568D0D9A28EF&redir=true&gdpr=0&gdpr_consent=&dcc=t

43 B
855 B

231ms
211ms

Document
image/gif

67.220.226.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=D050161B-22FA-4ABA-8A36-568D0D9A28EF&redir=true&gdpr=0&gdpr_consent=&dcc=t

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

67.220.226.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Thu, 15 Dec 2022 01:09:54 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: FJP854Y2FEHGPAF9DGTW

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Thu, 15 Dec 2022 01:09:54 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=D050161B-22FA-4ABA-8A36-568D0D9A28EF&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: HPVZPEHVN2YXWEGJKENW

GET
H2

502

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 704A
Redirect Chain

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1092344996700675478&gdpr=0&gdpr_consent=

568 B
650 B

186ms
59ms

Document
text/html

185.64.189.110

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1092344996700675478&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 7921a6035cc8a0981a5dee737dd3d29b150ddd48407717d3fca4b6376f2b0e70

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

content-length: 568
content-type: text/html; charset=UTF-8
date: Thu, 15 Dec 2022 01:09:52 GMT
server: nginx

Redirect headers

AN-X-Request-Uuid: 9315538a-c157-4c7b-8a2e-decb73dc369b
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=utf-8
Date: Thu, 15 Dec 2022 01:09:53 GMT
Expires: Sat, 15 Nov 2008 16:00:00 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1092344996700675478&gdpr=0&gdpr_consent=
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma: no-cache
Server: nginx/1.21.3
X-Proxy-Origin: 82.199.130.43; 82.199.130.43; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0

GET
H2

502

Pug Show response
image2.pubmatic.com/AdServer/ Frame B975
Redirect Chain

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=97cBS_a3XRjstVtMouYVGqPmDx3stFwT8LN-aMdA

568 B
623 B

59ms
59ms

Document
text/html

185.64.189.110

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=97cBS_a3XRjstVtMouYVGqPmDx3stFwT8LN-aMdA
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 7921a6035cc8a0981a5dee737dd3d29b150ddd48407717d3fca4b6376f2b0e70

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

content-length: 568
content-type: text/html; charset=UTF-8
date: Thu, 15 Dec 2022 01:09:53 GMT
server: nginx

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
date: Thu, 15 Dec 2022 01:09:54 GMT
expires: Fri, 04 Aug 1978 12:00:00 GMT
location: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=97cBS_a3XRjstVtMouYVGqPmDx3stFwT8LN-aMdA
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
strict-transport-security: max-age=86400

GET
H2

502

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 7DAD
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7177176366390769809&gdpr=0&gdpr_consent=

568 B
623 B

182ms
59ms

Document
text/html

185.64.189.110

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7177176366390769809&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 7921a6035cc8a0981a5dee737dd3d29b150ddd48407717d3fca4b6376f2b0e70

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

content-length: 568
content-type: text/html; charset=UTF-8
date: Thu, 15 Dec 2022 01:09:52 GMT
server: nginx

Redirect headers

Connection: keep-alive
Date: Thu, 15 Dec 2022 01:09:53 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7177176366390769809&gdpr=0&gdpr_consent=
Server: nginx
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET

rtset
bh.contextweb.com/bh/ Frame F927
Redirect Chain

https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFdmJFN0hOT2dBQUNFQlhmV0VOZw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_syn...
https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAEvbE7HNOgAACEBXfWENg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee...
https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=2248455061056628094&gdpr=0&gdpr_consent=
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAEvbE7HNOgAACEBXfWENg&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D2248455061056628094%26gdpr%3D0%26gdpr_consen...

0
0

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame C0E6
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=Jhf9F5nuQKxQoXby6XAzd1LHgis

42 B
298 B

60ms
59ms

Document
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=Jhf9F5nuQKxQoXby6XAzd1LHgis
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Thu, 15 Dec 2022 01:09:53 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Content-Length: 159
Content-Type: text/html; charset=utf-8
Date: Thu, 15 Dec 2022 01:09:54 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=Jhf9F5nuQKxQoXby6XAzd1LHgis

GET
H2

502

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 5B41
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y5pz3wADgMfYFgAe&gdpr=0&gdpr_consent=

568 B
623 B

177ms
60ms

Document
text/html

185.64.189.110

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y5pz3wADgMfYFgAe&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 7921a6035cc8a0981a5dee737dd3d29b150ddd48407717d3fca4b6376f2b0e70

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

content-length: 568
content-type: text/html; charset=UTF-8
date: Thu, 15 Dec 2022 01:09:53 GMT
server: nginx

Redirect headers

accept-ranges: bytes
cache-control: no-cache
content-length: 0
date: Thu, 15 Dec 2022 01:09:53 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y5pz3wADgMfYFgAe&gdpr=0&gdpr_consent=
pragma: no-cache
retry-after: 0
server: Varnish
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-hhn-etou8220069-HHN
x-timer: S1671066594.979144,VS0,VE0

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame FEC1
Redirect Chain

https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}

0
93 B

62ms
62ms

Document
text/html

185.64.189.110

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 15 Dec 2022 01:09:53 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
date: Thu, 15 Dec 2022 01:09:54 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server: _

GET
H3 200 i.match Show response
a.tribalfusion.com/ Frame 2AA0 43 B
664 B 242ms
193ms Document
image/gif 2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache private
cf-cache-status: DYNAMIC
cf-ray: 779b4be49e052402-LHR
content-length: 43
content-type: image/gif; charset=utf-8
date: Thu, 15 Dec 2022 01:09:54 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
x-function: 302

GET
H2 200 bridge Show response
cm.adgrx.com/ Frame B914 43 B
282 B 66ms
49ms Document
image/gif 64.95.96.108
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 64.95.96.108 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, proxy-revalidate
content-length: 43
content-type: image/gif
date: Thu, 15 Dec 2022 01:09:53 GMT
expires: Thu, 23 Sep 2004 17:42:04 GMT
p3p: CP="NOI OTC OTP OUR NOR"
pragma: no-cache
server: Cowboy
x-realserver-nx: ams-delivery-10

GET
H2

200

generic Show response
match.adsrvr.org/track/cmf/ Frame 8B9F
Redirect Chain

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=501187715

70 B
264 B

54ms
54ms

Document
image/gif

15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=501187715
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-length: 70
content-type: image/gif
date: Thu, 15 Dec 2022 01:09:54 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

Redirect headers

cache-control: no-store, no-cache, must-revalidate
content-type: text/html
date: Thu, 15 Dec 2022 01:09:54 GMT
etag: RXfc43c8e52e98428082430b83583ac071003
expires: 0
location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=501187715
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma: no-cache

GET
H/1.1 200
OK cookiesync Show response
core.iprom.net/ Frame 3AA5 43 B
277 B 319ms
79ms Document
image/gif 195.5.165.20

General

Check archive.org

Show headers Download Go to

Full URL: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.5.165.20 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Connection: close
Content-Length: 43
Content-Type: image/gif
Date: Thu, 15 Dec 2022 01:09:54 GMT
Vary: Accept-Encoding
X-adserver-worker: komodo-a899d35c57a9@version_1.531
X-core-time: 0ms
X-server-arch: v2

GET
H/1.1 204
No Content pub
matching.truffle.bid/sync/ Frame 0F5E 0
0 197ms
58ms Document
text/plain 162.55.120.196
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

162.55.120.196 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.196.120.55.162.clients.your-server.de

Software

nginx/1.23.1 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Connection: keep-alive
Date: Thu, 15 Dec 2022 01:09:54 GMT
Server: nginx/1.23.1
Strict-Transport-Security: max-age=15768000

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame F63D
Redirect Chain

https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0%26redirect%3Dhttps%253A%252F%252Fimage...
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0%26redirect%3Dhttps%253A%252F%252Fimage...
https://pixel-eu.onaudience.com/?partner=161&icm&cver&mapped=43ee062b59d8e4649865f420f463bce2&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4OD...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=39puKE4JaUMYnTQYaRXTXWUX

42 B
202 B

60ms
59ms

Document
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=39puKE4JaUMYnTQYaRXTXWUX
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Thu, 15 Dec 2022 01:09:54 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=39puKE4JaUMYnTQYaRXTXWUX

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame AFD3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=0FAWGyL6SrqKNlaNDZoo7w%3D%3D&gdpr=0&gdpr_consent=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

15 KB
15 KB

55ms
55ms

Image
text/html

2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 01:09:54 GMT
content-encoding: gzip
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
server: Apache/2.2.15 (CentOS)
etag: "1300708-3de4-5d6ef246ef4cf"
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=48370
accept-ranges: bytes
content-length: 5549
expires: Thu, 15 Dec 2022 14:36:04 GMT

Redirect headers

pragma: no-cache
date: Thu, 15 Dec 2022 01:09:53 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 mw
mwzeom.zeotap.com/ Frame AFD3 95 B
170 B 70ms
54ms Image
image/png 2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=D050161B-22FA-4ABA-8A36-568D0D9A28EF
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 01:09:53 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 779b4be46a3f71e1-LHR
access-control-allow-headers: *
content-length: 95

GET
H2 404 qmap
sync.crwdcntrl.net/ Frame AFD3 49 B
266 B 180ms
54ms Image
image/gif 54.75.190.240
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=D050161B-22FA-4ABA-8A36-568D0D9A28EF&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.75.190.240 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-75-190-240.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 01:09:54 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.17.119
content-length: 49
expires: 0

GET
H3

204

ids
idsync.frontend.weborama.fr/ Frame AFD3
Redirect Chain

https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=D050161B-22FA-4ABA-8A36-568D0D9A28EF

0
16 B

65ms
65ms

Image
text/plain

34.111.131.239
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=D050161B-22FA-4ABA-8A36-568D0D9A28EF
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H3
Server: 34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 239.131.111.34.bc.googleusercontent.com
Software: Weborama Collect Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 01:09:53 GMT
via: 1.1 google
last-modified: Thu, 15 Dec 2022 01:09:54 GMT
server: Weborama Collect Frontend
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location: https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=D050161B-22FA-4ABA-8A36-568D0D9A28EF
date: Thu, 15 Dec 2022 01:09:54 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame AFD3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RDA1MDE2MUItMjJGQS00QUJBLThBMzYtNTY4RDBEOUEyOEVG&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
95 B

180ms
61ms

Image
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Thu, 15 Dec 2022 01:09:53 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 15 Dec 2022 01:09:53 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame AFD3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEF8wlaZzFRnUZ7lMpQM-kfM&google_cver=1

42 B
522 B

179ms
59ms

Image
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEF8wlaZzFRnUZ7lMpQM-kfM&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Thu, 15 Dec 2022 01:09:53 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 15 Dec 2022 01:09:53 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEF8wlaZzFRnUZ7lMpQM-kfM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame AFD3 43 B
610 B 187ms
56ms Image
image/gif 35.204.158.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

49.158.204.35.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 01:09:54 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Wed, 14 Dec 2022 01:09:54 GMT

GET
H2

502

Pug
simage2.pubmatic.com/AdServer/ Frame AFD3
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5702126016313188058

0
0

59ms
59ms

Image
text/html

185.64.189.110

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5702126016313188058
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Thu, 15 Dec 2022 01:09:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5702126016313188058
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame AFD3 70 B
264 B 68ms
54ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 15 Dec 2022 01:09:53 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame AFD3
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=04d829f4-4230-497d-a318-8bb385a64aad&gdpr=0&gdpr_consent=&gdpr_pd=
https://x.bidswitch.net/sync?dsp_id=413&ssp=pubmatic&user_id=csonata_5f67e7ce-0003-4c94-96f8-a167bf46eae7&bsw_param=04d829f4-4230-497d-a318-8bb385a64aad&expires=10
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=04d829f4-4230-497d-a318-8bb385a64aad&gdpr=&gdpr_consent=&gdpr_pd=

1 B
166 B

59ms
59ms

Image
text/html

185.64.189.110

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=04d829f4-4230-497d-a318-8bb385a64aad&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Thu, 15 Dec 2022 01:09:53 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=04d829f4-4230-497d-a318-8bb385a64aad&gdpr=&gdpr_consent=&gdpr_pd=
date: Thu, 15 Dec 2022 01:09:54 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 D050161B-22FA-4ABA-8A36-568D0D9A28EF
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame AFD3 43 B
425 B 291ms
57ms Image
image/gif 2a05:d018:d29:3601:a85c:a571:e676:b675

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/D050161B-22FA-4ABA-8A36-568D0D9A28EF?gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3601:a85c:a571:e676:b675 -, , ASN (),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 01:09:54 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame AFD3
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=D050161B-22FA-4ABA-8A36-568D0D9A28EF&redir=true&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=D050161B-22FA-4ABA-8A36-568D0D9A28EF&redir=true&gdpr=0&gdpr_consent=&verify=true
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-AFylmRhE2uU.8eh3Of7JfoKrEpD7GOM-~A&gdpr=0&gdpr_consent=

0
260 B

342ms
55ms

Image
text/plain

198.47.127.20

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-AFylmRhE2uU.8eh3Of7JfoKrEpD7GOM-~A&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Server: 198.47.127.20 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 01:09:53 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-AFylmRhE2uU.8eh3Of7JfoKrEpD7GOM-~A&gdpr=0&gdpr_consent=
date: Thu, 15 Dec 2022 01:09:54 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 204 current
pubmatic-match.dotomi.com/match/bounce/ Frame AFD3 0
103 B 71ms
48ms Image
text/plain 2a02:fa8:8806:13::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=D050161B-22FA-4ABA-8A36-568D0D9A28EF&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 01:09:54 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame AFD3
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=572c99e9-eb15-4896-adcb-cbb5e4187260-639a73e2-4348&gdpr=0&gdpr_consent=

42 B
309 B

60ms
59ms

Image
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=572c99e9-eb15-4896-adcb-cbb5e4187260-639a73e2-4348&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Thu, 15 Dec 2022 01:09:53 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 15 Dec 2022 01:09:54 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=572c99e9-eb15-4896-adcb-cbb5e4187260-639a73e2-4348&gdpr=0&gdpr_consent=
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

502

Pug
simage2.pubmatic.com/AdServer/ Frame AFD3
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7994457265435861948&gdpr=0&gdpr_consent=&us_privacy=

0
0

131ms
60ms

Image
text/html

185.64.189.110

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7994457265435861948&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7994457265435861948&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Thu, 15 Dec 2022 01:09:53 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame AFD3
Redirect Chain

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:ce4e9b25-91bd-4778-a5f6-1a6678b560bb&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

42 B
95 B

60ms
59ms

Image
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:ce4e9b25-91bd-4778-a5f6-1a6678b560bb&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Thu, 15 Dec 2022 01:09:52 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:ce4e9b25-91bd-4778-a5f6-1a6678b560bb&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date: Thu, 15 Dec 2022 01:09:54 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame AFD3
Redirect Chain

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1092344996700675478

42 B
95 B

60ms
59ms

Image
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1092344996700675478
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Thu, 15 Dec 2022 01:09:53 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Thu, 15 Dec 2022 01:09:54 GMT
AN-X-Request-Uuid: c4896cde-5767-4e5f-9a46-1859874df89c
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1092344996700675478
Connection: keep-alive
X-Proxy-Origin: 82.199.130.43; 82.199.130.43; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cs.admanmedia.com
URL: https://cs.admanmedia.com/981e2a0ec1c40493e59b139b8db4f728.gif?puid=[UID]&redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D737612%26extuid%3D%5BUID%5D

Domain: bh.contextweb.com
URL: https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAEvbE7HNOgAACEBXfWENg&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D2248455061056628094%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0

Verdicts & Comments Add Verdict or Comment

170 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

88 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
buhgalter.com.ua/	1970-01-20 08:54:18	Name: leads Value: a%3A1%3A%7Bs%3A13%3A%22subscr_source%22%3Ba%3A3%3A%7Bs%3A11%3A%22create_date%22%3Bs%3A10%3A%222022-12-15%22%3Bs%3A6%3A%22source%22%3Ba%3A4%3A%7Bs%3A10%3A%22utm_source%22%3Bs%3A6%3A%22direct%22%3Bs%3A10%3A%22utm_medium%22%3Bs%3A4%3A%22none%22%3Bs%3A3%3A%22url%22%3Bs%3A25%3A%22https%3A%2F%2Fbuhgalter.com.ua%2F%22%3Bs%3A11%3A%22refererData%22%3Ba%3A2%3A%7Bs%3A11%3A%22refererPath%22%3Bs%3A25%3A%22https%3A%2F%2Fbuhgalter.com.ua%2F%22%3Bs%3A7%3A%22referer%22%3Bs%3A16%3A%22buhgalter.com.ua%22%3B%7D%7Ds%3A2%3A%22ga%22%3Ba%3A1%3A%7Bs%3A3%3A%22cid%22%3Bs%3A36%3A%222770217c-5ec1-4711-90fb-2eeaf0879006%22%3B%7D%7D%7D
.buhgalter.com.ua/	1969-12-31 23:59:59	Name: RvOKUTN Value: 1
.buhgalter.com.ua/	1970-01-20 17:47:06	Name: __fp2_f2 Value: e8nPb7FA445qzF2xayzeMfsqwzprJsHp
.buhgalter.com.ua/	1969-12-31 23:59:59	Name: fAg3fA6 Value: 1
.buhgalter.com.ua/	1970-01-20 17:47:06	Name: _faguid Value: e8nPb7FA445qzF2xayzeMfsqwzprJsHp
buhgalter.com.ua/	1970-01-20 08:15:25	Name: __factor_utm Value: %7B%22utm_medium%22%3A%22none%22%2C%22utm_source%22%3A%22direct%22%2C%22utm_campaign%22%3Anull%2C%22utm_content%22%3Anull%2C%22utm_term%22%3Anull%2C%22url_path%22%3A%22https%3A%2F%2Fbuhgalter.com.ua%2F%22%2C%22refer%22%3A%22%22%2C%22site%22%3A%22buhgalter.com.ua%22%7D
buhgalter.com.ua/	1969-12-31 23:59:59	Name: pageCount Value: 2
.buhgalter.com.ua/	1970-01-20 17:47:06	Name: _ga_6VVQ37Y1T2 Value: GS1.1.1671066589.1.0.1671066589.60.0.0
.buhgalter.com.ua/	1970-01-20 17:47:06	Name: _ga Value: GA1.3.245198460.1671066589
.buhgalter.com.ua/	1970-01-20 08:12:32	Name: _gid Value: GA1.3.1857449955.1671066590
.buhgalter.com.ua/	1970-01-20 08:11:06	Name: _gat_gtag_UA_35985798_1 Value: 1
.buhgalter.com.ua/	1970-01-20 08:11:06	Name: _gat_UA-53572572-5 Value: 1
.buhgalter.com.ua/	1970-01-20 08:11:06	Name: _gat_UA-35985798-1 Value: 1
buhgalter.com.ua/	1970-01-20 17:47:06	Name: cbtYmTName Value: 06jxurfx6fGxt7bj6uPrsOfj5bDg6+u18a7s
buhgalter.com.ua/	1970-01-20 08:54:18	Name: _pbjs_userid_consent_data Value: 2024371239917068
.buhgalter.com.ua/	1970-01-20 16:56:42	Name: _pubcid Value: e3415b79-cd05-4e4b-84d3-010ed87fe589
.buhgalter.com.ua/	1970-01-20 10:20:42	Name: _fbp Value: fb.2.1671066589833.1470394213
loadercdn.net/	1970-01-20 17:47:06	Name: vui Value: bbb8e39823f54c319817a848e4ed6bb5
.doubleclick.net/	1970-01-20 17:32:42	Name: IDE Value: AHWqTUntGUdgk5mDtAeasS8Xrra17GRGekeCQlwDosWPiFx1XlGpbvGTQj5nSzfdcVQ
.buhgalter.com.ua/	1970-01-20 17:32:42	Name: __gads Value: ID=9d9abc8fd40be364:T=1671066589:S=ALNI_MZtqx8GguZ40Ds7aVDa11jq2KoV6Q
.buhgalter.com.ua/	1970-01-20 17:32:42	Name: __gpi Value: UID=00000b92a543bd03:T=1671066589:RT=1671066589:S=ALNI_MZ46AxNaeYTwK0lM9cwxcudp8anHQ
pbjs.e-planning.net/	1969-12-31 23:59:59	Name: CT Value: 1
a4p.adpartner.pro/	1970-01-20 09:37:30	Name: apuid Value: f911df3a-fde1-472d-98a3-9fd51c9b7037
.e-planning.net/	1970-01-20 17:47:06	Name: E Value: AGLwE/e-0tNyf4N2
.rubiconproject.com/	1970-01-20 16:56:42	Name: khaos Value: LBODWH56-1K-1J9U
.rubiconproject.com/	1970-01-20 16:56:42	Name: audit Value: 1\|hLZGFuTafB0rBpheJRRrFK2qEsFCZ0ctSdOhPT1GMTmePzsaxN2h5sKy8NJVoxQUe8x9FX/SGzLD4PlHyE3qACYbB5SW5XQ3DwdQPoJZYLSma+WVcS1g3g==
.adtelligent.com/	1970-01-20 09:40:23	Name: vmuid Value: 39ceda586c0ef01b
.adtelligent.com/	1970-01-20 09:40:23	Name: a307558 Value: f911df3a-fde1-472d-98a3-9fd51c9b7037
.adnxs.com/	1970-01-20 10:20:42	Name: uuid2 Value: 1092344996700675478
.adnxs.com/	1970-01-20 10:20:42	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GVVw<oN6!]tbPl1M>e)ZlrFUfJ+tGXxoXazHS3J/D^GXx)pd8`uLqUK9[mc?3c43FbU53If)y3KL9D3I?+Ia2(
.casalemedia.com/	1970-01-20 10:20:42	Name: CMPRO Value: 3384
.casalemedia.com/	1970-01-20 16:56:42	Name: CMID Value: Y5pz32lSShwiiuUtlx.O.gAA
.casalemedia.com/	1970-01-20 10:20:42	Name: CMPS Value: 3384
.bidswitch.net/	1970-01-20 16:56:42	Name: tuuid Value: 04d829f4-4230-497d-a318-8bb385a64aad
.bidswitch.net/	1970-01-20 16:56:42	Name: c Value: 1671066591
.bidswitch.net/	1970-01-20 16:56:42	Name: tuuid_lu Value: 1671066591
.lijit.com/	1970-01-20 16:56:42	Name: ljt_reader Value: F0UlCGZHxdQjbuqIQzyIGmoa
.turn.com/	1970-01-20 12:30:18	Name: uid Value: 7994457265435861948
.everesttech.net/	1970-01-20 16:56:42	Name: everest_g_v2 Value: g_surferid~Y5pz3wADgMfYFgAe
.targeting.unrulymedia.com/	1970-01-20 16:56:42	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-fc43c8e5-2e98-4280-8243-0b83583ac071-003%22%7D
.zeotap.com/	1970-01-20 16:56:42	Name: zc Value: 064e9932-3f55-42d0-7d35-1765ffd6a85c
.zeotap.com/	1970-01-20 08:12:32	Name: zsc Value: Z%94%0A%0B%B0l%B4%01D%02S%CE%0Cm%E5%AF%08%C4%85%BBt%C6r%98P%B9%23%F5%3C%D7%12%D2%1An%FEnx%D9%26%B8%E7g5Xg~a%B7%3A%AB%91%DB%DA%F6q%3C%C1%0B%C8%FCf%F9%97%B1%F6%28d%EF%11%12%81%AD%E5%D1%09%E3%AC%BE%9D%B3%92%3E%02L%CBH%F4%EC%CA%DA%0A%06%A5%FFT%2B%90%DDa%19%0A%E7%3F%99%BF%CBi.%7B%7F%B5%BBk%BA%EDj3%8EI%08%17%EE%90%11%81%9BA%86%F7%BD%15%BDfy%60s%BASK%13%F8%8FH%1B%AF%2A%D3A%FB%0E8%F0~jqzo%C0%04%BB7Z%D26%F0%24%05%88L
.ads.pubmatic.com/	1970-01-20 08:12:32	Name: KCCH Value: YES
.tapad.com/	1970-01-20 09:37:30	Name: TapAd_3WAY_SYNCS Value:
.tapad.com/	1970-01-20 09:37:30	Name: TapAd_TS Value: 1671066593626
.tapad.com/	1970-01-20 09:37:30	Name: TapAd_DID Value: ddc814b6-26d8-44b7-a626-aa3ca31b3456
.adfarm1.adition.com/	1970-01-20 10:20:42	Name: UserID1 Value: 7177176366390769809
.tidaltv.com/	1970-01-20 16:56:42	Name: tidal_ttid Value: 7a7e4350-f5da-4649-b2cd-a578c3daaf6a
.demdex.net/	1970-01-20 12:30:18	Name: demdex Value: 25072404297636441812359700926046217577
.tidaltv.com/	1970-01-20 16:56:42	Name: sync-his Value: "H4sIAAAAAAAAADM0NjY2sjK0MAIAks/ycQkAAAA="
.dpm.demdex.net/	1970-01-20 12:30:18	Name: dpm Value: 25072404297636441812359700926046217577
.weborama.fr/	1970-01-20 17:37:01	Name: AFFICHE_W Value: -RBYNa@fQFn913
.pubmatic.com/	1970-01-20 16:56:42	Name: KADUSERCOOKIE Value: D050161B-22FA-4ABA-8A36-568D0D9A28EF
.pubmatic.com/	1970-01-20 10:20:42	Name: chkChromeAb67Sec Value: 1
.pubmatic.com/	1970-01-20 08:12:32	Name: pi Value: 156813:2
.pubmatic.com/	1970-01-20 10:20:42	Name: DPSync3 Value: 1672272000%3A201_227_245_241
.pubmatic.com/	1970-01-20 10:20:42	Name: SyncRTB3 Value: 1672272000%3A71_243_251_204_7_3_166_55_165_21_56_99_233_176_22_81_88_13_238_161_8_220_234_54%7C1672358400%3A35%7C1671926400%3A63%7C1671667200%3A2_15_223%7C1673654400%3A203
ads.avct.cloud/	1970-01-20 16:56:42	Name: uuid Value: 01c3473b-bd41-4117-b860-63fb96660b83
.company-target.com/	1970-01-20 17:47:06	Name: tuuid Value: e27221f6-c1b9-44e6-9f4e-333d974a109c
.company-target.com/	1970-01-20 17:47:06	Name: tuuid_lu Value: 1671066593
.adform.net/	1970-01-20 08:55:44	Name: C Value: 1
.agkn.com/	1970-01-20 16:56:42	Name: ab Value: 0001%3AOfwnaUemEMJcdPDR0LRrk32NuOkxOHvd
.krxd.net/	1970-01-20 12:30:18	Name: _kuid_ Value: PQh8mJXW
.richaudience.com/	1970-01-20 10:20:42	Name: avcid-zeo-uid Value: 064e9932-3f55-42d0-7d35-1765ffd6a85c
.adform.net/	1970-01-20 09:37:30	Name: uid Value: 5702126016313188058
.1rx.io/	1970-01-20 16:56:42	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-fc43c8e5-2e98-4280-8243-0b83583ac071-003%22%2C%22zdxidn%22%3A%221508%22%2C%22nxtrdr%22%3Afalse%7D
.simpli.fi/	1970-01-20 16:58:08	Name: suid Value: 75EE28172D8447B3AAB03C7AC48710CA
.yahoo.com/	1970-01-20 16:57:04	Name: A3 Value: d=AQABBOJzmmMCEGoJdYpeRGIXDD42OUdWQp0FEgEBAQHFm2OkYwAAAAAA_eMAAA&S=AQAAAtTjhe3sUr6osLcnWN7C-lU
.buhgalter.com.ua/	1970-01-20 17:32:42	Name: cto_bundle Value: xWSoFl9HQ3h0cjltamU3SVQ0cWFUSjVZNmpmNjVybVlOJTJCajN5TnpLZHhpVENwaW1ESHZtSnA5MHhjZVJUdzVyNm84cFp5UVYxb1Yybk1NbXVvaVJPeVVVd3FYamVqeVdBb2kzJTJCb1dndFgyeUpkNkUza3FPRk9lOFROeXhuTW1LRmU1ZWw
.buhgalter.com.ua/	1970-01-20 17:32:42	Name: cto_bidid Value: p-NxMl9iSVlQM3ZvVWhIUWFnWUtRY1N4WkxtdzclMkZzMGIyJTJGb3pzbG9MYnZBb1FjYVlOM29Ua091ajJiQm1wa0pWU3U0QmI2OHJ3Y1lraFRKUDFndXpyVEV5SnclM0QlM0Q
.sitescout.com/	1970-01-20 16:56:42	Name: ssi Value: 572c99e9-eb15-4896-adcb-cbb5e4187260#1671066594116
.quantserve.com/	1970-01-20 10:20:42	Name: d Value: EI8BCwHoJ_ijAA
.quantserve.com/	1970-01-20 17:41:20	Name: mc Value: 639a73e2-1cfcb-0bb77-0d917
.de17a.com/	1970-01-20 16:49:30	Name: guid Value: 1.5696810804952334747
.csync.loopme.me/	1970-01-20 10:20:42	Name: viewer_token Value: ad55b712-bc8e-48d2-b764-39799d49e604
.bidr.io/	1970-01-20 08:11:07	Name: checkForPermission Value: ok
.fwmrm.net/	1970-01-20 12:30:18	Name: _uid Value: "o0f05_7177176370668233298"
.tribalfusion.com/	1970-01-20 10:20:42	Name: ANON_ID Value: asnvJOxZduB7RApTrryFg8E8ZbM1FxSEpq0icSWUjGlthLbR5VYlyTayu76FvkpUw3bbbQZcCOAqaD4YMaAGx1Ag0iD3ZdL7abdEKsI2ueKAnSdvMNOaQEa8lsMW
.amazon-adsystem.com/	1970-01-20 12:56:13	Name: ad-id Value: A5k37FrBsEb0tDxcDuw_wOo\|t
.analytics.yahoo.com/	1970-01-20 16:56:42	Name: IDSYNC Value: "19ah~28up:18z8~28up"
.pubmatic.com/	1970-01-20 10:20:42	Name: KRTBCOOKIE_80 Value: 22987-CAESEF8wlaZzFRnUZ7lMpQM-kfM&KRTB&16514-CAESEF8wlaZzFRnUZ7lMpQM-kfM&KRTB&23025-CAESEF8wlaZzFRnUZ7lMpQM-kfM&KRTB&23386-CAESEF8wlaZzFRnUZ7lMpQM-kfM
.pubmatic.com/	1970-01-20 08:54:18	Name: PugT Value: 1671066593
.sitescout.com/	1970-01-20 08:54:18	Name: _ssuma Value: eyI0NSI6MTY3MTA2NjU5NDE3NX0
ads.playground.xyz/	1970-01-20 08:20:06	Name: connect.sid Value: s%3ANCXh4xVUCHWtCXteGrIUhsJSvZTROfwo.THD17AzPmzK5WmdqxD8RwzpWJqKBCoavpsBkXF3qlRE
.mathtag.com/	1970-01-20 17:37:01	Name: uuid Value: 4d2e639a-73e2-4800-888b-f96db2ec618c
.casalemedia.com/	1970-01-20 10:20:42	Name: CMTS Value: 2132
.adsby.bidtheatre.com/	1970-01-20 08:21:11	Name: __kuid Value: ce4e9b25-91bd-4778-a5f6-1a6678b560bb.440280594
.taptapnetworks.com/	1970-01-20 16:56:42	Name: SONATA_ID Value: csonata_5f67e7ce-0003-4c94-96f8-a167bf46eae7

15 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://www.googleadservices.com/pagead/conversion.js(Line 28) Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
network	error	URL: https://rtb.gumgum.com/usync/prbds2s?gdpr={&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D739542%26extuid%3D%24%7BUID%7D}&gdpr_consent={&us_privacy={us_privacy}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D739542%26extuid%3D%24%7BUID%7D}&us_privacy={&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D739542%26extuid%3D%24%7BUID%7D}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D739542%26extuid%3D%24%7BUID%7D Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://sync.kiviads.com/8d39819b61aa03f45b0ece15913fb28c.gif?puid=[UID]&redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D739302%26extuid%3D%5BUID%5D Message: Failed to load resource: the server responded with a status of 400 (Bad Request)
network	error	URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=064e9932-3f55-42d0-7d35-1765ffd6a85c&reqId=c8c10f56-8495-4ae7-51f6-d0824dda76f2&zdid=1361 Message: Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network	error	URL: https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=064e9932-3f55-42d0-7d35-1765ffd6a85c&reqId=c8c10f56-8495-4ae7-51f6-d0824dda76f2&zdid=1361 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=064e9932-3f55-42d0-7d35-1765ffd6a85c&axd_pid=175 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=064e9932-3f55-42d0-7d35-1765ffd6a85c?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=064e9932-3f55-42d0-7d35-1765ffd6a85c&reqId=c8c10f56-8495-4ae7-51f6-d0824dda76f2&zdid=1361 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=D050161B-22FA-4ABA-8A36-568D0D9A28EF&gdpr=0&gdpr_consent= Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1092344996700675478&gdpr=0&gdpr_consent= Message: Failed to load resource: the server responded with a status of 502 ()
network	error	URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7994457265435861948&gdpr=0&gdpr_consent=&us_privacy= Message: Failed to load resource: the server responded with a status of 502 ()
network	error	URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7177176366390769809&gdpr=0&gdpr_consent= Message: Failed to load resource: the server responded with a status of 502 ()
network	error	URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y5pz3wADgMfYFgAe&gdpr=0&gdpr_consent= Message: Failed to load resource: the server responded with a status of 502 ()
network	error	URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5702126016313188058 Message: Failed to load resource: the server responded with a status of 502 ()
network	error	URL: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=97cBS_a3XRjstVtMouYVGqPmDx3stFwT8LN-aMdA Message: Failed to load resource: the server responded with a status of 502 ()
network	error	URL: https://tags.bluekai.com/site/87734?id=064e9932-3f55-42d0-7d35-1765ffd6a85c&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=064e9932-3f55-42d0-7d35-1765ffd6a85c&reqId=c8c10f56-8495-4ae7-51f6-d0824dda76f2&zdid=1361 Message: Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=15768000; includeSubdomains;
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

63660938f67a3637d11923d5813dffce.safeframe.googlesyndication.com
a.tribalfusion.com
a4p.adpartner.pro
aa.agkn.com
aax-eu.amazon-adsystem.com
ad.turn.com
ads.avct.cloud
ads.playground.xyz
ads.pubmatic.com
adservice.google.com
adservice.google.de
analytics.factor.ua
ap.lijit.com
bcp.crwdcntrl.net
beacon.krxd.net
bh.contextweb.com
bidder.criteo.com
bn01.er.bemail.it
buhgalter.com.ua
c1.adform.net
c2shb.ssp.yahoo.com
cdn.gravitec.net
cdn.indexww.com
cdn.jsdelivr.net
cm.adgrx.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
cms.quantserve.com
connect.facebook.net
contextual.media.net
core.iprom.net
cr.frontend.weborama.fr
cs.admanmedia.com
csync.loopme.me
d5p.de17a.com
dclk-match.dotomi.com
dis.criteo.com
dmp.adform.net
dmp.theadex.com
dmp.v.fwmrm.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
ghb.adtelligent.com
ghb1.adtelligent.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
green.erne.co
grid.bidswitch.net
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id.gravitec.net
id5-sync.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
js-sec.indexww.com
jsonip.com
lb.eu-1-id5-sync.com
loada.exelator.com
loadercdn.net
loadeu.exelator.com
match.adsby.bidtheatre.com
match.adsrvr.org
matching.truffle.bid
mug.criteo.com
mwzeom.zeotap.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
odr.mookie1.com
onetag-sys.com
pagead2.googlesyndication.com
pbjs.e-planning.net
pixel-eu.onaudience.com
pixel-sync.sitescout.com
pixel.mathtag.com
pixel.rubiconproject.com
pixel.tapad.com
player.adtelligent.com
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prebid.media.net
pubmatic-match.dotomi.com
px.ads.linkedin.com
r.turn.com
region1.analytics.google.com
rtb.gumgum.com
s.ad.smaato.net
s.amazon-adsystem.com
s.company-target.com
s.seedtag.com
s.tribalfusion.com
s.zmctrack.net
s0.2mdn.net
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
sonata-notifications.taptapnetworks.com
spl.zeotap.com
ssum-sec.casalemedia.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.adtelligent.com
sync.crwdcntrl.net
sync.kiviads.com
sync.mathtag.com
sync.richaudience.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.teads.tv
sync.tidaltv.com
tags.bluekai.com
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
um.simpli.fi
ups.analytics.yahoo.com
use.fontawesome.com
usermatch.krxd.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
bh.contextweb.com
cs.admanmedia.com
104.109.78.125
104.18.33.19
104.18.36.94
13.248.245.213
136.144.183.196
138.201.8.249
141.94.171.213
141.94.240.141
142.250.184.226
142.250.185.226
142.250.186.130
15.197.193.217
151.1.205.165
151.101.2.49
162.19.138.117
162.55.120.196
172.64.154.237
178.250.0.157
178.250.0.163
178.62.202.251
18.158.138.18
18.198.69.109
184.30.20.207
184.30.20.22
185.15.245.81
185.172.90.251
185.184.8.90
185.187.81.40
185.187.81.41
185.29.134.248
185.64.189.110
185.64.189.112
185.64.190.78
185.80.39.216
185.89.210.180
185.89.211.116
195.5.165.20
198.47.127.20
2.18.233.180
2.23.197.190
2001:4860:4802:32::36
2001:678:cb4:bbbb::11
209.191.163.208
212.82.100.182
213.155.156.168
213.19.147.45
23.218.209.56
2600:1f16:e61:3f01:9802:108e:78ba:29ea
2600:9000:223f:8c00:1b:5138:8a40:93a1
2602:803:c004:200::140
2606:4700:10::6816:1957
2606:4700::6810:5514
2606:4700::6812:18ad
2606:4700:e2::ac40:840f
2620:116:800d:21:7eb1:3826:be7e:d981
2620:1ec:21::14
2a00:1450:4001:800::200e
2a00:1450:4001:801::2001
2a00:1450:4001:802::2002
2a00:1450:4001:806::2002
2a00:1450:4001:806::2003
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2001
2a00:1450:4001:811::2002
2a00:1450:4001:812::200a
2a00:1450:4001:813::2002
2a00:1450:4001:827::2004
2a00:1450:4001:827::2008
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:831::2006
2a00:1450:400c:c1b::9d
2a02:2638:1::1a
2a02:2638:1::3
2a02:2638::1c
2a02:6ea0:c700::11
2a02:fa8:8806:13::1400
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:200::300
2a05:d018:24:b001:f5c1:a58:c5c6:d8ee
2a05:d018:d29:3601:a85c:a571:e676:b675
2a0c:5c81:5142::2
3.126.56.137
3.220.237.202
3.248.128.187
3.65.214.252
34.102.253.54
34.107.148.139
34.111.129.221
34.111.131.239
34.149.50.64
34.96.71.22
34.98.67.61
35.157.246.167
35.204.158.49
35.214.223.115
35.227.248.159
37.157.4.28
45.133.44.3
45.79.77.20
51.83.220.94
51.89.9.251
52.18.174.19
52.210.36.224
52.46.155.104
52.57.180.35
52.86.222.203
54.217.130.182
54.229.65.185
54.74.181.165
54.75.190.240
54.77.217.9
62.149.1.122
64.95.96.108
67.220.226.234
69.173.144.165
80.77.87.114
85.114.159.118
95.170.82.90
98.98.134.242
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
060bb8520b20eb55d3627c997fb70a310ee7340fca81019d845ec4d411f1f28d
061543b6ada60edddffd9f7c3f5a4fd1fa7c37e0f023816dbe1a8d4091daf49e
067c05e2c7753d239ee78b17453d28e62eea2c94f0bc9a3f79a66260cbc44bd3
07ab47c07bab62e7d7ff7bc8ec64936785a7e488438074dd3510227aa5c466b0
07b382d14e2714223655f23745e8bfad2b87de32d3bc5d145403ed07dbcce891
08e04409d774299c7ac6fbbd18203bb89d0febac102760ed40a76864a6bb4066
0945e4fad72d0c08a7eeb945cd19a38c4e1b159550a38336f397fd408223b8ad
09bf76bf9a693f6d1ff70fb63a0f530e6d880240a4cf8b53baa070cb244852c0
09cf7684a243dfc294f30f108a7a97ad7807efebc4699aeff4baf8b94c65d749
0a3e02b46fda4a5716fc628ae07ae1b5661f5b7155282103f0c64d4ba912394a
0a91fbed903c7ee569d116adee58d579d0c64775a469ee86d3cc4281f913bda1
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c593b478bac40d4bd1c30ccf349c6e118c347e0ed9881ff7e70a7c5de86493e
0ecdc6188a4b2ec48e2ebf84a2a6584e78473f1216d7119832b5dc109bec7492
110b303089a71f1b1c392a22406acdad508b9b0d39a1f39626827e86f3a5a78f
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1430ea5bee9ada7f0ac31c257d07e39063fa5ef2a2b0dbc8c5bbc59f5b275bae
159210f9ceb6561cae10aa34238d9c3d4a601a5ac825ff6d9f3e669d8bd0df0e
1631fe8086c93e23f9c0fbe009807c6e5c37b3485550469ec2fbc12cdf37209d
17380452670e8c3216bc2cf483c28eec5059a45c47cabf1b216e09a6815f12cb
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
188fc2045c73ceb0931b06357ec5c0a8c0b93045b831c79e557c25e4c8959d01
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
19f6c9e8bd713bf7286b327a846117f7fd9fc83a898664d89335b06dcce67450
1aa31ba22434cb7026165d529ff0d24580e0dafaf3310ecce65bd8785e8142b9
1b5d93c7fde9494b51649178dc37a45611b2578dbe1d7e851077f711cb377154
1c31b93ae89d6a88250940037e9c66ac3007045ed5e421097534ab301a47b031
1cd795d06d23422370a772ff4f11b2149589c1ef15e91de8194d92403ca2ffdb
1d4f265537a0fe0a2d8c8518cb6c450960e8099dbf89a344535f25ccac8ac344
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
1e18095b9d6ac7a64d0acc19a7691ceac4bb92f0da943acbe4183c75ab07f27e
1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf
1e598350485430106ce15a2db0eefa83278a3ec8470a540711321e527c420188
208d7670bfbcfbda1c4e41b34ad00bb0f55458ac1e390bfde7f3634129a37178
22ef740962bc0b112be9cf31438b5f65689bee5ea052a5538cf05d959cd4d96c
23b89bb3578573b474d7a69e2df32e8f0ee7839a44392edb040e4117a07ce6fa
24d2d062a3432cd4d5b5079a056eaa1c0267f7ac8299bbff426395d70d081f2d
251ef24a03bbd337691ac5091b17ecaa8ca0f3c3fd7ad895aa86cdd057c9f954
2529114a46f3952987efa80e97724451fc5d840998c44229a286aa7e91760e25
259c000134f1b62928de5c6c5b2fbd055aa9c1133a3d95ae6794acf455f86458
25ac498afc5276fa8ec59f6357c58415499286f3dd7e5638ceee497dc46e6fa2
26a3f227747bef076f84745aff171a08badd022bfbe1f74197dbca9bc443354b
2794e4bee8b85e3e25f439d6e2eff996da14eee39f04ccd2ab65436562be1fe9
27bf5587dcdf6b46c008ea961d5a4792d2d7b8cdff11db21f9251425e4c1c20b
296a988d4d9033be4c070388508bd7d4e7e2d149bd3f985ef21bf8de7cff2f9c
2c30bce9316a009e9a17785731b7c5b52af0e3f3f162efbc5787513b54cea138
2d27a1810a9c43b17603247c2757dba5e852432b29416d66de79bf6a3bbd1fd3
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e7459cc0f9e8b4c539ebbb3da87f4fb2aadbcc26f12fa542c4156a887fc468d
2ee69f515b17f5b570b287e1d92f35e94e76139440dbd97db70805430ffda58d
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3061a71d8be14bbf325156cea941da0e53ef184eef60c14331e15b4145b4dc7e
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
35e7f8f7928b3e3d000f44bfb363c048fafc63acc19c02dc05345eec924a271b
36bfcbfb8c235969f901acae944343611139ad8fe2ab577e907cbd2ca7cbef55
37da347c659368788bc175b4e7a2d04c02d21ce8295dfa6a94ec22e39a16fa5d
38d95de33678eb79a5d7632f0dedc17f54defe0da27cba210acb8916e520f8a1
3971a86564fe25b2262b78bf830d8af076f7cde4fe7b2167585b38571b3f180a
3a900e01d0fe1aff657c4bd76b444d95a928d4212f0ca42f93ec2df924353981
3b542bc706a41d36ca02e27cc3a6165104c2b7fdc57aa9a23ca63e164495c2c8
3e721117219198469e6833d133eb0fe938c8de9719567707cd056c8fe498ac9d
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ef4dab451e8353a9e8c16f22a793e446a8b540d5076c28e6f8cdc16dbb39164
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40cf551965abb3907196d630825291b27d1b77dd499bbbf12e07905a25afcf59
40e9daa92ef2651df72b0c61caf98903a6521a91e95acae8bebf8630f4aa5fa3
44730f760642d44ee6e109005f57f7e72d802e872ff66ef86bf9c81a0e8b2bdb
4525487494301ffb0f55f67d2aa50d686f513dcf900c8bf54c35fa5f3fffcd1c
463bfa0e94e1405a4e865713ee334314aa7d4c39fdb4ac12c07134ae35797cd8
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47f6ea42aec2a15bc8de33071b9b54dededd42a35849a37841122af7ca327bb6
481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4add04572e7373a6d6e2f12ab6104d0095d40b254dca097bac3da06fa2ba249c
4b0f35f95fc755a668df4a9a4523b3d1bc4af9e5cd0d625ee25dfb8359e0897f
4b433c028dffa29bd11b814dc7818c0e1ffb5a35e5d06717d8f5d6665903498c
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d3233a6485acc4ec5fde5863aab9239b6440bf1cf57e458b2307f5f05dcc715
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4eb180eb069de31197b52541710c9a40f3d060fdfd032dac515efd1ad7b524ef
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f9695de838f580539a55fb51b39700729e469625f429ef612e7e3173bd004bc
4fa18ae7faa4c864e0c14d23b00a46e5cb48f7509335d3d9ece052ff93c328d5
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5248fa8a8873f2a208e8934e4c9e6b89d9b9e2d4ca58a7dcddc081830899602a
52b55ae47fb6f7ce41328be63dce372ff1e2c28be04a4d1e7a3ba68152acfa7c
52db729bbfda2646c18d63f4ad32c8bb07ab396a30c8cd49b22d0481af5310c2
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
548380e122d803f48793944b0647688a3ca81ac214f1865ab2c5f54c07bdb4f3
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9
56de3400b5bd516c0c4f1b166e6d15ac0fd56a6fbf69b1d5c41e214b09a7468c
57433e1293341458165bf38974563d349e5c2116f089af926afe7bf6a4e4a49c
57fb8dbf805f4ef6f98ecb285fe1a059799810678c0c589dce03a14c00a6098b
5833f676a69a7385d07b129f61b2545762ac94c5691a5c8fc82b1eff66d74737
5a1b9d6d1b5dc426eab22aeadcfedc4778b00e8c23a11b080ac0aa1b6018f367
5b733c639ef5297518e0114f568394da68c7a86ff1d02fa96a8df46c71a53ed2
5d3c11e85a33eaeb4a97b508eaf47b37b5a6a2b02dcb0a51d073e66987efe795
5d594ba26ee416b204c8a7929d69d39e29630ecb77b3e086d77e0d810bc2083c
5df1c782e6b4c31324e47bf91e7e8084ab9e1ca64f99b74e811e1ee6249d5f47
5e1055767f6d4ebc018c9e2386d3ca843ce1cc24daf9add01c652a15b7fdaf4d
607d0422a5347365b22aef6d939cdac218c2f94d29b151bb45f406e1f5776a3f
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
625614d0c74d2cd49b55966090b740556a74d6f81fab60a6ba40cbeb2a328ebd
62d2676484e2e6f0f9b3b10c8f12b5d23d73af1494de32cfb6d36da94a698992
63354c29108539d0f4a83da6b7e76c664d7fca30f74b1a897994f1ce1e52e1d3
6356465097a91fe7436546d26b9a0575a5092cdea33572d65d1ee447777890c5
6556bb5bcb9f747306ab57541a8a3c4827df131c381bd1003b950888de5fde82
6689b10d16d6c6f738c2fae6e209c53d7b4ad2d597ba712e0ecc2f1852a280ac
66fd61cb73f512d08cc001e8e0e38fdbf56ed1e3fc309dcf35f63ebb281cd6bc
679449bd06f6cbbe46b129b5009ce6b490d323677b02fac4a62b10bdfc678ddb
69768ececc08139a577e3382f14cdec2f0c549663ab259f280e2f83e709065a2
6aa60dd23a74b3701f5ed911709abd25ac4e7f4a8cbd13d777fda48db32915f8
6e2665418e0df34ced2de716737db5950a9568a1057d4e8f31e2d2ff3a863ef3
6e337204ed03b6e4418d9b9b436cd2614831b06c4e1a9ca156d47ece9ad0951c
71fc757e22b129ab13e9544ee9d197a52cd4e69524302c44f6588b8117ad2fcd
741cb5b795c866f5aef2c01f64bf8eda484c92bfebe3ee309c9ed35cd252f033
74c3d6e4e68a777357e0779c0dac3ab4b146a1b9f95f5884893f453e703ef745
7535435b268eceb5a194a8a6065e853af11815cedcbe1769155617d3a8487d60
75471d692aeb9322e75a041dcb0c363657eb51db495b14d5555c5e7a907fa799
76576793bc91f4453395c874e246782c27c68e96e7ba20b97770051bbb05a0c6
7704281ee0b386ac39b9b1f6ca82401efc3500b75ac160e9a46ab6246974d9a5
7753c6ffe72748466fed6e2038cb9a3262861494b5e8ac0de2616b6d4dd04077
775d443b7e2675d3902ca99dc88b89439ad04cef38d641b7b33a3e0626db1174
7921a6035cc8a0981a5dee737dd3d29b150ddd48407717d3fca4b6376f2b0e70
7b63f721e824f90d7f3144b2458f93b1697419fc8790f35537a064ed757a1b80
7cb32d973638c94c708c3bfd9d908d9c899f1f77930c149059a1ce06ef4cefb0
7d5bed178d04622ad95cab658071133ce2ea6b1b394fd71179ec07b5de122bc5
7eabd269d94046e76c744518aa01578a00047c238727208cded024567d7a0974
7f0d58f8de983038fc2e9611c2a5125438cca28c3f970fe033f15917ad688e16
80c6347d3180d4cae140a9662cb207dd88a30b5cb41e860aa4e3201f1aa61d6d
81176c534052a3626cda2890a500863f570d84e5c4c0535c71c441442e143a37
82a4df0a6f0f70b0df90aeef7e01e356a0a5859da073e4139145dffd0844b226
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
82e668b64963f64e2024d3aff5c6d69b9c603717cf22d3f001d0011e7641d467
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83523c345859644189806baf5aadeb7c5817c6e351309f472c47e0aa3f152470
83b1d8d20ebfbcaf63853a41a115073a07c52e3d46d8202da03c6f4380761f36
83f2963ac96def32a52b88d46767a0e6b4f7d5deeabe40bdcd795ce25b99217a
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
84d368b23e95809600d8e96a8532cc3b88c49cecd69a058d249b4ec0024073ba
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
87a156566bf61f245a0b0d6c16f0446eb7cc4a36a9350be545fa37259a40b71a
880620a7585e7391c2d6049166ba8bffd02e39a9d4c506900cb8dbb993ef51b1
8a82709cbed53757323e79a428da4e82560cd950d67a23bca49ede0801cdbb98
8d08002698e3eea9504529fb40cb7ee307d4bfcb79b26e6b7a9f0d88583ae8ae
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8deb67254751f43461a98ec68fecb5e540791222bef1d4c6fe182a6e18d3a0e2
8ec634f8aefa36b17286a364f9fcfeec31beffc07a283feda4a200e0e332e6ce
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
92f92a1ebc824f2525cb1842c197af9e446817fd691f893de3426995a81f6fd6
937a606b62cd79020f88acd43058ffabf9653ab56eee87f6c1dff4a78a66a130
93b64576871c35fe8b7bbbc8a8a95c8187c2ad14f33084bd7faf49eac76a6d01
93ed0fdfbb18dc96087612576338123c4042c8f2faa0178cb279a10ea54db66e
94d7ec1ea563f6e407c32352b0a74f09bb645a4c4a4805951c3a168e57fbb554
973b96bdde304fd414a6cae991ed6315474726193cad87d6be4ccb66058e8c5b
985b3bfc35b7c9e0a5e686fdd4a251828b4e2599cee09b057167c552a685f319
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
992827ede07d6866de2e1f02fdd6fc5d09040009cbed9474a9c93b53d754f33c
9993912d3b5ba3ac5c8662d54428458c6a00ce001ea1c179def6d3fe6c3e45f4
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c0f53c52e53fab2e2a462466c466fbcbcccea344c93c001a071189f5585d0ea
9ce75ed467996485eace448fc8554374409488e31678c2e1efb995c77449c0e4
9d1cb86ec27e86dfdefab39206fb510070d00b81d91f11ddc6720e3c62629d32
9d3d2dd6ad732e495ac974bd642bb3f1caa6c62b19ea2dae20ede5d7a2fb06cc
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a18472ae86a7b20ced524d98ed60a37cc38d222dd6891200a0edcc335d3d9350
a1b43339886c2df3f1451af8474e95a8923085ef0fc240820e7a8218110d573b
a3492ab3d262a82e24fbabfecd777c0800964578ca1e00a363307bd3e590dc77
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4f9fa103935fadea54ea87412c9697a65d9545e2b4d67b3b3f984590c1f0dea
a56602d44222ff0e9c9c9d8faa30c87de0a0b053145aff4a43be4588d216157f
a7175d1d334c622399772f16264ac7a80176047397f32836b6e0b004a59969e8
a84684c392beb111f1ffc575860f0fd182e14aa8953829b5655a90cf5094e898
a8550a94685f06ab1aef92ea68d8fe7e47237beb1bb95334f25a4f36463bb809
a8e029e3c59f822df699fa3b2537d29de79b57e05c07abf7c02e86381c18aadf
aac16f954d581bdc9117839285ab45c1e9c71133dbdf18d0e72f420f18d99f13
aac32479b7e00e374a47b5c6daeb907574805cd3320d6d2c520764c6ee96c12d
abf2a4b981439fd1bfd908b09d480d4ddcd77b220c5d68f2aa342e7582396db8
af3cdf289b70a8a5e93335d93422a5382298d567a49357000d0caee0cdc7d002
afe20a28083424f3ba1db21be7e5b560e56df65d5722ecec0e163abffb442a47
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b044100db87d9ea6f2baea5b4c2cacbd92d3f76a8fb521cdcddca8c26c196c1f
b08698275b6b0557ca70ae5f736a6c2b37299963d6765add79f7263d6cbf74a1
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b265408716dbe3e1a43a7bb536defb88b2a4df5e02fd12f1262ded3e46b2c9c2
b272da8532a2532b094eb8b01d0c38fac4cb5cbc2a48e620f40cdf886db497a1
b332bf092a6ec4e18066cd5474c3b23c6d707287102de240eb9c1bd21ea1a1ac
b3513b034d0ecb8f59408a1ca4b9b3a8ba63c68f07f877b2e1e1f34da644afe1
b359e6245000ade04dafbef2e6075319d92057aac9547c2d6d9e37e296a70c91
b35b72ac1876a9d5ec1b9955529f4070e971ce9439a1394970143145b499117f
b36e2f24c228d4aa3773ac182616c0cf6835f37725be8de6ce7305caa2a99348
b3d7d3c47dc2ed2229601da34d1b8d1a9f7e7405e2a495c582544cd4fe82dc20
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b4b6d898c081feaaf31175668b7a4837cf08ee6480fce388cbb93fc710646d07
b61c483c1ef272649d59390899f6ba6dacc4a0047fd5f31fb66a5a4bcb5af0ea
b6681c00074d8e62bb49a4c31444da8096a55f8830f62e4e8cf7b00882ba6cdb
b69fdfa4e18734db7fededfa6c5c66f51d4a69abbc4c14086904dac3282a82b9
b85d7fa055e8b665569d2d787b707d7a97f2be2d74571a62349a94cbc54a29e4
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bd81384f187e42628894eed4bb384acd8209a3980c45c3ab285ac154f28bf9a0
becc2f12fc16bcaccd2ab6df5adb333d2001488b3d49423dde53a688d3acc5d5
c1862f5fa7dd3945e2bab43995b64fa4f720581a0b070afea4dc9431b9cfabd8
c1ccf8f543009a813c29e737c9d9b1c5348169995360fbab23c402ab35c93374
c1dffd59aa695c7624ba66ca5c2a1f152f44821259b74a05a3e76f59e84331fb
c1e253200f916f76ff84eed9148f10f19670158475f152653d064f4c6127558d
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c29d67f4e9401f25dc64727b141330574b2392bfd7713ee2c2346c89d7c0d09e
c4a5a12744673c5a2dbb3653fcf99e1d86f9630f2a49ff4aa892cc5018794720
c4a6f381a5dfdcf76a9c61b3aeec81e4899cf5b2141eeb80db87a81ecc4e1d21
c4d60e53476012ab254ca2f3f479903a6be9ead3cb39a9ea353c51ec75c618c8
c52a8264c8a4dfb27b101c226b29ed7df32bd643d17550a6aabf8d44d880c75d
c52ea3c0b9b1233a70ed9ee281fec4418c13f8688c556ba31e587e0570cc2b43
c5a7e1a01e97fddf0d6fea76f7a895d53516d76728a4615816a71afa8141d8df
c726060f1620cade494fe569028becc09f3b85f736740ed9bf5fe05d43b8d809
ca30c33aa5f114d6c4810f2546893395a3047705d5a8b23cb60bba9a157a77ef
ca40af5b7af04cf167937b617182b5d05d3573a6decb868581a9f76979bd2b9e
cb89401c31c55eaf5d321b8d956d8b26717e2fe7663101a173619f642cb11d63
ce4e5de3c5b84cdfa380f0035885f189f42601ed56c02cfce5a9036ea8950add
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94
d0e59aaca8c9a62d2ae97808a1d7c958012a860f486ecf0f35c73308ac3623cb
d2662a875592496f399e5bf9415226f909a9e0c258c9ca13b17eed409cd78f44
d285ddb67b0c0d1642d8dbc0d6c122085eaf32cc6df3f165febbb4a47d05c9b5
d453778582484007a5a8c9b610fbe6a12a863260562fadd46f8e402f740ab12e
d4c5780344a410ba6f301b65ec5a0fff84b5ff87bdf3e65c7f6f52958beba7e0
d564e795aec94a8c74308ecec87cb269c8b536135086e36ba14ffa7f22434264
d691477018d0f0957939aa725df7f8a979d42731cd24ffc4b2a91e8cb456db82
d6b2aa7cacca20fd34241e7282178408115655af28e7c5f668d33093473d0a58
d80bd54f6f01cdaa4f9b4bf238a45def7223316f3613971da9a6a417c62b5364
d8ee6435761532684a8d1d79368bfadcc4ebc56c653721a4c2a3e649b69922df
d92d296d6911b11f67b74a7a40064dc8b9e6d28084a25146302969da82721a30
d9e43e7995a86f38fd683b9cd0ad1a12f911969dc1b58c302e95682c89124d61
dafaa937eadd710a78845e1e43b6facb9b04efd0c94ef1b5d0639b70a9e4b76c
dd4854435065d48731b98521609df5871811b42678e96969ef0dccdc4432c853
dd9366b123766ecaeec85d47719aaa8ddbd3b68aa7e1fae5434fec5133ebd7cd
dd93828e32c2bb1f749cf9b3744181c7788a3fd20ec69d807a373e2015fae631
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de845987f3459366a295fa160b916e6945c7b96961d7ba73d441b03f211811e8
df352596341aef158df4b1735cf3b02723951a0a584685f896ce3782f6e33f29
dfc9e310e3e2c3214a7d741b07c5c0a9bbe19e3aa3fb8371019e09c518aebe62
dff58454aec949f0389c068dddbb9f134997ac75c1d8a673d554bd83534e36d5
e027435211ef2a57f103c525775456d802bd6ad5acaa62117d45e10930c7af7e
e04a21817c4abe4d43fa4b2858c3e469b5da139742bcd6a6261ad6592f078b23
e142124087c412eef969cd891c1fc1e1629fc878fc1641dbfe44bf9ef38b187c
e20e767839f09483c5eae25b181b720e31943d94a40dda6e7a6ea1e2809dcdb7
e2375265c2c58ff376a5b20241c598a2822e043c80935b4a27b50306b4338280
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e4c0f1f5cf1875367cc8b71351f8c98ab96a6eb94dd3143174aec93d16deb57a
e4d808bad95e4317de730ff30cb286cbe71f03a65d49d59b65bfc8c58bbc1ffc
e5009c32004b280754d4a909be757efbf8c43ff9df959a651beb7e7cce9e0510
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e94d0e2d56d7e7d35935918e549a374568fad167f2c8f4e5189104fa6546d8d5
e955ea3c7cea5f641e22b09184850d60c3a4a8eef354d739ca9e0ac25daebfaf
ea35c5d1362d678749f64a9e5e667ff8e8cde215869401caa753c5e6585f568f
eb590b7254a384bfc0df1b77c5f86bff593451eedfb77ec7e98de0e8f7718d70
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ec7cf723e138fd1ced41f6f1c2c0d724c43183a65b54ebaef160e9635fc222d6
ecc36cc1d2a1b39c6dcc4d23c5e1c029f1d2c78e8f696e094c8ea8db964e5664
ee536e5369e815ef105334cd9b44dbd9ad3a9a0f107756a2aa40085075b7dace
eed474a49bdbf745c19e463f070e67977c1ab27835603eb749d9e5c249cf81f8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f009046c8dfa738f7b73d46544595b6d47858c62f8af8c9a1fa87be048d17330
f1b4809c02c833ef4a89170232005bdb3b7b825cd4a1b16e1f7868fdcef834d7
f1f2c754697a52684fccacaa9e300ac3268d6c13837b9ac7f46475cc67de8d4c
f268e67bed4c1584ddf22b804ba2e482c2ed18c8905a1f032406bf846d7887dc
f2a8720de45d6e2afa1037156d17e6b24e05d98b9f3ffb06ea6dbd8faafb3297
f3fb84ac22d9aa3bcb4eb5a032abb61f745d15a6e89e4b5c87a60d08bb48bbd8
f419ad7a4477f36ce73c74a23dce784150ca38fa5075a8e06109709cbb716903
f6746a9c24952c674339bee15c931fe98677dfd627a2f4916701b2b59376fb88
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f77bdfc493418da1a85260cc1b790bd02c9d0a09426ed1ad89a9613aa16e5758
f7c81f756187282cde04eb081009912e336f388013eb18b70b9895f4cefb6a79
f7ec7b8677014393b78f8e512a7b08dd6227d6d54fb6c145ab0ccc5a71b11600
f7ec9f64994c0f12acd8ab801d6709a5373b161d22752d64c316fc4dc6b04026
fa730e45f1461662728ed590039a2cb0900eee5486af662670dccca0e7f0ddd6
fd3eec52805f5b6243e9fe47efb617a37254f80fdeafe26f9d39e007635e0266
ffa2e149a7cb4362696d47b85863b157283c7225b648bf0ea43e0591165e4c2d

buhgalter.com.ua Open in urlscan Pro 136.144.183.196 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

350 Requests

81 %HTTPS

31 %IPv6

92 Domains

137 Subdomains

93 IPs

13 Countries

2510 kBTransfer

6615 kBSize

88 Cookies

14 Outgoing links

Page URL History

Redirected requests

350 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 83 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

buhgalter.com.ua Open in urlscan Pro
136.144.183.196 Public Scan

Screenshot
Live screenshot

Full Image

350
Requests

81 %
HTTPS

31 %
IPv6

92
Domains

137
Subdomains

93
IPs

13
Countries

2510 kB
Transfer

6615 kB
Size

88
Cookies

350 HTTP transactions
83 data transactions