buhgalter.com.ua Open in urlscan Pro
136.144.183.196 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://buhgalter.com.ua/
Effective URL:
https://buhgalter.com.ua/
Submission: On November 05 via api (November 5th 2022, 1:05:29 am UTC) from GB — Scanned from GB

Summary HTTP 425 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 107 IPs in 14 countries across 98 domains to perform 425 HTTP transactions. The main IP is 136.144.183.196, located in Haarlem, Netherlands and belongs to TRANSIP-AS Amsterdam, the Netherlands, NL. The main domain is buhgalter.com.ua.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on October 31st 2022. Valid for: a year.

This is the only time buhgalter.com.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 39	136.144.183.196 136.144.183.196	20857 (TRANSIP-A...) (TRANSIP-AS Amsterdam)
8	45.133.44.4 45.133.44.4	7018 (ATT-INTER...) (ATT-INTERNET4)
3	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5814	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
5	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	95.170.82.90 95.170.82.90	20857 (TRANSIP-A...) (TRANSIP-AS Amsterdam)
3	185.187.81.40 185.187.81.40	43332 (IDSTRATEG...) (IDSTRATEGY-AS)
4	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2600:3c01::f0... 2600:3c01::f03c:91ff:fe79:43b	63949 (LINODE-AP...) (LINODE-AP Linode)
4	2606:4700:e2:... 2606:4700:e2::ac40:850f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	2a02:6ea0:c70... 2a02:6ea0:c700::21	60068 (CDN77 ^_^) (CDN77 ^_^)
4	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
5	2a0c:5c81:514... 2a0c:5c81:5142::2	55081 (24SHELLS) (24SHELLS)
5	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400c:c08::9c	15169 (GOOGLE) (GOOGLE)
3	35.214.236.176 35.214.236.176	15169 (GOOGLE) (GOOGLE)
3 3	3.126.154.37 3.126.154.37	16509 (AMAZON-02) (AMAZON-02)
2	62.149.1.122 62.149.1.122	15497 (COLOCALL ...) (COLOCALL Internet Data Center ColoCALL)
1 1	51.83.220.94 51.83.220.94	16276 (OVH) (OVH)
2	209.191.163.210 209.191.163.210	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
10	2602:803:c003... 2602:803:c003:200::61	26667 (RUBICONPR...) (RUBICONPROJECT)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	185.172.90.251 185.172.90.251	49981 (WORLDSTREAM) (WORLDSTREAM)
1	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	2a02:2638::24 2a02:2638::24	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5 11	37.252.171.84 37.252.171.84	29990 (ASN-APPNEX) (ASN-APPNEX)
1	3.69.126.235 3.69.126.235	16509 (AMAZON-02) (AMAZON-02)
9	34.149.50.64 34.149.50.64	15169 (GOOGLE) (GOOGLE)
36	35.157.246.167 35.157.246.167	16509 (AMAZON-02) (AMAZON-02)
4 7	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
21	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
3	3.67.219.61 3.67.219.61	16509 (AMAZON-02) (AMAZON-02)
13	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
16 35	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
4 10	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2	104.75.89.75 104.75.89.75	16625 (AKAMAI-AS) (AKAMAI-AS)
4	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
27	2a00:1450:400... 2a00:1450:4001:829::2006	15169 (GOOGLE) (GOOGLE)
5	2.16.186.35 2.16.186.35	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 4	2620:116:800d... 2620:116:800d:21:5ed4:8d5d:fed7:f5ef	16509 (AMAZON-02) (AMAZON-02)
2 2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
4	34.98.67.61 34.98.67.61	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
7 8	198.47.127.19 198.47.127.19	62713 (AS-PUBMATIC) (AS-PUBMATIC)
11 13	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
2 3	104.76.200.221 104.76.200.221	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8100:3d7c:b3e5:1d0f:44c5	16509 (AMAZON-02) (AMAZON-02)
2	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	3.73.221.153 3.73.221.153	16509 (AMAZON-02) (AMAZON-02)
1 2	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	162.19.138.118 162.19.138.118	16276 (OVH) (OVH)
1	151.101.65.108 151.101.65.108	54113 (FASTLY) (FASTLY)
4	104.109.78.125 104.109.78.125	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.18.133.145 104.18.133.145	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	2606:4700:10:... 2606:4700:10::6816:1857	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	23.35.236.201 23.35.236.201	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.18.13.76 104.18.13.76	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6 7	18.194.110.242 18.194.110.242	16509 (AMAZON-02) (AMAZON-02)
1 1	96.16.141.156 96.16.141.156	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a02:26f0:170... 2a02:26f0:1700:c::1737:6e47	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 4	162.55.233.29 162.55.233.29	24940 (HETZNER-AS) (HETZNER-AS)
1	67.202.105.23 67.202.105.23	() ()
1	185.255.84.153 185.255.84.153	200271 (IGUANE-) (IGUANE-)
1	51.89.9.253 51.89.9.253	16276 (OVH) (OVH)
1	18.193.195.35 18.193.195.35	16509 (AMAZON-02) (AMAZON-02)
2 2	37.252.171.53 37.252.171.53	29990 (ASN-APPNEX) (ASN-APPNEX)
3 4	185.86.137.110 185.86.137.110	201081 (SMARTADSE...) (SMARTADSERVER)
1 1	64.202.112.223 64.202.112.223	23352 (SERVERCEN...) (SERVERCENTRAL)
7	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
5 5	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
2 2	52.48.137.153 52.48.137.153	16509 (AMAZON-02) (AMAZON-02)
4 4	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
1	37.157.6.253 37.157.6.253	198622 () ()
3 4	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
1	37.157.6.248 37.157.6.248	198622 () ()
1	2a04:4e42:200... 2a04:4e42:200::300	54113 (FASTLY) (FASTLY)
1	2600:1f16:e61... 2600:1f16:e61:3f01:9802:108e:78ba:29ea	() ()
2 2	2a05:d018:24:... 2a05:d018:24:b002:eb7b:3a65:f7da:a48f	16509 (AMAZON-02) (AMAZON-02)
3 4	34.249.157.182 34.249.157.182	16509 (AMAZON-02) (AMAZON-02)
2 3	54.78.254.47 54.78.254.47	16509 (AMAZON-02) (AMAZON-02)
2 2	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	34.111.131.239 34.111.131.239	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	63.32.244.82 63.32.244.82	16509 (AMAZON-02) (AMAZON-02)
1 1	212.82.100.182 212.82.100.182	34010 (YAHOO-IRD) (YAHOO-IRD)
1 1	54.93.123.108 54.93.123.108	16509 (AMAZON-02) (AMAZON-02)
2	54.220.51.208 54.220.51.208	16509 (AMAZON-02) (AMAZON-02)
4 4	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
1 1	108.157.4.25 108.157.4.25	16509 (AMAZON-02) (AMAZON-02)
1 1	52.0.57.188 52.0.57.188	() ()
4 7	52.95.118.179 52.95.118.179	16509 (AMAZON-02) (AMAZON-02)
1 1	63.34.132.59 63.34.132.59	16509 (AMAZON-02) (AMAZON-02)
5 6	37.157.6.246 37.157.6.246	198622 () ()
2 2	213.155.156.180 213.155.156.180	1299 (TWELVE99 ...) (TWELVE99 Arelion)
13	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	103.229.206.240 103.229.206.240	() ()
1	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 3	54.171.64.74 54.171.64.74	16509 (AMAZON-02) (AMAZON-02)
1 1	34.231.120.233 34.231.120.233	14618 (AMAZON-AES) (AMAZON-AES)
1 2	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	5.161.54.172 5.161.54.172	213230 (HETZNER-C...) (HETZNER-CLOUD2-AS)
1 1	141.94.242.206 141.94.242.206	16276 (OVH) (OVH)
1 1	141.94.171.212 141.94.171.212	16276 (OVH) (OVH)
2	99.81.33.254 99.81.33.254	16509 (AMAZON-02) (AMAZON-02)
1	195.5.165.20 195.5.165.20	44968 (IPROM-AS) (IPROM-AS)
1	63.251.232.165 63.251.232.165	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
2 2	213.19.147.44 213.19.147.44	3356 (LEVEL3) (LEVEL3)
2 2	141.94.171.214 141.94.171.214	16276 (OVH) (OVH)
1	35.204.74.118 35.204.74.118	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 3	2a05:d018:d29... 2a05:d018:d29:3602:1e36:6736:c41a:e1de	16509 (AMAZON-02) (AMAZON-02)
1	198.47.127.20 198.47.127.20	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2a02:fa8:8806... 2a02:fa8:8806:16::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1	66.155.71.149 66.155.71.149	13768 (COGECO-PEER1) (COGECO-PEER1)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1 1	178.62.202.251 178.62.202.251	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 1	34.102.253.54 34.102.253.54	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3 5	52.46.151.131 52.46.151.131	() ()
1	2606:4700:20:... 2606:4700:20::681a:ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	34.95.81.168 34.95.81.168	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	104.18.12.76 104.18.12.76	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:170... 2a02:26f0:1700:c::1737:6e45	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
425	107

39 136.144.183.196 (Haarlem, Netherlands) 1 redirects

ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL)
PTR: 136-144-183-196.colo.transip.net

buhgalter.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 45.133.44.4 (Philadelphia, United States)

ASN7018 (ATT-INTERNET4, US)

cdn.gravitec.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
player.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.130 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f130.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.170.82.90 (Amsterdam, Netherlands)

ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL)
PTR: 95-170-82-90.colo.transip.net

analytics.factor.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.187.81.40 (Kyiv, Ukraine)

ASN43332 (IDSTRATEGY-AS, UA)

s.zmctrack.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
loadercdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:3c01::f03c:91ff:fe79:43b (Fremont, United States)

ASN63949 (LINODE-AP Linode, LLC, US)

jsonip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:e2::ac40:850f (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::21 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

id.gravitec.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a0c:5c81:5142::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)

ghb.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c08::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.214.236.176 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 176.236.214.35.bc.googleusercontent.com

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.126.154.37 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-154-37.eu-central-1.compute.amazonaws.com

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 62.149.1.122 (Ukraine)

ASN15497 (COLOCALL Internet Data Center ColoCALL, UA)

sync.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.83.220.94 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: app-ngx-pl-03.adpartner.pro

a4p.adpartner.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.191.163.210 (United States)

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2602:803:c003:200::61 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.172.90.251 (Naaldwijk, Netherlands) 1 redirects

ASN49981 (WORLDSTREAM, NL)
PTR: ads.us.e-plannning.net

pbjs.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::24 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 37.252.171.84 (Frankfurt am Main, Germany) 5 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.69.126.235 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-126-235.eu-central-1.compute.amazonaws.com

grid.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 34.149.50.64 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 64.50.149.34.bc.googleusercontent.com

s.seedtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 35.157.246.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com

c2shb.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.18.19.126 (Shahr, Iran, Islamic Republic Of) 4 redirects

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.67.219.61 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-67-219-61.eu-central-1.compute.amazonaws.com

bs.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 142.250.184.226 (United States) 16 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 185.80.39.216 (Canada) 4 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.75.89.75 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-89-75.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:829::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.16.186.35 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-35.deploy.static.akamaitechnologies.com

secure-ds.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:116:800d:21:5ed4:8d5d:fed7:f5ef (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.98.67.61 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 198.47.127.19 (United States) 7 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 69.173.144.165 (Frankfurt am Main, Germany) 11 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.76.200.221 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-76-200-221.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8100:3d7c:b3e5:1d0f:44c5 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.73.221.153 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-73-221-153.eu-central-1.compute.amazonaws.com

lm.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::13 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.118 (France)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.133.145 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)

cs.seedtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.13.76 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 18.194.110.242 (Frankfurt am Main, Germany) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-110-242.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 96.16.141.156 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-141-156.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:1700:c::1737:6e47 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 162.55.233.29 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.29.233.55.162.clients.your-server.de

sync.richaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.105.23 (None, )

ASN- ()

ssc-cms.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.153 (France)

ASN200271 (IGUANE-, FR)

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.253 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.193.195.35 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-195-35.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.171.53 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.86.137.110 (France) 3 redirects

ASN201081 (SMARTADSERVER, FR)

sync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.202.112.223 (United States) 1 redirects

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.94.180.126 (Amsterdam, Netherlands) 5 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.48.137.153 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-137-153.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.156.0.31 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.253 (Denmark)

ASN198622 ()
PTR: s1.adform.net

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.227.248.159 (Kansas City, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.248 (Denmark)

ASN198622 ()

dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::300 (United States)

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f16:e61:3f01:9802:108e:78ba:29ea (None, )

ASN- ()

dmp.v.fwmrm.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:24:b002:eb7b:3a65:f7da:a48f (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

sync.tidaltv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.249.157.182 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-157-182.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.78.254.47 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com

loadeu.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
loada.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.114.159.93 (Schopfheim, Germany) 2 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.131.239 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com

idsync.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.32.244.82 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-244-82.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.182 (Dublin, Ireland) 1 redirects

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.93.123.108 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-123-108.eu-central-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.220.51.208 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-220-51-208.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.66.49 (United States) 4 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.4.25 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-25.dus51.r.cloudfront.net

engine.widespace.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.0.57.188 (None, ) 1 redirects

ASN- ()

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.95.118.179 (Dublin, Ireland) 4 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.34.132.59 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-132-59.eu-west-1.compute.amazonaws.com

obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 37.157.6.246 (Denmark) 5 redirects

ASN198622 ()

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.180 (Uppsala, Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-180.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.229.206.240 (None, ) 1 redirects

ASN- ()

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.171.64.74 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-64-74.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.231.120.233 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-231-120-233.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:19ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.161.54.172 (Germany)

ASN213230 (HETZNER-CLOUD2-AS, DE)
PTR: static.172.54.161.5.clients.your-server.de

matching.truffle.bid	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.94.242.206 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: bixel-11.cloudy.ovh

green.erne.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.94.171.212 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: pikafka-eu-4.cloudy.ovh

pixel-eu.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.81.33.254 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-33-254.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)

core.iprom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.251.232.165 (United States)

ASN32475 (SINGLEHOP-LLC, US)

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.19.147.44 (Amsterdam, Netherlands) 2 redirects

ASN3356 (LEVEL3, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.94.171.214 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: pikafka-eu-8.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.74.118 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a05:d018:d29:3602:1e36:6736:c41a:e1de (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.20 (United States)

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:16::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)

pubmatic-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.155.71.149 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.62.202.251 (Amsterdam, Netherlands) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

match.adsby.bidtheatre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.253.54 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com

ads.playground.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.46.151.131 (None, ) 3 redirects

ASN- ()

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.95.81.168 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 168.81.95.34.bc.googleusercontent.com

euexchangesync.digitaleast.mobi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.12.76 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)

cdn.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:1700:c::1737:6e45 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

ced-ns.sascdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel-eu.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
56	doubleclick.net 16 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 66 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 264 stats.g.doubleclick.net — Cisco Umbrella Rank: 166 cm.g.doubleclick.net — Cisco Umbrella Rank: 320 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 367	247 KB
44	yahoo.com 6 redirects c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 1519 ups.analytics.yahoo.com — Cisco Umbrella Rank: 407 cms.analytics.yahoo.com — Cisco Umbrella Rank: 1577 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 715	7 KB
39	buhgalter.com.ua 1 redirects buhgalter.com.ua	647 KB
38	googlesyndication.com 8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 131 tpc.googlesyndication.com — Cisco Umbrella Rank: 167	224 KB
29	rubiconproject.com 12 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 681 pixel.rubiconproject.com — Cisco Umbrella Rank: 483 eus.rubiconproject.com — Cisco Umbrella Rank: 826 secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1289 token.rubiconproject.com — Cisco Umbrella Rank: 1059 pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2815	38 KB
27	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 352	3 MB
26	pubmatic.com 7 redirects hbopenbid.pubmatic.com — Cisco Umbrella Rank: 724 image6.pubmatic.com — Cisco Umbrella Rank: 922 ads.pubmatic.com — Cisco Umbrella Rank: 732 image2.pubmatic.com — Cisco Umbrella Rank: 1407 simage2.pubmatic.com — Cisco Umbrella Rank: 979 image4.pubmatic.com — Cisco Umbrella Rank: 1503	40 KB
17	casalemedia.com 8 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 743 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 819 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 666	13 KB
15	zeotap.com spl.zeotap.com — Cisco Umbrella Rank: 3935 mwzeom.zeotap.com — Cisco Umbrella Rank: 3155	4 KB
14	adnxs.com 7 redirects ib.adnxs.com — Cisco Umbrella Rank: 313 acdn.adnxs.com — Cisco Umbrella Rank: 880 secure.adnxs.com — Cisco Umbrella Rank: 690	28 KB
12	amazon-adsystem.com 7 redirects aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1256 s.amazon-adsystem.com	9 KB
11	google.com www.google.com — Cisco Umbrella Rank: 17 region1.analytics.google.com — Cisco Umbrella Rank: 3868 adservice.google.com — Cisco Umbrella Rank: 134	2 KB
11	adtelligent.com player.adtelligent.com — Cisco Umbrella Rank: 7108 ghb.adtelligent.com — Cisco Umbrella Rank: 6584 sync.adtelligent.com — Cisco Umbrella Rank: 5175	147 KB
10	serving-sys.com bs.serving-sys.com — Cisco Umbrella Rank: 1479 secure-ds.serving-sys.com — Cisco Umbrella Rank: 2535 lm.serving-sys.com — Cisco Umbrella Rank: 2639	95 KB
10	seedtag.com s.seedtag.com — Cisco Umbrella Rank: 7069 cs.seedtag.com — Cisco Umbrella Rank: 17017	17 KB
8	adform.net 5 redirects cm.adform.net — Cisco Umbrella Rank: 2023 dmp.adform.net — Cisco Umbrella Rank: 4861 c1.adform.net — Cisco Umbrella Rank: 1002	3 KB
8	bidswitch.net 6 redirects grid.bidswitch.net — Cisco Umbrella Rank: 1351 x.bidswitch.net — Cisco Umbrella Rank: 415	4 KB
8	google.co.uk www.google.co.uk — Cisco Umbrella Rank: 2368 adservice.google.co.uk — Cisco Umbrella Rank: 3745	2 KB
7	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 457	2 KB
7	smartadserver.com 3 redirects csync.smartadserver.com — Cisco Umbrella Rank: 4514 sync.smartadserver.com — Cisco Umbrella Rank: 2438	20 KB
6	criteo.com 1 redirects bidder.criteo.com — Cisco Umbrella Rank: 866 gum.criteo.com — Cisco Umbrella Rank: 481 mug.criteo.com — Cisco Umbrella Rank: 1946 dis.criteo.com — Cisco Umbrella Rank: 941	2 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 97	64 KB
5	spotxchange.com 5 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 799	4 KB
5	openx.net us-u.openx.net — Cisco Umbrella Rank: 683 rtb.openx.net — Cisco Umbrella Rank: 2255	984 B
5	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	201 KB
5	gravitec.net cdn.gravitec.net — Cisco Umbrella Rank: 23171 id.gravitec.net — Cisco Umbrella Rank: 118488	32 KB
4	everesttech.net 4 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 916	1 KB
4	demdex.net 3 redirects dpm.demdex.net — Cisco Umbrella Rank: 285	4 KB
4	tapad.com 3 redirects pixel.tapad.com — Cisco Umbrella Rank: 712	1 KB
4	richaudience.com 1 redirects sync.richaudience.com — Cisco Umbrella Rank: 3081	978 B
4	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 1394	584 B
4	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 989	2 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	233 B
4	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1510	179 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 223	169 KB
3	onaudience.com 3 redirects pixel-eu.onaudience.com — Cisco Umbrella Rank: 12850 pixel.onaudience.com — Cisco Umbrella Rank: 4133	2 KB
3	bidr.io 2 redirects match.prod.bidr.io — Cisco Umbrella Rank: 818	2 KB
3	krxd.net 1 redirects beacon.krxd.net — Cisco Umbrella Rank: 774 usermatch.krxd.net	942 B
3	crwdcntrl.net bcp.crwdcntrl.net — Cisco Umbrella Rank: 1072 sync.crwdcntrl.net — Cisco Umbrella Rank: 1112	795 B
3	exelator.com 2 redirects loadeu.exelator.com — Cisco Umbrella Rank: 9250 loada.exelator.com — Cisco Umbrella Rank: 32109	2 KB
3	mfadsrvr.com 3 redirects rtb.mfadsrvr.com — Cisco Umbrella Rank: 1347	2 KB
3	loopme.me csync.loopme.me — Cisco Umbrella Rank: 1264
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 121	189 KB
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 784	1 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 1486 s.tribalfusion.com — Cisco Umbrella Rank: 3468	1 KB
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 6929	562 B
2	weborama.fr 2 redirects idsync.frontend.weborama.fr — Cisco Umbrella Rank: 30053	683 B
2	adition.com 2 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 2184	1 KB
2	tidaltv.com 2 redirects sync.tidaltv.com — Cisco Umbrella Rank: 2046	751 B
2	360yield.com 2 redirects ad.360yield.com — Cisco Umbrella Rank: 825	645 B
2	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 903 cdn.indexww.com — Cisco Umbrella Rank: 2284	2 KB
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 782	57 KB
2	addthis.com 2 redirects e.dlx.addthis.com — Cisco Umbrella Rank: 2645	1 KB
2	rlcdn.com 2 redirects id.rlcdn.com — Cisco Umbrella Rank: 899	572 B
2	teads.tv sync.teads.tv — Cisco Umbrella Rank: 1604	344 B
2	gstatic.com fonts.gstatic.com	32 KB
2	e-planning.net 1 redirects pbjs.e-planning.net — Cisco Umbrella Rank: 7654	2 KB
2	lijit.com ap.lijit.com — Cisco Umbrella Rank: 872	554 B
2	zmctrack.net s.zmctrack.net — Cisco Umbrella Rank: 146981	24 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 118	1 KB
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 815	707 B
1	sascdn.com ced-ns.sascdn.com — Cisco Umbrella Rank: 3497	3 KB
1	digitaleast.mobi 1 redirects euexchangesync.digitaleast.mobi — Cisco Umbrella Rank: 24060	270 B
1	ad4m.at ad4m.at — Cisco Umbrella Rank: 8843
1	playground.xyz 1 redirects ads.playground.xyz — Cisco Umbrella Rank: 4946	464 B
1	bidtheatre.com 1 redirects match.adsby.bidtheatre.com — Cisco Umbrella Rank: 4189	534 B
1	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 1214	518 B
1	sitescout.com pixel-sync.sitescout.com — Cisco Umbrella Rank: 930	191 B
1	dotomi.com pubmatic-match.dotomi.com — Cisco Umbrella Rank: 4676	104 B
1	simpli.fi um.simpli.fi — Cisco Umbrella Rank: 1432	610 B
1	adgrx.com cm.adgrx.com — Cisco Umbrella Rank: 2319	283 B
1	iprom.net core.iprom.net — Cisco Umbrella Rank: 7375	282 B
1	erne.co 1 redirects green.erne.co — Cisco Umbrella Rank: 15503	367 B
1	truffle.bid matching.truffle.bid — Cisco Umbrella Rank: 8583
1	stackadapt.com 1 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 1051	617 B
1	mathtag.com 1 redirects sync.mathtag.com	726 B
1	imrworldwide.com 1 redirects obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com — Cisco Umbrella Rank: 63590	215 B
1	bluekai.com tags.bluekai.com	145 B
1	widespace.com 1 redirects engine.widespace.com — Cisco Umbrella Rank: 95001	481 B
1	agkn.com 1 redirects aa.agkn.com — Cisco Umbrella Rank: 759	531 B
1	fwmrm.net dmp.v.fwmrm.net	411 B
1	taboola.com trc.taboola.com — Cisco Umbrella Rank: 810	161 B
1	zemanta.com 1 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 822	304 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 756
1	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 1095
1	omnitagjs.com visitor.omnitagjs.com — Cisco Umbrella Rank: 1240	178 B
1	33across.com ssc-cms.33across.com
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 678	626 B
1	innovid.com ag.innovid.com — Cisco Umbrella Rank: 2229	297 B
1	creativecdn.com prebid-eu.creativecdn.com — Cisco Umbrella Rank: 5766	178 B
1	adpartner.pro 1 redirects a4p.adpartner.pro — Cisco Umbrella Rank: 10469	257 B
1	loadercdn.net loadercdn.net — Cisco Umbrella Rank: 456772	170 B
1	jsonip.com jsonip.com — Cisco Umbrella Rank: 31981	450 B
1	factor.ua analytics.factor.ua	242 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 156	17 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 475	12 KB
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
0	admanmedia.com Failed cs.admanmedia.com Failed
425	98

	Domain	Requested by
39	buhgalter.com.ua	1 redirects buhgalter.com.ua
36	c2shb.ssp.yahoo.com	player.adtelligent.com
35	cm.g.doubleclick.net	16 redirects googleads.g.doubleclick.net 8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com buhgalter.com.ua spl.zeotap.com
27	s0.2mdn.net	8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com buhgalter.com.ua s0.2mdn.net
21	pagead2.googlesyndication.com	8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com buhgalter.com.ua googleads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net www.googletagservices.com
14	mwzeom.zeotap.com	spl.zeotap.com
13	tpc.googlesyndication.com	8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com buhgalter.com.ua googleads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net
11	ib.adnxs.com	5 redirects player.adtelligent.com googleads.g.doubleclick.net spl.zeotap.com acdn.adnxs.com
10	dsum-sec.casalemedia.com	4 redirects googleads.g.doubleclick.net ssum-sec.casalemedia.com
10	fastlane.rubiconproject.com	player.adtelligent.com
9	pixel.rubiconproject.com	7 redirects buhgalter.com.ua
9	s.seedtag.com	player.adtelligent.com cs.seedtag.com
8	simage2.pubmatic.com	ads.pubmatic.com
8	image6.pubmatic.com	7 redirects ads.pubmatic.com
8	www.google.com	buhgalter.com.ua 8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com
8	googleads.g.doubleclick.net	www.googleadservices.com www.googletagmanager.com 8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com buhgalter.com.ua
7	aax-eu.amazon-adsystem.com	4 redirects spl.zeotap.com ads.pubmatic.com buhgalter.com.ua
7	match.adsrvr.org	cs.seedtag.com spl.zeotap.com ads.pubmatic.com ssum-sec.casalemedia.com buhgalter.com.ua
7	x.bidswitch.net	6 redirects ads.pubmatic.com
6	c1.adform.net	5 redirects ads.pubmatic.com
6	ssum-sec.casalemedia.com	4 redirects js-sec.indexww.com ssum-sec.casalemedia.com
6	www.google.co.uk	buhgalter.com.ua
6	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com buhgalter.com.ua
5	s.amazon-adsystem.com	3 redirects ssum-sec.casalemedia.com buhgalter.com.ua
5	image2.pubmatic.com	ads.pubmatic.com
5	sync.search.spotxchange.com	5 redirects
5	secure-ds.serving-sys.com	bs.serving-sys.com secure-ds.serving-sys.com 8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com
5	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net
5	ghb.adtelligent.com	player.adtelligent.com
5	connect.facebook.net	buhgalter.com.ua www.googletagmanager.com connect.facebook.net
4	token.rubiconproject.com	4 redirects
4	sync-tm.everesttech.net	4 redirects
4	dpm.demdex.net	3 redirects ssum-sec.casalemedia.com
4	pixel.tapad.com	3 redirects spl.zeotap.com
4	ups.analytics.yahoo.com	4 redirects
4	sync.smartadserver.com	3 redirects cs.seedtag.com
4	sync.richaudience.com	1 redirects cs.seedtag.com spl.zeotap.com
4	eus.rubiconproject.com	player.adtelligent.com cs.seedtag.com eus.rubiconproject.com
4	odr.mookie1.com	8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com buhgalter.com.ua spl.zeotap.com
4	cms.quantserve.com	1 redirects 8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com
4	googleads4.g.doubleclick.net	googleads.g.doubleclick.net buhgalter.com.ua
4	8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
4	www.facebook.com	buhgalter.com.ua
4	use.fontawesome.com	buhgalter.com.ua use.fontawesome.com
4	www.googletagservices.com	buhgalter.com.ua 8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com
4	player.adtelligent.com	buhgalter.com.ua player.adtelligent.com
4	cdn.gravitec.net	buhgalter.com.ua cdn.gravitec.net
3	pr-bh.ybp.yahoo.com	1 redirects ads.pubmatic.com ssum-sec.casalemedia.com
3	match.prod.bidr.io	2 redirects ads.pubmatic.com
3	csync.smartadserver.com	cs.seedtag.com csync.smartadserver.com
3	ads.pubmatic.com	player.adtelligent.com cs.seedtag.com ads.pubmatic.com
3	rtb.openx.net	8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com
3	bs.serving-sys.com	8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com secure-ds.serving-sys.com
3	rtb.mfadsrvr.com	3 redirects
3	csync.loopme.me	player.adtelligent.com ads.pubmatic.com
3	www.googletagmanager.com	buhgalter.com.ua www.googletagmanager.com
2	loada.exelator.com	2 redirects
2	pixel.onaudience.com	2 redirects
2	sync.1rx.io	2 redirects
2	sync.crwdcntrl.net	ads.pubmatic.com
2	d5p.de17a.com	2 redirects
2	beacon.krxd.net	spl.zeotap.com
2	idsync.frontend.weborama.fr	2 redirects
2	dsp.adfarm1.adition.com	2 redirects
2	sync.tidaltv.com	2 redirects
2	ad.360yield.com	2 redirects
2	secure.adnxs.com	2 redirects
2	mug.criteo.com	buhgalter.com.ua
2	gum.criteo.com	1 redirects
2	lm.serving-sys.com	secure-ds.serving-sys.com
2	static.criteo.net	player.adtelligent.com static.criteo.net
2	e.dlx.addthis.com	2 redirects
2	id.rlcdn.com	2 redirects
2	sync.teads.tv	googleads.g.doubleclick.net
2	us-u.openx.net	googleads.g.doubleclick.net
2	fonts.gstatic.com	fonts.googleapis.com
2	pbjs.e-planning.net	1 redirects buhgalter.com.ua
2	adservice.google.com	securepubads.g.doubleclick.net
2	adservice.google.co.uk	securepubads.g.doubleclick.net
2	ap.lijit.com	buhgalter.com.ua cs.seedtag.com
2	sync.adtelligent.com	player.adtelligent.com buhgalter.com.ua
2	s.zmctrack.net	buhgalter.com.ua
2	fonts.googleapis.com	buhgalter.com.ua s0.2mdn.net
1	pixel-eu.rubiconproject.com	eus.rubiconproject.com
1	px.ads.linkedin.com	buhgalter.com.ua
1	ced-ns.sascdn.com	csync.smartadserver.com
1	cdn.indexww.com	ssum-sec.casalemedia.com
1	euexchangesync.digitaleast.mobi	1 redirects
1	ad4m.at	ssum-sec.casalemedia.com
1	ads.playground.xyz	1 redirects
1	match.adsby.bidtheatre.com	1 redirects
1	ad.turn.com	1 redirects
1	pixel-sync.sitescout.com	ads.pubmatic.com
1	pubmatic-match.dotomi.com	ads.pubmatic.com
1	image4.pubmatic.com	ads.pubmatic.com
1	um.simpli.fi	ads.pubmatic.com
1	cm.adgrx.com	ads.pubmatic.com
1	core.iprom.net	ads.pubmatic.com
1	pixel-eu.onaudience.com	1 redirects
1	green.erne.co	1 redirects
1	matching.truffle.bid	ads.pubmatic.com
1	s.tribalfusion.com	ads.pubmatic.com
1	a.tribalfusion.com	1 redirects
1	sync.srv.stackadapt.com	1 redirects
1	dis.criteo.com	ads.pubmatic.com
1	sync.mathtag.com	1 redirects ads.pubmatic.com
1	obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com	1 redirects
1	tags.bluekai.com	spl.zeotap.com
1	usermatch.krxd.net	1 redirects
1	engine.widespace.com	1 redirects
1	aa.agkn.com	1 redirects
1	cms.analytics.yahoo.com	1 redirects
1	bcp.crwdcntrl.net	spl.zeotap.com
1	loadeu.exelator.com	spl.zeotap.com
1	dmp.v.fwmrm.net	spl.zeotap.com
1	trc.taboola.com	spl.zeotap.com
1	dmp.adform.net	spl.zeotap.com
1	cm.adform.net	cs.seedtag.com
1	b1sync.zemanta.com	1 redirects
1	match.sharethrough.com	cs.seedtag.com
1	onetag-sys.com	cs.seedtag.com
1	visitor.omnitagjs.com	cs.seedtag.com
1	ssc-cms.33across.com	cs.seedtag.com
1	secure-assets.rubiconproject.com	1 redirects
1	js-sec.indexww.com	player.adtelligent.com
1	spl.zeotap.com	player.adtelligent.com
1	cs.seedtag.com	player.adtelligent.com
1	acdn.adnxs.com	player.adtelligent.com
1	id5-sync.com	player.adtelligent.com
1	ag.innovid.com	8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com
1	htlb.casalemedia.com	player.adtelligent.com
1	grid.bidswitch.net	player.adtelligent.com
1	bidder.criteo.com	player.adtelligent.com
1	prebid-eu.creativecdn.com	player.adtelligent.com
1	hbopenbid.pubmatic.com	player.adtelligent.com
1	a4p.adpartner.pro	1 redirects
1	loadercdn.net	buhgalter.com.ua
1	region1.analytics.google.com	www.googletagmanager.com
1	id.gravitec.net	cdn.gravitec.net
1	jsonip.com	buhgalter.com.ua
1	analytics.factor.ua	buhgalter.com.ua
1	www.googleadservices.com	buhgalter.com.ua
1	cdn.jsdelivr.net	buhgalter.com.ua
0	googlecm.hit.gemius.pl Failed	8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com
0	cs.admanmedia.com Failed	player.adtelligent.com
425	146

This site contains links to these domains. Also see Links.

Domain
i.factor.ua
factor.academy
buhgalter911.com
reklama.factor.ua
bit.ly
fit.com.ua
www.youtube.com

Subject Issuer	Validity	Valid
buhgalter.com.ua Sectigo RSA Domain Validation Secure Server CA	`2022-10-31` - `2023-10-31`	a year	crt.sh
*.gravitec.net AlphaSSL CA - SHA256 - G2	`2022-03-22` - `2023-04-23`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-02` - `2023-06-01`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
player.adtelligent.com R3	`2022-09-18` - `2022-12-17`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-08-14` - `2022-11-12`	3 months	crt.sh
*.factor.ua Sectigo RSA Domain Validation Secure Server CA	`2021-12-28` - `2022-12-28`	a year	crt.sh
s.zmctrack.net Sectigo RSA Domain Validation Secure Server CA	`2022-04-20` - `2023-04-25`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
jsonip.com R3	`2022-09-13` - `2022-12-12`	3 months	crt.sh
ghb.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2022-10-04` - `2023-01-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
www.google.co.uk GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
loadercdn.net R3	`2022-10-12` - `2023-01-10`	3 months	crt.sh
loopme.com R3	`2022-09-26` - `2022-12-25`	3 months	crt.sh
sync.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2022-09-26` - `2022-12-25`	3 months	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2022-06-27` - `2023-06-05`	a year	crt.sh
*.google.co.uk GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-17` - `2023-04-12`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-31` - `2023-01-26`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2022-04-05` - `2023-05-04`	a year	crt.sh
*.seedtag.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-28` - `2023-04-28`	a year	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-08-02` - `2023-01-25`	6 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
bs.serving-sys.com Amazon	`2022-04-10` - `2023-05-09`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
teads.tv R3	`2022-10-27` - `2023-01-25`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
secure-ds.serving-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-05` - `2023-03-08`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-24` - `2023-03-27`	a year	crt.sh
*.innovid.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-15` - `2023-04-15`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-01` - `2022-11-30`	3 months	crt.sh
lm.serving-sys.com Amazon	`2022-02-15` - `2023-03-16`	a year	crt.sh
*.id5-sync.com R3	`2022-08-18` - `2022-11-16`	3 months	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2022-03-11` - `2023-04-11`	a year	crt.sh
*.smartadserver.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-08` - `2023-08-09`	a year	crt.sh
*.richaudience.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-11` - `2023-03-10`	a year	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-06` - `2023-09-30`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-21` - `2023-07-21`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-10` - `2023-01-03`	a year	crt.sh
*.sharethrough.com Amazon	`2022-07-14` - `2023-08-12`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-05-18` - `2023-06-16`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
*.v.fwmrm.net DigiCert TLS RSA SHA256 2020 CA1	`2021-11-29` - `2022-12-30`	a year	crt.sh
*.exelator.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-08` - `2023-06-10`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2022-05-01` - `2023-06-02`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2022-10-20` - `2023-10-19`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-26` - `2023-03-01`	a year	crt.sh
aax-eu.amazon-adsystem.com Amazon	`2022-07-20` - `2023-07-19`	a year	crt.sh
*.match.prod.bidr.io Amazon	`2022-01-27` - `2023-02-25`	a year	crt.sh
truffle.bid R3	`2022-10-03` - `2023-01-01`	3 months	crt.sh
*.iprom.net R3	`2022-09-13` - `2022-12-12`	3 months	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-01` - `2023-03-28`	a year	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2021-10-27` - `2022-11-27`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-06-14` - `2022-12-07`	6 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
*.sitescout.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-15` - `2023-01-15`	a year	crt.sh
*.sascdn.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-08` - `2023-09-11`	a year	crt.sh

This page contains 58 frames:

Primary Page: https://buhgalter.com.ua/
Frame ID: 83E1B13708E694A80B8050BE29825866
Requests: 251 HTTP requests in this frame

Frame: https://s.zmctrack.net/z
Frame ID: A66BC2FDF04364FF421A55A2847A5AE0
Requests: 1 HTTP requests in this frame

Frame: https://id.gravitec.net/
Frame ID: 4959E6AFE9E5E7A90B32B1712031E77F
Requests: 1 HTTP requests in this frame

Frame: https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D%26pubid%3D11378
Frame ID: D75346D9E946132BCB4CA92BAE2F8A5B
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=736011&extuid=5d510084-e69a-49ef-999c-a48eb173c6bd
Frame ID: 80A9C6007DC62BE0BCBD70E4C17CAFEB
Requests: 1 HTTP requests in this frame

Frame: https://cs.admanmedia.com/981e2a0ec1c40493e59b139b8db4f728.gif?puid=[UID]&redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D737612%26extuid%3D%5BUID%5D
Frame ID: E4ACB59343054491D78E897F7BAD3658
Requests: 1 HTTP requests in this frame

Frame: https://8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Frame ID: EB880C9E18673DF8BECF15C3576D5380
Requests: 1 HTTP requests in this frame

Frame: https://s.zmctrack.net/z
Frame ID: 098E94FE5857080DDB56F68A9B3E6A84
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: F14F1538AAE82B8F38CDFCD2665D2CA6
Requests: 1 HTTP requests in this frame

Frame: https://8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Frame ID: 7985BFB04A279C78C5C4C2D3D592BC63
Requests: 21 HTTP requests in this frame

Frame: https://8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Frame ID: 0AF63C6A56F946789E74734D5E5EA4A7
Requests: 14 HTTP requests in this frame

Frame: https://8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Frame ID: 6A603A2BBCAB82E8C54449F0D11A7F9B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3Y4tMCEIis7NsCGNXistUBMAE&v=APEucNVLBSArRNewNW_5wjpWVeEwWsUNGFVlkuNl73MjlJsdXw2yk1w4u-CB1xVfW92SwyLs8A-pROYK9oP5k8vVpwvt_iYJ3lss_qfrJr2hhjp3c1jfpAaQbw67fvp0cl6aAv1qoCGb7s_444GzA-4EA7hz8Wzk4nYfZt8aPdhXPo-QwVVp8Qc
Frame ID: 8CCFDEF4A5C8CEFB63D8CD6D2D8DCCAE
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3z17QCELjh2rkCGPLpwqABMAE&v=APEucNVHvrzvISL8BMEbj5oPhUi1rWLL01PIJON7BetgfCHQ6e4l6jhrc_N13_iS5IQTUHfOkY7TcHOiSaUXy3nyAuQQ0G5NUhNLw672IUTYBEy4LEWds6bvX_YCUH95YrYgeXSE-cbUqPIg2bIxhSnjHT74g5Q-tDWsa7FDhakZSDqCyyrELBA
Frame ID: DE49C5D0ED1817E459E07C12B16F77D7
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AAzA2BAw8EQaf9K_WGaFvP_BaF7WwLHu8ssUq2XzboPkALpVxEOuyxdEcoYkyX3xxs0sAOkaIw5tiSDnCAPtHQQyaC9efHHn7N3uVCTuIh1BGPgmZAksMHtoDEp7dslwjHZSr-RXv2ipJp1hdzZmyHjRoy0fGeR9jpe8wiJhIr42g02xw&dbm_d=AKAmf-Cp3Apy_ROb75v5bmy6mvJGMEUFbzvKXPAZHf88UpKxtO6L6WD1HH9RI0YPQgskxFT_nZ24iy2EbSfUKowyefk_m3beVFB8P9GxyrNezyJi_5RVfLyTRJ6_uZpL_ncaMd1twfFINDi2l2-wrVo8q1uzxbeZUQzUk5mKI6X8trGb2hZJU5Itskkiav9o08TTC3fiMl6O7O4D7NcmK6bFydnsEp8-XzJN6mHl0S_2APJ6bggeLfUgQlOyCC6JipwLkc8HzaqjF_zQsp_CSWTpURTgLaYgeAhrvywzBEKe_V8NfKMfBBMluxre9Xl_WhHML8rNSlcR6W9hxp8ldi6-SGbIvtcV2XgUvqESI_5SoiDwjQT9p__M7VNS7B9yQwuEQRME1AoIigqHAwjwqE9DslMmSTYPyTftAjAEDElgZDrzLUY5yCp4-x69ywy1OKUjC_u_IBi3Pgeyhe6k8lrVC_c39HNTIQAziG9dX3JRbPO-URqnm60-UO6GTrYv6Grg47DmEYvRgJDa76vMnjUS_zzkInWuqxdyzlQbOiLG6GhLh25mVm20BEHw7dxFkOQxRXFfkEK3Ss9AsaPKJp4JMyWAklOdNrLNB4IFa5nURFa3a-vatOF2woaLTfNg-9N-V195cIIOxotuiuFDUltvwNKgJXRDjFYBCtDIEBZEYVh6ZdnnCrB51iy22SrH7M7eL8XHEwhu4wM8edq0iP92IkZ2sy8PlRqT6xNBs44PZyHHQ5t8Iehfl4ZVWPlEYjzA-ScWexWNnjD3RfJHKVeO20dl3yTOb6r3nm-21lKDhYlgxop9TJLN_anWE3Q8jdXueyvgwRuwNMDkfjCAGbpc8y1cf47EnC6YiearSrHGuGy6vF-Z4AYWpLTcnaIBqeWQ0P1AdtFjJqjykbLK1Ik8LtXWP3NChGutO8Wz0ctzys1Zjqxd05bPIT4T1bnzws22WQdCIVSwVXoLoeEC2nTWv3aBxO2cA3Wo_L5kuHukoP9yh20GTpBlZi5niYa5pkJHdk7HZefSr6ZhVbW7PZy8r-4Ss724W8ZteH1zpgkDwgYymb6bZkwGtzQGdrag2I0K7sdFTavwFeFcHY9EoB2r2GM3aaHXrS_x59oUjPMtwAmgsFqUNndKeEdfdExSnV8hEBXl-dFM7uhep1ZCKzkk29ZNpHmVSiiMmZgA8yZq6Br0SHBOs5C1-QBaW7NyQFm1M20KycbKRanvEQxElXFWFfrEHhpGSAxIDk0xkGLO7GHEN6T8bGjtCzi7aoib5coc5_DXiNjcuCoR0KQqNcgg9PAV78Sz6YXkQDYNw0P-A138aW8q6BdGhzqNXaELedS8Uf6qwXelaH898RtupFLQQCvuIzkadRhfZqxHsvqTpcsvRVrBOqrUXdSCJAUtZdaH0XD6TSeygZAuJRokg9msQ73FMxHlhGxjfaFAJIFObANMNbPxdfmqHt-7p7oyUZZzkdi-f_HvJSJ-HOP7MIDEQjvTzv11NKqjq_2Hu01fsbRCi0gPfmkYIZE8VYi91ro4xqzd_Qfs1OJVgDZbtP_fZbuzWoxF3gGzgtnrbmr8F-8gtqibtJjGwaEv8pg8ttxIAwRV93nlTxnhwIOHPKQuFepE2A9Q1P5LUkYfXL8NvjuR8jr7Kdw1CslwsgVjtZim1Dz3-p9lp6nY83f0TXPHVFJhUaTSyx6SNvQQTd9qh9i681ixdAZHLFh0JpvuiMT-adFrdCQqubTJQyTj1J3KlEE1cllr5EoDkvu6Nc839Onc9aQZMKgD8ZUvpDL9O-SDUqQxkUDEjoH_u_evZamOyMeF4ydUhZGNLErq50Ph6yfiNFyp3jXUWIlxgkYe458x1TpJcUzl-pzi2YEDdUGwkcL21K6DSBE9hD8MfVtHyqCUDnL8v3VSEq90fjKrtKU7s95QslDHTCL4plHabBWlvk76XtMoVLI1Pe-hRWyeqbbZN_zEZO4WCcOpuyiYuqz3eqjU0CRVxhT5Jr9WDxS64gz_etZYVS9CjsVxisjrEz9N87F9IdDMlVhjbrItkAYTjHnmjpHBn9uNxGNbvSPM64hgb9rCqH2-bJaQhlmbg3VNq2j0uESdgLuhi8lqGGQDD4ftyaBTT4EKSecYU7nV5uU8WJ_byoZZzrEfzeV14x_y9qm1Tj-O8GYjDhj0ZuZEFRPtPfFfBFaiwE6g1VGlYS8fKnGfppmgJz0u_1i4GC1lIJdcKClJjer-Xikitixvv_v1HjdVllESIC7SGKSxZl55RKNe1vyZAN9abqg0OZReRi7Eu5f7_b3SmlJSwKapuyaC25BTcbd2eac5ad4yTnkh2jTZgpaDJcAi80pcRbf30wCf6iIzio1L7jEGCdI1aRPK4a85bjyTi2rqDOVHa1oG9BZyE5xd3ySLZD0jOSEC1PEXSuTiKkrar17kN7buWbx0I6cycTdhU78cQM9jVz12P76AvVdM5OR-G_0YHErcVX6u3SUW0TYnsjTBpKT77UIGzwMyRifxCLtM3D_tk1z0yUeadrIIl_PLZLS3HLw_yeazBARUIF1j-N2m9V5Db9OWa3BQiYM1sxKXsdnEIcz5y2Ar17nWeQSt9sJLYgdv2Br5CKqLESq3ZSprCBObM9Z6h4WqanONie0ay10LODGd44OAFNMODdS4kyvNh3Fjjp_G6kTBqj8teP5Gc6MY4IHcb6j0qsJG452OUVYmNYtXxL5zmsKHxqRRo1iIJ5u4l2Xm0QDigqxNb1qRRbwPSSP98t7B3O0LNIFVcFj4Mpm705gAW_HuCtB9Sa5NoHGymI_JPJkvTChp6DPmwfcO9FMdoGC3DzJXgxXJEpUXo3POCDdw_vz34ofCfFwPV8AKOmGNoS5UUNobJnU8HDRSuURCaUmm1nF48n9pekoZ74HWylmH2DvbCO4R-XTBwoifQiwkuknBRi0OZCpTN7d4JHZ31Xni_CxTrsMFTLJYfNEJMl6eiMNlEMoY9yDRZ-iq0ErmJWXNghr-1XB0Ycm3cIa-Ego4gTS83yi1gxRu39STqTQZEm_KOlXbft0So9bpHw6IA3hialbo44wUvRyh_DIA5NqnpE1dkenDaMkpxSpkeNZPZiSMELstsZpq7nWBuvoEoeBQ_gA2voe9kfckzLk2F5rPR9pgnqtqwoTNMX9P3vXtjqk-Em3pClPTRH7mIQUfOLgmbXGRLkZT818BDqiF0XtWMPn7HhkexbY17bD23m0jk9HHpUo_tVhHPz2e_HHtNm6zxVnNFgshebBdPtQVbgEbZa3fyi3Zg0VcmBHjgCGn0H1oKrKnaNt7PggfkuL2YYe4DRMBTdpVMQYmq8T5u3F0p9-E-qOsk0SAiMWkwgt362ryBuYUZ6EBRvet1H11-9UdCQh4zvF8G-rKn58R9VACGxyHK8GbuG7CmbcHTKhyGqzwXR_WSooDTc6WR7MmxeFx6a4bi53lvND9Dt7_muvIW6B5nOAIjNbR21pecj8L8A&cid=CAQSPADq26N9AXeZD9UC-R_LxboJND15Xsc2yc7o4T0KOAbWl_vuH4Bv_CShQXywiOabW4SubWGZ1IYW5NpB2hgBIA4&rfl=2%2Chttps%253A%252F%252Fbuhgalter.com.ua%252F%240
Frame ID: E53D9A6EDD6D46DAB2721CB4D9B55CBF
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIaBahCjyH4Y-ojj1wEwAQ&v=APEucNWXjBm9_WxRHx1U4DiIPuGvVXrp9qXoOsYJioDs931byq2jgOyfoUV-yTvgWsiKzHZtA721CVkpILujVnrabJUp5PEenmNLIeWS2Od-FRCZeeJ9MTAksEAOvbtSYff-JqNKquL3z3XCQEdnf2JbuKfqyxpZxI5-EwnJg6K0VUwKR-u4rKE
Frame ID: CF6B70DFC7A68B16381CEC7A8DC61A88
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 29B0E3B5D736E21E4AC167AC0FB9E3DD
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: AC5E01C2EC36B470EDE6A04E7229AAAC
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: A05F641871E85082556A770C9212ABEA
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: CF8904553503FF352D41921B534AA4BC
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 5407413A1B1FF0F5CBB64226754E0C1B
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: D204D16C44C4D12C894D8755E9B31B0F
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/9275241708497128449/index.html?e=69&leftOffset=0&topOffset=0&c=XUotlNYzy2&t=1&renderingType=2&ev=01_247
Frame ID: 0954123982743587E0AFF6D6635FA77B
Requests: 30 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js
Frame ID: 3F4C49F5CD9CC35E160DC91C4A4359D6
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: B0ABA52EE48758FC443D6BB928285202
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=0
Frame ID: 72086B887C9A2DF7760C86A586AD6175
Requests: 10 HTTP requests in this frame

Frame: https://cs.seedtag.com/cs.html?pt=9741-9206-01&pc=PL&cmp=true
Frame ID: 5ED73B80B4BF066D964BB996444B0231
Requests: 15 HTTP requests in this frame

Frame: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Frame ID: 696D7BE144D247AA033360501F188351
Requests: 30 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Frame ID: 820423F6E27A18465B7C9A9B3131D342
Requests: 18 HTTP requests in this frame

Frame: https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D%26pubid%3D11378
Frame ID: EDC87BD79CA7C2D6D10736DBA5E7A64B
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 7078A40B086C011E12FD41A73ADE163C
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu
Frame ID: 9C8239E86742AABF7C6F3F62BD54DFB8
Requests: 3 HTTP requests in this frame

Frame: https://csync.smartadserver.com/rtb/csync/CookieSync.html?nwid=3050&dcid=3
Frame ID: 3F3C36DD073297018635FC100F43CE92
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Frame ID: BAA0C4AEFAAFF21C899326A88C44233D
Requests: 1 HTTP requests in this frame

Frame: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1667610328020&pubconsent=&euconsent=&hasConsent=1
Frame ID: 671912B3F5C8177EA87DDB8CB6968B00
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X
Frame ID: 0D2C6786E6542E80A12448EAE31F69E5
Requests: 1 HTTP requests in this frame

Frame: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Frame ID: B683C68BF57DDF7DA3D31EABE77582E6
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=75601b04186d260
Frame ID: 45DC6F402F86F5800430358D2A3CB3D4
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/universal/v1?supply_id=2TwkgUpM&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: 9C72F211DE1E9286E5CD7445A9859C79
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fbuhgalter.com.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: E119D98A3DA4F36CAD396011E7827BC1
Requests: 10 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=A69EE0D3-78E7-482C-8746-636E4A80DE47&gdpr=0&gdpr_consent=
Frame ID: 198095C9730EDFE6C9F38289764B2080
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8237871583332428111
Frame ID: 77D77FF3E837EDF4A0DB8B502B2A2B6D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:74636365-b6d8-4e00-bcdc-6e3545f1516b&gdpr=0&gdpr_consent=
Frame ID: 8628AD6ACA4ADDA7DCC7508423B62D39
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 633AB6ABF2A7FB45C41074A4B7AC8D57
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=A69EE0D3-78E7-482C-8746-636E4A80DE47&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: CB7E6F5AC1ADDA21C3A92FDB7201F2F2
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2135954514127792914&gdpr=0&gdpr_consent=
Frame ID: 95E47FF907104350BEABF0E220DD5A73
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=1907wYPYacLM3W6Vhd0gkdDZaMfM3muWg4_xJcMe
Frame ID: 5A6F4BF94B6712270B2D7436E2DD3C38
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7162331821235632278&gdpr=0&gdpr_consent=
Frame ID: AF99DADDCA0E9C3626FFB35A646267DF
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Frame ID: 16B4F6C6C98B4F7A9035A1BADA89F905
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=BsrVmMlIRkpttmzYZ3WCNdmKxG0
Frame ID: 90F9FA21933BD66778434DD5D29FD0AC
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y2W22AAForVBHQA7&gdpr=0&gdpr_consent=&_test=Y2W22AAForVBHQA7
Frame ID: 20B7A171A96ABBBD3723B939ADF1C0E8
Requests: 1 HTTP requests in this frame

Frame: https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}&gdpr=0&gdpr_consent=
Frame ID: 6A617D51089FBDB50E45ECF4C0234609
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 0CD37976A368A590F48CA3749CCFE19D
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: 826EC333FC551695868C8183EB7F6EEA
Requests: 1 HTTP requests in this frame

Frame: https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=bfa07d0b059e0ebc/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DwoK5xk2lhMgaTQahaVRnanhj
Frame ID: 743CE9D4E3DD3D532AC9A3487329B59C
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 756586EE527D8A0D9329F903E53F3B3F
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 16CE8BBF0866FFF1E9381762E6E23E81
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6352167345
Frame ID: 8B8F5351B51A69F51500396BD73859F8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Сайт для бухгалтерів бюджетних установ

Page URL History Show full URLs

http://buhgalter.com.ua/ HTTP 301
https://buhgalter.com.ua/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Sizmek (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

serving-sys\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

425
Requests

82 %
HTTPS

31 %
IPv6

98
Domains

146
Subdomains

107
IPs

14
Countries

5305 kB
Transfer

10086 kB
Size

127
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://i.factor.ua/?utm_source=all-sites&utm_medium=top-menu&utm_campaign=from-top-menu
Title: Factor Електронні версії бухгалтерських журналів

Search URL Search Domain Scan URL

URL: https://factor.academy/?utm_source=all-sites&utm_medium=top-menu&utm_campaign=from-top-menu
Title: FactorAcademy Онлайн курси, вебінари для бухгалтера

Search URL Search Domain Scan URL

URL: https://buhgalter911.com/?utm_source=all-sites&utm_medium=top-menu&utm_campaign=from-top-menu
Title: Бухгалтер 911 Бухгалтерський облік, оподаткування, звітність

Search URL Search Domain Scan URL

URL: https://reklama.factor.ua/?utm_source=all-sites&utm_medium=top-menu&utm_campaign=from-top-menu
Title: РЕКЛАМОДАВЦЯМ

Search URL Search Domain Scan URL

URL: https://bit.ly/2Xc9ih4
Title: Відео

Search URL Search Domain Scan URL

URL: https://fit.com.ua/?utm_source=buhgalter.com.ua&utm_medium=top-menu&utm_campaign=fit-budget-2
Title: FIT-Бюджет

Search URL Search Domain Scan URL

URL: https://i.factor.ua/ukr/complect/premium/?utm_source=buhgalter.com.ua&utm_medium=left-button&utm_campaign=pro-2022
Title: PRO-доступ

Search URL Search Domain Scan URL

URL: https://bit.ly/2TJ43qe
Title: Архів чату

Search URL Search Domain Scan URL

URL: https://fit.com.ua/?utm_source=buhgalter.com.ua&utm_medium=footer-menu&utm_campaign=fit-budget-2
Title: FIT-Бюджет

Search URL Search Domain Scan URL

URL: https://i.factor.ua/complect/premium/
Title: PRO-доступ

Search URL Search Domain Scan URL

URL: https://bit.ly/3eOTfff

Search URL Search Domain Scan URL

URL: https://bit.ly/2XonSCj

Search URL Search Domain Scan URL

URL: https://bit.ly/2XoPSWH

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCmwRxt86epRSvAdM_Crlp3Q

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://buhgalter.com.ua/ HTTP 301
https://buhgalter.com.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 94

https://rtb.mfadsrvr.com/sync?ssp=adtelligent&ssp_user_id={} HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=adtelligent&ssp_user_id={} HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=736011&extuid=5d510084-e69a-49ef-999c-a48eb173c6bd

Request Chain 96

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=f2c8fd01-a680-437e-8b72-6c25a020981c

Request Chain 125

https://pbjs.e-planning.net/pbjs/1/2e43c/1/buhgalter.com.ua/ROS?rnd=0.16590356658287275&e=728x90_0%3A728x90%2C970x90%2C1x1%2B468x60_0%3A468x60%2C610x90%2C620x90%2B160x600_0%3A160x600%2C250x600%2C250x500%2C250x250%2C240x400%2C240x500%2C250x400%2B160x600_1%3A160x600%2C250x600%2C250x500%2C250x250%2C240x400%2C240x500%2C250x400%2B970x90_0%3A970x90%2C1420x90%2C1420x180&ur=https%3A%2F%2Fbuhgalter.com.ua%2F&pbv=6.25.1-c&ncb=1&vs=FFFFF&crs=UTF-8&fr=https%3A%2F%2Fbuhgalter.com.ua%2F&gdpr=0&e_pubcid=3e1bd50b-bcda-41b5-a4c0-f29f148a8be9 HTTP 302
https://pbjs.e-planning.net/hb/1/2e43c/1/buhgalter.com.ua/ROS?ct=1&r=pbjs&rnd=0.16590356658287275&e=728x90_0%3A728x90%2C970x90%2C1x1%2B468x60_0%3A468x60%2C610x90%2C620x90%2B160x600_0%3A160x600%2C250x600%2C250x500%2C250x250%2C240x400%2C240x500%2C250x400%2B160x600_1%3A160x600%2C250x600%2C250x500%2C250x250%2C240x400%2C240x500%2C250x400%2B970x90_0%3A970x90%2C1420x90%2C1420x180&ur=https%3A%2F%2Fbuhgalter.com.ua%2F&pbv=6.25.1-c&ncb=1&vs=FFFFF&crs=UTF-8&fr=https%3A%2F%2Fbuhgalter.com.ua%2F&gdpr=0&e_pubcid=3e1bd50b-bcda-41b5-a4c0-f29f148a8be9

Request Chain 277

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMIMyzhYul4wdbRtJb-K0pk&google_cver=1

Request Chain 278

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y2W21Q4NmwM8dt5vJ0ieUwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMIMyzhYul4wdbRtJb-K0pk&google_cver=1

Request Chain 279

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEA6qeIod3ESdEOXZjFJAZ5w&google_cver=1

Request Chain 280

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzk0NTQzNTIyMDk5MjU2MTgwNw%3D%3D

Request Chain 281

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMIMyzhYul4wdbRtJb-K0pk&google_cver=1

Request Chain 282

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y2W21Q4NmwM8dt5vJ0ieUwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMIMyzhYul4wdbRtJb-K0pk&google_cver=1

Request Chain 283

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEA6qeIod3ESdEOXZjFJAZ5w&google_cver=1

Request Chain 284

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjEzNTk1NDUxNDEyNzc5MjkxNA%3D%3D

Request Chain 285

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDE-E4kTTfFd0u_MmxLxoVs&google_cver=1

Request Chain 287

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEJ4jvGqgsVCKOQcsPm9AzkM&google_cver=1

Request Chain 312

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAZmPxg_SjZFi3T6ZcTgk9zybcK493QqXUzld0gqW6nXxAJjgiQ0p8ePBfeKRJtpJO7Xwvz09Dys6rMPthKm5yb-xZeQAyMUurtw&google_gid=CAESEHeWpWzBbA9qZz0jPnD6pjM&google_cver=1 HTTP 307
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCNbtlpsGEgUI6AcQAEIASm9nb29nbGVfcHVzaD1BWm1QeGdfU2paRmkzVDZaY1Rnazl6eWJjSzQ5M1FxWFV6bGQwZ3FXNm5YeEFKamdpUTBwOGVQQmZlS1JKdHBKTzdYd3Z6MDlEeXM2ck1QdGhLbTV5Yi14WmVRQXlNVXVydHc HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwaXdYdGo3OFBiNkZpQjF4a0Z1V2VGQkp3OVg3OE9zemlHelM0V1psYThBWQ==&google_push

Request Chain 315

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEMdqR8ppEicNSvtHBa3E4UQ&google_cver=1&google_push=AZmPxg97F5aLaKqqDUpqXd3OyPFLhWaD-BJcWCMs0wFXyBIcOQBtp6Qi0-vJJufJc6jQovgFjtzbXEP-EwNQ5KlL0rWTYI7Grk4 HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEMdqR8ppEicNSvtHBa3E4UQ&google_cver=1&google_push=AZmPxg97F5aLaKqqDUpqXd3OyPFLhWaD-BJcWCMs0wFXyBIcOQBtp6Qi0-vJJufJc6jQovgFjtzbXEP-EwNQ5KlL0rWTYI7Grk4&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=pp7g03jnSCyHRmNuSoDeRw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg97F5aLaKqqDUpqXd3OyPFLhWaD-BJcWCMs0wFXyBIcOQBtp6Qi0-vJJufJc6jQovgFjtzbXEP-EwNQ5KlL0rWTYI7Grk4

Request Chain 316

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELMxQpNzqA2JLiH2h3lm26M&google_cver=1&google_push=AZmPxg_bet8NEcWW6q1cWKDUFZRL_oZqln_Ys_B78q5vwiCaLMLfqhXmxjUPNVWwmyNt-yeqgaqbbOmYMPPjYh_Vg1t-YluVbeQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEEzODRQTFEtVS02RTBJ&google_push=AZmPxg_bet8NEcWW6q1cWKDUFZRL_oZqln_Ys_B78q5vwiCaLMLfqhXmxjUPNVWwmyNt-yeqgaqbbOmYMPPjYh_Vg1t-YluVbeQ

Request Chain 317

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEA_HQ4vks5S8_yRa_pROQ4I&google_cver=1&google_push=AZmPxg9dIBeZRchAZtFx4d8gcSsJGTYXc9FVOMsC6E3H3zySg_FJCSa4ExpkGKYZxt2S_JTAsU3XsL4SPHU-IPu3LBfPOeCqsaQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEA_HQ4vks5S8_yRa_pROQ4I&google_hm=Y2W21Q4NmwM8dt5vJ0ieUwAABKYAAAIB&google_nid=index&google_push=AZmPxg9dIBeZRchAZtFx4d8gcSsJGTYXc9FVOMsC6E3H3zySg_FJCSa4ExpkGKYZxt2S_JTAsU3XsL4SPHU-IPu3LBfPOeCqsaQ

Request Chain 323

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DASkJ3FZ2-9QUS6PN6Bxt2288QOAXGRe-QYNAoSNZ3CbecJ2hKF5fjTxFm9-UQYig9G-NmctRiX79osNwpO27ekqlewH0foeTkTSP&google_gid=CAESEBv_keiefFhYjZ9-qjCncqQ&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DASkJ3FZ2-9QUS6PN6Bxt2288QOAXGRe-QYNAoSNZ3CbecJ2hKF5fjTxFm9-UQYig9G-NmctRiX79osNwpO27ekqlewH0foeTkTSP&google_gid=CAESEBv_keiefFhYjZ9-qjCncqQ&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjExMDUwMTA1MjYwMDAxMDM4NzIwMzcwOQ%3D%3D&google_push=ASkJ3FZ2-9QUS6PN6Bxt2288QOAXGRe-QYNAoSNZ3CbecJ2hKF5fjTxFm9-UQYig9G-NmctRiX79osNwpO27ekqlewH0foeTkTSP

Request Chain 325

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEMdqR8ppEicNSvtHBa3E4UQ&google_cver=1&google_push=ASkJ3FZmodQc5KmqYLE1WUDyClSxWNTDUAeaP27LWSUQzy18acVwog7fTQXTtDsptLFYxed6cOUPIPs7K2yoYarM2FFDMOhh2CjS HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEMdqR8ppEicNSvtHBa3E4UQ&google_cver=1&google_push=ASkJ3FZmodQc5KmqYLE1WUDyClSxWNTDUAeaP27LWSUQzy18acVwog7fTQXTtDsptLFYxed6cOUPIPs7K2yoYarM2FFDMOhh2CjS&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=_pf1xJWORwSax9POaTeWsA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FZmodQc5KmqYLE1WUDyClSxWNTDUAeaP27LWSUQzy18acVwog7fTQXTtDsptLFYxed6cOUPIPs7K2yoYarM2FFDMOhh2CjS

Request Chain 326

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELMxQpNzqA2JLiH2h3lm26M&google_cver=1&google_push=ASkJ3FaeeKDkUk306GHR8gd92juWXpUa1Bxt6XWD5TBanJNU7j_GFTYZ6u-e8aPfkumTzZ12wn6oB9VfKJvxo8i4kjzS0dV4AnU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEEzODRQTFEtVS02RTBJ&google_push=ASkJ3FaeeKDkUk306GHR8gd92juWXpUa1Bxt6XWD5TBanJNU7j_GFTYZ6u-e8aPfkumTzZ12wn6oB9VfKJvxo8i4kjzS0dV4AnU

Request Chain 327

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEA_HQ4vks5S8_yRa_pROQ4I&google_cver=1&google_push=ASkJ3FY9vJZy_iq4ObGrne6YF3gFUhagjNRzsGenOWgd_Hgk31bN4b6kGONkAmr9yO60YaWjyxnbgXEd0PTGxf-Wr55v8BL7Hil1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEA_HQ4vks5S8_yRa_pROQ4I&google_hm=Y2W21Q4NmwM8dt5vJ0ieUwAABKYAAAIB&google_nid=index&google_push=ASkJ3FY9vJZy_iq4ObGrne6YF3gFUhagjNRzsGenOWgd_Hgk31bN4b6kGONkAmr9yO60YaWjyxnbgXEd0PTGxf-Wr55v8BL7Hil1

Request Chain 335

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEMdqR8ppEicNSvtHBa3E4UQ&google_cver=1&google_push=AZmPxg_WMKP_RCOIx3p7lJG3lonQ3A3n2JEi-Uwa8m8pnk3Ql5s8HoaBb18hEoHQ0eF9mduaoHmreCDjZO4qKplfuZC3OCz_eH95_Q HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEMdqR8ppEicNSvtHBa3E4UQ&google_cver=1&google_push=AZmPxg_WMKP_RCOIx3p7lJG3lonQ3A3n2JEi-Uwa8m8pnk3Ql5s8HoaBb18hEoHQ0eF9mduaoHmreCDjZO4qKplfuZC3OCz_eH95_Q&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=heINhzTvThe4tHolhZymcQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg_WMKP_RCOIx3p7lJG3lonQ3A3n2JEi-Uwa8m8pnk3Ql5s8HoaBb18hEoHQ0eF9mduaoHmreCDjZO4qKplfuZC3OCz_eH95_Q

Request Chain 336

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELMxQpNzqA2JLiH2h3lm26M&google_cver=1&google_push=AZmPxg9f-QcuCTQF1bW-_ppjeq82t2eD0WDm9B6rfn0BFndmYgRjLp3pLg9HpavKQQ-dern9LrLqAfj0ibjjE7uXdRAeH0AXveOvCA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEEzODRQTFEtVS02RTBJ&google_push=AZmPxg9f-QcuCTQF1bW-_ppjeq82t2eD0WDm9B6rfn0BFndmYgRjLp3pLg9HpavKQQ-dern9LrLqAfj0ibjjE7uXdRAeH0AXveOvCA

Request Chain 337

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEA_HQ4vks5S8_yRa_pROQ4I&google_cver=1&google_push=AZmPxg90LwaPRMuACG0xtHnemTT6xbbOS9msKY9_P_5OdcXYNDbdKClikHYzKHBTcuJa9bG1S0MsGtuNOHqC6FWd9zsP3hrvcMdvHA HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEA_HQ4vks5S8_yRa_pROQ4I&google_hm=Y2W21Q4NmwM8dt5vJ0ieUwAABKYAAAIB&google_nid=index&google_push=AZmPxg90LwaPRMuACG0xtHnemTT6xbbOS9msKY9_P_5OdcXYNDbdKClikHYzKHBTcuJa9bG1S0MsGtuNOHqC6FWd9zsP3hrvcMdvHA

Request Chain 388

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fbuhgalter.com.ua%2F&domain=buhgalter.com.ua&cw=1&pbt=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=-RURzXx4dXpPZk5nd3FHQTk3S0ZjVFNDQk5USVlmWmlzV0RabGJqdERmNFNjVkRrTGtSWmFkUnhpM0NIMno5RzNHV3VQc1RCS0RpbVlSOGk4eSs0MmRaa2U1UlVKUE5yK3l1RmdlZGYxUy8wT0w1NnNzRjlPTTNwcTVoanZkT2gwZkhjaWFjRWdmWDVnU3Z4c2J4SDZRQXB2MlVNOG9iZDBJdTJOajBOcnRsaUFtSVFEckJkV2FoQWo2K0pvQTJ1d3ZKTmlIVGFTRTMrTVVwMVArNzJZUktXcmVyeDdJdmp2RWsxa1FHTlFuZm5BS0FCMFp5NktlVUowS04xOVZIWFc2NGNqfA&cppv=2

Request Chain 397

https://x.bidswitch.net/sync?ssp=themediagrid&gdpr=0 HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=themediagrid&gdpr=0 HTTP 302
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=ce36b093-9818-46cb-ae99-d45b061cb347&ssp=themediagrid&gdpr=0&gdpr_consent=

Request Chain 398

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=seedtag&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu

Request Chain 407

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fappnexus%3Fchanneluid%3D%24UID HTTP 302
https://s.seedtag.com/cs/cookiesync/appnexus?channeluid=2135954514127792914

Request Chain 408

https://sync.smartadserver.com/getuid?gdpr_consent=&us_privacy=&nwid=3050&url=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fsmart%3Fchanneluid%3D%5Bsas_uid%5D HTTP 302
https://sync.smartadserver.com/getuid?gdpr_consent=&us_privacy=&nwid=3050&url=https://s.seedtag.com/cs/cookiesync/smart?channeluid=[sas_uid]&cklb=1

Request Chain 409

https://b1sync.zemanta.com/usersync/seedtag?puid=&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Foutbrain%3Fchanneluid%3D__ZUID__ HTTP 302
https://s.seedtag.com/cs/cookiesync/outbrain?channeluid=&gdpr=0

Request Chain 411

https://x.bidswitch.net/sync?ssp=seedtag&user_id=&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=seedtag&user_id=&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=seedtag&bsw_user_id=638970d8-9c3c-48f2-84e0-83dc47d9e575 HTTP 302
https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=5d510084-e69a-49ef-999c-a48eb173c6bd&ssp=seedtag HTTP 302
https://s.seedtag.com/cs/cookiesync/Bidswitch?channeluid=638970d8-9c3c-48f2-84e0-83dc47d9e575

Request Chain 412

https://sync.search.spotxchange.com/partner?adv_id=8651&redir=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fspotx%3Fchanneluid%3D%24SPOTX_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=8651&redir=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fspotx%3Fchanneluid%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=efdc0d88-5ca5-11ed-825b-197e22df0406 HTTP 302
https://s.seedtag.com/cs/cookiesync/spotx?channeluid=efdc0d40-5ca5-11ed-825b-197e22df0406

Request Chain 413

https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Frichaudience%3Fchanneluid%3D%5BPDID%5D HTTP 302
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcs.seedtag.com%2F

Request Chain 414

https://sync.search.spotxchange.com/partner?source=249286 HTTP 302
https://sync.search.spotxchange.com/partner?source=249286&__user_check__=1&sync_id=efdc00dc-5ca5-11ed-9e7e-1be234f70206 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_sc&gdpr=0&gdpr_consent=%24%7BGDPR_CONSENT_229%7D HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&gdpr=0&gdpr_consent=%24%7BGDPR_CONSENT_229%7D&uid=CAESEGdt_bkuF2SnHeeop5epinY&google_cver=1 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=spotx&ttd_tpi=1&gdpr=0&gdpr_consent=

Request Chain 415

https://ad.360yield.com/server_match?partner_id=1680&r=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fimprovedigital%3Fchanneluid%3D%7BPUB_USER_ID%7D HTTP 302
https://ad.360yield.com/ul_cb/server_match?partner_id=1680&r=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fimprovedigital%3Fchanneluid%3D%7BPUB_USER_ID%7D HTTP 302
https://s.seedtag.com/cs/cookiesync/improvedigital?channeluid=10f00cbc-b28c-466d-97aa-6be54fe6a774

Request Chain 416

https://ssum-sec.casalemedia.com/usermatchredir?s=191730&cb=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Findexexchange%3Fchanneluid%3D HTTP 302
https://s.seedtag.com/cs/cookiesync/indexexchange?channeluid=Y2W21Q4NmwM8dt5vJ0ieUwAA%261190

Request Chain 417

https://ups.analytics.yahoo.com/ups/58427/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58427/occ?verify=true HTTP 302
https://s.seedtag.com/cs/cookiesync/verizon?channeluid=y-MHaGI31E2uFwee.M1rDGKBzOvnkl.IXBOFHv.ys-~A

Request Chain 422

https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D7dd941a7-2158-462c-65c5-4439b4e13dd5%26reqId%3Df3d2ce33-6a32-4c56-7d26-0eae88e9fa59%26zdid%3D1361 HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D7dd941a7-2158-462c-65c5-4439b4e13dd5%26reqId%3Df3d2ce33-6a32-4c56-7d26-0eae88e9fa59%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=eb53dd69-74b9-4389-8e8f-93fb26d98b01&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7dd941a7-2158-462c-65c5-4439b4e13dd5&reqId=f3d2ce33-6a32-4c56-7d26-0eae88e9fa59&zdid=1361

Request Chain 427

https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D7dd941a7-2158-462c-65c5-4439b4e13dd5%26reqId%3Df3d2ce33-6a32-4c56-7d26-0eae88e9fa59%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&cid=A69EE0D3-78E7-482C-8746-636E4A80DE47&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7dd941a7-2158-462c-65c5-4439b4e13dd5&reqId=f3d2ce33-6a32-4c56-7d26-0eae88e9fa59&zdid=1361

Request Chain 428

https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7dd941a7-2158-462c-65c5-4439b4e13dd5&reqId=f3d2ce33-6a32-4c56-7d26-0eae88e9fa59&zdid=1361 HTTP 302
https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7dd941a7-2158-462c-65c5-4439b4e13dd5&reqId=f3d2ce33-6a32-4c56-7d26-0eae88e9fa59&zdid=1361&s_h=1 HTTP 302
https://mwzeom.zeotap.com/mw?cid=9b933f2c-8277-4522-b47c-e464252e6b4f&zpartnerid=317&gdpr=1&gdpr_consent=

Request Chain 429

https://dpm.demdex.net/ibs:dpid=199624&dpuuid=7dd941a7-2158-462c-65c5-4439b4e13dd5&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D7dd941a7-2158-462c-65c5-4439b4e13dd5%26reqId%3Df3d2ce33-6a32-4c56-7d26-0eae88e9fa59%26zdid%3D1361 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=7dd941a7-2158-462c-65c5-4439b4e13dd5&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D7dd941a7-2158-462c-65c5-4439b4e13dd5%26reqId%3Df3d2ce33-6a32-4c56-7d26-0eae88e9fa59%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=83846149001161129374434079806974675373&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7dd941a7-2158-462c-65c5-4439b4e13dd5&reqId=f3d2ce33-6a32-4c56-7d26-0eae88e9fa59&zdid=1361

Request Chain 431

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D7dd941a7-2158-462c-65c5-4439b4e13dd5%26reqId%3Df3d2ce33-6a32-4c56-7d26-0eae88e9fa59%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=7162331821236287638&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7dd941a7-2158-462c-65c5-4439b4e13dd5&reqId=f3d2ce33-6a32-4c56-7d26-0eae88e9fa59&zdid=1361

Request Chain 432

https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=7dd941a7-2158-462c-65c5-4439b4e13dd5 HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=7dd941a7-2158-462c-65c5-4439b4e13dd5

Request Chain 433

https://idsync.frontend.weborama.fr/ids?key=zeotap&value=7dd941a7-2158-462c-65c5-4439b4e13dd5&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D7dd941a7-2158-462c-65c5-4439b4e13dd5%26reqId%3Df3d2ce33-6a32-4c56-7d26-0eae88e9fa59%26zdid%3D1361 HTTP 302
https://idsync.frontend.weborama.fr/ids?key=zeotap&value=7dd941a7-2158-462c-65c5-4439b4e13dd5&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D7dd941a7-2158-462c-65c5-4439b4e13dd5%26reqId%3Df3d2ce33-6a32-4c56-7d26-0eae88e9fa59%26zdid%3D1361&bounce=1&random=1431879368 HTTP 302
https://mwzeom.zeotap.com/mw?webouuid=BwlZKdoMSr1q35ewoPVBnu&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7dd941a7-2158-462c-65c5-4439b4e13dd5&reqId=f3d2ce33-6a32-4c56-7d26-0eae88e9fa59&zdid=1361

Request Chain 434

https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D[sas_uid]%26zpartnerid%3D592%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D7dd941a7-2158-462c-65c5-4439b4e13dd5%26reqId%3Df3d2ce33-6a32-4c56-7d26-0eae88e9fa59%26zdid%3D1361 HTTP 302
https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https://mwzeom.zeotap.com/mw?cid=[sas_uid]&zpartnerid=592&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7dd941a7-2158-462c-65c5-4439b4e13dd5&reqId=f3d2ce33-6a32-4c56-7d26-0eae88e9fa59&zdid=1361&cklb=1 HTTP 302
https://mwzeom.zeotap.com/mw?cid=

Request Chain 436

https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
https://mwzeom.zeotap.com/mw?cid=y-N5ugquhE2oq.cCh_8u0IU11_9ejyUFuZ3A--~A&zpartnerid=570&env=mWeb

Request Chain 437

https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=GBR&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7dd941a7-2158-462c-65c5-4439b4e13dd5&reqId=f3d2ce33-6a32-4c56-7d26-0eae88e9fa59&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=GBR&zdid=1361&cid=ZR6S5X8XFTjOFO36oIE8fUC8IKvs9qmz%2BS41iYitP1U%3D

Request Chain 441

https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D7dd941a7-2158-462c-65c5-4439b4e13dd5%26reqId%3Df3d2ce33-6a32-4c56-7d26-0eae88e9fa59%26zdid%3D1361 HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D7dd941a7-2158-462c-65c5-4439b4e13dd5%26reqId%3Df3d2ce33-6a32-4c56-7d26-0eae88e9fa59%26zdid%3D1361&_test=Y2W22AAAARhCSgA7 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=Y2W22AAAARhCSgA7&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7dd941a7-2158-462c-65c5-4439b4e13dd5&reqId=f3d2ce33-6a32-4c56-7d26-0eae88e9fa59&zdid=1361&_test=Y2W22AAAARhCSgA7

Request Chain 442

https://engine.widespace.com/map/ext/api/trackingcallback/v1?accessToken=zeotap-user-sync&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7dd941a7-2158-462c-65c5-4439b4e13dd5&reqId=f3d2ce33-6a32-4c56-7d26-0eae88e9fa59&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=395&ws_uid=ck.10c5fc91-6523-40a2-bc69-6b0e1171718e&zdid=1361

Request Chain 443

https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7dd941a7-2158-462c-65c5-4439b4e13dd5&reqId=f3d2ce33-6a32-4c56-7d26-0eae88e9fa59&zdid=1361 HTTP 302
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7dd941a7-2158-462c-65c5-4439b4e13dd5&reqId=f3d2ce33-6a32-4c56-7d26-0eae88e9fa59&zdid=1361

Request Chain 444

https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=7dd941a7-2158-462c-65c5-4439b4e13dd5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7dd941a7-2158-462c-65c5-4439b4e13dd5&reqId=f3d2ce33-6a32-4c56-7d26-0eae88e9fa59&zdid=1361 HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=7dd941a7-2158-462c-65c5-4439b4e13dd5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7dd941a7-2158-462c-65c5-4439b4e13dd5&reqId=f3d2ce33-6a32-4c56-7d26-0eae88e9fa59&zdid=1361&dcc=t

Request Chain 446

https://obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D7dd941a7-2158-462c-65c5-4439b4e13dd5%26reqId%3Df3d2ce33-6a32-4c56-7d26-0eae88e9fa59%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7dd941a7-2158-462c-65c5-4439b4e13dd5&reqId=f3d2ce33-6a32-4c56-7d26-0eae88e9fa59&zdid=1361

Request Chain 447

https://pixel.rubiconproject.com/token?pid=41544&puid=7dd941a7-2158-462c-65c5-4439b4e13dd5&gdpr=0&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7dd941a7-2158-462c-65c5-4439b4e13dd5&reqId=f3d2ce33-6a32-4c56-7d26-0eae88e9fa59&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=LA384PLQ-U-6E0I&env=mWeb&zpartnerid=1770&gdpr=0

Request Chain 448

https://x.bidswitch.net/syncd?dsp_id=461&user_group=1&expires=5&user_id=7dd941a7-2158-462c-65c5-4439b4e13dd5&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BBBSW_UUID%7D%26cookie_age%3D%24%7BCOOKIE_AGE%7D%26env%3DmWeb%26zpartnerid%3D1771%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D7dd941a7-2158-462c-65c5-4439b4e13dd5%26reqId%3Df3d2ce33-6a32-4c56-7d26-0eae88e9fa59%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=${BBSW_UUID}&cookie_age=${COOKIE_AGE}&env=mWeb&zpartnerid=1771&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7dd941a7-2158-462c-65c5-4439b4e13dd5&reqId=f3d2ce33-6a32-4c56-7d26-0eae88e9fa59&zdid=1361

Request Chain 454

https://c1.adform.net/serving/cookie/match?party=14&cid=A69EE0D3-78E7-482C-8746-636E4A80DE47&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=A69EE0D3-78E7-482C-8746-636E4A80DE47&gdpr=0&gdpr_consent=

Request Chain 455

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8237871583332428111

Request Chain 456

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:74636365-b6d8-4e00-bcdc-6e3545f1516b&gdpr=0&gdpr_consent=

Request Chain 458

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=A69EE0D3-78E7-482C-8746-636E4A80DE47&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=A69EE0D3-78E7-482C-8746-636E4A80DE47&redir=true&gdpr=0&gdpr_consent=&dcc=t

Request Chain 459

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2135954514127792914&gdpr=0&gdpr_consent=

Request Chain 460

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=1907wYPYacLM3W6Vhd0gkdDZaMfM3muWg4_xJcMe

Request Chain 461

https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7162331821235632278&gdpr=0&gdpr_consent=

Request Chain 462

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFNUTFVN0d5MjRBQUNFM2JtR1Vtdw&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1

Request Chain 463

https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=BsrVmMlIRkpttmzYZ3WCNdmKxG0

Request Chain 464

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=Y2W22AAForVBHQA7 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y2W22AAForVBHQA7&gdpr=0&gdpr_consent=&_test=Y2W22AAForVBHQA7

Request Chain 466

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}

Request Chain 468

https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid HTTP 302
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=bfa07d0b059e0ebc/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DwoK5xk2lhMgaTQahaVRnanhj

Request Chain 471

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1667610328262 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6352167345

Request Chain 472

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=pp7g03jnSCyHRmNuSoDeRw%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

Request Chain 474

https://pixel.onaudience.com/?partner=214&mapped=A69EE0D3-78E7-482C-8746-636E4A80DE47&gdpr=0&gdpr_consent= HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0 HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1 HTTP 302
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=889dbef8f24d160fd1d7162840f7bc6c&gdpr=0 HTTP 302
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=bfa07d0b059e0ebc/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D

Request Chain 475

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QTY5RUUwRDMtNzhFNy00ODJDLTg3NDYtNjM2RTRBODBERTQ3&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 476

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEExBjZMe7_0NfeAnux1HHJ4&google_cver=1

Request Chain 478

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3956611679389570165

Request Chain 482

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=A69EE0D3-78E7-482C-8746-636E4A80DE47&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=A69EE0D3-78E7-482C-8746-636E4A80DE47&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-b.dH1oJE2uUQBlYA0j0s4ChV6.Xd0iU-~A&gdpr=0&gdpr_consent=

Request Chain 485

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3136322242902205166&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 486

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:2ff9fe69-3cd9-49c6-a9df-a55279a42180&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

Request Chain 487

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2135954514127792914

Request Chain 489

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y2W21Q4NmwM8dt5vJ0ieUwAABKYAAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y2W21Q4NmwM8dt5vJ0ieUwAABKYAAAIB&dcc=t

Request Chain 490

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y2W21Q4NmwM8dt5vJ0ieUwAABKYAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEA_HQ4vks5S8_yRa_pROQ4I&google_cver=1

Request Chain 492

https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=29 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=5667284144946096023&expiration=1668819928

Request Chain 493

https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y2W21Q4NmwM8dt5vJ0ieUwAA%261190?gdpr_consent=&us_privacy=&gdpr= HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y2W21Q4NmwM8dt5vJ0ieUwAA%261190

Request Chain 495

https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=53a81637-4b82-4224-8281-8b545f1936b2

Request Chain 501

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0 HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=fdAeRLnPTuOkIDz0jdtAyw&rk=usync-na&gdpr=0 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=fdAeRLnPTuOkIDz0jdtAyw&gdpr=0

Request Chain 502

https://token.rubiconproject.com/token?pid=36584&gdpr=0 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LA384PLQ-U-6E0I&gdpr=0

Request Chain 503

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/TRJIX7Ii2W4smMqPYGFzOg?csrc=&gdpr=0 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=6769945840981893239

Request Chain 504

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0 HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=QMUqyQbsTe6Z3DLFCPbL_g&rk=usync-other&gdpr=0 HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=QMUqyQbsTe6Z3DLFCPbL_g&gdpr=0

Request Chain 505

https://token.rubiconproject.com/token?pid=25470&gdpr=0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEEzODRQTFEtVS02RTBJ&gdpr=0

Request Chain 507

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESECBgs19rEGeq3BxYeMo7x7Q&google_cver=1

Request Chain 508

https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=OGQwYjFiNjg2NmM3ZWI3YTRlYTkxMWNjM2Y1OTJlOGU4MWQzY2QwZg&google_cm&gdpr=0 HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=0&google_gid=CAESELMxQpNzqA2JLiH2h3lm26M&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEEzODRQTFEtVS02RTBJ&google_push=&gdpr=0

425 HTTP transactions
87 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
buhgalter.com.ua/
Redirect Chain

http://buhgalter.com.ua/
https://buhgalter.com.ua/

104 KB
29 KB

200ms
124ms

Document
text/html

136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL

https://buhgalter.com.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

136.144.183.196 Haarlem, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),

Reverse DNS

136-144-183-196.colo.transip.net

Software

nginx /

Resource Hash

7525c9a65786a8363d1fdbec81ae589180465e75db385445e7e0603ec54aa0c3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=15768000; includeSubdomains;
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate, max-age=0 no-transform
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Sat, 05 Nov 2022 01:05:23 GMT
expires: Sat, 05 Nov 2022 02:05:23 GMT
last-modified: Thu, 28 May 2020 12:12:45 GMT
server: nginx
strict-transport-security: max-age=15768000; includeSubdomains;
vary: Accept-Encoding
x-content-type-options: nosniff nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block 1; mode=block

Redirect headers

Connection: Keep-Alive
Content-Length: 233
Content-Type: text/html; charset=iso-8859-1
Date: Sat, 05 Nov 2022 01:05:22 GMT
Keep-Alive: timeout=5, max=100
Location: https://buhgalter.com.ua/
Server: Apache
Strict-Transport-Security: max-age=15768000; includeSubdomains;
x-xss-protection: 1; mode=block

GET
H2 200 jquery.min.js Show response
buhgalter.com.ua/assets/templates/base/js/ 94 KB
33 KB 65ms
65ms Script
application/javascript 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://buhgalter.com.ua/assets/templates/base/js/jquery.min.js?1548420380
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Haarlem, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 01:05:23 GMT
content-encoding: gzip
last-modified: Fri, 25 Jan 2019 12:46:20 GMT
server: nginx
etag: W/"5c4b051c-1762a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1209600, public, no-transform
expires: Sat, 19 Nov 2022 01:05:23 GMT

GET
H2 200 client.js Show response
cdn.gravitec.net/storage/c77ccd81f8480b85adc1e41419254e96/ 64 KB
18 KB 186ms
84ms Script
application/javascript 45.133.44.4
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.net/storage/c77ccd81f8480b85adc1e41419254e96/client.js
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: b272da8532a2532b094eb8b01d0c38fac4cb5cbc2a48e620f40cdf886db497a1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires: Mon, 31 Oct 2022 20:13:10 GMT
date: Sat, 05 Nov 2022 01:05:23 GMT
content-encoding: gzip
last-modified: Mon, 31 Oct 2022 19:57:34 GMT
server: nginx
etag: W/"636028ae-100fb"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=10
x-proxy-cache: REVALIDATED

GET
H2 200 main.js Show response
buhgalter.com.ua/assets/templates/base/js/ 31 KB
8 KB 82ms
77ms Script
application/javascript 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://buhgalter.com.ua/assets/templates/base/js/main.js?1665486999
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Haarlem, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: c4a6f381a5dfdcf76a9c61b3aeec81e4899cf5b2141eeb80db87a81ecc4e1d21

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 01:05:23 GMT
content-encoding: gzip
last-modified: Tue, 11 Oct 2022 11:16:39 GMT
server: nginx
etag: W/"63455097-7b37"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1209600, public, no-transform
expires: Sat, 19 Nov 2022 01:05:23 GMT

GET
H2 200 advert.js Show response
buhgalter.com.ua/assets/templates/base/js/ 2 KB
1 KB 83ms
78ms Script
application/javascript 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://buhgalter.com.ua/assets/templates/base/js/advert.js?1482134876
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Haarlem, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: 22ef740962bc0b112be9cf31438b5f65689bee5ea052a5538cf05d959cd4d96c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 01:05:23 GMT
content-encoding: gzip
last-modified: Mon, 19 Dec 2016 08:07:56 GMT
server: nginx
etag: W/"5857955c-947"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1209600, public, no-transform
expires: Sat, 19 Nov 2022 01:05:23 GMT

GET
H2 200 custom_branding.css
buhgalter.com.ua/assets/templates/base/css/ 2 KB
798 B 66ms
66ms Stylesheet
text/css 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://buhgalter.com.ua/assets/templates/base/css/custom_branding.css?1645010085
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Haarlem, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: 3061a71d8be14bbf325156cea941da0e53ef184eef60c14331e15b4145b4dc7e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 01:05:23 GMT
content-encoding: gzip
last-modified: Wed, 16 Feb 2022 11:14:45 GMT
server: nginx
etag: W/"620cdca5-90d"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1209600, public, no-transform
expires: Sat, 19 Nov 2022 01:05:23 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
43 KB 176ms
73ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-35985798-1

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e0d05cdd713850472fd456ab68a7b974b5681aab4165d5da7e832955da0e9b8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 01:05:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43615
x-xss-protection: 0
last-modified: Sat, 05 Nov 2022 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 05 Nov 2022 01:05:23 GMT

GET
H2 200 config_accounts.js Show response
buhgalter.com.ua/assets/templates/base/js/ 676 B
885 B 83ms
79ms Script
application/javascript 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://buhgalter.com.ua/assets/templates/base/js/config_accounts.js
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Haarlem, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: a84684c392beb111f1ffc575860f0fd182e14aa8953829b5655a90cf5094e898

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 01:05:23 GMT
last-modified: Thu, 11 Nov 2021 09:07:41 GMT
server: nginx
etag: "618cdd5d-2a4"
content-type: application/javascript
cache-control: max-age=1209600, public, no-transform
accept-ranges: bytes
content-length: 676
expires: Sat, 19 Nov 2022 01:05:23 GMT

GET
H2 200 all-sites.js Show response
buhgalter.com.ua/assets/templates/base/js/ 31 KB
7 KB 84ms
80ms Script
application/javascript 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://buhgalter.com.ua/assets/templates/base/js/all-sites.js?v=20072022
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Haarlem, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: e2375265c2c58ff376a5b20241c598a2822e043c80935b4a27b50306b4338280

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 01:05:23 GMT
content-encoding: gzip
last-modified: Wed, 20 Jul 2022 07:26:46 GMT
server: nginx
etag: W/"62d7ae36-7c31"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1209600, public, no-transform
expires: Sat, 19 Nov 2022 01:05:23 GMT

GET
H2 200 buy-access.css
buhgalter.com.ua/assets/templates/base/css/ 14 KB
3 KB 46ms
45ms Stylesheet
text/css 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://buhgalter.com.ua/assets/templates/base/css/buy-access.css?1666712570
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Haarlem, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: 0945e4fad72d0c08a7eeb945cd19a38c4e1b159550a38336f397fd408223b8ad

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 01:05:23 GMT
content-encoding: gzip
last-modified: Tue, 25 Oct 2022 15:42:50 GMT
server: nginx
etag: W/"635803fa-39e0"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1209600, public, no-transform
expires: Sat, 19 Nov 2022 01:05:23 GMT

GET
H2 200 sockjs.min.js Show response
cdn.jsdelivr.net/sockjs/0.3.4/ 33 KB
12 KB 110ms
40ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/sockjs/0.3.4/sockjs.min.js

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4b6d898c081feaaf31175668b7a4837cf08ee6480fce388cbb93fc710646d07

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 01:05:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 19755780
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19169-FRA, cache-lcy19221-LCY
server: cloudflare
etag: W/"845f-2xqGtL6IkSLNx0THukpBdUC8xho"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Br2i62RtkqdUkAbxzTZY4o%2FOjySrn%2BXVs1hxEjXYEaSaIkE2jm199eErE%2FRlt4LpzWwn5HSubJw55Xj4UQK5Uf5CQcnPaMIdhwvnrdLy6Bmib5Ox4vhQJ0y%2BUHLaAgp8lbh5fPdgCK0l%2F4PkzNU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 7651ae48eee376e4-LHR

GET
H2 200 subscribe_form_newsone.css
buhgalter.com.ua/assets/templates/base/css/ 2 KB
817 B 46ms
46ms Stylesheet
text/css 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://buhgalter.com.ua/assets/templates/base/css/subscribe_form_newsone.css?1665485092
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Haarlem, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: 1e18095b9d6ac7a64d0acc19a7691ceac4bb92f0da943acbe4183c75ab07f27e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 01:05:23 GMT
content-encoding: gzip
last-modified: Tue, 11 Oct 2022 10:44:52 GMT
server: nginx
etag: W/"63454924-72c"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1209600, public, no-transform
expires: Sat, 19 Nov 2022 01:05:23 GMT

GET
H2 200 bcom_logo_footer.png
buhgalter.com.ua/assets/templates/base/images/ 9 KB
10 KB 84ms
81ms Image
image/png 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buhgalter.com.ua/assets/templates/base/images/bcom_logo_footer.png
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Haarlem, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: 27bf5587dcdf6b46c008ea961d5a4792d2d7b8cdff11db21f9251425e4c1c20b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 01:05:23 GMT
last-modified: Tue, 25 Oct 2022 07:24:51 GMT
server: nginx
etag: "63578f43-25e7"
content-type: image/png
cache-control: max-age=1209600, public, no-transform
accept-ranges: bytes
content-length: 9703
expires: Sat, 19 Nov 2022 01:05:23 GMT

GET
H2 200 payment_types.svg
buhgalter.com.ua/assets/templates/base/images/ 3 KB
3 KB 85ms
81ms Image
image/svg+xml 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buhgalter.com.ua/assets/templates/base/images/payment_types.svg
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Haarlem, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: cb89401c31c55eaf5d321b8d956d8b26717e2fe7663101a173619f642cb11d63

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 01:05:23 GMT
content-encoding: gzip
last-modified: Tue, 25 Oct 2022 07:26:26 GMT
server: nginx
etag: W/"63578fa2-c9b"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=1209600, public, no-transform
expires: Sat, 19 Nov 2022 01:05:23 GMT

GET
H2 200 footer_logo_forum.svg
buhgalter.com.ua/assets/templates/base/images/ 5 KB
4 KB 85ms
82ms Image
image/svg+xml 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buhgalter.com.ua/assets/templates/base/images/footer_logo_forum.svg
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Haarlem, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: 7cb32d973638c94c708c3bfd9d908d9c899f1f77930c149059a1ce06ef4cefb0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 01:05:23 GMT
content-encoding: gzip
last-modified: Tue, 25 Oct 2022 07:26:44 GMT
server: nginx
etag: W/"63578fb4-1554"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=1209600, public, no-transform
expires: Sat, 19 Nov 2022 01:05:23 GMT

GET
H2 200 js.cookie.min.js Show response
buhgalter.com.ua/assets/templates/base/js/ 2 KB
1 KB 43ms
38ms Script
application/javascript 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://buhgalter.com.ua/assets/templates/base/js/js.cookie.min.js?1651056762
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Haarlem, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: 94d7ec1ea563f6e407c32352b0a74f09bb645a4c4a4805951c3a168e57fbb554

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 01:05:23 GMT
content-encoding: gzip
last-modified: Wed, 27 Apr 2022 10:52:42 GMT
server: nginx
etag: W/"6269207a-690"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1209600, public, no-transform
expires: Sat, 19 Nov 2022 01:05:23 GMT

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ 45 KB
17 KB 165ms
54ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

a765b6b49657c03fd21414da60eed05a7978b91fcf9f0818ca51cbca2f7ede0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 01:05:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16836
x-xss-protection: 0
server: cafe
etag: 14253518212129236209
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 05 Nov 2022 01:05:23 GMT

GET
H2 200 chat2.js Show response
buhgalter.com.ua/assets/templates/base/chat/js/ 14 KB
5 KB 85ms
82ms Script
application/javascript 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://buhgalter.com.ua/assets/templates/base/chat/js/chat2.js?1575636222
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Haarlem, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: 2794e4bee8b85e3e25f439d6e2eff996da14eee39f04ccd2ab65436562be1fe9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 01:05:23 GMT
content-encoding: gzip
last-modified: Fri, 06 Dec 2019 12:43:42 GMT
server: nginx
etag: W/"5dea4cfe-375c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1209600, public, no-transform
expires: Sat, 19 Nov 2022 01:05:23 GMT

GET
H2 200 favorites.js Show response
buhgalter.com.ua/assets/templates/base/js/ 5 KB
1 KB 45ms
39ms Script
application/javascript 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://buhgalter.com.ua/assets/templates/base/js/favorites.js?1549530983
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Haarlem, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: b044100db87d9ea6f2baea5b4c2cacbd92d3f76a8fb521cdcddca8c26c196c1f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 01:05:23 GMT
content-encoding: gzip
last-modified: Thu, 07 Feb 2019 09:16:23 GMT
server: nginx
etag: W/"5c5bf767-140a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1209600, public, no-transform
expires: Sat, 19 Nov 2022 01:05:23 GMT

GET
H2 200 ads_remove_popup.js Show response
buhgalter.com.ua/assets/templates/base/js/ 3 KB
1 KB 46ms
40ms Script
application/javascript 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://buhgalter.com.ua/assets/templates/base/js/ads_remove_popup.js?1551773669
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Haarlem, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: 060bb8520b20eb55d3627c997fb70a310ee7340fca81019d845ec4d411f1f28d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 01:05:23 GMT
content-encoding: gzip
last-modified: Tue, 05 Mar 2019 08:14:29 GMT
server: nginx
etag: W/"5c7e2fe5-c04"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1209600, public, no-transform
expires: Sat, 19 Nov 2022 01:05:23 GMT

GET
H2 200 analytics.js Show response
buhgalter.com.ua/assets/templates/base/js/ 9 KB
2 KB 46ms
40ms Script
application/javascript 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://buhgalter.com.ua/assets/templates/base/js/analytics.js?1626441437
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Haarlem, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: d80bd54f6f01cdaa4f9b4bf238a45def7223316f3613971da9a6a417c62b5364

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 01:05:23 GMT
content-encoding: gzip
last-modified: Fri, 16 Jul 2021 13:17:17 GMT
server: nginx
etag: W/"60f186dd-22ed"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1209600, public, no-transform
expires: Sat, 19 Nov 2022 01:05:23 GMT

GET
H2 200 content_breaker.js Show response
buhgalter.com.ua/assets/templates/base/js/ 785 B
994 B 47ms
41ms Script
application/javascript 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://buhgalter.com.ua/assets/templates/base/js/content_breaker.js?1638465638
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Haarlem, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: aac16f954d581bdc9117839285ab45c1e9c71133dbdf18d0e72f420f18d99f13

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 01:05:23 GMT
last-modified: Thu, 02 Dec 2021 17:20:38 GMT
server: nginx
etag: "61a90066-311"
content-type: application/javascript
cache-control: max-age=1209600, public, no-transform
accept-ranges: bytes
content-length: 785
expires: Sat, 19 Nov 2022 01:05:23 GMT

GET
H2 200 check_access.js Show response
buhgalter.com.ua/assets/templates/base/js/ 302 B
511 B 47ms
42ms Script
application/javascript 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://buhgalter.com.ua/assets/templates/base/js/check_access.js?1638465374
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Haarlem, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: a7175d1d334c622399772f16264ac7a80176047397f32836b6e0b004a59969e8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 01:05:23 GMT
last-modified: Thu, 02 Dec 2021 17:16:14 GMT
server: nginx
etag: "61a8ff5e-12e"
content-type: application/javascript
cache-control: max-age=1209600, public, no-transform
accept-ranges: bytes
content-length: 302
expires: Sat, 19 Nov 2022 01:05:23 GMT

GET
H2 200 ads_turn_off.css
buhgalter.com.ua/assets/templates/base/css/ 5 KB
1 KB 48ms
43ms Stylesheet
text/css 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://buhgalter.com.ua/assets/templates/base/css/ads_turn_off.css?v=20200507
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Haarlem, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: 52b55ae47fb6f7ce41328be63dce372ff1e2c28be04a4d1e7a3ba68152acfa7c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 01:05:23 GMT
content-encoding: gzip
last-modified: Mon, 29 Aug 2022 11:00:26 GMT
server: nginx
etag: W/"630c9c4a-12ce"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1209600, public, no-transform
expires: Sat, 19 Nov 2022 01:05:23 GMT

GET
H2 200 accounts_manager.js Show response
buhgalter.com.ua/assets/templates/base/js/ 2 KB
740 B 49ms
44ms Script
application/javascript 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://buhgalter.com.ua/assets/templates/base/js/accounts_manager.js?v=02022021
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Haarlem, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: f268e67bed4c1584ddf22b804ba2e482c2ed18c8905a1f032406bf846d7887dc

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 01:05:23 GMT
content-encoding: gzip
last-modified: Mon, 25 Jan 2021 07:56:35 GMT
server: nginx
etag: W/"600e79b3-609"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1209600, public, no-transform
expires: Sat, 19 Nov 2022 01:05:23 GMT

GET
H2 200 ads_turn_off.js Show response
buhgalter.com.ua/assets/templates/base/js/ 3 KB
1 KB 49ms
44ms Script
application/javascript 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://buhgalter.com.ua/assets/templates/base/js/ads_turn_off.js?1661763183
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Haarlem, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: abf2a4b981439fd1bfd908b09d480d4ddcd77b220c5d68f2aa342e7582396db8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 01:05:23 GMT
content-encoding: gzip
last-modified: Mon, 29 Aug 2022 08:53:03 GMT
server: nginx
etag: W/"630c7e6f-b0a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1209600, public, no-transform
expires: Sat, 19 Nov 2022 01:05:23 GMT

GET
H2 200 lw.css
buhgalter.com.ua/assets/templates/base/css/ 2 KB
834 B 50ms
45ms Stylesheet
text/css 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://buhgalter.com.ua/assets/templates/base/css/lw.css?1642000502
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Haarlem, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: ec7cf723e138fd1ced41f6f1c2c0d724c43183a65b54ebaef160e9635fc222d6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 01:05:23 GMT
content-encoding: gzip
last-modified: Wed, 12 Jan 2022 15:15:02 GMT
server: nginx
etag: W/"61def076-73c"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1209600, public, no-transform
expires: Sat, 19 Nov 2022 01:05:23 GMT

GET
H2 200 wrapper_hb_299506_4371.js Show response
player.adtelligent.com/prebid/ 2 KB
1 KB 165ms
40ms Script
application/javascript 45.133.44.4
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/prebid/wrapper_hb_299506_4371.js?cb=19301
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: e142124087c412eef969cd891c1fc1e1629fc878fc1641dbfe44bf9ef38b187c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires: Mon, 07 Nov 2022 01:05:23 GMT
date: Sat, 05 Nov 2022 01:05:23 GMT
content-encoding: gzip
last-modified: Mon, 31 Oct 2022 12:06:13 GMT
server: nginx
etag: W/"635fba35-6c4"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=172800
x-proxy-cache: HIT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 205 KB
72 KB 163ms
62ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WVLD3W

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dad7fcdff59738b281018aeabbaab227d9eb602acdbef9c6ffc25a512341f61c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 01:05:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 73144
x-xss-protection: 0
last-modified: Sat, 05 Nov 2022 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 05 Nov 2022 01:05:23 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
1 KB 144ms
50ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@500&display=swap

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/assets/templates/base/css/buy-access.css?1666712570

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3b542bc706a41d36ca02e27cc3a6165104c2b7fdc57aa9a23ca63e164495c2c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 05 Nov 2022 01:05:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 05 Nov 2022 00:57:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 05 Nov 2022 01:05:23 GMT

GET
H2 200 resource_icons_v7.png
buhgalter.com.ua/assets/templates/base/images/accounts/ 4 KB
4 KB 68ms
67ms Image
image/png 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buhgalter.com.ua/assets/templates/base/images/accounts/resource_icons_v7.png
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Haarlem, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: c5a7e1a01e97fddf0d6fea76f7a895d53516d76728a4615816a71afa8141d8df

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 01:05:23 GMT
last-modified: Thu, 17 Jun 2021 10:19:17 GMT
server: nginx
etag: "60cb21a5-f41"
content-type: image/png
cache-control: max-age=1209600, public, no-transform
accept-ranges: bytes
content-length: 3905
expires: Sat, 19 Nov 2022 01:05:23 GMT

GET
H2 200 configs Show response
cdn.gravitec.net/sdk/web/ 2 KB
1 KB 133ms
52ms Fetch
application/json 45.133.44.4
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.net/sdk/web/configs?appKey=c77ccd81f8480b85adc1e41419254e96
Requested by: Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/c77ccd81f8480b85adc1e41419254e96/client.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: dafaa937eadd710a78845e1e43b6facb9b04efd0c94ef1b5d0639b70a9e4b76c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 01:05:23 GMT
x-correlation-id: 3ddc3a5ddc4f6230fa1021f59ee129b1
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-proxy-cache: MISS

GET
H2 200 logo_event_n.png
buhgalter.com.ua/assets/templates/base/images/ 9 KB
10 KB 39ms
36ms Image
image/png 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buhgalter.com.ua/assets/templates/base/images/logo_event_n.png
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Haarlem, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: d564e795aec94a8c74308ecec87cb269c8b536135086e36ba14ffa7f22434264

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 01:05:23 GMT
last-modified: Tue, 15 Jun 2021 12:47:48 GMT
server: nginx
etag: "60c8a174-25c4"
content-type: image/png
cache-control: max-age=1209600, public, no-transform
accept-ranges: bytes
content-length: 9668
expires: Sat, 19 Nov 2022 01:05:23 GMT

GET
H2 200 fbds.js Show response
connect.facebook.net/en_US/ 4 KB
3 KB 125ms
39ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbds.js

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f146d2ce47755c02e9da1d068674194cda04199554231cba412849cd943fc72a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 05 Nov 2022 01:05:23 GMT
content-md5: BeOTcLsflUlb3KedL8CkTg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2167
x-fb-rlafr: 0
x-fb-debug: ay3WCwaBtGZTGjIOLlhm5FeV83KGUSWa3ptf5/nbfU8OC4/m5n+wYixn39N4S4p8TApgF5ISTWgpEsqYoNkA6g==
x-fb-trip-id: 686109401
x-fb-content-md5: 8254e52937ae2fca7bb147a4fe52dcf3
cross-origin-opener-policy: same-origin-allow-popups
etag: "cc3a76bc6978090480495ba1f051cad3"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
priority: u=3,i
expires: Sat, 05 Nov 2022 01:12:16 GMT

POST
H/1.1 200
OK add Show response
analytics.factor.ua/analytics/ 0
242 B 311ms
212ms XHR
text/html 95.170.82.90
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.factor.ua/analytics/add
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/assets/templates/base/js/analytics.js?1626441437
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.170.82.90 Amsterdam, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 95-170-82-90.colo.transip.net
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: https://buhgalter.com.ua
Date: Sat, 05 Nov 2022 01:05:23 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 0
Content-Type: text/html; charset=UTF-8

POST
H2 200 z Show response
s.zmctrack.net/ Frame A66B 50 KB
23 KB 319ms
133ms XHR
text/javascript 185.187.81.40
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.zmctrack.net/z
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.40 Kyiv, Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: openresty /
Resource Hash: 1965ab898ac65a6f70b092acbbbe9a86e01feaf039a32d82b97e96d3e2e98941

Request headers

Referer
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 05 Nov 2022 01:05:23 GMT
content-encoding: gzip
server: openresty
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: X-Location, X-Meta-Status, X-Set-Cookie, X-Cookie, X-Check
cache-control: no-cache, no-store
access-control-allow-headers: X-Request-Data, X-Headers, X-Url, Accept-Encoding, Accept-Language, Content-Language, Accept, Content-Type, Cookie, Origin, User-Agent
content-length: 23447
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 hbw_master_299506_4371.js Show response
player.adtelligent.com/prebidlink/19301/ 153 KB
33 KB 59ms
57ms Script
application/javascript 45.133.44.4
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/prebidlink/19301/hbw_master_299506_4371.js
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebid/wrapper_hb_299506_4371.js?cb=19301
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: 08062237a2f036354dc3634789c4f19fb2a043eb270e11ef1cb973bfad05cae9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires: Mon, 07 Nov 2022 01:05:23 GMT
date: Sat, 05 Nov 2022 01:05:23 GMT
content-encoding: gzip
last-modified: Mon, 31 Oct 2022 12:06:13 GMT
server: nginx
etag: W/"635fba35-26382"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=172800
x-proxy-cache: HIT

GET
H2 200 hb_299506_4371.js Show response
player.adtelligent.com/prebidlink/19301/ 350 KB
108 KB 109ms
108ms Script
application/javascript 45.133.44.4
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/prebidlink/19301/hb_299506_4371.js
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebid/wrapper_hb_299506_4371.js?cb=19301
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: 2de059c14703eb5c8982ab9b19ee3af6e8c8206d776c065965cdbb465b2c6d84

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires: Mon, 07 Nov 2022 01:05:23 GMT
date: Sat, 05 Nov 2022 01:05:23 GMT
content-encoding: gzip
last-modified: Tue, 18 Oct 2022 14:20:20 GMT
server: nginx
etag: W/"634eb624-57672"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=172800
x-proxy-cache: HIT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 80 KB
27 KB 159ms
47ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b856b041a9d49584925e619dd339d53a96e49e2e998059ee57d934a583d1421c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 01:05:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27462
x-xss-protection: 0
server: sffe
etag: "1384 / 103 of 1000 / last-modified: 1667599622"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 05 Nov 2022 01:05:23 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/975200280/ 2 KB
2 KB 160ms
57ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/975200280/?random=1667610323549&cv=9&fst=1667610323549&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fbuhgalter.com.ua%2F&tiba=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D0%B1%D1%83%D1%85%D0%B3%D0%B0%D0%BB%D1%82%D0%B5%D1%80%D1%96%D0%B2%20%D0%B1%D1%8E%D0%B4%D0%B6%D0%B5%D1%82%D0%BD%D0%B8%D1%85%20%D1%83%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

601ef7449dc95e639cc066e45cfc66233a9bd38bf4e24decac0d3375c7e29a6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Nov 2022 01:05:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 973
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK / Show response
jsonip.com/ 149 B
450 B 767ms
169ms Script
application/json 2600:3c01::f03c:91ff:fe79:43b
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL

https://jsonip.com/?callback=jQuery111108266285357631149_1667610323257&_=1667610323258

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/assets/templates/base/js/jquery.min.js?1548420380

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:3c01::f03c:91ff:fe79:43b Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),

Reverse DNS

Software

nginx/1.20.2 /

Resource Hash

1585a63de06e86f3628396b28041a5cfc5b364764172ad98d48edc6c75649e76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 05 Nov 2022 01:05:24 GMT
Strict-Transport-Security: max-age=31536000;
Server: nginx/1.20.2
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Connection: keep-alive

GET
H2 200 acceptcookies.css
buhgalter.com.ua/assets/templates/base/css/ 2 KB
744 B 36ms
35ms Stylesheet
text/css 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://buhgalter.com.ua/assets/templates/base/css/acceptcookies.css
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/assets/templates/base/js/jquery.min.js?1548420380
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Haarlem, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: f009046c8dfa738f7b73d46544595b6d47858c62f8af8c9a1fa87be048d17330

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 01:05:23 GMT
content-encoding: gzip
last-modified: Wed, 02 Nov 2022 14:51:17 GMT
server: nginx
etag: W/"636283e5-662"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1209600, public, no-transform
expires: Sat, 19 Nov 2022 01:05:23 GMT

GET
H2 200 acceptcookies.js Show response
buhgalter.com.ua/assets/templates/base/js/ 3 KB
1 KB 36ms
35ms XHR
application/javascript 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://buhgalter.com.ua/assets/templates/base/js/acceptcookies.js?_=1667610323259
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/assets/templates/base/js/jquery.min.js?1548420380
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Haarlem, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: 24d2d062a3432cd4d5b5079a056eaa1c0267f7ac8299bbff426395d70d081f2d

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://buhgalter.com.ua/
X-Requested-With: XMLHttpRequest
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 01:05:23 GMT
content-encoding: gzip
last-modified: Wed, 02 Nov 2022 14:51:31 GMT
server: nginx
etag: W/"636283f3-ba8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1209600, public, no-transform
expires: Sat, 19 Nov 2022 01:05:23 GMT

GET
H2 200 main.css
buhgalter.com.ua/assets/templates/base/chat/css/ 849 KB
458 KB 38ms
37ms Stylesheet
text/css 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://buhgalter.com.ua/assets/templates/base/chat/css/main.css?1625654744
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/assets/templates/base/js/jquery.min.js?1548420380
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Haarlem, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: 5e1055767f6d4ebc018c9e2386d3ca843ce1cc24daf9add01c652a15b7fdaf4d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 01:05:23 GMT
content-encoding: gzip
last-modified: Wed, 07 Jul 2021 10:45:44 GMT
server: nginx
etag: W/"60e585d8-d4267"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1209600, public, no-transform
expires: Sat, 19 Nov 2022 01:05:23 GMT

GET
H2 200 favourites.css
buhgalter.com.ua/assets/templates/base/css/ 5 KB
1 KB 75ms
74ms Stylesheet
text/css 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://buhgalter.com.ua/assets/templates/base/css/favourites.css?1665487532
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/assets/templates/base/js/jquery.min.js?1548420380
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Haarlem, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: 1cd795d06d23422370a772ff4f11b2149589c1ef15e91de8194d92403ca2ffdb

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 01:05:23 GMT
content-encoding: gzip
last-modified: Tue, 11 Oct 2022 11:25:32 GMT
server: nginx
etag: W/"634552ac-15ec"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1209600, public, no-transform
expires: Sat, 19 Nov 2022 01:05:23 GMT

GET
H2 200 notyfy_popups.css
buhgalter.com.ua/assets/templates/base/css/ 3 KB
973 B 76ms
74ms Stylesheet
text/css 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://buhgalter.com.ua/assets/templates/base/css/notyfy_popups.css?1551775774
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/assets/templates/base/js/jquery.min.js?1548420380
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Haarlem, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: 7b63f721e824f90d7f3144b2458f93b1697419fc8790f35537a064ed757a1b80

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 01:05:23 GMT
content-encoding: gzip
last-modified: Tue, 05 Mar 2019 08:49:34 GMT
server: nginx
etag: W/"5c7e381e-a18"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1209600, public, no-transform
expires: Sat, 19 Nov 2022 01:05:23 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.6.3/css/ 52 KB
12 KB 199ms
136ms Stylesheet
text/css 2606:4700:e2::ac40:850f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.6.3/css/all.css
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/assets/templates/base/js/jquery.min.js?1548420380
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:850f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a

Request headers

Referer: https://buhgalter.com.ua/
Origin: https://buhgalter.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 01:05:23 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: G5J6F7J0SF9Q297Y
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: dnDRyRFjCSPTtiOGRdOVEjWl9fRKseHaQOr6KyXioC0bLuLLjieNj0KKcAaszrxfJZVHgJ8HObk=
last-modified: Wed, 30 Jun 2021 15:44:33 GMT
server: cloudflare
etag: W/"dc93d584e41f8417f6b7163320d34329"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O4AHTn%2Ft%2BN0H9VQDKpescEtmD2h4cIzXBcRneywDycfDhd0LK6ZlxXAdbqKpJAwnP4PnU5xyzEMZ60OPyYVTYxpo0KA9rgoOSoH08pTfAU85LBcdCrO9OZfhu4MZSP3aon%2BihQ%2Fmdir367LsEllYQhmq"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 7651ae4b0d53778b-LHR

GET
H2 200 media.css
buhgalter.com.ua/assets/templates/base/css/ 121 KB
42 KB 76ms
75ms Stylesheet
text/css 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://buhgalter.com.ua/assets/templates/base/css/media.css?1667293624
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/assets/templates/base/js/jquery.min.js?1548420380
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Haarlem, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: e20e767839f09483c5eae25b181b720e31943d94a40dda6e7a6ea1e2809dcdb7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 01:05:23 GMT
content-encoding: gzip
last-modified: Tue, 01 Nov 2022 09:07:04 GMT
server: nginx
etag: W/"6360e1b8-1e459"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1209600, public, no-transform
expires: Sat, 19 Nov 2022 01:05:23 GMT

GET
H2 200 subscribe_form.css
buhgalter.com.ua/assets/templates/base/css/ 2 KB
784 B 77ms
75ms Stylesheet
text/css 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://buhgalter.com.ua/assets/templates/base/css/subscribe_form.css?1562068831
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/assets/templates/base/js/jquery.min.js?1548420380
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Haarlem, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: f7ec9f64994c0f12acd8ab801d6709a5373b161d22752d64c316fc4dc6b04026

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 01:05:23 GMT
content-encoding: gzip
last-modified: Tue, 02 Jul 2019 12:00:31 GMT
server: nginx
etag: W/"5d1b475f-656"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1209600, public, no-transform
expires: Sat, 19 Nov 2022 01:05:23 GMT

GET
H2 200 newsinfocus.css
buhgalter.com.ua/assets/templates/base/css/ 12 KB
6 KB 76ms
75ms Stylesheet
text/css 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://buhgalter.com.ua/assets/templates/base/css/newsinfocus.css?1629355568
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/assets/templates/base/js/jquery.min.js?1548420380
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Haarlem, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: a4f9fa103935fadea54ea87412c9697a65d9545e2b4d67b3b3f984590c1f0dea

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 01:05:23 GMT
content-encoding: gzip
last-modified: Thu, 19 Aug 2021 06:46:08 GMT
server: nginx
etag: W/"611dfe30-2fc1"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1209600, public, no-transform
expires: Sat, 19 Nov 2022 01:05:23 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 152ms
44ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-35985798-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 04 Nov 2022 23:15:54 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 6569
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Sat, 05 Nov 2022 01:15:54 GMT

GET
H2 200 / Show response
id.gravitec.net/ Frame 4959 621 B
713 B 168ms
41ms Document
text/html 2a02:6ea0:c700::21
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://id.gravitec.net/
Requested by: Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/c77ccd81f8480b85adc1e41419254e96/client.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::21 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 9d1cb86ec27e86dfdefab39206fb510070d00b81d91f11ddc6720e3c62629d32

Request headers

Referer: https://buhgalter.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-origin: *
cache-control: max-age=315360000 public
content-encoding: br
content-type: text/html; charset=utf-8
date: Sat, 05 Nov 2022 01:05:23 GMT
etag: W/"5e9485b6-26d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Mon, 13 Apr 2020 15:31:02 GMT
pragma: public
server: CDN77-Turbo
x-77-cache: HIT
x-77-nzt: AdRmOLHksAL/W3ZGAA
x-77-nzt-ray: fffffffff40f45b3d3b665637a35212e
x-77-pop: frankfurtDE
x-accel-expires: @1978352504
x-age: 4617819
x-cache: HIT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/977649145/ 2 KB
1 KB 76ms
59ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/977649145/?random=1667610323636&cv=11&fst=1667610323636&bg=ffffff&guid=ON&async=1&gtm=2wgb20&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fbuhgalter.com.ua%2F&tiba=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D0%B1%D1%83%D1%85%D0%B3%D0%B0%D0%BB%D1%82%D0%B5%D1%80%D1%96%D0%B2%20%D0%B1%D1%8E%D0%B4%D0%B6%D0%B5%D1%82%D0%BD%D0%B8%D1%85%20%D1%83%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVLD3W

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1317cc113f88a2351f0ad0abd0cbf9452a1932ac68533a08c4854473c783d031

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Nov 2022 01:05:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 915
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 optimize.js Show response
www.google-analytics.com/gtm/ 114 KB
44 KB 155ms
68ms Script
application/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/optimize.js?id=GTM-WMZFGRB

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVLD3W

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cc58e1bb42c5dccfdd5de12d5559b7c28f31eeaefe615714d9cf964437504106

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 01:05:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 45166
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 05 Nov 2022 01:05:23 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/uk_UA/ 3 KB
2 KB 73ms
71ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/uk_UA/sdk.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVLD3W

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

31f4bdaba2cc68f8c489f5ac20ab4e40ee82a2aca3c3fffe89c213f0ff849688

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 05 Nov 2022 01:05:23 GMT
content-md5: qiMP90OsGg1PfbuoyuR64g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: vOlm+oF3CPmviKKSvB3zqbuLiNPQ99sOmPH7k3K0OfDk/DtrvH1EQDcVKlhHVnL1BI0Ee//rAKW6q5C4C99tuQ==
x-fb-trip-id: 686109401
x-fb-content-md5: cb41caaac9d786fa8f26a698c2d5ad0f
cross-origin-opener-policy: same-origin-allow-popups
etag: "078bc06698c63fa118aaac82a6e64b91"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
priority: u=3,i
expires: Sat, 05 Nov 2022 01:10:22 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 103 KB
27 KB 43ms
41ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f896040524443394b8b1ba4fbd1de94be74378ab901e53b3b40c1323d1735143

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 05 Nov 2022 01:05:23 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27337
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: YQVuNbks/MbljZHvi98k1BX/x6lhde2L0DnVf4qLtLBCdFZUwgw3N0EK1CUsR6meSR4jQwv3ogkQKP15Szrp5g==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 214 KB
75 KB 60ms
56ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-6VVQ37Y1T2&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVLD3W

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

725c2afbd8a90a3dd2ef89f647d3fa090bfee275f98e0e3502a7779f42a5e16f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 01:05:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76505
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 05 Nov 2022 01:05:23 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 144ms
41ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1495025544106981&ev=PixelInitialized&dl=https%3A%2F%2Fbuhgalter.com.ua%2F&rl=&if=false&ts=1667610323668

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 05 Nov 2022 01:05:23 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H/1.1 200
OK / Show response
ghb.adtelligent.com/geo/ 151 B
423 B 129ms
34ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/geo/
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19301/hbw_master_299506_4371.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: c6edfb7c948f22551441519f9f274eebea903edeca3b4ac53356eefb34df2fcf

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 05 Nov 2022 01:05:23 GMT
Server: Adtelligent
Content-Type: application/json
Access-Control-Allow-Origin: https://buhgalter.com.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 151

GET
H/1.1 200
OK tracking Show response
ghb.adtelligent.com/adunit/ 43 B
433 B 129ms
35ms XHR
image/gif 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/adunit/tracking?event=11&type=0&client_id=299506&site_id=4371&full_page_url=https%3A%2F%2Fbuhgalter.com.ua%2F&adid=384oux.j7&features=147488&vpbv=N094&tte=137&lifecycle_tte=791
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19301/hbw_master_299506_4371.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 05 Nov 2022 01:05:23 GMT
Server: Adtelligent
Content-Type: image/gif
Access-Control-Allow-Origin: https://buhgalter.com.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 43

GET
DATA 200
OK truncated
/ 383 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f3fb84ac22d9aa3bcb4eb5a032abb61f745d15a6e89e4b5c87a60d08bb48bbd8

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ic_video.png
buhgalter.com.ua/assets/templates/base/images/ico-social/ 424 B
624 B 48ms
41ms Image
image/png 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buhgalter.com.ua/assets/templates/base/images/ico-social/ic_video.png
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/assets/templates/base/css/media.css?1667293624
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Haarlem, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: 8d08002698e3eea9504529fb40cb7ee307d4bfcb79b26e6b7a9f0d88583ae8ae

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/assets/templates/base/css/media.css?1667293624
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 01:05:23 GMT
last-modified: Thu, 28 May 2020 12:05:04 GMT
server: nginx
etag: "5ecfa8f0-1a8"
content-type: image/png
cache-control: max-age=1209600, public, no-transform
accept-ranges: bytes
content-length: 424
expires: Sat, 19 Nov 2022 01:05:23 GMT

GET
H2 200 fit_logo_site.svg
buhgalter.com.ua/assets/templates/base/images/ 5 KB
2 KB 48ms
42ms Image
image/svg+xml 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buhgalter.com.ua/assets/templates/base/images/fit_logo_site.svg
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/assets/templates/base/css/media.css?1667293624
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Haarlem, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: 296a988d4d9033be4c070388508bd7d4e7e2d149bd3f985ef21bf8de7cff2f9c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/assets/templates/base/css/media.css?1667293624
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 01:05:23 GMT
content-encoding: gzip
last-modified: Tue, 26 Jul 2022 10:17:26 GMT
server: nginx
etag: W/"62dfbf36-12ba"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=1209600, public, no-transform
expires: Sat, 19 Nov 2022 01:05:23 GMT

GET
DATA 200
OK truncated
/ 288 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aa7d00eefe0b4610697ae7d4bdd52e0fcc48e82806bafb322e16e7ee66678ace

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 468 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b265408716dbe3e1a43a7bb536defb88b2a4df5e02fd12f1262ded3e46b2c9c2

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 425 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2d27a1810a9c43b17603247c2757dba5e852432b29416d66de79bf6a3bbd1fd3

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 106 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 74c3d6e4e68a777357e0779c0dac3ab4b146a1b9f95f5884893f453e703ef745

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 408 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 259c000134f1b62928de5c6c5b2fbd055aa9c1133a3d95ae6794acf455f86458

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 359 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a6e139420501c07877ec62682f783b60662ae4dc43f08c03fb16d7c45871981e

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 285 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4e54a4e1093719499f227854e31568e062cbb3eb158697d3a4ab56df81450ce6

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 411 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f1bb0ca338f496307dafa965e2c5429c8df952986576cb812f0f0ba83e4d1f25

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 93 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f1f2c754697a52684fccacaa9e300ac3268d6c13837b9ac7f46475cc67de8d4c

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 107 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4fa18ae7faa4c864e0c14d23b00a46e5cb48f7509335d3d9ece052ff93c328d5

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 user.png
buhgalter.com.ua/assets/templates/base/chat/img/ 631 B
831 B 39ms
36ms Image
image/png 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buhgalter.com.ua/assets/templates/base/chat/img/user.png
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/assets/templates/base/chat/css/main.css?1625654744
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Haarlem, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: fa730e45f1461662728ed590039a2cb0900eee5486af662670dccca0e7f0ddd6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/assets/templates/base/chat/css/main.css?1625654744
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 01:05:23 GMT
last-modified: Fri, 25 Jan 2019 12:16:54 GMT
server: nginx
etag: "5c4afe36-277"
content-type: image/png
cache-control: max-age=1209600, public, no-transform
accept-ranges: bytes
content-length: 631
expires: Sat, 19 Nov 2022 01:05:23 GMT

GET
H2 200 smyle.png
buhgalter.com.ua/assets/templates/base/chat/img/ 816 B
1016 B 38ms
37ms Image
image/png 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buhgalter.com.ua/assets/templates/base/chat/img/smyle.png
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/assets/templates/base/chat/css/main.css?1625654744
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Haarlem, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: 5833f676a69a7385d07b129f61b2545762ac94c5691a5c8fc82b1eff66d74737

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/assets/templates/base/chat/css/main.css?1625654744
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 01:05:23 GMT
last-modified: Fri, 25 Jan 2019 12:16:54 GMT
server: nginx
etag: "5c4afe36-330"
content-type: image/png
cache-control: max-age=1209600, public, no-transform
accept-ranges: bytes
content-length: 816
expires: Sat, 19 Nov 2022 01:05:23 GMT

GET
H3 200 1495025544106981 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 42ms
41ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1495025544106981?v=2.9.89&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7dd25d04429575c13f1c5b0e13e65fa7bb8d8e2035fbe3194c5eecc7bfbb7f29

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 05 Nov 2022 01:05:23 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86003
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: OQV4Bg9pSDU5iFL4S16giQHEFKWoeRbJejTo4Xm0ipSnbcyiuevf+ogAEbKwUXExxvyI0j6pV+phpSK01X+QcQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 pubads_impl_2022110201.js Show response
securepubads.g.doubleclick.net/gpt/ 380 KB
129 KB 150ms
39ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110201.js?cb=31070711

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d726276ed26c9cee416eb8c7c8205d7984a3075d4507301e002a60bd64cdc90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:56:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22113
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131066
x-xss-protection: 0
last-modified: Wed, 02 Nov 2022 08:35:34 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 04 Nov 2023 18:56:50 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 287 B
763 B 158ms
48ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=buhgalter.com.ua

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c29d67f4e9401f25dc64727b141330574b2392bfd7713ee2c2346c89d7c0d09e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 01:05:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 128
x-xss-protection: 0
expires: Sat, 05 Nov 2022 01:05:23 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/975200280/ 42 B
108 B 161ms
54ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/975200280/?random=1667610323549&cv=9&fst=1667610000000&num=1&guid=ON&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fbuhgalter.com.ua%2F&tiba=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D0%B1%D1%83%D1%85%D0%B3%D0%B0%D0%BB%D1%82%D0%B5%D1%80%D1%96%D0%B2%20%D0%B1%D1%8E%D0%B4%D0%B6%D0%B5%D1%82%D0%BD%D0%B8%D1%85%20%D1%83%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2&fmt=3&is_vtc=1&random=1884787725&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Nov 2022 01:05:23 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.co.uk/pagead/1p-user-list/975200280/ 42 B
154 B 159ms
52ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/pagead/1p-user-list/975200280/?random=1667610323549&cv=9&fst=1667610000000&num=1&guid=ON&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fbuhgalter.com.ua%2F&tiba=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D0%B1%D1%83%D1%85%D0%B3%D0%B0%D0%BB%D1%82%D0%B5%D1%80%D1%96%D0%B2%20%D0%B1%D1%8E%D0%B4%D0%B6%D0%B5%D1%82%D0%BD%D0%B8%D1%85%20%D1%83%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2&fmt=3&is_vtc=1&random=1884787725&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Nov 2022 01:05:23 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/977649145/ 42 B
548 B 160ms
53ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/977649145/?random=1667610323636&cv=11&fst=1667610000000&bg=ffffff&guid=ON&async=1&gtm=2wgb20&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fbuhgalter.com.ua%2F&tiba=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D0%B1%D1%83%D1%85%D0%B3%D0%B0%D0%BB%D1%82%D0%B5%D1%80%D1%96%D0%B2%20%D0%B1%D1%8E%D0%B4%D0%B6%D0%B5%D1%82%D0%BD%D0%B8%D1%85%20%D1%83%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2&fmt=3&is_vtc=1&random=3698818442&rmt_tld=0&ipr=y

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Nov 2022 01:05:23 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.co.uk/pagead/1p-user-list/977649145/ 42 B
108 B 159ms
53ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/pagead/1p-user-list/977649145/?random=1667610323636&cv=11&fst=1667610000000&bg=ffffff&guid=ON&async=1&gtm=2wgb20&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fbuhgalter.com.ua%2F&tiba=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D0%B1%D1%83%D1%85%D0%B3%D0%B0%D0%BB%D1%82%D0%B5%D1%80%D1%96%D0%B2%20%D0%B1%D1%8E%D0%B4%D0%B6%D0%B5%D1%82%D0%BD%D0%B8%D1%85%20%D1%83%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2&fmt=3&is_vtc=1&random=3698818442&rmt_tld=1&ipr=y

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Nov 2022 01:05:23 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/uk_UA/ 301 KB
85 KB 85ms
42ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/uk_UA/sdk.js?hash=3f5d143fa77f343ab322de59ff61053d

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/uk_UA/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ed32338f4a079121b1a1f1522c5b14d2375f417189dbd4ab6152bdfae84ebe77

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://buhgalter.com.ua/
Origin: https://buhgalter.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 05 Nov 2022 01:05:23 GMT
content-md5: zAKriSRKmf+pQ812ggigrA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87085
x-fb-rlafr: 0
x-fb-debug: Xm6KXk436FThiwM8sdfdCJ1hP9irpn5tfHrLqoypY5TWxHW2AqRxUzF9k2nX62eN8A/2sy6ggI5Y3ezpba8iRw==
x-fb-content-md5: 6a003c45ec2c17d6721bb04b2035a9af
cross-origin-opener-policy: same-origin-allow-popups
etag: "c3f70d8e00e74d4782f220060272eecc"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sun, 05 Nov 2023 00:50:22 GMT

GET
H3 200 fa-brands-400.woff2
use.fontawesome.com/releases/v5.6.3/webfonts/ 73 KB
73 KB 72ms
39ms Font
font/woff2 2606:4700:e2::ac40:850f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.6.3/webfonts/fa-brands-400.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.6.3/css/all.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e2::ac40:850f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eed474a49bdbf745c19e463f070e67977c1ab27835603eb749d9e5c249cf81f8

Request headers

Referer: https://use.fontawesome.com/releases/v5.6.3/css/all.css
Origin: https://buhgalter.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 01:05:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: W6M94DKWBT19ZV89
age: 587109
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 74288
x-amz-id-2: pdIyg2azQBDqml/TWy3hzYCi/CATB80PUnAWOx4UVAZmGWtFy2kSZK41cp/r/JhLIUXvOBaUfao=
last-modified: Wed, 30 Jun 2021 15:44:54 GMT
server: cloudflare
etag: "eac60e8a656781e13d2a674b4d9051c0"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xoGx0TDd6AMTC%2B4f43ZzMq7D5EknWY9pa7CVGfVGHyN5Jlnkf6fRYN2Xf4K3oO%2BMPjSev%2Ba7fPdTX94O5UtQi%2BJtIvpJh4i3eJ77jDIvu9q7YmSXMVKt7qG7nR3tj278gHkibdXKKouuZEB3ocyvIvPj"}],"group":"cf-nel","max_age":604800}
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 7651ae4c8b507529-LHR

GET
H3 200 fa-regular-400.woff2
use.fontawesome.com/releases/v5.6.3/webfonts/ 15 KB
15 KB 162ms
130ms Font
font/woff2 2606:4700:e2::ac40:850f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.6.3/webfonts/fa-regular-400.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.6.3/css/all.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e2::ac40:850f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ecdc6188a4b2ec48e2ebf84a2a6584e78473f1216d7119832b5dc109bec7492

Request headers

Referer: https://use.fontawesome.com/releases/v5.6.3/css/all.css
Origin: https://buhgalter.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 01:05:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: PQ4FY6J94GABKEY1
age: 389917
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14872
x-amz-id-2: mIADNGAK5PaYGxTZzGi1GmRYX4fr1WeifZA2ES5npZVhpIKTHUyrL0RnqgMplCKubwzhjLFVYu4=
last-modified: Wed, 30 Jun 2021 15:44:54 GMT
server: cloudflare
etag: "4b218302f9057d02864d4909661831e9"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CxYe1yx0pQnd03z7auQlO0hDuMhNCSmshuf0jCBMr0sYgft6HTzMjiIX1uZrSC8xhlWnPO1Xskjn0%2FxsKzVWrHCS18AvQ%2F0VK%2FqdpvH3kYzan1MroZ6BBNmJSvORrsPu3LKDLcHENfi4TlNlWPYR98cO"}],"group":"cf-nel","max_age":604800}
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 7651ae4c8b517529-LHR

POST
H2 204 collect
region1.analytics.google.com/g/ 0
338 B 117ms
42ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-6VVQ37Y1T2&gtm=2oeb20&_p=340127624&_gaz=1&cid=1331834235.1667610324&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1667610323&sct=1&seg=0&dl=https%3A%2F%2Fbuhgalter.com.ua%2F&dt=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D0%B1%D1%83%D1%85%D0%B3%D0%B0%D0%BB%D1%82%D0%B5%D1%80%D1%96%D0%B2%20%D0%B1%D1%8E%D0%B4%D0%B6%D0%B5%D1%82%D0%BD%D0%B8%D1%85%20%D1%83%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6VVQ37Y1T2&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Nov 2022 01:05:24 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://buhgalter.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
347 B 115ms
38ms Ping
text/plain 2a00:1450:400c:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-6VVQ37Y1T2&cid=1331834235.1667610324&gtm=2oeb20&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6VVQ37Y1T2&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Nov 2022 01:05:24 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://buhgalter.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.co.uk/ads/ 42 B
501 B 54ms
51ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-6VVQ37Y1T2&cid=1331834235.1667610324&gtm=2oeb20&aip=1&z=1940386897

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Nov 2022 01:05:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK csyncs Show response
ghb.adtelligent.com/ 739 B
700 B 29ms
28ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/csyncs?aid1=443991
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19301/hbw_master_299506_4371.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: d57d9b0ec43302abd831b7baa5dd82223b11d3691aa9d123e3c63a784a45d15d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 05 Nov 2022 01:05:23 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://buhgalter.com.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 389

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 135ms
48ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=340127624&t=pageview&_s=1&dl=https%3A%2F%2Fbuhgalter.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D0%B1%D1%83%D1%85%D0%B3%D0%B0%D0%BB%D1%82%D0%B5%D1%80%D1%96%D0%B2%20%D0%B1%D1%8E%D0%B4%D0%B6%D0%B5%D1%82%D0%BD%D0%B8%D1%85%20%D1%83%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=4CDACUABRAAAACAAI~&jid=215565248&gjid=779019900&cid=1331834235.1667610324&tid=UA-35985798-1&_gid=387927550.1667610324&_r=1&gtm=2oub20&z=679119474

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Nov 2022 01:05:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://buhgalter.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 125ms
44ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=340127624&t=event&_s=2&dl=https%3A%2F%2Fbuhgalter.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D0%B1%D1%83%D1%85%D0%B3%D0%B0%D0%BB%D1%82%D0%B5%D1%80%D1%96%D0%B2%20%D0%B1%D1%8E%D0%B4%D0%B6%D0%B5%D1%82%D0%BD%D0%B8%D1%85%20%D1%83%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=general&ea=event2&_u=4CDACUABRAAAACAAI~&jid=&gjid=&cid=1331834235.1667610324&tid=UA-35985798-1&_gid=387927550.1667610324&cd2=%D0%BD%D0%B5%D1%82&gtm=2oub20&cd1=%D0%BD%D0%B5%D1%82&z=1271728089

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 13:53:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 40318
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 92ms
47ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=340127624&t=pageview&_s=1&dl=https%3A%2F%2Fbuhgalter.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D0%B1%D1%83%D1%85%D0%B3%D0%B0%D0%BB%D1%82%D0%B5%D1%80%D1%96%D0%B2%20%D0%B1%D1%8E%D0%B4%D0%B6%D0%B5%D1%82%D0%BD%D0%B8%D1%85%20%D1%83%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=6CDACUABRAAAACAAI~&jid=1569359455&gjid=160640913&cid=1331834235.1667610324&tid=UA-53572572-5&_gid=387927550.1667610324&_r=1&gtm=2wgb20WVLD3W&z=1628153479

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Nov 2022 01:05:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://buhgalter.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 75ms
47ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=340127624&t=pageview&_s=1&dl=https%3A%2F%2Fbuhgalter.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D0%B1%D1%83%D1%85%D0%B3%D0%B0%D0%BB%D1%82%D0%B5%D1%80%D1%96%D0%B2%20%D0%B1%D1%8E%D0%B4%D0%B6%D0%B5%D1%82%D0%BD%D0%B8%D1%85%20%D1%83%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=6CDACUABRAAAACAAI~&jid=43879593&gjid=1109172191&cid=1331834235.1667610324&tid=UA-35985798-1&_gid=387927550.1667610324&_r=1&gtm=2wgb20WVLD3W&z=1828623490

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Nov 2022 01:05:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://buhgalter.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 /
loadercdn.net/ 0
170 B 258ms
70ms Image
text/plain 185.187.81.40
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadercdn.net/?r=1&u=273a035426d9d24f&d=buhgalter.com.ua
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.40 Kyiv, Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 05 Nov 2022 01:05:24 GMT
server: openresty

GET
H2 204 /
csync.loopme.me/ Frame D753 0
0 230ms
41ms Document
text/plain 35.214.236.176
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D%26pubid%3D11378
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19301/hbw_master_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.214.236.176 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS: 176.236.214.35.bc.googleusercontent.com
Software: _ /
Resource Hash

Request headers

Referer: https://buhgalter.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

date: Sat, 05 Nov 2022 01:05:24 GMT
server: _

GET
H/1.1

200
OK

csync Show response
sync.adtelligent.com/ Frame 80A9
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=adtelligent&ssp_user_id={}
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=adtelligent&ssp_user_id={}
https://sync.adtelligent.com/csync?t=a&ep=736011&extuid=5d510084-e69a-49ef-999c-a48eb173c6bd

0
404 B

396ms
185ms

Document
text/plain

62.149.1.122
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=736011&extuid=5d510084-e69a-49ef-999c-a48eb173c6bd
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19301/hbw_master_299506_4371.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 62.149.1.122 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://buhgalter.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Content-Length: 0
Date: Sat, 05 Nov 2022 01:05:24 GMT
Etag: bbd25b1aca4753d7
Server: Adtelligent

Redirect headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Date: Sat, 05 Nov 2022 01:05:24 GMT
Location: //sync.adtelligent.com/csync?t=a&ep=736011&extuid=5d510084-e69a-49ef-999c-a48eb173c6bd

GET 981e2a0ec1c40493e59b139b8db4f728.gif
cs.admanmedia.com/ Frame E4AC 0
0

GET
H/1.1

200
OK

csync
sync.adtelligent.com/
Redirect Chain

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=f2c8fd01-a680-437e-8b72-6c25a020981c

0
404 B

481ms
185ms

Image
text/plain

62.149.1.122
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=f2c8fd01-a680-437e-8b72-6c25a020981c
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: HTTP/1.1
Server: 62.149.1.122 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 05 Nov 2022 01:05:24 GMT
Server: Adtelligent
Etag: bbd25b1aca4753d7
Content-Length: 0

Redirect headers

location: https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=f2c8fd01-a680-437e-8b72-6c25a020981c
date: Sat, 05 Nov 2022 01:05:24 GMT
cache-control: no-store no-transform
server: nginx
content-length: 166
content-type: text/html; charset=utf-8

GET
H/1.1 204
No Content pixel
ap.lijit.com/ 0
277 B 562ms
180ms Image
text/plain 209.191.163.210
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 209.191.163.210 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 05 Nov 2022 01:05:24 GMT
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap4sfo1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 84ms
40ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1495025544106981&ev=PageView&dl=https%3A%2F%2Fbuhgalter.com.ua%2F&rl=&if=false&ts=1667610324165&sw=1600&sh=1200&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.2.1667610324163.1767253448&it=1667610323812&coo=false&rqm=GET

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 05 Nov 2022 01:05:24 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2 200 0.bundle.js Show response
cdn.gravitec.net/modules/ 9 KB
4 KB 43ms
42ms Script
application/javascript 45.133.44.4
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.net/modules/0.bundle.js
Requested by: Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/c77ccd81f8480b85adc1e41419254e96/client.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: 0a91fbed903c7ee569d116adee58d579d0c64775a469ee86d3cc4281f913bda1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires: Wed, 02 Feb 2022 09:06:29 GMT
date: Sat, 05 Nov 2022 01:05:24 GMT
content-encoding: gzip
last-modified: Wed, 02 Feb 2022 09:01:35 GMT
server: nginx
etag: W/"61fa486f-2550"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=10
x-proxy-cache: HIT

GET
H2 200 1.bundle.js Show response
cdn.gravitec.net/modules/ 32 KB
8 KB 51ms
50ms Script
application/javascript 45.133.44.4
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.net/modules/1.bundle.js
Requested by: Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/c77ccd81f8480b85adc1e41419254e96/client.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: 23b89bb3578573b474d7a69e2df32e8f0ee7839a44392edb040e4117a07ce6fa

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires: Wed, 02 Feb 2022 09:06:29 GMT
date: Sat, 05 Nov 2022 01:05:24 GMT
content-encoding: gzip
last-modified: Wed, 02 Feb 2022 09:01:35 GMT
server: nginx
etag: W/"61fa486f-8092"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=10
x-proxy-cache: HIT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 7 B
28 B 109ms
36ms XHR
text/plain 2a00:1450:400c:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-53572572-5&cid=1331834235.1667610324&jid=1569359455&gjid=160640913&_gid=387927550.1667610324&_u=6CDACUABRAAAACAAI~&z=2046205275

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 05 Nov 2022 01:05:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://buhgalter.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 7 B
28 B 111ms
39ms XHR
text/plain 2a00:1450:400c:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-35985798-1&cid=1331834235.1667610324&jid=43879593&gjid=1109172191&_gid=387927550.1667610324&_u=6CDACUABRAAAACAAI~&z=1255462420

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 05 Nov 2022 01:05:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://buhgalter.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 7 B
28 B 111ms
40ms XHR
text/plain 2a00:1450:400c:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-35985798-1&cid=1331834235.1667610324&jid=215565248&gjid=779019900&_gid=387927550.1667610324&_u=4CDACUAARAAAACAAI~&z=37281601

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 05 Nov 2022 01:05:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://buhgalter.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 config.json Show response
player.adtelligent.com/exchange_rates/299481/ 2 KB
1 KB 126ms
40ms XHR
application/json 45.133.44.4
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/exchange_rates/299481/config.json?cb=https%3A%2F%2Fbuhgalter.com.ua%2F
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19301/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: 83d5505ada1e5854e102770c16f194cfd07b91f4e0b537d56c6102d177c5bb70

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

expires: Mon, 07 Nov 2022 01:05:24 GMT
date: Sat, 05 Nov 2022 01:05:24 GMT
content-encoding: gzip
last-modified: Thu, 03 Nov 2022 12:01:28 GMT
server: nginx
etag: W/"6363ad98-8b8"
content-type: application/json
access-control-allow-origin: https://buhgalter.com.ua
cache-control: max-age=172800
x-proxy-cache: HIT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 17380452670e8c3216bc2cf483c28eec5059a45c47cabf1b216e09a6815f12cb

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 40ms
40ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1264355410382750&ev=fb_page_view&dl=https%3A%2F%2Fbuhgalter.com.ua%2F&rl=&if=false&ts=1667610324263&sw=1600&sh=1200&at=

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 05 Nov 2022 01:05:24 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
792 B 192ms
49ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=buhgalter.com.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110201.js?cb=31070711

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 01:05:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 152ms
49ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=buhgalter.com.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110201.js?cb=31070711

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 01:05:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 690 B
384 B 166ms
77ms XHR
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3498353571134611&correlator=3783468643345727&eid=31070711&output=ldjh&gdfp_req=1&vrg=2022110201&ptt=17&impl=fifs&iu_parts=141806220%2Cbuhgalter-brand-custom&enc_prev_ius=%2F0%2F1&prev_iu_szs=1920x1080&ifi=1&adks=2347397124&sfv=1-0-39&prev_scp=excl_cat%3DPREPOST&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1667610324296&lmt=1590667965&dlt=1667610323175&idt=1049&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fbuhgalter.com.ua%2F&frm=20&vis=1&psz=1600x2887&msz=1920x-1&fws=640&ohw=0&ga_vid=1331834235.1667610324&ga_sid=1667610324&ga_hid=340127624&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110201.js?cb=31070711

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

152f839f1d2ed606614566a6933a38b94d57343db5762619594156d2ecb69b63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 01:05:24 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 353
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://buhgalter.com.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 544 B
311 B 170ms
80ms XHR
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3498353571134611&correlator=4458453444302191&eid=31070711&output=ldjh&gdfp_req=1&vrg=2022110201&ptt=17&impl=fifs&iu_parts=430837318%2CTOTAL_TAS%2CAdtelligent&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=2&adks=1413638297&sfv=1-0-39&prev_scp=tmPtS%3DINSERT_UTM_SOURCE_HERE%26tmPtM%3DINSERT_UTM_MEDIUM_HERE%26tmDmn%3DINSERT_DOMAIN_HERE%26tmClnt%3DAdtelligent%26excl_cat%3DPREPOST&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1667610324306&lmt=1590667965&dlt=1667610323175&idt=1049&adxs=0&adys=2888&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fbuhgalter.com.ua%2F&frm=20&vis=1&psz=1600x2887&msz=1600x0&fws=0&ohw=0&ga_vid=1331834235.1667610324&ga_sid=1667610324&ga_hid=340127624&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110201.js?cb=31070711

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

11fa7dd09354bb92a7a7d91957829139dcec442cf9b97425d9a09ec5b96538ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 01:05:24 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 280
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://buhgalter.com.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com/safeframe/1-0-39/html/ Frame EB88 6 KB
3 KB 187ms
47ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110201.js?cb=31070711

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://buhgalter.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 2988
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 05 Nov 2022 01:05:24 GMT
expires: Sun, 05 Nov 2023 01:05:24 GMT
last-modified: Tue, 25 Oct 2022 18:59:17 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 180ms
93ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-53572572-5&cid=1331834235.1667610324&jid=1569359455&_u=6CDACUABRAAAACAAI~&z=789533630

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Nov 2022 01:05:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.co.uk/ads/ 42 B
63 B 147ms
55ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-53572572-5&cid=1331834235.1667610324&jid=1569359455&_u=6CDACUABRAAAACAAI~&z=789533630

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Nov 2022 01:05:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 141ms
55ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-35985798-1&cid=1331834235.1667610324&jid=43879593&_u=6CDACUABRAAAACAAI~&z=173058821

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Nov 2022 01:05:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.co.uk/ads/ 42 B
63 B 145ms
54ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-35985798-1&cid=1331834235.1667610324&jid=43879593&_u=6CDACUABRAAAACAAI~&z=173058821

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Nov 2022 01:05:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 138ms
53ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-35985798-1&cid=1331834235.1667610324&jid=215565248&_u=4CDACUAARAAAACAAI~&z=1781646476

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Nov 2022 01:05:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.co.uk/ads/ 42 B
63 B 144ms
53ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-35985798-1&cid=1331834235.1667610324&jid=215565248&_u=4CDACUAARAAAACAAI~&z=1781646476

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Nov 2022 01:05:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 338 B
1 KB 241ms
116ms XHR
application/json 2602:803:c003:200::61
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48254&zone_id=1767334&size_id=2&alt_size_ids=55%2C221&gdpr=0&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=3e1bd50b-bcda-41b5-a4c0-f29f148a8be9%5E1&rf=https%3A%2F%2Fbuhgalter.com.ua%2F&tg_i.pbadslot=%2F141806220%2Fbuhgalter.com.ua_top_banner%23div-gpt-ad-top-banner&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=e5fff229-b0d4-4408-be86-fcdabbb36f1c&l_pb_bid_id=2abe4d1f0bdf86&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F141806220%2Fbuhgalter.com.ua_top_banner%23div-gpt-ad-top-banner&slots=1&rand=0.6239231516820416
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19301/hb_299506_4371.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: a76b33dac4c383bcc7a25318187f835ba0e1e8ba18eb68a53ac4a7144ab8a36f

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 05 Nov 2022 01:05:24 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://buhgalter.com.ua
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 338
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 310 B
1 KB 239ms
115ms XHR
application/json 2602:803:c003:200::61
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48254&zone_id=1767334&size_id=1&gdpr=0&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=3e1bd50b-bcda-41b5-a4c0-f29f148a8be9%5E1&rf=https%3A%2F%2Fbuhgalter.com.ua%2F&tg_i.pbadslot=%2F141806220%2Fbuhgalter.com.ua_bottom%23div-gpt-ad-bottom&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=dbd93a2a-032b-4150-9061-139b566a0ad5&l_pb_bid_id=3cf66ffc41e25a&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F141806220%2Fbuhgalter.com.ua_bottom%23div-gpt-ad-bottom&slots=1&rand=0.9214590414814177
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19301/hb_299506_4371.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 37f376a73f39392070af85e39ac5c6be73777dcebf401a4d485b0465eb23b0cd

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 05 Nov 2022 01:05:24 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://buhgalter.com.ua
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 310
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 342 B
1 KB 236ms
113ms XHR
application/json 2602:803:c003:200::61
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48254&zone_id=1767334&size_id=9&alt_size_ids=14%2C17%2C179&gdpr=0&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=3e1bd50b-bcda-41b5-a4c0-f29f148a8be9%5E1&rf=https%3A%2F%2Fbuhgalter.com.ua%2F&tg_i.pbadslot=%2F141806220%2Fbuhgalter.com.ua_right_banner%23div-gpt-ad-right-banner&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=1fb2f4a5-499b-4222-acad-a440fe31dec0&l_pb_bid_id=4073c3cc77c41&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F141806220%2Fbuhgalter.com.ua_right_banner%23div-gpt-ad-right-banner&slots=1&rand=0.6079658195345694
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19301/hb_299506_4371.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: b466c1db4704e7378f48b5f8b6883f2487f52758dfc48c2ca604b25cb5ac8856

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 05 Nov 2022 01:05:24 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://buhgalter.com.ua
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 342
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 340 B
1 KB 264ms
137ms XHR
application/json 2602:803:c003:200::61
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48254&zone_id=1767334&size_id=9&alt_size_ids=14%2C17%2C179&gdpr=0&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=3e1bd50b-bcda-41b5-a4c0-f29f148a8be9%5E1&rf=https%3A%2F%2Fbuhgalter.com.ua%2F&tg_i.pbadslot=%2F141806220%2Fbuhgalter.com.ua_left_banner%23div-gpt-ad-left-banner&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=9564cf07-f8f5-4609-a15d-697c8fb32269&l_pb_bid_id=545eed91b68fc6&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F141806220%2Fbuhgalter.com.ua_left_banner%23div-gpt-ad-left-banner&slots=1&rand=0.4357171206721142
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19301/hb_299506_4371.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: ac2981f24edf55887ee6a667bf1d0234e3de3fcbea3ee3bb1aed214b2ff3e0fa

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 05 Nov 2022 01:05:24 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://buhgalter.com.ua
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 340
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 330 B
1 KB 241ms
114ms XHR
application/json 2602:803:c003:200::61
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48254&zone_id=1767334&size_id=55&gdpr=0&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=3e1bd50b-bcda-41b5-a4c0-f29f148a8be9%5E1&rf=https%3A%2F%2Fbuhgalter.com.ua%2F&tg_i.pbadslot=%2F141806220%2Fbuhgalter_catfish_banner%23div-gpt-ad-buhgalter_catfish_banner&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=7bfd325c-5b58-49f2-9266-6ec5814a50d9&l_pb_bid_id=65a06e831a8592&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F141806220%2Fbuhgalter_catfish_banner%23div-gpt-ad-buhgalter_catfish_banner&slots=1&rand=0.12426520565972932
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19301/hb_299506_4371.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 7c7733a7e768a71fda4b684ab4a9ef7e318600a519671e965be98ab6960c07d0

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 05 Nov 2022 01:05:24 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://buhgalter.com.ua
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 330
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK / Show response
ghb.adtelligent.com/v2/auction/ 4 KB
725 B 30ms
30ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/v2/auction/
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19301/hb_299506_4371.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 7565e0142ebd9f54c2ff452f90ef96a06b35ed67b20689e69abb801a77923fe8

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sat, 05 Nov 2022 01:05:24 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://buhgalter.com.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 414

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
116 B 161ms
77ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19301/hb_299506_4371.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://buhgalter.com.ua
date: Sat, 05 Nov 2022 01:05:24 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2

200

ROS Show response
pbjs.e-planning.net/hb/1/2e43c/1/buhgalter.com.ua/
Redirect Chain

https://pbjs.e-planning.net/pbjs/1/2e43c/1/buhgalter.com.ua/ROS?rnd=0.16590356658287275&e=728x90_0%3A728x90%2C970x90%2C1x1%2B468x60_0%3A468x60%2C610x90%2C620x90%2B160x600_0%3A160x600%2C250x600%2C25...
https://pbjs.e-planning.net/hb/1/2e43c/1/buhgalter.com.ua/ROS?ct=1&r=pbjs&rnd=0.16590356658287275&e=728x90_0%3A728x90%2C970x90%2C1x1%2B468x60_0%3A468x60%2C610x90%2C620x90%2B160x600_0%3A160x600%2C25...

593 B
1008 B

35ms
35ms

XHR
application/json

185.172.90.251
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://pbjs.e-planning.net/hb/1/2e43c/1/buhgalter.com.ua/ROS?ct=1&r=pbjs&rnd=0.16590356658287275&e=728x90_0%3A728x90%2C970x90%2C1x1%2B468x60_0%3A468x60%2C610x90%2C620x90%2B160x600_0%3A160x600%2C250x600%2C250x500%2C250x250%2C240x400%2C240x500%2C250x400%2B160x600_1%3A160x600%2C250x600%2C250x500%2C250x250%2C240x400%2C240x500%2C250x400%2B970x90_0%3A970x90%2C1420x90%2C1420x180&ur=https%3A%2F%2Fbuhgalter.com.ua%2F&pbv=6.25.1-c&ncb=1&vs=FFFFF&crs=UTF-8&fr=https%3A%2F%2Fbuhgalter.com.ua%2F&gdpr=0&e_pubcid=3e1bd50b-bcda-41b5-a4c0-f29f148a8be9
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Server: 185.172.90.251 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: ads.us.e-plannning.net
Software: openresty /
Resource Hash: 3ebb42a42d0bde44e111a2d63ff241f9bcc3799a9e411c92e1ed76df2c42d5d3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires: Sat, 05 Nov 2022 01:05:24 GMT
date: Sat, 05 Nov 2022 01:05:24 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
content-type: application/json
access-control-allow-origin: https://buhgalter.com.ua
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-length: 593
x-sid: AMS-929

Redirect headers

date: Sat, 05 Nov 2022 01:05:24 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location: /hb/1/2e43c/1/buhgalter.com.ua/ROS?ct=1&r=pbjs&rnd=0.16590356658287275&e=728x90_0%3A728x90%2C970x90%2C1x1%2B468x60_0%3A468x60%2C610x90%2C620x90%2B160x600_0%3A160x600%2C250x600%2C250x500%2C250x250%2C240x400%2C240x500%2C250x400%2B160x600_1%3A160x600%2C250x600%2C250x500%2C250x250%2C240x400%2C240x500%2C250x400%2B970x90_0%3A970x90%2C1420x90%2C1420x180&ur=https%3A%2F%2Fbuhgalter.com.ua%2F&pbv=6.25.1-c&ncb=1&vs=FFFFF&crs=UTF-8&fr=https%3A%2F%2Fbuhgalter.com.ua%2F&gdpr=0&e_pubcid=3e1bd50b-bcda-41b5-a4c0-f29f148a8be9
access-control-allow-origin: https://buhgalter.com.ua
content-type: text/html; charset=iso-8859-1
access-control-allow-credentials: true
x-sid: AMS-929

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
178 B 136ms
39ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19301/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://buhgalter.com.ua
date: Sat, 05 Nov 2022 01:05:24 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
218 B 328ms
48ms XHR
text/plain 2a02:2638::24
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.25.1-c&cb=74685657546

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19301/hb_299506_4371.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 05 Nov 2022 01:05:24 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 48 B
744 B 143ms
42ms XHR
application/json 37.252.171.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19301/hb_299506_4371.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

983775b438c242df7cb0ceb87bd2582f96ff0d4e8043f822adf3a3e93261b9a8

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 05 Nov 2022 01:05:24 GMT
AN-X-Request-Uuid: bec2830b-90f1-413e-8538-df341a2c3a89
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://buhgalter.com.ua
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.138.196.109; 217.138.196.109; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 48
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 hbjson Show response
grid.bidswitch.net/ 24 B
240 B 503ms
199ms XHR
application/json 3.69.126.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://grid.bidswitch.net/hbjson
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19301/hb_299506_4371.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.69.126.235 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-69-126-235.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 5a7574d6c4f16ba782edc2cda407bc438b52dd81bccbbedb647cf318854cb3d5

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://buhgalter.com.ua
date: Sat, 05 Nov 2022 01:05:24 GMT
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
access-control-allow-credentials: true
content-length: 49
content-type: application/json

POST
H2 200 bid Show response
s.seedtag.com/c/hb/ 88 B
889 B 405ms
335ms XHR
application/json 34.149.50.64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.seedtag.com/c/hb/bid
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19301/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 64.50.149.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 6b8fd7dd4105ce1ed396f303763969895138f914f8a96914107f5f0423881eba

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 05 Nov 2022 01:05:24 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
etag: W/"58-/hSBaI8EP6Zq6lRnBN3lI05bllY"
vary: X-HTTP-Method-Override
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
293 B 166ms
49ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969134018383a88c53ad784fa4006c&cmd=bid&secure=1
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19301/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: fafa5479d243e29bf383205610f403dc1e1e77825397efb346e27970b6d21141

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 05 Nov 2022 01:05:24 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 168ms
51ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969134018383a88c53ad80c1690073&cmd=bid&secure=1
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19301/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 285edc335fb41a9377365e2c594776895ef1c517630a0fc924451bfebe8b8296

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 05 Nov 2022 01:05:24 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 166ms
50ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969ce4018383a88820ad8173e00067&cmd=bid&secure=1
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19301/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: d700ae77216a20a48ecfe5b065869f22113029c0398a66c567e7d097a788033d

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 05 Nov 2022 01:05:24 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 166ms
50ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969ce4018383a88820ad81ad100068&cmd=bid&secure=1
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19301/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 681e9eca26f5da24a3fca2ec30e0a1615deb2ee5e6e843117ac82489022500ca

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 05 Nov 2022 01:05:24 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 166ms
50ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969134018383a88c53ad81dedc0075&cmd=bid&secure=1
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19301/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 1be0d5413a37ceb76ac7616b5f3174315878e50e52835c67c97d69df9e98e273

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 05 Nov 2022 01:05:24 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 193ms
77ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a9694a6018383a89128ad822331007d&cmd=bid&secure=1
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19301/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: b5bc2ffb01d5a2cc94dca3b37aa5042386731aebb441b5f1f548cc7eef0a0885

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 05 Nov 2022 01:05:24 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 206ms
91ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969ce4018383a88820ad8253e00069&cmd=bid&secure=1
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19301/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 3a7fe21fbdc30a51c25ce995ca92497fc92d1b9800c52073de554863621625ef

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 05 Nov 2022 01:05:24 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 208ms
93ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969134018383a88c53ad8103460074&cmd=bid&secure=1
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19301/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 4871f1a4b49f6f833392c1c86533273da7cde1fe452d8c518592dbdc4e9bf29c

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 05 Nov 2022 01:05:24 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 170ms
54ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a9694a6018383a89128ad829262007e&cmd=bid&secure=1
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19301/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 70fd72f7d3cde0e0d476edf7c562646b029a0f78d3f430475434dee123d5f5d6

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 05 Nov 2022 01:05:24 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 204ms
90ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969ce4018383a88820ad81ad100068&cmd=bid&secure=1
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19301/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 89ebc4f90c46f332dc50e0587d30b6ba6f3c2ee2ad73fd303508c48996012dd8

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 05 Nov 2022 01:05:24 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 239ms
125ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969ce4018383a88820ad8253e00069&cmd=bid&secure=1
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19301/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: c17ad4d252a901fe536cfa477eb785d99a6a27cb86a2be017b32750e908fd61e

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 05 Nov 2022 01:05:24 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 214ms
100ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969134018383a88c53ad80c1690073&cmd=bid&secure=1
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19301/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 2d505760a7beeb8e418aef95037d4bf0e83040a32de39ac3cf9e70aae9fdf30b

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 05 Nov 2022 01:05:24 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 209ms
95ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969134018383a88c53ad82f4990077&cmd=bid&secure=1
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19301/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: fe62ea519a5ecbde97359fbb46aa01d61e754a1bc7b8aa9e8d7214718af3b773

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 05 Nov 2022 01:05:24 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 202ms
89ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a9694a6018383a89128ad84e4b00081&cmd=bid&secure=1
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19301/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: e7cc82c2f80285dc5822ad6e9412f3a6fe431c52bf88f2d37342a7f562f7a9c9

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 05 Nov 2022 01:05:24 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 205ms
92ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969134018383a88c53ad805d2c0071&cmd=bid&secure=1
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19301/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: fbbdd11e5206d320d0fb1bb5e15ebb724e743c6c8fb9871e2536c96d43fb7e4c

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 05 Nov 2022 01:05:24 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 211ms
98ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969134018383a88c53ad784fa4006c&cmd=bid&secure=1
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19301/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 258d50dbf4cab23137a3412959435104c330684a7ccc9dc1ce428bc51231901d

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 05 Nov 2022 01:05:24 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 222ms
110ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969ce4018383a88820ad8095670064&cmd=bid&secure=1
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19301/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 070c6a88baf2c4343d160947a92bca770098ac95a360fddb108906450e2cf06b

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 05 Nov 2022 01:05:24 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 330ms
217ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a9694a6018383a89128ad813cb7007b&cmd=bid&secure=1
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19301/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: c8726cd8cb2197ffa7ff14488818c07eb30ae350e3ddcce4642e56a2b864cb57

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 05 Nov 2022 01:05:24 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 205ms
92ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969ce4018383a88820ad84331b006b&cmd=bid&secure=1
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19301/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 26e4bc69cfd0679a29a6a025a24ee83101e9e07099cd32d3e304c48cad7fb383

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 05 Nov 2022 01:05:24 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 201ms
89ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969134018383a88c53ad847394007a&cmd=bid&secure=1
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19301/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: e33ae4ac9e22b7092fb0c84c566799270dfa4e1210213a2bc9868b5ef43ec62a

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 05 Nov 2022 01:05:24 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 202ms
90ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a9694a6018383a89128ad84af220080&cmd=bid&secure=1
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19301/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 7b39675aae03b1051c7a4f604f4ba06543bd6e1fb5e5206be310ebf926bee7ef

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 05 Nov 2022 01:05:24 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 209ms
97ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969134018383a88c53ad784fa4006c&cmd=bid&secure=1
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19301/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: d99afc14ad1bc9abfe0246c93f4d8b4bf075efc128f4f4a6f5f2261a71454c5a

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 05 Nov 2022 01:05:24 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 207ms
95ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969ce4018383a88820ad8095670064&cmd=bid&secure=1
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19301/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 4007561f50fbe870e767d5b1f455574b5e1fa44d6ed996f1fd16daf6f34b3f56

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 05 Nov 2022 01:05:24 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 205ms
94ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a9694a6018383a89128ad813cb7007b&cmd=bid&secure=1
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19301/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: b67de69ac38ef466efce7caad06bb16a15142c1a28b4889a380eacfa684c3e20

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 05 Nov 2022 01:05:24 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 199ms
88ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969134018383a88c53ad805d2c0071&cmd=bid&secure=1
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19301/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: ec9a6a134495fc31016482ce1ce0d49e93109e58c7309c7480f667c59e9a1221

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 05 Nov 2022 01:05:24 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 205ms
93ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969ce4018383a88820ad84331b006b&cmd=bid&secure=1
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19301/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: fb43b5ce4c02877bfc43b15a4817e5955e3fa594c7b1b6f9dd7a0316c0b7961e

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 05 Nov 2022 01:05:24 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 206ms
96ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969134018383a88c53ad847394007a&cmd=bid&secure=1
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19301/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 23e8a3b1252dc6dbba72ed3e85f470ff7272b0feede620c5656805d2616e1fa6

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 05 Nov 2022 01:05:24 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 210ms
99ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a9694a6018383a89128ad84af220080&cmd=bid&secure=1
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19301/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 069fa4a53ecdae0cc19bdf1670cb417bd395f8a6992713efb2c35352d41e1100

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 05 Nov 2022 01:05:24 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 209ms
99ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969134018383a88c53ad784fa4006c&cmd=bid&secure=1
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19301/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 9470cefc06f77a5d581924356175da48eae11ea730fa49ee52b3485780cce50e

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 05 Nov 2022 01:05:24 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 210ms
100ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969134018383a88c53ad81dedc0075&cmd=bid&secure=1
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19301/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 0ec6ec68e76060e6e0f198370a11ad3dacf581cdd43dff9ea9f7dbb4ce9c351f

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 05 Nov 2022 01:05:24 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 210ms
101ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a9694a6018383a89128ad822331007d&cmd=bid&secure=1
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19301/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: a6472dfc80c8f802f77d5064919c2a55627874b498be25b655ffd9a6c80a432c

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 05 Nov 2022 01:05:24 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 237ms
128ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969ce4018383a88820ad8253e00069&cmd=bid&secure=1
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19301/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 535946a252c40c77ab43e14058f88b772ba7c0e1af48a832762e03f8d61de97f

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 05 Nov 2022 01:05:24 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 206ms
97ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969ce4018383a88820ad81ad100068&cmd=bid&secure=1
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19301/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 9a467f82075614b11fd7b0ec72010f8387c6ad66cdee4c8971384f0c28d6d186

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 05 Nov 2022 01:05:24 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 207ms
98ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969134018383a88c53ad80c1690073&cmd=bid&secure=1
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19301/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 1bbfd61c97a054036bf74ad64cf26a5fdd5ee76532654241cb14cf5d64577b0c

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 05 Nov 2022 01:05:24 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 205ms
96ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969ce4018383a88820ad851b23006c&cmd=bid&secure=1
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19301/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 94463a219c41f4bf2e6e50b2e43375884d2d062c3edef9ad87a7c55f2a84846e

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 05 Nov 2022 01:05:24 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 207ms
99ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969134018383a88c53ad82f4990077&cmd=bid&secure=1
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19301/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 24cf3401a026a6badaa51cf22fc122483fd3e44877e0091060a55813d49e6ef0

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 05 Nov 2022 01:05:24 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 343 B
1 KB 237ms
118ms XHR
application/json 2602:803:c003:200::61
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2126352&size_id=2&alt_size_ids=55%2C221&gdpr=0&eid_pubcid.org=3e1bd50b-bcda-41b5-a4c0-f29f148a8be9%5E1&rf=https%3A%2F%2Fbuhgalter.com.ua%2F&tg_i.pbadslot=%2F141806220%2Fbuhgalter.com.ua_top_banner%23div-gpt-ad-top-banner&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=e5fff229-b0d4-4408-be86-fcdabbb36f1c&l_pb_bid_id=92738180eacfe44&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F141806220%2Fbuhgalter.com.ua_top_banner%23div-gpt-ad-top-banner&slots=1&rand=0.785528709133577
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19301/hb_299506_4371.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: db25cc3dc4d02b365412b1014ae2b3ec47f3e670fdb31c012f38288222e60492

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 05 Nov 2022 01:05:24 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://buhgalter.com.ua
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 343
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 311 B
1 KB 308ms
98ms XHR
application/json 2602:803:c003:200::61
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2126352&size_id=1&gdpr=0&eid_pubcid.org=3e1bd50b-bcda-41b5-a4c0-f29f148a8be9%5E1&rf=https%3A%2F%2Fbuhgalter.com.ua%2F&tg_i.pbadslot=%2F141806220%2Fbuhgalter.com.ua_bottom%23div-gpt-ad-bottom&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=dbd93a2a-032b-4150-9061-139b566a0ad5&l_pb_bid_id=93aa47980168ebb&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F141806220%2Fbuhgalter.com.ua_bottom%23div-gpt-ad-bottom&slots=1&rand=0.35071697080499376
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19301/hb_299506_4371.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: f9bad2aecfdb39fb2e9264866ab025389bfb131dd233074ca01b82ba4ad86bda

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 05 Nov 2022 01:05:24 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://buhgalter.com.ua
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 311
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 323 B
1 KB 326ms
112ms XHR
application/json 2602:803:c003:200::61
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2126352&size_id=9&alt_size_ids=14%2C17%2C179&gdpr=0&eid_pubcid.org=3e1bd50b-bcda-41b5-a4c0-f29f148a8be9%5E1&rf=https%3A%2F%2Fbuhgalter.com.ua%2F&tg_i.pbadslot=%2F141806220%2Fbuhgalter.com.ua_right_banner%23div-gpt-ad-right-banner&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=1fb2f4a5-499b-4222-acad-a440fe31dec0&l_pb_bid_id=94f50008598cf8f&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F141806220%2Fbuhgalter.com.ua_right_banner%23div-gpt-ad-right-banner&slots=1&rand=0.2700880570133346
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19301/hb_299506_4371.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: cc023eeba3f8f45637a71c615b0c02ed2ee17aa1d4f3bd4c6956315fb5d1b1ef

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 05 Nov 2022 01:05:24 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://buhgalter.com.ua
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 323
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 321 B
1 KB 329ms
115ms XHR
application/json 2602:803:c003:200::61
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2126352&size_id=9&alt_size_ids=14%2C17%2C179&gdpr=0&eid_pubcid.org=3e1bd50b-bcda-41b5-a4c0-f29f148a8be9%5E1&rf=https%3A%2F%2Fbuhgalter.com.ua%2F&tg_i.pbadslot=%2F141806220%2Fbuhgalter.com.ua_left_banner%23div-gpt-ad-left-banner&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=9564cf07-f8f5-4609-a15d-697c8fb32269&l_pb_bid_id=95255446f427f26&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F141806220%2Fbuhgalter.com.ua_left_banner%23div-gpt-ad-left-banner&slots=1&rand=0.12231052091257455
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19301/hb_299506_4371.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 24c8e6876d97d0788bdac327fbe14458c5b87b9dd8497c81aa2e95e71153306b

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 05 Nov 2022 01:05:24 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://buhgalter.com.ua
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 321
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 331 B
1 KB 322ms
108ms XHR
application/json 2602:803:c003:200::61
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2126352&size_id=55&gdpr=0&eid_pubcid.org=3e1bd50b-bcda-41b5-a4c0-f29f148a8be9%5E1&rf=https%3A%2F%2Fbuhgalter.com.ua%2F&tg_i.pbadslot=%2F141806220%2Fbuhgalter_catfish_banner%23div-gpt-ad-buhgalter_catfish_banner&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=7bfd325c-5b58-49f2-9266-6ec5814a50d9&l_pb_bid_id=96812548a2e2dc5&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F141806220%2Fbuhgalter_catfish_banner%23div-gpt-ad-buhgalter_catfish_banner&slots=1&rand=0.26132858942856285
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19301/hb_299506_4371.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: bc74e2c1a748e40c4f6e9236068f32592f3b84435d06766101f4a456b9d49ee4

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 05 Nov 2022 01:05:24 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://buhgalter.com.ua
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 331
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 36 B
564 B 221ms
126ms XHR
application/json 104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=863026&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2297422cf1ccbb5b%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fbuhgalter.com.ua%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A5%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A5%2C%22ren%22%3Afalse%2C%22version%22%3A%226.25.1-c%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2299f976ef12293a%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22863026%22%2C%22sid%22%3A%22970x90%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F141806220%2Fbuhgalter.com.ua_top_banner%23div-gpt-ad-top-banner%22%7D%7D%2C%7B%22id%22%3A%221026a62337d6feab%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A620%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22863026%22%2C%22sid%22%3A%22620x90%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F141806220%2Fbuhgalter.com.ua_bottom%23div-gpt-ad-bottom%22%7D%7D%2C%7B%22id%22%3A%221085be516b3928ca%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A250%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22863026%22%2C%22sid%22%3A%22250x600%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F141806220%2Fbuhgalter.com.ua_right_banner%23div-gpt-ad-right-banner%22%7D%7D%2C%7B%22id%22%3A%22113f6ced157bbffd%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A250%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22863026%22%2C%22sid%22%3A%22250x600%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F141806220%2Fbuhgalter.com.ua_left_banner%23div-gpt-ad-left-banner%22%7D%7D%2C%7B%22id%22%3A%22114f4b974986688c%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22863026%22%2C%22sid%22%3A%22970x90%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F141806220%2Fbuhgalter_catfish_banner%23div-gpt-ad-buhgalter_catfish_banner%22%7D%7D%5D%2C%22at%22%3A1%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%223e1bd50b-bcda-41b5-a4c0-f29f148a8be9%22%7D%5D%7D%5D%2C%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%7D
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19301/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f09cdc828de6fb873d19ba69903074f0ed9092960b885e3be1569df45160c6f

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Nov 2022 01:05:24 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UsHRundVRnatsF4m2UTDYe7jgtnOhmF55WGZNYrMJokmEfWLINBFDrq8D3H15p%2FJi9v5dkC2%2Fc2jl6iJyhKww4fm5jzHyPSXhO0RoY7I%2FQ2QclGjSEC2MYIGV6niWCHxWXgmbiDC"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://buhgalter.com.ua
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7651ae503c61768b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36
expires: 0

POST
H2 200 z Show response
s.zmctrack.net/ Frame 098E 102 B
451 B 70ms
70ms XHR
text/plain 185.187.81.40
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.zmctrack.net/z
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.40 Kyiv, Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: openresty /
Resource Hash: 84e0875f56455b8337949d7447a131aa48791ade7f793447339048ddab9b8f16

Request headers

Content-language: eyJ4LXBvc3QiOiIxIn0=
Referer
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sat, 05 Nov 2022 01:05:24 GMT
server: openresty
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-expose-headers: X-Meta-Request-Id, X-Location, X-Meta-Status, X-Check, X-Cookie
access-control-allow-headers: X-Request-Data, X-Headers, X-Url, Accept-Encoding, Accept-Language, Content-Language, Accept, Content-Type, Cookie, Origin, User-Agent
content-length: 102

GET
H3 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.6.3/webfonts/ 77 KB
78 KB 39ms
39ms Font
font/woff2 2606:4700:e2::ac40:850f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.6.3/webfonts/fa-solid-900.woff2
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e2::ac40:850f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f419ad7a4477f36ce73c74a23dce784150ca38fa5075a8e06109709cbb716903

Request headers

Referer: https://buhgalter.com.ua/
Origin: https://buhgalter.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 01:05:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: JGPBVQXCWHA98Y0W
age: 1368503
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 79100
x-amz-id-2: 468gh+xGEZPmDfvADqNgNdV5K73A8zl7qg/RlA+XFefvfe48TVB85Xqc9vDgDaRhjySDZCmks24=
last-modified: Wed, 30 Jun 2021 15:44:54 GMT
server: cloudflare
etag: "5dc01cfcd5336f696cb85da7ce53fa9b"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dABk4597t7Le%2F4M8ZRXnNwaaTOgqBOrF0iaOwA6Y5R6LlqdZhpShnLvZuRD%2FSFDQNNu66aT32s75HvJ%2BQFynh%2BdM7btHbw3tIoos7r8kFi2ovpMNjzKUwYmV%2FxYn6KQz%2BuKJSxYjZzilrzq0NzEsVhoW"}],"group":"cf-nel","max_age":604800}
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 7651ae502f637529-LHR

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ecc36cc1d2a1b39c6dcc4d23c5e1c029f1d2c78e8f696e094c8ea8db964e5664

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 9 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: de845987f3459366a295fa160b916e6945c7b96961d7ba73d441b03f211811e8

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 16 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f7c81f756187282cde04eb081009912e336f388013eb18b70b9895f4cefb6a79

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 13 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ea35c5d1362d678749f64a9e5e667ff8e8cde215869401caa753c5e6585f568f

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 8 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d691477018d0f0957939aa725df7f8a979d42731cd24ffc4b2a91e8cb456db82

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 16 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 09cf7684a243dfc294f30f108a7a97ad7807efebc4699aeff4baf8b94c65d749

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 29 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c52ea3c0b9b1233a70ed9ee281fec4418c13f8688c556ba31e587e0570cc2b43

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 13 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c4a5a12744673c5a2dbb3653fcf99e1d86f9630f2a49ff4aa892cc5018794720

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7535435b268eceb5a194a8a6065e853af11815cedcbe1769155617d3a8487d60

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c1ccf8f543009a813c29e737c9d9b1c5348169995360fbab23c402ab35c93374

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 69768ececc08139a577e3382f14cdec2f0c549663ab259f280e2f83e709065a2

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 10 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e955ea3c7cea5f641e22b09184850d60c3a4a8eef354d739ca9e0ac25daebfaf

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 8 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f1b4809c02c833ef4a89170232005bdb3b7b825cd4a1b16e1f7868fdcef834d7

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 14 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7d5bed178d04622ad95cab658071133ce2ea6b1b394fd71179ec07b5de122bc5

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0c593b478bac40d4bd1c30ccf349c6e118c347e0ed9881ff7e70a7c5de86493e

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 36bfcbfb8c235969f901acae944343611139ad8fe2ab577e907cbd2ca7cbef55

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 8 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fd3eec52805f5b6243e9fe47efb617a37254f80fdeafe26f9d39e007635e0266

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e94d0e2d56d7e7d35935918e549a374568fad167f2c8f4e5189104fa6546d8d5

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 6 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c52a8264c8a4dfb27b101c226b29ed7df32bd643d17550a6aabf8d44d880c75d

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 6 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ca30c33aa5f114d6c4810f2546893395a3047705d5a8b23cb60bba9a157a77ef

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 09bf76bf9a693f6d1ff70fb63a0f530e6d880240a4cf8b53baa070cb244852c0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 14 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d0e59aaca8c9a62d2ae97808a1d7c958012a860f486ecf0f35c73308ac3623cb

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b3513b034d0ecb8f59408a1ca4b9b3a8ba63c68f07f877b2e1e1f34da644afe1

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 14 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c1dffd59aa695c7624ba66ca5c2a1f152f44821259b74a05a3e76f59e84331fb

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 14 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 87a156566bf61f245a0b0d6c16f0446eb7cc4a36a9350be545fa37259a40b71a

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 36 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6e337204ed03b6e4418d9b9b436cd2614831b06c4e1a9ca156d47ece9ad0951c

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 16 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f77bdfc493418da1a85260cc1b790bd02c9d0a09426ed1ad89a9613aa16e5758

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 28 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 741cb5b795c866f5aef2c01f64bf8eda484c92bfebe3ee309c9ed35cd252f033

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 08e04409d774299c7ac6fbbd18203bb89d0febac102760ed40a76864a6bb4066

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 12 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b6681c00074d8e62bb49a4c31444da8096a55f8830f62e4e8cf7b00882ba6cdb

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 6 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b36e2f24c228d4aa3773ac182616c0cf6835f37725be8de6ce7305caa2a99348

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2c30bce9316a009e9a17785731b7c5b52af0e3f3f162efbc5787513b54cea138

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d453778582484007a5a8c9b610fbe6a12a863260562fadd46f8e402f740ab12e

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7704281ee0b386ac39b9b1f6ca82401efc3500b75ac160e9a46ab6246974d9a5

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 061543b6ada60edddffd9f7c3f5a4fd1fa7c37e0f023816dbe1a8d4091daf49e

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6aa60dd23a74b3701f5ed911709abd25ac4e7f4a8cbd13d777fda48db32915f8

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dd9366b123766ecaeec85d47719aaa8ddbd3b68aa7e1fae5434fec5133ebd7cd

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 159210f9ceb6561cae10aa34238d9c3d4a601a5ac825ff6d9f3e669d8bd0df0e

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 16 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a1b43339886c2df3f1451af8474e95a8923085ef0fc240820e7a8218110d573b

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 9 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 07b382d14e2714223655f23745e8bfad2b87de32d3bc5d145403ed07dbcce891

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d285ddb67b0c0d1642d8dbc0d6c122085eaf32cc6df3f165febbb4a47d05c9b5

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 10 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aac32479b7e00e374a47b5c6daeb907574805cd3320d6d2c520764c6ee96c12d

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 9 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: df352596341aef158df4b1735cf3b02723951a0a584685f896ce3782f6e33f29

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 9 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 679449bd06f6cbbe46b129b5009ce6b490d323677b02fac4a62b10bdfc678ddb

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 6 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4f9695de838f580539a55fb51b39700729e469625f429ef612e7e3173bd004bc

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 83f2963ac96def32a52b88d46767a0e6b4f7d5deeabe40bdcd795ce25b99217a

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b35b72ac1876a9d5ec1b9955529f4070e971ce9439a1394970143145b499117f

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 57433e1293341458165bf38974563d349e5c2116f089af926afe7bf6a4e4a49c

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 18 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b61c483c1ef272649d59390899f6ba6dacc4a0047fd5f31fb66a5a4bcb5af0ea

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 30 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a3492ab3d262a82e24fbabfecd777c0800964578ca1e00a363307bd3e590dc77

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 110b303089a71f1b1c392a22406acdad508b9b0d39a1f39626827e86f3a5a78f

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9ce75ed467996485eace448fc8554374409488e31678c2e1efb995c77449c0e4

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 10 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a56602d44222ff0e9c9c9d8faa30c87de0a0b053145aff4a43be4588d216157f

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 6 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3971a86564fe25b2262b78bf830d8af076f7cde4fe7b2167585b38571b3f180a

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 11 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6689b10d16d6c6f738c2fae6e209c53d7b4ad2d597ba712e0ecc2f1852a280ac

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e027435211ef2a57f103c525775456d802bd6ad5acaa62117d45e10930c7af7e

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d4c5780344a410ba6f301b65ec5a0fff84b5ff87bdf3e65c7f6f52958beba7e0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 11 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 188fc2045c73ceb0931b06357ec5c0a8c0b93045b831c79e557c25e4c8959d01

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 9 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 75471d692aeb9322e75a041dcb0c363657eb51db495b14d5555c5e7a907fa799

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 07ab47c07bab62e7d7ff7bc8ec64936785a7e488438074dd3510227aa5c466b0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ffa2e149a7cb4362696d47b85863b157283c7225b648bf0ea43e0591165e4c2d

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 11 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f7ec7b8677014393b78f8e512a7b08dd6227d6d54fb6c145ab0ccc5a71b11600

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 82a4df0a6f0f70b0df90aeef7e01e356a0a5859da073e4139145dffd0844b226

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 489 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 84d368b23e95809600d8e96a8532cc3b88c49cecd69a058d249b4ec0024073ba

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 11 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c1862f5fa7dd3945e2bab43995b64fa4f720581a0b070afea4dc9431b9cfabd8

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 1000 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b3d7d3c47dc2ed2229601da34d1b8d1a9f7e7405e2a495c582544cd4fe82dc20

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6356465097a91fe7436546d26b9a0575a5092cdea33572d65d1ee447777890c5

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 14 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 52db729bbfda2646c18d63f4ad32c8bb07ab396a30c8cd49b22d0481af5310c2

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 13 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 625614d0c74d2cd49b55966090b740556a74d6f81fab60a6ba40cbeb2a328ebd

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 16 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a18472ae86a7b20ced524d98ed60a37cc38d222dd6891200a0edcc335d3d9350

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 arr.png
buhgalter.com.ua/assets/templates/base/chat/img/ 1 KB
1 KB 36ms
36ms Image
image/png 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buhgalter.com.ua/assets/templates/base/chat/img/arr.png
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/assets/templates/base/chat/css/main.css?1625654744
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Haarlem, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: 40cf551965abb3907196d630825291b27d1b77dd499bbbf12e07905a25afcf59

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/assets/templates/base/chat/css/main.css?1625654744
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 01:05:24 GMT
last-modified: Tue, 13 Dec 2016 08:59:45 GMT
server: nginx
etag: "584fb881-490"
content-type: image/png
cache-control: max-age=1209600, public, no-transform
accept-ranges: bytes
content-length: 1168
expires: Sat, 19 Nov 2022 01:05:24 GMT

GET
DATA 200
OK truncated
/ 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2ee69f515b17f5b570b287e1d92f35e94e76139440dbd97db70805430ffda58d

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 129ms
40ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://buhgalter.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 11:59:40 GMT
x-content-type-options: nosniff
age: 133544
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Nov 2023 11:59:40 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame F14F 0
15 B 40ms
40ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://buhgalter.com.ua
Referer: https://buhgalter.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://buhgalter.com.ua
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Sat, 05 Nov 2022 01:05:24 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H3 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
122 B 132ms
51ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=buhgalter.com.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110201.js?cb=31070711

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 01:05:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 136ms
54ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=buhgalter.com.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110201.js?cb=31070711

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 01:05:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 63 KB
23 KB 533ms
533ms XHR
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3498353571134611&correlator=2472043172147014&eid=31070711&output=ldjh&gdfp_req=1&vrg=2022110201&ptt=17&impl=fifs&iu_parts=141806220%2Cbuhgalter.com.ua_top_banner%2Cbuhgalter.com.ua_bottom%2Cbuhgalter.com.ua_right_banner%2Cbuhgalter.com.ua_left_banner%2Cbuhgalter_catfish_banner&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5&prev_iu_szs=970x90%7C728x90%7C1x1%2C468x60%7C610x90%7C620x90%2C160x600%7C250x600%7C250x500%7C250x250%7C240x400%7C240x500%7C250x400%2C160x600%7C250x600%7C250x500%7C250x250%7C240x400%7C240x500%7C250x400%2C970x90%7C1420x90%7C1420x180&ifi=3&adks=1472868681%2C377900176%2C2541184592%2C2347727364%2C3757304322&sfv=1-0-39&prev_scp=hb_rfBid%3D0%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&sc=1&cookie=ID%3Dad0dd2f4a3d05eca%3AT%3D1667610324%3AS%3DALNI_Mawy3Fna8h4cuDhBIZAjHfO0on0vg&gpic=UID%3D00000b7cafa448b1%3AT%3D1667610324%3ART%3D1667610324%3AS%3DALNI_MYEoM57X5r7sTYlDsIs3ZkZtnCKdw&abxe=1&dt=1667610324907&lmt=1590667965&dlt=1667610323175&idt=1049&adxs=315%2C500%2C1160%2C210%2C0&adys=40%2C2592%2C898%2C1233%2C1200&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C2%7C0%7C3%7C4&ucis=3%7C4%7C5%7C6%7C7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fbuhgalter.com.ua%2F&frm=20&vis=1&psz=1600x-1%7C620x0%7C250x0%7C250x0%7C1600x-1&msz=1600x-1%7C620x0%7C250x0%7C250x0%7C1600x-1&fws=0%2C0%2C0%2C0%2C512&ohw=0%2C0%2C0%2C0%2C0&psts=AMjMPc1XkJAHNXt9UNW-Mep-d7_V&ga_vid=1331834235.1667610324&ga_sid=1667610324&ga_hid=340127624&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110201.js?cb=31070711

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0fe555c545ce31ccaab91b006de8641643b03a6f711ecf2f1b1a595dd55e414e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 01:05:25 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23892
x-xss-protection: 0
google-lineitem-id: -1,-1,-2,-2,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,-2,-2,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://buhgalter.com.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com/safeframe/1-0-39/html/ Frame 7985 6 KB
3 KB 124ms
41ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110201.js?cb=31070711

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://buhgalter.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 2988
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 05 Nov 2022 01:05:24 GMT
expires: Sun, 05 Nov 2023 01:05:24 GMT
last-modified: Tue, 25 Oct 2022 18:59:17 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com/safeframe/1-0-39/html/ Frame 0AF6 6 KB
3 KB 118ms
48ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110201.js?cb=31070711

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://buhgalter.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 2988
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 05 Nov 2022 01:05:24 GMT
expires: Sun, 05 Nov 2023 01:05:24 GMT
last-modified: Tue, 25 Oct 2022 18:59:17 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com/safeframe/1-0-39/html/ Frame 6A60 6 KB
3 KB 111ms
44ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110201.js?cb=31070711

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://buhgalter.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 2988
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 05 Nov 2022 01:05:24 GMT
expires: Sun, 05 Nov 2023 01:05:24 GMT
last-modified: Tue, 25 Oct 2022 18:59:17 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 8CCF 624 B
242 B 142ms
53ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3Y4tMCEIis7NsCGNXistUBMAE&v=APEucNVLBSArRNewNW_5wjpWVeEwWsUNGFVlkuNl73MjlJsdXw2yk1w4u-CB1xVfW92SwyLs8A-pROYK9oP5k8vVpwvt_iYJ3lss_qfrJr2hhjp3c1jfpAaQbw67fvp0cl6aAv1qoCGb7s_444GzA-4EA7hz8Wzk4nYfZt8aPdhXPo-QwVVp8Qc

Requested by

Host: 8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com
URL: https://8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 05 Nov 2022 01:05:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 7985 28 KB
17 KB 189ms
101ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AWBJibcQ_2or1JjcabGiR8iF7oVqE5Dy8J3OZMCvdkM_R-EO2uEZ4tfxq-TKGXegxrFfr7HijLcD3xrmKljX8XttewqtC1hHRSJvOd172ub8lu1fHWM72phjyqWbyhr3YGoehJRK0xIlg8k9Kw82C8IxqJaXgOMANxxewa-HVkpoTQqsY&cry=1&dbm_d=AKAmf-Bx6L6Qsk2UbEOb4Azw6CPR1oevsfcS7JfopdAmVHyBJzJWtzGRVRzYGocFairSBIUWXTzzKFG4og1mS-Bqnre7J2PDxr5mvRTPejzLLYCR1Fj4MyJmp6Dy8Vs1z_WhsXbjkfTASXf4FURY_kHh6Lf5vErZcaoLQNsvKJwJYP5IVD3mTlYNncbd4eEmZC3iQUlLj7q6mN1noZ6_Xkb4ZybawKGbLBPfXlDcb2SW4BxA5JNZw8HSOed48dI0Vw3AFrvu1e70pkvIEHbslpq6En918ktPYX3-Spj7WQyU9wcc-7bWNnuqm22UVQC6RgQjNLODG-LO87_DYkIalb5phlv6O75z0prBy2T-PDKt-HhVzCdpZtEqbVWZaWoul9Hq2JIcSWrShisWIOzPzmeKas1FB6iWq-YJE7H1lXaTWc4AshPiU9z_LcRjHExqfq92xBRjNFd-ifa-E3KIV-YHz0x6eIWdkicNpBDMUIEL5e01aTniwQwGhFZIXrZUoB1WaTJ2TioqO1ZuyHAr1m2ySHDrle92s67OiIg1KhrBlGxFL11vcPLXCLlljsNdPmqB0OCfYvmxrNOId1zCQ4KKrsG7SDaGwT0eQ0GfXuoY2SVqd2R4Ju3Pz1uixr94QSBjkOgmC_sNV5MaMxF0YTZTldpMC7BO46pDTzfHJFLJciHfdAvP0dH0qc9QR40IhI2CGQB9Bkwr4AnFyc_njEEC7WTGK_FoqmZ0akPtqsxl000N0Jwtg7nDtYFfryc387pgGGZf0pxdXmOATi9X3Cg8zh3vbjResVj7GRaWtCJm9H_qWa3uul-fvdTuDNEWbwp_Omuko98yEvgr_jZWzQi1hlQCojeobbUgi3VJToeMG6k3bT7KSpfXgYabVu0KQU19nr5DJ3fJgzFjSLR4QdWiiv0UAYVktMN__BObVM4wdYWUIWVTPmIxg-nF2Zy7Jdz0bnObG7wByxMs6fDRCqF5TA7crtY3v0WgpaNE-tHyG8qkyK0WAJKWkeHJLM3lko_DJfUyQ3K2gIucJKs_bQfFIEHQJd82sZKwmAAQTLKArpa-a921J7U1Wu6GFAJyN4k_AzECRc6M-_yvxgdt2-hdfYpPeA6QNKsxrcwEb_-WbuBzDIds1Jiyt95h2kclNdunowbyQdmxHD0eZnbw9orJWZkwq7UY5Eqnp0yqR9KPs25YcC3YH4dIHrr5psCngylb3CDDrV7nuvlS6yyPubQZbxw2kml313Fv01BQTxYAiCJ4Qae9LaTgtSjE4WeLV-F5q_KT3LKLLnH1j5-9RBi2_wWIalxHLI4c7Hl0B7eT1TV_Ur1_SiRFkLHBCZgwbIgzWn3tPWNj-DLYSw4o00CtUt5dGaVwKFnvGctXqCsNLnYkOfdDENVFy8S8eKaYkI8nOL8iIwGq1Kh0N-j0N0BlOCK3lo5Xn9XCLnXnpYUe-lTfwzTOQxWK8-_W_kkwxsOSbQ1fdZeZG85ItrngKfPAK5pJhfjImPgiFOK2FZ_S-Q_GmSoOnnmjuVf_jjn_O3UqQlWH_w9S2ix2mu2cmU5y0EF6c9AjlgeYwEhqUlASY4dO_UObbuJiHA-Yfuv7DLECLqZNhA2_N8XSFrzoRfOmmKImvMQ4n4WbiMyQgvzecBr-trwmuWZPE-ejR8TXjK-gvHT14qEJdewAGa_aann3Lfqh6-0TYUjhXudOcVMsbNR0xwU01gMlBGuYKk4bDupF4JwxEHjFo_q8uT1sMR8fYG_sxyjZg2PeGr2CE1v6ZaY4yu-A1C9KFD1vzf2g3q4mDW0yol2c2w-df6VG_W-yPBOeFtmjmwgRK_HrqNdPTG1rTTjoGtJqcJKIg8GWXytbcBjNhMhGZOAkxP63JwzeT399TdwLsThwKa0u_v2adHpwQjZqzs-ToNWJXA1Cm-bpti01gov_e4IHjtQypxCfs4EDwUtiMv2cJiJNHzUQjXm6k6-WlGGlG495HNOcxLAyoOR9VEDz8k-iRyxNOORCZzC_-64_X8l8_LxHtyyksN4XCWpsN9cSVmkIgVe89k2Ua81oGTkOqlqZYBetAGN9pcfiSeJ3ATleUMXi2B6Vs8pHaJ0rr4sS1KFrfJmgqWgnv5VEI80ZQI4vMnEhZe21WHbUCxjVEqMRWynUyqZ_TX6jl13QUf_fRkNj7mMz5N2KR9cgjEidAEQYNQL-t0H9h8CFwYhxzYZfM43PG90tD8XxiJglPs8aTQPe8QfcuBx5lx7BEz6Wc1g1DMQfNDLrCY3ltN8KKuovd-fBW8eriTVuQlZSO6cpQI3cAjsrgrllIN7qwVwdQOA_glff7EfayRT_oryUmQa80xp-2lt-Fa8UKSqj_KB1m1XlceqOFr4mTVP1xI4922E6_XsZqhLyojMrdXrgWUg6hUdmiaLN5eYjQF0b3A1QRtDU__FpjVlqAzHifkvqfGELcPTm6vpEQRRMPRZyP29RiOQAhIPbp2mtA0b-bvGT9Z3eOWMZL0fsJV728Ygc8tPIsePOFVjkhFdcYty9SWoS94BTY9Dz2PLjnDn8yYF9Bk1MbpAfY1v1cq34oQomknThh_er1P_BLYNO1QbxbjraIOJKzszW2ohlCmPV19qUXGixkPnUhWqQ5SflZntkzJLSayvPMeeP04NTgcfs4gGsNqP9zxjbxI9mjqg7FMYcCCH5MTrI764jVyc1H6ewBUiojECQgoXi_aLvM7Wnapzw3wmDpi5zjffd35mVfiMxoS5yhNlbOPWM6aV93Z1tty8QXPt0ib3L64SaK6PkA-kwuwTO3bVasRRLnFsL-FIlHbY1HVuer267rqdCspetnbWwvFfIFtGzfC0oSdBdVAc4r2u_yyEOKmnFOCgFWY2scFO_EzX9indb-1ZY_iYd3N7zZE2Qk1tTzC44oTizyrhKRfu30CyebMXBh95uwha58Qh_2E5YW7HE6eG5Wv52WrHmwEp0nnfRze1DJ4DRmLBoieWBc9pkk4CwOErq8oDsUGmwzFsGUXK4l9t_JxdHAiT3JStbAIYABNXGNin8FcIM5bRNcZTbpAktuO4MXJ7Ngc56qg80ZoLwtr09VxJaQLNEoqhMtIrbGjdETBthPHS2_PmdnwByECTqLP2-ZHfULnNKdH-shyivYsG3iFCh1X6LKpzxcTkhwBEWgIjtd24gbmYdUYF7GpQB27vzvujJhaXj5H4PQd_EFKspypbK2gWrFrtFejAN44ma3quYOalBKg7C9ANGpckMjJ-UG4ZtvYiluBA3UymYeXKojXsr1vMXqr_y3xHpH62pY5BJf7Gphs1MJ47-Dnu-x8SDklrs0anjVm9_GytUvQLVkFGDezAtBzmW6ba4Y7W7IhdGEEyb5R0xz-SpIBWVctdO1jU9W6VzSoq84hDlU8pYEkEVFWEd_RULuo78_s1b3jntQ0VmbOdmmvc_hj1oFO93tCwDNn41Cdyxj8mGDVqb_FAwYGacgpfWS3UzlR5B-lL_g6_CGITOGb1NwLPTiwi42wd1zkLt_OJGMbh1HCMVwy4qEsr2w4E6tqVgPuJJBDBV0StM98jG2orLrlun2cfbsHpZavnBOMXX9KOdXqrypWKKDJTw1zFvzfbpkTd_F4paYvc0J6yHlz2rbRbN0Xf2lcS7x8hpnu2T7wRH4sY4ya60CmCXO3xFQvAQd8SiTTYDrigUAdDUxGn9uIazAv7EXSzTVsqMPcMpRrEUCQ4gmqQ5sqnvSIl0l1wnPie8YJ1OSXkB68w_ptHPrqT9Dr2Ja-XUPu8ZA_9aWAFPXDit3RD-B27GcrqLi1S_yRKVgVUXkZQ2Pg-LujNcouzLG_YADhxMcT3wRLBBVjWAJDOYx3Zc6p81NkHtnC7_NBzr-XGEhM98tlQgekssEdJ3qo7xJBipuiusjxtUSItdvXTiipFS&cid=CAQSPADq26N9AXeZD9UC-R_LxboJND15Xsc2yc7o4T0KOAbWl_vuH4Bv_CShQXywiOabW4SubWGZ1IYW5NpB2hgBIA4&rfl=1%2Chttps%253A%252F%252Fbuhgalter.com.ua%252F%240

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

23f0661ae223a88b368c6d1fc5f21ddeda89c000c1540abe9ea36e923d355062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Nov 2022 01:05:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17222
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7985 42 B
494 B 165ms
73ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CRS2pVSHN36RplL_-z-2rzISNHMLYFTvCT2TlenOzHVQNRf36h3jhKv_z3GqjZLBdsnMAkvv8pNb9UsNRPbMXQdn06pV4oB3E2sN8NmM0iCQCxcYI

Requested by

Host: 8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com
URL: https://8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Nov 2022 01:05:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adServer.bs Show response
bs.serving-sys.com/Serving/ Frame 7985 11 KB
6 KB 259ms
44ms Script
text/html 3.67.219.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/Serving/adServer.bs?ncu=$$https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCNpq11LZlY4_GO5Xmx_AP7PGTkAOZp8nzbOzmkPvEEJnojpaXMRABIIzloB9gu4aAgNAKyAEJqAMBqgScAk_Qeqdq291XfCyeCPvssjYG5kxvkxm8Y1mNDUKS2B9VHA83xd-m2-YM4SxgE8D857XniPbpIU_lcBkRlOLOXN4-2pTJ0o6SWhGxSIj4nBygK-6LwOMVjxLqyoeEgIdYtDldT-xB0EXSka952ZznL-JBMqFbtL6lHY-SJNaSF9s6jOWvPRGK56U3bzspGjGIy7xZc0veZbu56kvZZOXRYYAQ5eEYzcbhNtzNHeTQirYevvOyduD6YCUzGmO9v0tZmSJtrbFMISu9p2Ul3THdR6WwV5F5VReE_yaNb__-6Bue5STaVv0vQw7nqFICPmGm8_9PyW3S6geqNvcQJuPgrcOn9s597fyofamO8G6Uqm9B1NA5yQ9uwG5VzSYLwASKpqKYjATgBAOQBgGgBk2AB7zu-toCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoBmAsByAsBgAwBsBOe3voQ2BMK2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSPADq26N9AXeZD9UC-R_LxboJND15Xsc2yc7o4T0KOAbWl_vuH4Bv_CShQXywiOabW4SubWGZ1IYW5NpB2hgBIA4%26sig%3DAOD64_1ofbQ3-xk07seAXE7oU-Kbd_2d3Q%26client%3Dca-pub-8618771545316321%26dbm_c%3DAKAmf-CYzyDTILuZjRqJydbneAvTrm2Yrd28-JFc8DaPGiebgUAL0TCwMwViITuosuRUq-Rdk-thHwqfa2vocsXEMppel9gcKyy2LODiQkuJjezNbyYmYIvc_zRN4sB0i0SyRZDGWgOwndIVPwfSWZvAe69ThKo0whfd4zhbLW6GHZqF6_sgMtA%26cry%3D1%26dbm_d%3DAKAmf-AL_5dyT6X76GWFTWAdIfd7YC_Lj_tOpI5RHhV9hjbdqw8xNLUTcyBKCExvmiREn-BHrIaTqp-gvNrxv8v0OATvn5vMo2leTmrZTwT_t88rb0mTkQMSIesYz9OV2oyG5GkpIssNg7BJCm0bI1f-fVrgVyOd9KugX6_oM_OAKuls0dZDqkrosFrgu9bvYSjYaSd7d_sbbKIaPO8h5j-9HebDyqREBZg1kKgprSGCsW5hcsoel7wrzrdONCrghAqphKPcfK_luJVCgC4Z76au6bda1uOCw1jBdK-PquB46JiM4BJUlx_Baj0I3cQscsxMBtqdfvmOGtDx4OPl2MsmbbrNXweag4eeo--ye2ISK8uwKPwymHOIKsVKcgncXOEv5pbO4kIW5Y-EFRYHoEQWbJqRM3pWrYLnAHTLNvhxllEr8GSjOP3CKWhAJJexL5eaoo-P1nj90F7atRc6Mq8Av66rHs4OGKWKkvQDQ22UUk_jl61ziyscaHvSnRgjxKFsKFFy_muRO0CwImCG1RRsYjyWAXe92iT1tJRsMXBDABwJPqByzpYtsgMLKKKoxyGAKmSWqPv6%26adurl%3D$$&c=28&cn=display&pli=1078476873&gdpr=&gdpr_consent=&w=728&h=90&ord=[timestamp]&pcp=$$ABAjH0iOVpjtZlp8NswF0bSo0g4A$$&z=10000
Requested by: Host: 8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com
URL: https://8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.67.219.61 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-67-219-61.eu-central-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 937347f7c164f8e01afd5ebf1a1096c0397ab2fdcffaeac813a96100d67dd580

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Nov 2022 01:05:25 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: CP="NOI DEVa OUR BUS UNI"
cache-control: no-cache, no-store
content-length: 5268
expires: Sun, 05-Jun-2005 22:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame 7985 3 KB
1 KB 194ms
76ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/window_focus_fy2021.js

Requested by

Host: 8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com
URL: https://8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 23:28:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5838
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 18 Nov 2022 23:28:07 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame 7985 17 KB
8 KB 157ms
39ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com
URL: https://8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

71d49d865114d9bb25bfdfc0272b738cdfd771749b21360ce5fb40eee3b4d986

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 14:38:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37600
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7305
x-xss-protection: 0
server: cafe
etag: 12747696668401323709
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 18 Nov 2022 14:38:45 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 7985 0
0 49ms
48ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSX61uT0rUzIt34hZWAO9gpk4YeN9N0UBB_E1_N6wbbGuDhrPjYOmRX3ddyG8MFRFxhyng6XS3X6LOt3Bk69-cvmIfc8Q
Requested by: Host: 8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com
URL: https://8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7985 154 KB
47 KB 163ms
77ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com
URL: https://8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c96507386689e69f6112a5d0a91ea851a260e5c023642dc374a8489271f53246

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 01:05:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48204
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1667489865617883"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 05 Nov 2022 01:05:25 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame DE49 640 B
262 B 135ms
60ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3z17QCELjh2rkCGPLpwqABMAE&v=APEucNVHvrzvISL8BMEbj5oPhUi1rWLL01PIJON7BetgfCHQ6e4l6jhrc_N13_iS5IQTUHfOkY7TcHOiSaUXy3nyAuQQ0G5NUhNLw672IUTYBEy4LEWds6bvX_YCUH95YrYgeXSE-cbUqPIg2bIxhSnjHT74g5Q-tDWsa7FDhakZSDqCyyrELBA

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 05 Nov 2022 01:05:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame E53D 85 KB
35 KB 193ms
120ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AAzA2BAw8EQaf9K_WGaFvP_BaF7WwLHu8ssUq2XzboPkALpVxEOuyxdEcoYkyX3xxs0sAOkaIw5tiSDnCAPtHQQyaC9efHHn7N3uVCTuIh1BGPgmZAksMHtoDEp7dslwjHZSr-RXv2ipJp1hdzZmyHjRoy0fGeR9jpe8wiJhIr42g02xw&dbm_d=AKAmf-Cp3Apy_ROb75v5bmy6mvJGMEUFbzvKXPAZHf88UpKxtO6L6WD1HH9RI0YPQgskxFT_nZ24iy2EbSfUKowyefk_m3beVFB8P9GxyrNezyJi_5RVfLyTRJ6_uZpL_ncaMd1twfFINDi2l2-wrVo8q1uzxbeZUQzUk5mKI6X8trGb2hZJU5Itskkiav9o08TTC3fiMl6O7O4D7NcmK6bFydnsEp8-XzJN6mHl0S_2APJ6bggeLfUgQlOyCC6JipwLkc8HzaqjF_zQsp_CSWTpURTgLaYgeAhrvywzBEKe_V8NfKMfBBMluxre9Xl_WhHML8rNSlcR6W9hxp8ldi6-SGbIvtcV2XgUvqESI_5SoiDwjQT9p__M7VNS7B9yQwuEQRME1AoIigqHAwjwqE9DslMmSTYPyTftAjAEDElgZDrzLUY5yCp4-x69ywy1OKUjC_u_IBi3Pgeyhe6k8lrVC_c39HNTIQAziG9dX3JRbPO-URqnm60-UO6GTrYv6Grg47DmEYvRgJDa76vMnjUS_zzkInWuqxdyzlQbOiLG6GhLh25mVm20BEHw7dxFkOQxRXFfkEK3Ss9AsaPKJp4JMyWAklOdNrLNB4IFa5nURFa3a-vatOF2woaLTfNg-9N-V195cIIOxotuiuFDUltvwNKgJXRDjFYBCtDIEBZEYVh6ZdnnCrB51iy22SrH7M7eL8XHEwhu4wM8edq0iP92IkZ2sy8PlRqT6xNBs44PZyHHQ5t8Iehfl4ZVWPlEYjzA-ScWexWNnjD3RfJHKVeO20dl3yTOb6r3nm-21lKDhYlgxop9TJLN_anWE3Q8jdXueyvgwRuwNMDkfjCAGbpc8y1cf47EnC6YiearSrHGuGy6vF-Z4AYWpLTcnaIBqeWQ0P1AdtFjJqjykbLK1Ik8LtXWP3NChGutO8Wz0ctzys1Zjqxd05bPIT4T1bnzws22WQdCIVSwVXoLoeEC2nTWv3aBxO2cA3Wo_L5kuHukoP9yh20GTpBlZi5niYa5pkJHdk7HZefSr6ZhVbW7PZy8r-4Ss724W8ZteH1zpgkDwgYymb6bZkwGtzQGdrag2I0K7sdFTavwFeFcHY9EoB2r2GM3aaHXrS_x59oUjPMtwAmgsFqUNndKeEdfdExSnV8hEBXl-dFM7uhep1ZCKzkk29ZNpHmVSiiMmZgA8yZq6Br0SHBOs5C1-QBaW7NyQFm1M20KycbKRanvEQxElXFWFfrEHhpGSAxIDk0xkGLO7GHEN6T8bGjtCzi7aoib5coc5_DXiNjcuCoR0KQqNcgg9PAV78Sz6YXkQDYNw0P-A138aW8q6BdGhzqNXaELedS8Uf6qwXelaH898RtupFLQQCvuIzkadRhfZqxHsvqTpcsvRVrBOqrUXdSCJAUtZdaH0XD6TSeygZAuJRokg9msQ73FMxHlhGxjfaFAJIFObANMNbPxdfmqHt-7p7oyUZZzkdi-f_HvJSJ-HOP7MIDEQjvTzv11NKqjq_2Hu01fsbRCi0gPfmkYIZE8VYi91ro4xqzd_Qfs1OJVgDZbtP_fZbuzWoxF3gGzgtnrbmr8F-8gtqibtJjGwaEv8pg8ttxIAwRV93nlTxnhwIOHPKQuFepE2A9Q1P5LUkYfXL8NvjuR8jr7Kdw1CslwsgVjtZim1Dz3-p9lp6nY83f0TXPHVFJhUaTSyx6SNvQQTd9qh9i681ixdAZHLFh0JpvuiMT-adFrdCQqubTJQyTj1J3KlEE1cllr5EoDkvu6Nc839Onc9aQZMKgD8ZUvpDL9O-SDUqQxkUDEjoH_u_evZamOyMeF4ydUhZGNLErq50Ph6yfiNFyp3jXUWIlxgkYe458x1TpJcUzl-pzi2YEDdUGwkcL21K6DSBE9hD8MfVtHyqCUDnL8v3VSEq90fjKrtKU7s95QslDHTCL4plHabBWlvk76XtMoVLI1Pe-hRWyeqbbZN_zEZO4WCcOpuyiYuqz3eqjU0CRVxhT5Jr9WDxS64gz_etZYVS9CjsVxisjrEz9N87F9IdDMlVhjbrItkAYTjHnmjpHBn9uNxGNbvSPM64hgb9rCqH2-bJaQhlmbg3VNq2j0uESdgLuhi8lqGGQDD4ftyaBTT4EKSecYU7nV5uU8WJ_byoZZzrEfzeV14x_y9qm1Tj-O8GYjDhj0ZuZEFRPtPfFfBFaiwE6g1VGlYS8fKnGfppmgJz0u_1i4GC1lIJdcKClJjer-Xikitixvv_v1HjdVllESIC7SGKSxZl55RKNe1vyZAN9abqg0OZReRi7Eu5f7_b3SmlJSwKapuyaC25BTcbd2eac5ad4yTnkh2jTZgpaDJcAi80pcRbf30wCf6iIzio1L7jEGCdI1aRPK4a85bjyTi2rqDOVHa1oG9BZyE5xd3ySLZD0jOSEC1PEXSuTiKkrar17kN7buWbx0I6cycTdhU78cQM9jVz12P76AvVdM5OR-G_0YHErcVX6u3SUW0TYnsjTBpKT77UIGzwMyRifxCLtM3D_tk1z0yUeadrIIl_PLZLS3HLw_yeazBARUIF1j-N2m9V5Db9OWa3BQiYM1sxKXsdnEIcz5y2Ar17nWeQSt9sJLYgdv2Br5CKqLESq3ZSprCBObM9Z6h4WqanONie0ay10LODGd44OAFNMODdS4kyvNh3Fjjp_G6kTBqj8teP5Gc6MY4IHcb6j0qsJG452OUVYmNYtXxL5zmsKHxqRRo1iIJ5u4l2Xm0QDigqxNb1qRRbwPSSP98t7B3O0LNIFVcFj4Mpm705gAW_HuCtB9Sa5NoHGymI_JPJkvTChp6DPmwfcO9FMdoGC3DzJXgxXJEpUXo3POCDdw_vz34ofCfFwPV8AKOmGNoS5UUNobJnU8HDRSuURCaUmm1nF48n9pekoZ74HWylmH2DvbCO4R-XTBwoifQiwkuknBRi0OZCpTN7d4JHZ31Xni_CxTrsMFTLJYfNEJMl6eiMNlEMoY9yDRZ-iq0ErmJWXNghr-1XB0Ycm3cIa-Ego4gTS83yi1gxRu39STqTQZEm_KOlXbft0So9bpHw6IA3hialbo44wUvRyh_DIA5NqnpE1dkenDaMkpxSpkeNZPZiSMELstsZpq7nWBuvoEoeBQ_gA2voe9kfckzLk2F5rPR9pgnqtqwoTNMX9P3vXtjqk-Em3pClPTRH7mIQUfOLgmbXGRLkZT818BDqiF0XtWMPn7HhkexbY17bD23m0jk9HHpUo_tVhHPz2e_HHtNm6zxVnNFgshebBdPtQVbgEbZa3fyi3Zg0VcmBHjgCGn0H1oKrKnaNt7PggfkuL2YYe4DRMBTdpVMQYmq8T5u3F0p9-E-qOsk0SAiMWkwgt362ryBuYUZ6EBRvet1H11-9UdCQh4zvF8G-rKn58R9VACGxyHK8GbuG7CmbcHTKhyGqzwXR_WSooDTc6WR7MmxeFx6a4bi53lvND9Dt7_muvIW6B5nOAIjNbR21pecj8L8A&cid=CAQSPADq26N9AXeZD9UC-R_LxboJND15Xsc2yc7o4T0KOAbWl_vuH4Bv_CShQXywiOabW4SubWGZ1IYW5NpB2hgBIA4&rfl=2%2Chttps%253A%252F%252Fbuhgalter.com.ua%252F%240

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8ba37da1ee4d52bb2b9febb0e0375b7243505124cdce6c94328d11640ff785e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Nov 2022 01:05:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35942
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame E53D 3 KB
1 KB 181ms
77ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/window_focus_fy2021.js

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 23:28:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5838
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 18 Nov 2022 23:28:07 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame E53D 17 KB
7 KB 148ms
44ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

71d49d865114d9bb25bfdfc0272b738cdfd771749b21360ce5fb40eee3b4d986

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 14:38:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37600
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7305
x-xss-protection: 0
server: cafe
etag: 12747696668401323709
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 18 Nov 2022 14:38:45 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame E53D 0
0 49ms
48ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ4BhpDqiMCgjNKJ-uWG_pGwNQrEVayBBvqeBoqSxfexmr23zGm0S-U7JOMxps5X_fNfxJ-KckgP33zEy6UfzmJlZ5W6Q
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E53D 154 KB
47 KB 120ms
48ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c96507386689e69f6112a5d0a91ea851a260e5c023642dc374a8489271f53246

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 01:05:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48204
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1667489865617883"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 05 Nov 2022 01:05:25 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame E53D 42 B
107 B 151ms
73ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Cv4g0Uw9-RBNptytmWb_euXhSQd6i2-HLLa_dXqYWOHXgms_G0yO62ZkyB1fRzLyls_NJuEzP-bu6JU2Gi8-rAvluQAPTcaQgFUu92O42eJmvvumg

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Nov 2022 01:05:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame CF6B 624 B
242 B 118ms
53ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CIaBahCjyH4Y-ojj1wEwAQ&v=APEucNWXjBm9_WxRHx1U4DiIPuGvVXrp9qXoOsYJioDs931byq2jgOyfoUV-yTvgWsiKzHZtA721CVkpILujVnrabJUp5PEenmNLIeWS2Od-FRCZeeJ9MTAksEAOvbtSYff-JqNKquL3z3XCQEdnf2JbuKfqyxpZxI5-EwnJg6K0VUwKR-u4rKE

Requested by

Host: 8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com
URL: https://8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 05 Nov 2022 01:05:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 0AF6 72 KB
34 KB 148ms
83ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ar6MWhlnXMe7XZhxTAzf42wOs1h84zUx_hWrJubge_82X-dzlw9l4eguB0_Ezkf_4BbmJdTxuqwHQikxQAVc6yqRWYsg&cry=1&dbm_d=AKAmf-BNenU-kfa1aWIAWE2K83DTuw92z0W-4l7UGkwm5bNunzT4pYptR9AgHJMKrFsTzWfni6rFoHye5tgt97uYQZH9NGmGdhaTM6kXGlZapbvUKmvd3qPISml_gicQsxmPgiV59MQIKca4CSXT-f_eVNC7Atrt1ucxEpOwKFIMUBrhCtykWoQ9VF7YrhLVG57WnYKGTvSjjXfGINVW2SxNgdkXS7GYzNudqMrFOa3iu6ljT9g6Ld0KUguYW3nZ8lR2MLCXMSqE68BqfX0BvNkSMEIL2ncYxurGPpREm9YWyJ8-_GZ-fS331SIwerL7TWcw0QDgKxNqd7mRxIqxAz_xxPz8k7mf6q-09sqmbwq_5b_B9uI2onHtQKyJ15djlQWC2d6JUEQtytCIZwIOFR30UHdP6HuvD6kvxL9TWTPAOKpM7IrHVFQU54lk1w-YIwSSvPQS_I2Y_gl-wkVtrRsaOVU6ToL0-VauX4sbhDsMRYYIXOKM83rYpe4l8wQIXhUl6eQvg3OUKrtTDxdNRqjXPTJ6g_B9v8RHfEDVbeInb6VSFmmvgC75uLlkOIfhiKDWhaGN_Q_8WLs2vw4LolBGMpJidh8auMPBgxj5dgAwFJIFEE9zMjsf7CpjRlDVMmQWUiwvS5xMTl6QfBLZblrb7M9SyvriQ0Kd09WsjXbXAm6skPFM8HyeF7qXyc3fBboX2D6wnH4WphhZVtIHC7zamxCsJVMXIogpR6Ha5C1t3IbFNN8gNNJXCDnC2_Celay_7IYUPJvyBuGV6kiVNsX-9MRHuMh6SQsd4NOqphSxvslmqO_tBRTAw5aCrz3UKrbOGi8uztmYeKIc-52VNNMj-YelJiNR0kQ-YjR6bXAIjdzUomhYUOMYE7-8H0Wv6zix6Kgb96SgUZyrbPklkPBMBbfAz7xJ9L5insxA23MOHFsCwmDBaxLh7SzC0aYcKTT0F_0ETcE-DifVuXbMOkJPie8Jh7mFZaEhot5FshYn5ARN1fN58EQfMcyzptaCf6reFJ4fsKTOLu2pUmg9A12WCK1d8t3NdHzmmViJsyvb3QkJNrj2u8oEqMXDR7njXYpj56Z-h_r17UW7Vq3Gg3L6okEF7ckrLUTC6KPhjyINHc1EZf5_SDyrJ1FoKAZuteTNj0SEpMV7hZkCMz8_Xuf3rme6hFWCU8sWASfPExNuyhFlNCwt2m53HUav9IFVW42Y4MlEIYCH9_MSqkxi710I34MfEN9jh08yslXry9VoOWvmSeeHhsj_swEJcBbHPS5ItAEEj0n89cBQ3P0JWVUEwXQw6KD34NyWIAHxytfWobx9wgDED1DEINpIFdbg1wGGDa3ijSkwiOhxVT5grMGtP2bw6PkAiE4AaE-xlBWc8--KCONgg7XGFSRQ7T6NpeTM8XxAi_2EXUc45BEUkGT4tyUkWYR5GP_Hu8rd8u9t1svyA32LZ1mEKCB4uDybz7iMlCtZzI5P6cSgYP_h4tZo4xDhlp3S8FJY3uHgq_mmCxzYE6GAxMbKzBesxvx5l39wedQeoVgOYZZjEhulktZF2yaCbdcV8P1Rw5UzeYsXzPY5YI3l7Ate99HFTiCms4p51TEC3opnyxH22RjGKdgyXryYTEUmMG2qYSjQj5dDuhB8BasSVUUWe9U0SNAMTN8_sInOQXTpVrEnMmz6NTPI977Y3jY-iIpwAMm_k02FUkA5S3C1B8IvcSuC9PxX_9R3-FCz07aIw2Kkaf9_nCIO6ouqjwnFC7kL-A-GkcVhARY5dS_2ZIYNl5ydFmoDlPBONPgEPneq7LzGF0yrLjuZC9uONrFoHthdpforalowdT6KwyChSQRDZhPeQdOZ6U7JRD_hCPXeik271m4oiE5coGelPSCoWfiNrRoQyS_WKEmQ_ltcQ3jydkw9kJVTJa5GJRnqOXRwk0y65jfkFWlduCheMh9VoWDkHzRtxagXL8wHE4NLmYJQTJloLFZtCwUad8N0sd3rfaITZBnCuN3Ae5jsI1O5ZdzWQfvylGvJwkfOzDCQeOjKAhCB1r9D4wouyujUu8n9ImIz7FdgVBuFwyH4-IkWHnsm1PQ4JOIEp44Q0Bsq7WC1vCY_bVKIKmEKTB5EbcoKS_fRxReQwswzpvfzmXL7BdHAnLUjl94LvBDhO0Hn8QrfDDUUgWAv-Z0Bs3n2F25MQLqeNDCDnACe7G08U0El5dvuapXIspgiBQNxQ90RzxVd_QtJJ1SVxX0JFLJMSWGgH_Rs1ypgkBvDJrK6ABJ5h0w1mGXrc34Et4109xAsre78LoXCmY7ybT_fUf_cTJGidP1fVUDk92evspj2_GoUIscrRyBzmXxsT8CDjCGkN8obVzYgOIdtN7rUYGk5Mkw4cahp_yYxNAWtkEHu5NmgJ8AdVkSthsZwfiXpmwFjj6xURW2CXfca-B1hp4__mQqLjIYVEGuaJ1tftMVEX8z7c7ft1JrUz-kCFW66MNZa3MZ69bm4CeW3SZs_A_2ZI-Ye_LcdmwSC9KVEN9XnZFmZRGTeBv6ppH0Iq8U9T0sHf3qx09ywRvX-Zg5_5GB_OKEOXwJqPWq6ju-fAtl_zYGa2FJ375W4pq1V77sUmtYgrXWvkJgjHAjfU-oGE4mqD0weOG9nsSwkhsMKN5c0UhoIz0jdHToQbde3dmC05ThJYANcvjMtT8y5nFQqWeGzYBi6EN0UrbLhJAu8Uj2ylAjVNtYAOgDLzbb91vIObxIQONhyO-JbV6IZa0ogcbcHT-ycnG0R8JwkhUOvcY0_l5bsf90rg7jRmNHJi0NEzcDzQUz-YL4SuAJUikqxNEDeO6tV6EO1jLTrd9vQhOO_Zc-0S_pHcQq19SogVtNUGgxx3oj2aCkTeyWt82db0dlwCMiQKmogD9qlG-hRCrmcYQ6XwlPj6HK3miKouKHHLnGnlEt0mbAE7sXuKPw-VMhO39yHxwbP-Sa8n0HW3OCM24DiMeo6cyzeLQC8F1Itvfd24h2kMNq0yfF6puNsp0ahOlQDEoO1EM94adb8BA8nzEpjlXmcRxafjXoPTZOuRrJmLFx4ClY7Mox-soNjacxcG-eZJv6TIh52fCcXfGwGi-0JJQhR6pOeP3GKvHzED-VvSOPsiXYiJMtrVGVSXVGIQBJhkvZon0zMOd6rOu7JX9r4GEyClbKTN3Iz8D3Jtmy3hz-ej6up-jY9Uks_DFFLSkarqn90IEg2_5VQOqRRUVnDHEuUKNkOQ90VGZx594RcuTbeepaUMTpmO-gFRnz3MyEVRCn4goEQr0V62u6MkBly7cpqFS-_EmoFLYs7RSCGycp-LeykbF_EIUpvkeZjo2Eey6KdoYLgEvIK35GtMzJqaatNr6yS9RLNZORbsaRP3gx19chPhl7h7HIN_UNZNA9KE2mPfJuMfCylOq9AN8jx5qDgkWkI6yN4Jx_zI0eAY-5dAy6FpIMH68MkVg0FTXogQVl59vv4XkDgoqloahIBIYkYXP82jgNVQeiJE8amBFwzCNF9uEA-0EWtgk_SD6cr73WHbZJheD2Kn_LUDyMRg1PPd04atT_OlWH85HeGsjTElFxDKolo8N47J6QHYwLnJyrCUkeHRxFK5ZaFt0XihBAgxf5OiUr82WKufMPSuYtmmPmi-o2L9hPpiSvKD4u0COwdXauY6tEHs_DKE7vMXJfgjd9-I4YeLy2hCuJ_mj_aJppyXHZ9ibis3CwVkePiNNed-EbzOz0fIBbmKD6ZNmV2S9m9pg4RqduwB3oYzbTBXW56Wj35fO2izMFTDWv-Ghea8d7HyrnDb-3179UN8A&cid=CAQSPADq26N9AXeZD9UC-R_LxboJND15Xsc2yc7o4T0KOAbWl_vuH4Bv_CShQXywiOabW4SubWGZ1IYW5NpB2hgBIA4&rfl=1%2Chttps%253A%252F%252Fbuhgalter.com.ua%252F%240

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78fdf1ca5c35b334ce8b24a0264271f2f5a6329272a9c64c455a654614979847

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Nov 2022 01:05:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34309
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0AF6 42 B
107 B 143ms
73ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DgNCUaJUr9oh__hKuz08iglJlzapLeLIkGILkgAK86HefRsNqwJ3CfT5UKHZi0hHqJDw69dY_EY8UhZPnww0bIn9eH26YvXFqcCYjR4UMJtq9D0VU

Requested by

Host: 8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com
URL: https://8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Nov 2022 01:05:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame 0AF6 3 KB
1 KB 175ms
78ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/window_focus_fy2021.js

Requested by

Host: 8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com
URL: https://8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 23:28:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5838
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 18 Nov 2022 23:28:07 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame 0AF6 17 KB
7 KB 145ms
49ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com
URL: https://8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

71d49d865114d9bb25bfdfc0272b738cdfd771749b21360ce5fb40eee3b4d986

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 14:38:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37600
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7305
x-xss-protection: 0
server: cafe
etag: 12747696668401323709
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 18 Nov 2022 14:38:45 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 0AF6 0
0 50ms
49ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ_SxLVXRvaveKA5ttWMPupNFsbFerr0zoRpspPq2bNBodSJdHTOHj3_HMCub8vG8ubfKVPxlD0uYQgfqfycNjuqmBayw
Requested by: Host: 8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com
URL: https://8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0AF6 154 KB
47 KB 121ms
57ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com
URL: https://8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c96507386689e69f6112a5d0a91ea851a260e5c023642dc374a8489271f53246

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 01:05:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48204
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1667489865617883"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 05 Nov 2022 01:05:25 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame CF6B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMIMyzhYul4wdbRtJb-K0pk&google_cver=1

43 B
766 B

74ms
39ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMIMyzhYul4wdbRtJb-K0pk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIaBahCjyH4Y-ojj1wEwAQ&v=APEucNWXjBm9_WxRHx1U4DiIPuGvVXrp9qXoOsYJioDs931byq2jgOyfoUV-yTvgWsiKzHZtA721CVkpILujVnrabJUp5PEenmNLIeWS2Od-FRCZeeJ9MTAksEAOvbtSYff-JqNKquL3z3XCQEdnf2JbuKfqyxpZxI5-EwnJg6K0VUwKR-u4rKE
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 05 Nov 2022 01:05:25 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sat, 05 Nov 2022 01:05:25 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMIMyzhYul4wdbRtJb-K0pk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame CF6B
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y2W21Q4NmwM8dt5vJ0ieUwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMIMyzhYul4wdbRtJb-K0pk&google_cver=1

43 B
894 B

41ms
40ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMIMyzhYul4wdbRtJb-K0pk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIaBahCjyH4Y-ojj1wEwAQ&v=APEucNWXjBm9_WxRHx1U4DiIPuGvVXrp9qXoOsYJioDs931byq2jgOyfoUV-yTvgWsiKzHZtA721CVkpILujVnrabJUp5PEenmNLIeWS2Od-FRCZeeJ9MTAksEAOvbtSYff-JqNKquL3z3XCQEdnf2JbuKfqyxpZxI5-EwnJg6K0VUwKR-u4rKE
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 05 Nov 2022 01:05:26 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sat, 05 Nov 2022 01:05:26 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMIMyzhYul4wdbRtJb-K0pk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame CF6B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEA6qeIod3ESdEOXZjFJAZ5w&google_cver=1

43 B
1021 B

42ms
42ms

Image
image/gif

37.252.171.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEA6qeIod3ESdEOXZjFJAZ5w&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIaBahCjyH4Y-ojj1wEwAQ&v=APEucNWXjBm9_WxRHx1U4DiIPuGvVXrp9qXoOsYJioDs931byq2jgOyfoUV-yTvgWsiKzHZtA721CVkpILujVnrabJUp5PEenmNLIeWS2Od-FRCZeeJ9MTAksEAOvbtSYff-JqNKquL3z3XCQEdnf2JbuKfqyxpZxI5-EwnJg6K0VUwKR-u4rKE

Protocol

HTTP/1.1

Server

37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 05 Nov 2022 01:05:25 GMT
AN-X-Request-Uuid: 2c8e37a1-0822-41fd-9908-28d5182f2894
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.138.196.109; 217.138.196.109; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 05 Nov 2022 01:05:25 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEA6qeIod3ESdEOXZjFJAZ5w&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame CF6B
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzk0NTQzNTIyMDk5MjU2MTgwNw%3D%3D

170 B
243 B

49ms
49ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzk0NTQzNTIyMDk5MjU2MTgwNw%3D%3D

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Nov 2022 01:05:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 05 Nov 2022 01:05:25 GMT
AN-X-Request-Uuid: 9babd94a-107f-45ba-8451-e1501ab266bf
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzk0NTQzNTIyMDk5MjU2MTgwNw%3D%3D
Connection: keep-alive
X-Proxy-Origin: 217.138.196.109; 217.138.196.109; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 8CCF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMIMyzhYul4wdbRtJb-K0pk&google_cver=1

43 B
766 B

78ms
40ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMIMyzhYul4wdbRtJb-K0pk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3Y4tMCEIis7NsCGNXistUBMAE&v=APEucNVLBSArRNewNW_5wjpWVeEwWsUNGFVlkuNl73MjlJsdXw2yk1w4u-CB1xVfW92SwyLs8A-pROYK9oP5k8vVpwvt_iYJ3lss_qfrJr2hhjp3c1jfpAaQbw67fvp0cl6aAv1qoCGb7s_444GzA-4EA7hz8Wzk4nYfZt8aPdhXPo-QwVVp8Qc
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 05 Nov 2022 01:05:25 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sat, 05 Nov 2022 01:05:25 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMIMyzhYul4wdbRtJb-K0pk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 8CCF
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y2W21Q4NmwM8dt5vJ0ieUwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMIMyzhYul4wdbRtJb-K0pk&google_cver=1

43 B
766 B

40ms
39ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMIMyzhYul4wdbRtJb-K0pk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3Y4tMCEIis7NsCGNXistUBMAE&v=APEucNVLBSArRNewNW_5wjpWVeEwWsUNGFVlkuNl73MjlJsdXw2yk1w4u-CB1xVfW92SwyLs8A-pROYK9oP5k8vVpwvt_iYJ3lss_qfrJr2hhjp3c1jfpAaQbw67fvp0cl6aAv1qoCGb7s_444GzA-4EA7hz8Wzk4nYfZt8aPdhXPo-QwVVp8Qc
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 05 Nov 2022 01:05:26 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sat, 05 Nov 2022 01:05:26 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMIMyzhYul4wdbRtJb-K0pk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 8CCF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEA6qeIod3ESdEOXZjFJAZ5w&google_cver=1

43 B
1021 B

42ms
41ms

Image
image/gif

37.252.171.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEA6qeIod3ESdEOXZjFJAZ5w&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3Y4tMCEIis7NsCGNXistUBMAE&v=APEucNVLBSArRNewNW_5wjpWVeEwWsUNGFVlkuNl73MjlJsdXw2yk1w4u-CB1xVfW92SwyLs8A-pROYK9oP5k8vVpwvt_iYJ3lss_qfrJr2hhjp3c1jfpAaQbw67fvp0cl6aAv1qoCGb7s_444GzA-4EA7hz8Wzk4nYfZt8aPdhXPo-QwVVp8Qc

Protocol

HTTP/1.1

Server

37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 05 Nov 2022 01:05:25 GMT
AN-X-Request-Uuid: 7f5aae5d-cc11-4f7b-a8da-fc203ee8ff98
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.138.196.109; 217.138.196.109; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 05 Nov 2022 01:05:25 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEA6qeIod3ESdEOXZjFJAZ5w&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 8CCF
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjEzNTk1NDUxNDEyNzc5MjkxNA%3D%3D

170 B
232 B

50ms
50ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjEzNTk1NDUxNDEyNzc5MjkxNA%3D%3D

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Nov 2022 01:05:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 05 Nov 2022 01:05:25 GMT
AN-X-Request-Uuid: 4e501a0c-d803-4354-89bd-ee3f027b9223
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjEzNTk1NDUxNDEyNzc5MjkxNA%3D%3D
Connection: keep-alive
X-Proxy-Origin: 217.138.196.109; 217.138.196.109; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame DE49
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDE-E4kTTfFd0u_MmxLxoVs&google_cver=1

43 B
61 B

62ms
31ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDE-E4kTTfFd0u_MmxLxoVs&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3z17QCELjh2rkCGPLpwqABMAE&v=APEucNVHvrzvISL8BMEbj5oPhUi1rWLL01PIJON7BetgfCHQ6e4l6jhrc_N13_iS5IQTUHfOkY7TcHOiSaUXy3nyAuQQ0G5NUhNLw672IUTYBEy4LEWds6bvX_YCUH95YrYgeXSE-cbUqPIg2bIxhSnjHT74g5Q-tDWsa7FDhakZSDqCyyrELBA
Protocol: H3
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Nov 2022 01:05:25 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 05 Nov 2022 01:05:25 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDE-E4kTTfFd0u_MmxLxoVs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame DE49 43 B
304 B 116ms
32ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3z17QCELjh2rkCGPLpwqABMAE&v=APEucNVHvrzvISL8BMEbj5oPhUi1rWLL01PIJON7BetgfCHQ6e4l6jhrc_N13_iS5IQTUHfOkY7TcHOiSaUXy3nyAuQQ0G5NUhNLw672IUTYBEy4LEWds6bvX_YCUH95YrYgeXSE-cbUqPIg2bIxhSnjHT74g5Q-tDWsa7FDhakZSDqCyyrELBA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Nov 2022 01:05:25 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame DE49
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEJ4jvGqgsVCKOQcsPm9AzkM&google_cver=1

23 B
172 B

66ms
65ms

Image
image/gif

104.75.89.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEJ4jvGqgsVCKOQcsPm9AzkM&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3z17QCELjh2rkCGPLpwqABMAE&v=APEucNVHvrzvISL8BMEbj5oPhUi1rWLL01PIJON7BetgfCHQ6e4l6jhrc_N13_iS5IQTUHfOkY7TcHOiSaUXy3nyAuQQ0G5NUhNLw672IUTYBEy4LEWds6bvX_YCUH95YrYgeXSE-cbUqPIg2bIxhSnjHT74g5Q-tDWsa7FDhakZSDqCyyrELBA
Protocol: H2
Server: 104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-89-75.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires: Sat, 05 Nov 2022 01:05:25 GMT
pragma: no-cache
date: Sat, 05 Nov 2022 01:05:25 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 05 Nov 2022 01:05:25 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=CAESEJ4jvGqgsVCKOQcsPm9AzkM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame DE49 23 B
172 B 202ms
67ms Image
image/gif 104.75.89.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3z17QCELjh2rkCGPLpwqABMAE&v=APEucNVHvrzvISL8BMEbj5oPhUi1rWLL01PIJON7BetgfCHQ6e4l6jhrc_N13_iS5IQTUHfOkY7TcHOiSaUXy3nyAuQQ0G5NUhNLw672IUTYBEy4LEWds6bvX_YCUH95YrYgeXSE-cbUqPIg2bIxhSnjHT74g5Q-tDWsa7FDhakZSDqCyyrELBA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-89-75.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires: Sat, 05 Nov 2022 01:05:25 GMT
pragma: no-cache
date: Sat, 05 Nov 2022 01:05:25 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20221027/r20110914/ Frame 7985 30 KB
11 KB 141ms
59ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221027/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AWBJibcQ_2or1JjcabGiR8iF7oVqE5Dy8J3OZMCvdkM_R-EO2uEZ4tfxq-TKGXegxrFfr7HijLcD3xrmKljX8XttewqtC1hHRSJvOd172ub8lu1fHWM72phjyqWbyhr3YGoehJRK0xIlg8k9Kw82C8IxqJaXgOMANxxewa-HVkpoTQqsY&cry=1&dbm_d=AKAmf-Bx6L6Qsk2UbEOb4Azw6CPR1oevsfcS7JfopdAmVHyBJzJWtzGRVRzYGocFairSBIUWXTzzKFG4og1mS-Bqnre7J2PDxr5mvRTPejzLLYCR1Fj4MyJmp6Dy8Vs1z_WhsXbjkfTASXf4FURY_kHh6Lf5vErZcaoLQNsvKJwJYP5IVD3mTlYNncbd4eEmZC3iQUlLj7q6mN1noZ6_Xkb4ZybawKGbLBPfXlDcb2SW4BxA5JNZw8HSOed48dI0Vw3AFrvu1e70pkvIEHbslpq6En918ktPYX3-Spj7WQyU9wcc-7bWNnuqm22UVQC6RgQjNLODG-LO87_DYkIalb5phlv6O75z0prBy2T-PDKt-HhVzCdpZtEqbVWZaWoul9Hq2JIcSWrShisWIOzPzmeKas1FB6iWq-YJE7H1lXaTWc4AshPiU9z_LcRjHExqfq92xBRjNFd-ifa-E3KIV-YHz0x6eIWdkicNpBDMUIEL5e01aTniwQwGhFZIXrZUoB1WaTJ2TioqO1ZuyHAr1m2ySHDrle92s67OiIg1KhrBlGxFL11vcPLXCLlljsNdPmqB0OCfYvmxrNOId1zCQ4KKrsG7SDaGwT0eQ0GfXuoY2SVqd2R4Ju3Pz1uixr94QSBjkOgmC_sNV5MaMxF0YTZTldpMC7BO46pDTzfHJFLJciHfdAvP0dH0qc9QR40IhI2CGQB9Bkwr4AnFyc_njEEC7WTGK_FoqmZ0akPtqsxl000N0Jwtg7nDtYFfryc387pgGGZf0pxdXmOATi9X3Cg8zh3vbjResVj7GRaWtCJm9H_qWa3uul-fvdTuDNEWbwp_Omuko98yEvgr_jZWzQi1hlQCojeobbUgi3VJToeMG6k3bT7KSpfXgYabVu0KQU19nr5DJ3fJgzFjSLR4QdWiiv0UAYVktMN__BObVM4wdYWUIWVTPmIxg-nF2Zy7Jdz0bnObG7wByxMs6fDRCqF5TA7crtY3v0WgpaNE-tHyG8qkyK0WAJKWkeHJLM3lko_DJfUyQ3K2gIucJKs_bQfFIEHQJd82sZKwmAAQTLKArpa-a921J7U1Wu6GFAJyN4k_AzECRc6M-_yvxgdt2-hdfYpPeA6QNKsxrcwEb_-WbuBzDIds1Jiyt95h2kclNdunowbyQdmxHD0eZnbw9orJWZkwq7UY5Eqnp0yqR9KPs25YcC3YH4dIHrr5psCngylb3CDDrV7nuvlS6yyPubQZbxw2kml313Fv01BQTxYAiCJ4Qae9LaTgtSjE4WeLV-F5q_KT3LKLLnH1j5-9RBi2_wWIalxHLI4c7Hl0B7eT1TV_Ur1_SiRFkLHBCZgwbIgzWn3tPWNj-DLYSw4o00CtUt5dGaVwKFnvGctXqCsNLnYkOfdDENVFy8S8eKaYkI8nOL8iIwGq1Kh0N-j0N0BlOCK3lo5Xn9XCLnXnpYUe-lTfwzTOQxWK8-_W_kkwxsOSbQ1fdZeZG85ItrngKfPAK5pJhfjImPgiFOK2FZ_S-Q_GmSoOnnmjuVf_jjn_O3UqQlWH_w9S2ix2mu2cmU5y0EF6c9AjlgeYwEhqUlASY4dO_UObbuJiHA-Yfuv7DLECLqZNhA2_N8XSFrzoRfOmmKImvMQ4n4WbiMyQgvzecBr-trwmuWZPE-ejR8TXjK-gvHT14qEJdewAGa_aann3Lfqh6-0TYUjhXudOcVMsbNR0xwU01gMlBGuYKk4bDupF4JwxEHjFo_q8uT1sMR8fYG_sxyjZg2PeGr2CE1v6ZaY4yu-A1C9KFD1vzf2g3q4mDW0yol2c2w-df6VG_W-yPBOeFtmjmwgRK_HrqNdPTG1rTTjoGtJqcJKIg8GWXytbcBjNhMhGZOAkxP63JwzeT399TdwLsThwKa0u_v2adHpwQjZqzs-ToNWJXA1Cm-bpti01gov_e4IHjtQypxCfs4EDwUtiMv2cJiJNHzUQjXm6k6-WlGGlG495HNOcxLAyoOR9VEDz8k-iRyxNOORCZzC_-64_X8l8_LxHtyyksN4XCWpsN9cSVmkIgVe89k2Ua81oGTkOqlqZYBetAGN9pcfiSeJ3ATleUMXi2B6Vs8pHaJ0rr4sS1KFrfJmgqWgnv5VEI80ZQI4vMnEhZe21WHbUCxjVEqMRWynUyqZ_TX6jl13QUf_fRkNj7mMz5N2KR9cgjEidAEQYNQL-t0H9h8CFwYhxzYZfM43PG90tD8XxiJglPs8aTQPe8QfcuBx5lx7BEz6Wc1g1DMQfNDLrCY3ltN8KKuovd-fBW8eriTVuQlZSO6cpQI3cAjsrgrllIN7qwVwdQOA_glff7EfayRT_oryUmQa80xp-2lt-Fa8UKSqj_KB1m1XlceqOFr4mTVP1xI4922E6_XsZqhLyojMrdXrgWUg6hUdmiaLN5eYjQF0b3A1QRtDU__FpjVlqAzHifkvqfGELcPTm6vpEQRRMPRZyP29RiOQAhIPbp2mtA0b-bvGT9Z3eOWMZL0fsJV728Ygc8tPIsePOFVjkhFdcYty9SWoS94BTY9Dz2PLjnDn8yYF9Bk1MbpAfY1v1cq34oQomknThh_er1P_BLYNO1QbxbjraIOJKzszW2ohlCmPV19qUXGixkPnUhWqQ5SflZntkzJLSayvPMeeP04NTgcfs4gGsNqP9zxjbxI9mjqg7FMYcCCH5MTrI764jVyc1H6ewBUiojECQgoXi_aLvM7Wnapzw3wmDpi5zjffd35mVfiMxoS5yhNlbOPWM6aV93Z1tty8QXPt0ib3L64SaK6PkA-kwuwTO3bVasRRLnFsL-FIlHbY1HVuer267rqdCspetnbWwvFfIFtGzfC0oSdBdVAc4r2u_yyEOKmnFOCgFWY2scFO_EzX9indb-1ZY_iYd3N7zZE2Qk1tTzC44oTizyrhKRfu30CyebMXBh95uwha58Qh_2E5YW7HE6eG5Wv52WrHmwEp0nnfRze1DJ4DRmLBoieWBc9pkk4CwOErq8oDsUGmwzFsGUXK4l9t_JxdHAiT3JStbAIYABNXGNin8FcIM5bRNcZTbpAktuO4MXJ7Ngc56qg80ZoLwtr09VxJaQLNEoqhMtIrbGjdETBthPHS2_PmdnwByECTqLP2-ZHfULnNKdH-shyivYsG3iFCh1X6LKpzxcTkhwBEWgIjtd24gbmYdUYF7GpQB27vzvujJhaXj5H4PQd_EFKspypbK2gWrFrtFejAN44ma3quYOalBKg7C9ANGpckMjJ-UG4ZtvYiluBA3UymYeXKojXsr1vMXqr_y3xHpH62pY5BJf7Gphs1MJ47-Dnu-x8SDklrs0anjVm9_GytUvQLVkFGDezAtBzmW6ba4Y7W7IhdGEEyb5R0xz-SpIBWVctdO1jU9W6VzSoq84hDlU8pYEkEVFWEd_RULuo78_s1b3jntQ0VmbOdmmvc_hj1oFO93tCwDNn41Cdyxj8mGDVqb_FAwYGacgpfWS3UzlR5B-lL_g6_CGITOGb1NwLPTiwi42wd1zkLt_OJGMbh1HCMVwy4qEsr2w4E6tqVgPuJJBDBV0StM98jG2orLrlun2cfbsHpZavnBOMXX9KOdXqrypWKKDJTw1zFvzfbpkTd_F4paYvc0J6yHlz2rbRbN0Xf2lcS7x8hpnu2T7wRH4sY4ya60CmCXO3xFQvAQd8SiTTYDrigUAdDUxGn9uIazAv7EXSzTVsqMPcMpRrEUCQ4gmqQ5sqnvSIl0l1wnPie8YJ1OSXkB68w_ptHPrqT9Dr2Ja-XUPu8ZA_9aWAFPXDit3RD-B27GcrqLi1S_yRKVgVUXkZQ2Pg-LujNcouzLG_YADhxMcT3wRLBBVjWAJDOYx3Zc6p81NkHtnC7_NBzr-XGEhM98tlQgekssEdJ3qo7xJBipuiusjxtUSItdvXTiipFS&cid=CAQSPADq26N9AXeZD9UC-R_LxboJND15Xsc2yc7o4T0KOAbWl_vuH4Bv_CShQXywiOabW4SubWGZ1IYW5NpB2hgBIA4&rfl=1%2Chttps%253A%252F%252Fbuhgalter.com.ua%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ac32377ae624ac720172de6cd59d7fad67c0c78fe658c7a7b2b43be14b9d74ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:52:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22396
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11484
x-xss-protection: 0
server: cafe
etag: 16485072225624805710
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 18 Nov 2022 18:52:09 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 7985 41 KB
15 KB 124ms
42ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 11:24:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49282
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 04 Nov 2023 11:24:03 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20221027/r20110914/ Frame 0AF6 30 KB
11 KB 126ms
49ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221027/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ar6MWhlnXMe7XZhxTAzf42wOs1h84zUx_hWrJubge_82X-dzlw9l4eguB0_Ezkf_4BbmJdTxuqwHQikxQAVc6yqRWYsg&cry=1&dbm_d=AKAmf-BNenU-kfa1aWIAWE2K83DTuw92z0W-4l7UGkwm5bNunzT4pYptR9AgHJMKrFsTzWfni6rFoHye5tgt97uYQZH9NGmGdhaTM6kXGlZapbvUKmvd3qPISml_gicQsxmPgiV59MQIKca4CSXT-f_eVNC7Atrt1ucxEpOwKFIMUBrhCtykWoQ9VF7YrhLVG57WnYKGTvSjjXfGINVW2SxNgdkXS7GYzNudqMrFOa3iu6ljT9g6Ld0KUguYW3nZ8lR2MLCXMSqE68BqfX0BvNkSMEIL2ncYxurGPpREm9YWyJ8-_GZ-fS331SIwerL7TWcw0QDgKxNqd7mRxIqxAz_xxPz8k7mf6q-09sqmbwq_5b_B9uI2onHtQKyJ15djlQWC2d6JUEQtytCIZwIOFR30UHdP6HuvD6kvxL9TWTPAOKpM7IrHVFQU54lk1w-YIwSSvPQS_I2Y_gl-wkVtrRsaOVU6ToL0-VauX4sbhDsMRYYIXOKM83rYpe4l8wQIXhUl6eQvg3OUKrtTDxdNRqjXPTJ6g_B9v8RHfEDVbeInb6VSFmmvgC75uLlkOIfhiKDWhaGN_Q_8WLs2vw4LolBGMpJidh8auMPBgxj5dgAwFJIFEE9zMjsf7CpjRlDVMmQWUiwvS5xMTl6QfBLZblrb7M9SyvriQ0Kd09WsjXbXAm6skPFM8HyeF7qXyc3fBboX2D6wnH4WphhZVtIHC7zamxCsJVMXIogpR6Ha5C1t3IbFNN8gNNJXCDnC2_Celay_7IYUPJvyBuGV6kiVNsX-9MRHuMh6SQsd4NOqphSxvslmqO_tBRTAw5aCrz3UKrbOGi8uztmYeKIc-52VNNMj-YelJiNR0kQ-YjR6bXAIjdzUomhYUOMYE7-8H0Wv6zix6Kgb96SgUZyrbPklkPBMBbfAz7xJ9L5insxA23MOHFsCwmDBaxLh7SzC0aYcKTT0F_0ETcE-DifVuXbMOkJPie8Jh7mFZaEhot5FshYn5ARN1fN58EQfMcyzptaCf6reFJ4fsKTOLu2pUmg9A12WCK1d8t3NdHzmmViJsyvb3QkJNrj2u8oEqMXDR7njXYpj56Z-h_r17UW7Vq3Gg3L6okEF7ckrLUTC6KPhjyINHc1EZf5_SDyrJ1FoKAZuteTNj0SEpMV7hZkCMz8_Xuf3rme6hFWCU8sWASfPExNuyhFlNCwt2m53HUav9IFVW42Y4MlEIYCH9_MSqkxi710I34MfEN9jh08yslXry9VoOWvmSeeHhsj_swEJcBbHPS5ItAEEj0n89cBQ3P0JWVUEwXQw6KD34NyWIAHxytfWobx9wgDED1DEINpIFdbg1wGGDa3ijSkwiOhxVT5grMGtP2bw6PkAiE4AaE-xlBWc8--KCONgg7XGFSRQ7T6NpeTM8XxAi_2EXUc45BEUkGT4tyUkWYR5GP_Hu8rd8u9t1svyA32LZ1mEKCB4uDybz7iMlCtZzI5P6cSgYP_h4tZo4xDhlp3S8FJY3uHgq_mmCxzYE6GAxMbKzBesxvx5l39wedQeoVgOYZZjEhulktZF2yaCbdcV8P1Rw5UzeYsXzPY5YI3l7Ate99HFTiCms4p51TEC3opnyxH22RjGKdgyXryYTEUmMG2qYSjQj5dDuhB8BasSVUUWe9U0SNAMTN8_sInOQXTpVrEnMmz6NTPI977Y3jY-iIpwAMm_k02FUkA5S3C1B8IvcSuC9PxX_9R3-FCz07aIw2Kkaf9_nCIO6ouqjwnFC7kL-A-GkcVhARY5dS_2ZIYNl5ydFmoDlPBONPgEPneq7LzGF0yrLjuZC9uONrFoHthdpforalowdT6KwyChSQRDZhPeQdOZ6U7JRD_hCPXeik271m4oiE5coGelPSCoWfiNrRoQyS_WKEmQ_ltcQ3jydkw9kJVTJa5GJRnqOXRwk0y65jfkFWlduCheMh9VoWDkHzRtxagXL8wHE4NLmYJQTJloLFZtCwUad8N0sd3rfaITZBnCuN3Ae5jsI1O5ZdzWQfvylGvJwkfOzDCQeOjKAhCB1r9D4wouyujUu8n9ImIz7FdgVBuFwyH4-IkWHnsm1PQ4JOIEp44Q0Bsq7WC1vCY_bVKIKmEKTB5EbcoKS_fRxReQwswzpvfzmXL7BdHAnLUjl94LvBDhO0Hn8QrfDDUUgWAv-Z0Bs3n2F25MQLqeNDCDnACe7G08U0El5dvuapXIspgiBQNxQ90RzxVd_QtJJ1SVxX0JFLJMSWGgH_Rs1ypgkBvDJrK6ABJ5h0w1mGXrc34Et4109xAsre78LoXCmY7ybT_fUf_cTJGidP1fVUDk92evspj2_GoUIscrRyBzmXxsT8CDjCGkN8obVzYgOIdtN7rUYGk5Mkw4cahp_yYxNAWtkEHu5NmgJ8AdVkSthsZwfiXpmwFjj6xURW2CXfca-B1hp4__mQqLjIYVEGuaJ1tftMVEX8z7c7ft1JrUz-kCFW66MNZa3MZ69bm4CeW3SZs_A_2ZI-Ye_LcdmwSC9KVEN9XnZFmZRGTeBv6ppH0Iq8U9T0sHf3qx09ywRvX-Zg5_5GB_OKEOXwJqPWq6ju-fAtl_zYGa2FJ375W4pq1V77sUmtYgrXWvkJgjHAjfU-oGE4mqD0weOG9nsSwkhsMKN5c0UhoIz0jdHToQbde3dmC05ThJYANcvjMtT8y5nFQqWeGzYBi6EN0UrbLhJAu8Uj2ylAjVNtYAOgDLzbb91vIObxIQONhyO-JbV6IZa0ogcbcHT-ycnG0R8JwkhUOvcY0_l5bsf90rg7jRmNHJi0NEzcDzQUz-YL4SuAJUikqxNEDeO6tV6EO1jLTrd9vQhOO_Zc-0S_pHcQq19SogVtNUGgxx3oj2aCkTeyWt82db0dlwCMiQKmogD9qlG-hRCrmcYQ6XwlPj6HK3miKouKHHLnGnlEt0mbAE7sXuKPw-VMhO39yHxwbP-Sa8n0HW3OCM24DiMeo6cyzeLQC8F1Itvfd24h2kMNq0yfF6puNsp0ahOlQDEoO1EM94adb8BA8nzEpjlXmcRxafjXoPTZOuRrJmLFx4ClY7Mox-soNjacxcG-eZJv6TIh52fCcXfGwGi-0JJQhR6pOeP3GKvHzED-VvSOPsiXYiJMtrVGVSXVGIQBJhkvZon0zMOd6rOu7JX9r4GEyClbKTN3Iz8D3Jtmy3hz-ej6up-jY9Uks_DFFLSkarqn90IEg2_5VQOqRRUVnDHEuUKNkOQ90VGZx594RcuTbeepaUMTpmO-gFRnz3MyEVRCn4goEQr0V62u6MkBly7cpqFS-_EmoFLYs7RSCGycp-LeykbF_EIUpvkeZjo2Eey6KdoYLgEvIK35GtMzJqaatNr6yS9RLNZORbsaRP3gx19chPhl7h7HIN_UNZNA9KE2mPfJuMfCylOq9AN8jx5qDgkWkI6yN4Jx_zI0eAY-5dAy6FpIMH68MkVg0FTXogQVl59vv4XkDgoqloahIBIYkYXP82jgNVQeiJE8amBFwzCNF9uEA-0EWtgk_SD6cr73WHbZJheD2Kn_LUDyMRg1PPd04atT_OlWH85HeGsjTElFxDKolo8N47J6QHYwLnJyrCUkeHRxFK5ZaFt0XihBAgxf5OiUr82WKufMPSuYtmmPmi-o2L9hPpiSvKD4u0COwdXauY6tEHs_DKE7vMXJfgjd9-I4YeLy2hCuJ_mj_aJppyXHZ9ibis3CwVkePiNNed-EbzOz0fIBbmKD6ZNmV2S9m9pg4RqduwB3oYzbTBXW56Wj35fO2izMFTDWv-Ghea8d7HyrnDb-3179UN8A&cid=CAQSPADq26N9AXeZD9UC-R_LxboJND15Xsc2yc7o4T0KOAbWl_vuH4Bv_CShQXywiOabW4SubWGZ1IYW5NpB2hgBIA4&rfl=1%2Chttps%253A%252F%252Fbuhgalter.com.ua%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ac32377ae624ac720172de6cd59d7fad67c0c78fe658c7a7b2b43be14b9d74ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:52:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22396
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11484
x-xss-protection: 0
server: cafe
etag: 16485072225624805710
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 18 Nov 2022 18:52:09 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20221027/r20110914/elements/html/ Frame 0AF6 8 KB
3 KB 146ms
70ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221027/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d4fd99fb81b7a54dde7ec7af98a536d555323b8c4445005fd82aeaa0351c975c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:50:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22489
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2990
x-xss-protection: 0
server: cafe
etag: 2274832811029412562
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 18 Nov 2022 18:50:36 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 0AF6 0
0 196ms
92ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuGaKtkm23sa6ZlVt1TruImK-Bgks34zvAEDrnsDMP0IQ2jKlUCGSnXi3YMlNyf0xVQZKhcWBzKHy8oCtmAtfua8ZpUiHPcsyAV6vgiwyUu-UD_lNrZWBPikE5BxkoOmwUF0jaogMiS8yRZjK87axWWyIjoQVo92zazLU4IOz1Frbr3XU66OMLzdw4HNN0v-BhhcQNDfraVum8hxbXlRu98i0GzID0xJCkRGQGIBpl550tLx3Fc7qheAHFCdg8M5uBnmda2AoNZcAJdNYlRS6pVyIhijaK5uzG7t52g4zHBSqnQrnLhJE2KlUjFtrRZooNeMkZTX2lDc6j6-__JIvnXqVXg1QYPvXUgkbaQ3wU6LDG-Ko1UdbnXFjXe_Ie2P7126rMVL3uVg3dKSzX_3AH8VFKQAjPKKI9vZYJ8st0NG-1RBKbuCs0Uv_d_HwlJItOTkzIiLF7rjm9RDesP4OjgRMyqrF1_9zCE7gvJbkcwqnsdk6O543ywOBQLvWGLI7fAzrQk3rWsbrkDZCXchzjwkW11yLiUE6-paCIQdvhtMZqq3u5gsSEqNkB-sVhUDpEr6TYaib4Pqg4j4DMIrOoXsvIoquPTx4AH1GTwucC77eCHZjQvg_uupiNBzuds-8Vag3TRvrFy0uju-vOqZE-3NqHXBtS-rRWl5Epg1Loc806VadN7peyWOE6HkZaTWnGZr-32xnnDD6GcyM_oz2KjGdSLe8wiIk-JdV3jf8Aq8mkgmpDdyqrW0qQia88Rx03f107A_NHpuHkbvqiUXrJ0tXaWIzPT5PiFwg9FNzL-5uFpiEt24S_WeYKU7oIm7Af6xArLEhH7VreE-v5Cd17R0Pu8bfX1V5G9ZlvM4olIExUn6UK7aEQGPma6RyKiCSVqljKhNYU2or1SwMsOYFgJOF1kdZngvoEwrOJep4NMdge6hrv4ROW7O7dt4dPmAPq9D6yiwBseyGB9SMLm04sfGktC-Qtv9Pue4Fsrx_oTG69IWNtl7JXel-ZXojIBK6DBTUohs7NLucolcma5dW8KttTuFoqylv9G5S88jWGQDvxsSUJr-D9ena1HjplxyeGTb5rwBl0N8ObZ0PFfBhPSBbhXlcMNXSt3AF-inxq-BuNbXOdOa3m7h05HB00Wik8Vh4D5P1CWH23eO8pHnDz51mUZK6kn4QDqih_tQGFe8Br4TfANh8VkoxF6PxVS4RKU9eXE1vmopJ1IjHVRCtr8ujKsITIkbQnpyOMVBjqke4hpD9FltehHuxeXnMWRxGY2JQNqq3tAm6GqwD6tU8hd1sTmVW3kKYQVy1ZKqb70R4IDKfwCiD51zVo6h2qBZReYCA&sai=AMfl-YR9_hAviMrflAEQpMS1uXFQrMw3HdaHViCRtZd0_J39RyrLoYwt7lRMMn6YDPEuRzwLocuA-JDDWQpK2RNZkyZiU3aA4SiChd_NzAvqRbVJ1XHzX-Ccq4AIFXwJfWMONNyCMunGmMNYJDLnFzNL0ApR5Rrh1Xe6W16vrNgHii6zRiP70hDrPKXQHkkwmHI36pmYy7LpRuK1ntv_7uENvaKN-JNxiD48urkI6CT_hLvzxyYF0kKIoF-vrJ9FqLNjJTcAj7mPZ6dXSQ&sig=Cg0ArKJSzEmYUQDlMJTcEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20221027.31505&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 05 Nov 2022 01:05:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 05 Nov 2022 01:05:26 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 0AF6 41 KB
15 KB 115ms
39ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 11:24:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49282
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 04 Nov 2023 11:24:03 GMT

GET
H2 200 17833668557370009334
s0.2mdn.net/simgad/ Frame 0AF6 85 KB
86 KB 190ms
91ms Image
image/gif 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/17833668557370009334

Requested by

Host: 8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com
URL: https://8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7fa2dc82324a628f7b1f6e555fc90d3cdc3f8a0cf20e727bfeb967d302b58cf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 01:05:26 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87054
x-xss-protection: 0
last-modified: Mon, 31 Oct 2022 14:49:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 05 Nov 2023 01:05:26 GMT

GET
H2 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame E53D 170 KB
59 KB 127ms
39ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com/
Origin: https://8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 16:47:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29888
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 05 Nov 2022 16:47:17 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20221027/r20110914/elements/html/ Frame E53D 8 KB
3 KB 101ms
39ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221027/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AAzA2BAw8EQaf9K_WGaFvP_BaF7WwLHu8ssUq2XzboPkALpVxEOuyxdEcoYkyX3xxs0sAOkaIw5tiSDnCAPtHQQyaC9efHHn7N3uVCTuIh1BGPgmZAksMHtoDEp7dslwjHZSr-RXv2ipJp1hdzZmyHjRoy0fGeR9jpe8wiJhIr42g02xw&dbm_d=AKAmf-Cp3Apy_ROb75v5bmy6mvJGMEUFbzvKXPAZHf88UpKxtO6L6WD1HH9RI0YPQgskxFT_nZ24iy2EbSfUKowyefk_m3beVFB8P9GxyrNezyJi_5RVfLyTRJ6_uZpL_ncaMd1twfFINDi2l2-wrVo8q1uzxbeZUQzUk5mKI6X8trGb2hZJU5Itskkiav9o08TTC3fiMl6O7O4D7NcmK6bFydnsEp8-XzJN6mHl0S_2APJ6bggeLfUgQlOyCC6JipwLkc8HzaqjF_zQsp_CSWTpURTgLaYgeAhrvywzBEKe_V8NfKMfBBMluxre9Xl_WhHML8rNSlcR6W9hxp8ldi6-SGbIvtcV2XgUvqESI_5SoiDwjQT9p__M7VNS7B9yQwuEQRME1AoIigqHAwjwqE9DslMmSTYPyTftAjAEDElgZDrzLUY5yCp4-x69ywy1OKUjC_u_IBi3Pgeyhe6k8lrVC_c39HNTIQAziG9dX3JRbPO-URqnm60-UO6GTrYv6Grg47DmEYvRgJDa76vMnjUS_zzkInWuqxdyzlQbOiLG6GhLh25mVm20BEHw7dxFkOQxRXFfkEK3Ss9AsaPKJp4JMyWAklOdNrLNB4IFa5nURFa3a-vatOF2woaLTfNg-9N-V195cIIOxotuiuFDUltvwNKgJXRDjFYBCtDIEBZEYVh6ZdnnCrB51iy22SrH7M7eL8XHEwhu4wM8edq0iP92IkZ2sy8PlRqT6xNBs44PZyHHQ5t8Iehfl4ZVWPlEYjzA-ScWexWNnjD3RfJHKVeO20dl3yTOb6r3nm-21lKDhYlgxop9TJLN_anWE3Q8jdXueyvgwRuwNMDkfjCAGbpc8y1cf47EnC6YiearSrHGuGy6vF-Z4AYWpLTcnaIBqeWQ0P1AdtFjJqjykbLK1Ik8LtXWP3NChGutO8Wz0ctzys1Zjqxd05bPIT4T1bnzws22WQdCIVSwVXoLoeEC2nTWv3aBxO2cA3Wo_L5kuHukoP9yh20GTpBlZi5niYa5pkJHdk7HZefSr6ZhVbW7PZy8r-4Ss724W8ZteH1zpgkDwgYymb6bZkwGtzQGdrag2I0K7sdFTavwFeFcHY9EoB2r2GM3aaHXrS_x59oUjPMtwAmgsFqUNndKeEdfdExSnV8hEBXl-dFM7uhep1ZCKzkk29ZNpHmVSiiMmZgA8yZq6Br0SHBOs5C1-QBaW7NyQFm1M20KycbKRanvEQxElXFWFfrEHhpGSAxIDk0xkGLO7GHEN6T8bGjtCzi7aoib5coc5_DXiNjcuCoR0KQqNcgg9PAV78Sz6YXkQDYNw0P-A138aW8q6BdGhzqNXaELedS8Uf6qwXelaH898RtupFLQQCvuIzkadRhfZqxHsvqTpcsvRVrBOqrUXdSCJAUtZdaH0XD6TSeygZAuJRokg9msQ73FMxHlhGxjfaFAJIFObANMNbPxdfmqHt-7p7oyUZZzkdi-f_HvJSJ-HOP7MIDEQjvTzv11NKqjq_2Hu01fsbRCi0gPfmkYIZE8VYi91ro4xqzd_Qfs1OJVgDZbtP_fZbuzWoxF3gGzgtnrbmr8F-8gtqibtJjGwaEv8pg8ttxIAwRV93nlTxnhwIOHPKQuFepE2A9Q1P5LUkYfXL8NvjuR8jr7Kdw1CslwsgVjtZim1Dz3-p9lp6nY83f0TXPHVFJhUaTSyx6SNvQQTd9qh9i681ixdAZHLFh0JpvuiMT-adFrdCQqubTJQyTj1J3KlEE1cllr5EoDkvu6Nc839Onc9aQZMKgD8ZUvpDL9O-SDUqQxkUDEjoH_u_evZamOyMeF4ydUhZGNLErq50Ph6yfiNFyp3jXUWIlxgkYe458x1TpJcUzl-pzi2YEDdUGwkcL21K6DSBE9hD8MfVtHyqCUDnL8v3VSEq90fjKrtKU7s95QslDHTCL4plHabBWlvk76XtMoVLI1Pe-hRWyeqbbZN_zEZO4WCcOpuyiYuqz3eqjU0CRVxhT5Jr9WDxS64gz_etZYVS9CjsVxisjrEz9N87F9IdDMlVhjbrItkAYTjHnmjpHBn9uNxGNbvSPM64hgb9rCqH2-bJaQhlmbg3VNq2j0uESdgLuhi8lqGGQDD4ftyaBTT4EKSecYU7nV5uU8WJ_byoZZzrEfzeV14x_y9qm1Tj-O8GYjDhj0ZuZEFRPtPfFfBFaiwE6g1VGlYS8fKnGfppmgJz0u_1i4GC1lIJdcKClJjer-Xikitixvv_v1HjdVllESIC7SGKSxZl55RKNe1vyZAN9abqg0OZReRi7Eu5f7_b3SmlJSwKapuyaC25BTcbd2eac5ad4yTnkh2jTZgpaDJcAi80pcRbf30wCf6iIzio1L7jEGCdI1aRPK4a85bjyTi2rqDOVHa1oG9BZyE5xd3ySLZD0jOSEC1PEXSuTiKkrar17kN7buWbx0I6cycTdhU78cQM9jVz12P76AvVdM5OR-G_0YHErcVX6u3SUW0TYnsjTBpKT77UIGzwMyRifxCLtM3D_tk1z0yUeadrIIl_PLZLS3HLw_yeazBARUIF1j-N2m9V5Db9OWa3BQiYM1sxKXsdnEIcz5y2Ar17nWeQSt9sJLYgdv2Br5CKqLESq3ZSprCBObM9Z6h4WqanONie0ay10LODGd44OAFNMODdS4kyvNh3Fjjp_G6kTBqj8teP5Gc6MY4IHcb6j0qsJG452OUVYmNYtXxL5zmsKHxqRRo1iIJ5u4l2Xm0QDigqxNb1qRRbwPSSP98t7B3O0LNIFVcFj4Mpm705gAW_HuCtB9Sa5NoHGymI_JPJkvTChp6DPmwfcO9FMdoGC3DzJXgxXJEpUXo3POCDdw_vz34ofCfFwPV8AKOmGNoS5UUNobJnU8HDRSuURCaUmm1nF48n9pekoZ74HWylmH2DvbCO4R-XTBwoifQiwkuknBRi0OZCpTN7d4JHZ31Xni_CxTrsMFTLJYfNEJMl6eiMNlEMoY9yDRZ-iq0ErmJWXNghr-1XB0Ycm3cIa-Ego4gTS83yi1gxRu39STqTQZEm_KOlXbft0So9bpHw6IA3hialbo44wUvRyh_DIA5NqnpE1dkenDaMkpxSpkeNZPZiSMELstsZpq7nWBuvoEoeBQ_gA2voe9kfckzLk2F5rPR9pgnqtqwoTNMX9P3vXtjqk-Em3pClPTRH7mIQUfOLgmbXGRLkZT818BDqiF0XtWMPn7HhkexbY17bD23m0jk9HHpUo_tVhHPz2e_HHtNm6zxVnNFgshebBdPtQVbgEbZa3fyi3Zg0VcmBHjgCGn0H1oKrKnaNt7PggfkuL2YYe4DRMBTdpVMQYmq8T5u3F0p9-E-qOsk0SAiMWkwgt362ryBuYUZ6EBRvet1H11-9UdCQh4zvF8G-rKn58R9VACGxyHK8GbuG7CmbcHTKhyGqzwXR_WSooDTc6WR7MmxeFx6a4bi53lvND9Dt7_muvIW6B5nOAIjNbR21pecj8L8A&cid=CAQSPADq26N9AXeZD9UC-R_LxboJND15Xsc2yc7o4T0KOAbWl_vuH4Bv_CShQXywiOabW4SubWGZ1IYW5NpB2hgBIA4&rfl=2%2Chttps%253A%252F%252Fbuhgalter.com.ua%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d4fd99fb81b7a54dde7ec7af98a536d555323b8c4445005fd82aeaa0351c975c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:50:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22489
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2990
x-xss-protection: 0
server: cafe
etag: 2274832811029412562
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 18 Nov 2022 18:50:36 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20221027/r20110914/ Frame E53D 30 KB
11 KB 98ms
40ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221027/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ac32377ae624ac720172de6cd59d7fad67c0c78fe658c7a7b2b43be14b9d74ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:52:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22396
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11484
x-xss-protection: 0
server: cafe
etag: 16485072225624805710
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 18 Nov 2022 18:52:09 GMT

POST
H/1.1 204
No Content multitracking Show response
ghb.adtelligent.com/adunit/ 0
227 B 58ms
58ms XHR
text/plain 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/adunit/multitracking
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19301/hbw_master_299506_4371.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://buhgalter.com.ua
Date: Sat, 05 Nov 2022 01:05:25 GMT
Access-Control-Allow-Credentials: true
Server: Adtelligent
Connection: Keep-Alive
X-Robots-Tag: noindex

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame E53D 41 KB
15 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com
URL: https://8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 11:24:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49283
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 04 Nov 2023 11:24:03 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 29B0 1 KB
643 B 40ms
40ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com
URL: https://8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 55414
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 04 Nov 2022 09:41:52 GMT
etag: 48472445140208031
expires: Sat, 05 Nov 2022 09:41:52 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame E53D 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 924339eded485f251c61823b9a3a3785a2ee6655fc8f6d8cb14bb5636ca076b8

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame AC5E 22 KB
8 KB 43ms
43ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 49283
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 04 Nov 2022 11:24:03 GMT
expires: Sat, 04 Nov 2023 11:24:03 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame A05F 22 KB
8 KB 43ms
42ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 49283
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 04 Nov 2022 11:24:03 GMT
expires: Sat, 04 Nov 2023 11:24:03 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame CF89 1 KB
643 B 43ms
42ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com
URL: https://8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 55414
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 04 Nov 2022 09:41:52 GMT
etag: 48472445140208031
expires: Sat, 05 Nov 2022 09:41:52 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 0AF6 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1a94513c00f154dcc1d95e5a7147e961e0e57d5553e30f95dfdc62bc912b90cd

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ebStdBanner.js Show response
secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_227_3_0/ Frame 7985 222 KB
64 KB 199ms
43ms Script
application/javascript 2.16.186.35
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_227_3_0/ebStdBanner.js
Requested by: Host: bs.serving-sys.com
URL: https://bs.serving-sys.com/Serving/adServer.bs?ncu=$$https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCNpq11LZlY4_GO5Xmx_AP7PGTkAOZp8nzbOzmkPvEEJnojpaXMRABIIzloB9gu4aAgNAKyAEJqAMBqgScAk_Qeqdq291XfCyeCPvssjYG5kxvkxm8Y1mNDUKS2B9VHA83xd-m2-YM4SxgE8D857XniPbpIU_lcBkRlOLOXN4-2pTJ0o6SWhGxSIj4nBygK-6LwOMVjxLqyoeEgIdYtDldT-xB0EXSka952ZznL-JBMqFbtL6lHY-SJNaSF9s6jOWvPRGK56U3bzspGjGIy7xZc0veZbu56kvZZOXRYYAQ5eEYzcbhNtzNHeTQirYevvOyduD6YCUzGmO9v0tZmSJtrbFMISu9p2Ul3THdR6WwV5F5VReE_yaNb__-6Bue5STaVv0vQw7nqFICPmGm8_9PyW3S6geqNvcQJuPgrcOn9s597fyofamO8G6Uqm9B1NA5yQ9uwG5VzSYLwASKpqKYjATgBAOQBgGgBk2AB7zu-toCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoBmAsByAsBgAwBsBOe3voQ2BMK2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSPADq26N9AXeZD9UC-R_LxboJND15Xsc2yc7o4T0KOAbWl_vuH4Bv_CShQXywiOabW4SubWGZ1IYW5NpB2hgBIA4%26sig%3DAOD64_1ofbQ3-xk07seAXE7oU-Kbd_2d3Q%26client%3Dca-pub-8618771545316321%26dbm_c%3DAKAmf-CYzyDTILuZjRqJydbneAvTrm2Yrd28-JFc8DaPGiebgUAL0TCwMwViITuosuRUq-Rdk-thHwqfa2vocsXEMppel9gcKyy2LODiQkuJjezNbyYmYIvc_zRN4sB0i0SyRZDGWgOwndIVPwfSWZvAe69ThKo0whfd4zhbLW6GHZqF6_sgMtA%26cry%3D1%26dbm_d%3DAKAmf-AL_5dyT6X76GWFTWAdIfd7YC_Lj_tOpI5RHhV9hjbdqw8xNLUTcyBKCExvmiREn-BHrIaTqp-gvNrxv8v0OATvn5vMo2leTmrZTwT_t88rb0mTkQMSIesYz9OV2oyG5GkpIssNg7BJCm0bI1f-fVrgVyOd9KugX6_oM_OAKuls0dZDqkrosFrgu9bvYSjYaSd7d_sbbKIaPO8h5j-9HebDyqREBZg1kKgprSGCsW5hcsoel7wrzrdONCrghAqphKPcfK_luJVCgC4Z76au6bda1uOCw1jBdK-PquB46JiM4BJUlx_Baj0I3cQscsxMBtqdfvmOGtDx4OPl2MsmbbrNXweag4eeo--ye2ISK8uwKPwymHOIKsVKcgncXOEv5pbO4kIW5Y-EFRYHoEQWbJqRM3pWrYLnAHTLNvhxllEr8GSjOP3CKWhAJJexL5eaoo-P1nj90F7atRc6Mq8Av66rHs4OGKWKkvQDQ22UUk_jl61ziyscaHvSnRgjxKFsKFFy_muRO0CwImCG1RRsYjyWAXe92iT1tJRsMXBDABwJPqByzpYtsgMLKKKoxyGAKmSWqPv6%26adurl%3D$$&c=28&cn=display&pli=1078476873&gdpr=&gdpr_consent=&w=728&h=90&ord=[timestamp]&pcp=$$ABAjH0iOVpjtZlp8NswF0bSo0g4A$$&z=10000
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.35 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-35.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 8ec5bd4e68091bb43fe87be05228cbc56e134f25555c71914b9bca20dd83fb94

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 01:05:26 GMT
content-encoding: gzip
last-modified: Wed, 28 Sep 2022 12:41:48 GMT
server: AmazonS3
x-amz-cf-pop: EWR52-C1
etag: W/"a2b1e8cb4e5cadc1e33fd7ff33b4c24f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1689557
accept-ranges: bytes
x-amz-cf-id: 9mQuoddpTyY1EOSFzRrNFHLWf0tSHz-ItkYmCd8XuyOknhP1HBy0yQ==
content-length: 65289

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 5407 1 KB
643 B 43ms
42ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com
URL: https://8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 55414
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 04 Nov 2022 09:41:52 GMT
etag: 48472445140208031
expires: Sat, 05 Nov 2022 09:41:52 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 7985 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3e6a01be2cdcfdad712654ba549b3b69fd95bab59b04dfb9161cae975a58cc4

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame D204 22 KB
8 KB 43ms
43ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 49283
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 04 Nov 2022 11:24:03 GMT
expires: Sat, 04 Nov 2023 11:24:03 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dpixel
cms.quantserve.com/ Frame 29B0 35 B
462 B 140ms
43ms Image
image/gif 2620:116:800d:21:5ed4:8d5d:fed7:f5ef
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEKBvg4iPWLQ4PIjLoS9eUDI&google_cver=1&google_push=AZmPxg9JR2YK6NbvSAaKrkVUe_7LK-LPhh0IdsMhxtY5pZOoR-DpuaqKvIdxXxHBbnzJ3RToy1rY0A6c2pkTFS-zD9BFgSBe8Ps

Requested by

Host: 8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com
URL: https://8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5ed4:8d5d:fed7:f5ef , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Nov 2022 01:05:26 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 29B0
Redirect Chain

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAZmPxg_SjZFi3T6ZcTgk9zybcK493QqXUzld0gqW6nXxAJjgiQ0p8ePBfeKRJtpJO7Xwvz09Dys6rMPthKm5yb-xZeQAyMUurtw&google_gid=CAESEHeWpWzBbA9qZz0jPnD6pjM&goog...
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCNbtlpsGEgUI6AcQAEIASm9nb29nbGVfcHVzaD1BWm1QeGdfU2paRmkzVDZaY1Rnazl6eWJjSzQ5M1FxWFV6bGQwZ3FXNm5YeEFKamdpUTBwOGVQQmZlS1JKdHBKTzdYd3Z6MDlEeXM2ck1QdGhLbTV5Yi...
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwaXdYdGo3OFBiNkZpQjF4a0Z1V2VGQkp3OVg3OE9zemlHelM0V1psYThBWQ==&google_push

170 B
188 B

55ms
55ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwaXdYdGo3OFBiNkZpQjF4a0Z1V2VGQkp3OVg3OE9zemlHelM0V1psYThBWQ==&google_push

Requested by

Host: 8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com
URL: https://8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Nov 2022 01:05:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 05 Nov 2022 01:05:26 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwaXdYdGo3OFBiNkZpQjF4a0Z1V2VGQkp3OVg3OE9zemlHelM0V1psYThBWQ==&google_push
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 29B0 43 B
356 B 123ms
40ms Image
image/gif 34.98.67.61
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESECnnXxrYmHD5mc6UoEJJ1W4&google_push=AZmPxg8pN5X8wLGDSrH0-xIOvmRJIwiO6xuZCM12wjk-kU0heCRlL7cq3FAZIdb9N4cygq6obkWKb3VtBdW1BeCP42VpKuYVfyU&google_cver=1
Requested by: Host: 8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com
URL: https://8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Nov 2022 01:05:26 GMT
via: 1.1 google
server: Apache
content-type: image/gif;charset=UTF-8
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame 29B0 43 B
351 B 114ms
30ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEGrCKwhHoT2FrEvA-guyhI0&google_cver=1&google_push=AZmPxg9IBaEtqBhRfrjG-pNI5IgSqEsarUmmmb-iR8AvuJOZqGtuxrUD9ffMHT8AuxQDMeT4JQFtQoMQBz7WWFmFx8GiWpbi6A
Requested by: Host: 8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com
URL: https://8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Nov 2022 01:05:25 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: sqe5uljthn9rl9mv45f30t2vpa41a3ql

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 29B0
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=pp7g03jnSCyHRmNuSoDeRw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

54ms
54ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=pp7g03jnSCyHRmNuSoDeRw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg97F5aLaKqqDUpqXd3OyPFLhWaD-BJcWCMs0wFXyBIcOQBtp6Qi0-vJJufJc6jQovgFjtzbXEP-EwNQ5KlL0rWTYI7Grk4

Requested by

Host: 8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com
URL: https://8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Nov 2022 01:05:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=pp7g03jnSCyHRmNuSoDeRw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg97F5aLaKqqDUpqXd3OyPFLhWaD-BJcWCMs0wFXyBIcOQBtp6Qi0-vJJufJc6jQovgFjtzbXEP-EwNQ5KlL0rWTYI7Grk4
date: Sat, 05 Nov 2022 01:05:24 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 29B0
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELMxQpNzqA2JLiH2h3lm26M&google_cver=1&google_push=AZmPxg_bet8NEcWW6q1cWKDUFZRL_oZqln_Ys_B78q5vwiCaLMLfqhXmxjUPNVWwmyNt-yeqgaq...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEEzODRQTFEtVS02RTBJ&google_push=AZmPxg_bet8NEcWW6q1cWKDUFZRL_oZqln_Ys_B78q5vwiCaLMLfqhXmxjUPNVWwmyNt-yeqgaqbbOmYMPPjYh_Vg1t-YluVbeQ

170 B
188 B

55ms
54ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEEzODRQTFEtVS02RTBJ&google_push=AZmPxg_bet8NEcWW6q1cWKDUFZRL_oZqln_Ys_B78q5vwiCaLMLfqhXmxjUPNVWwmyNt-yeqgaqbbOmYMPPjYh_Vg1t-YluVbeQ

Requested by

Host: 8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com
URL: https://8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Nov 2022 01:05:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEEzODRQTFEtVS02RTBJ&google_push=AZmPxg_bet8NEcWW6q1cWKDUFZRL_oZqln_Ys_B78q5vwiCaLMLfqhXmxjUPNVWwmyNt-yeqgaqbbOmYMPPjYh_Vg1t-YluVbeQ
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 29B0
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEA_HQ4vks5S8_yRa_pROQ4I&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEA_HQ4vks5S8_yRa_pROQ4I&google_hm=Y2W21Q4NmwM8dt5vJ0ieUwAABKYAAAIB&google_nid=index&google_push=AZmPxg9dIBeZRchAZtFx4d8gcSsJGTYXc9FVO...

170 B
188 B

56ms
52ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEA_HQ4vks5S8_yRa_pROQ4I&google_hm=Y2W21Q4NmwM8dt5vJ0ieUwAABKYAAAIB&google_nid=index&google_push=AZmPxg9dIBeZRchAZtFx4d8gcSsJGTYXc9FVOMsC6E3H3zySg_FJCSa4ExpkGKYZxt2S_JTAsU3XsL4SPHU-IPu3LBfPOeCqsaQ

Requested by

Host: 8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com
URL: https://8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Nov 2022 01:05:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 05 Nov 2022 01:05:26 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yrG4ZchAcR8H5r2O8ataFxTishu11dTLMYIeihvljnCcswt%2FrY35h9bAZpxZfvWoeJ0LNcNajcXQRl2swCr18ur46QtDTncoyccuAkJuWZ2bdtOKTwLf3NF7jTcF233%2BLBIov1N3KN7fYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEA_HQ4vks5S8_yRa_pROQ4I&google_hm=Y2W21Q4NmwM8dt5vJ0ieUwAABKYAAAIB&google_nid=index&google_push=AZmPxg9dIBeZRchAZtFx4d8gcSsJGTYXc9FVOMsC6E3H3zySg_FJCSa4ExpkGKYZxt2S_JTAsU3XsL4SPHU-IPu3LBfPOeCqsaQ
cache-control: no-cache
cf-ray: 7651ae5b183cdc9b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 29B0 0
12 B 51ms
50ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JYcsupPz5s0d8E-DDURerW9iEpeECxbLRZgva4BToE5CCN5Va3FPxbRVXcob4UZcD02kwr

Requested by

Host: 8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com
URL: https://8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 01:05:26 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/9275241708497128449/ Frame 0954 24 KB
5 KB 131ms
48ms Document
text/html 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9275241708497128449/index.html?e=69&leftOffset=0&topOffset=0&c=XUotlNYzy2&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

efb33eb1b288153ae6f7e4ae1c0138f8bd39401789dce83bd7dab34986bf8d74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sat, 05 Nov 2022 01:05:26 GMT
expires: Sun, 05 Nov 2023 01:05:26 GMT
last-modified: Thu, 09 Jun 2022 12:10:43 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame E53D 0
0 177ms
91ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu3ex7LBJHj8UXZqaLAFoQUW3bj4lo7hEp9i2IG_eCxYJZPc-y7lDzhrqXLLWUPKOe4Jhyypqts3riEwTkV5pnKQP62YstN5XHh20TPdrBK-jcFAumopFWOMM4ZU6k_Kj6fUajn5__sukphe81TDBPgBSeML2lam4Emaxvg6bvuLwZHNFV4q1rRJCpr-VAqZRg8j8fKVYEg3_rOGheG8hSbqVFio6dzcudaYxY8OlhdfQeURL2l0RqXiNRZE6NxUSlmOxmh9Od4MXlK83XNXuPz-qmSN_Sf8HaAVZ_4edN1b-aoWVhlgKnUQXp02xKPx1pj5GSptfs91RnDZACllzJGZH0Eg_uFAh9E7GwKP0snD9UC9Q4SbwMUnQPCDgjQfSCwbxW7WDXPzzIvwFIHnr5djvvxj8y-10MbcmBfPLYUfSN4bcYeO-LLkMsffnoZYLC1SFpAgn6XT1hT9ks0Uw03cio7rsVsg8wdViKMmXtaLc0g_vVrGVf04vyidLspd2acgzOeicEr0WtMwxH6oLgTV5torroVAgfCg_BgRTRbRo5iDv3uq4SYc8L6UEN9Ldn5emgE1mzo3Me2zigJOj-lRGk_HGQQv9PO0jsDL3ARNy41bt-V6IfXRuujwUaZpQhdiHPY5msOO25S4u2EM8V7SjTJsz1HGtp9gtpzTDMO60w6wWC4G3WnVt_DygDWWPIovDzKDSO55aL3owHsL1rJmcWRNvUrRHWg_16-F7EwwwdzQR2NOvx-yhL0C--wZpIY3nlxAf6rh7ZfbgEQoDb8C_AgYXKq2o4Vm2MIva5gwIv2yZV2srgmswoI2oYtoI_KHGxOz6vx8T6tSfKO3UR_HGqjVfREOck6unXsAb4wJURxBT28LxStrkPwR5NPqNlY9nY7YWMJKcWl2MM7FAKr4F-Z28TIy6Fp_hDmzM2j-4PsPAAv8Mf1nqfzn6lF2VTATp_x6c0ff0oujRiqC64xSJsRctGtnYpIpbOFFyEX075FOke2IrMqxAQjYBgQND2QER_8h-Qyrq4tTWnHPCLGs6HC0uywPfs6WyHTp0kUB8PoOp1dp4xsavQY1sx8kzEE2uW3Sf8SUVWE5VUcieuV6kn4BVr9yeP5XukGv25s9KLqgVia5cctLisgL030bnrYM6E29JqaHFu1tO297Bsfd_SXA3srLR87Bv15lYhs6nKHjXaSUL_W5F14u7UIrJRNWkProsfYTi8AHRNdfV_sx6viEgMElAdKo5jDLmjxdJMl7Q-RlQfHs-CITszdtC5c5CMXcQ&sai=AMfl-YS_wajqylkkDn5ZmSlLyjN0d9jDKZBQIAlRcbo0JLOeOm5Xyk7qDuMpolF4IG9m_-AKD8IgcjkBspDzwlBy7MmDx_yUyyZn4_t3n2h1E-IEKMrCiGLShyY9Ryh_n0j45sCJW5vPLVnbXsFq3AImBaP4Mhmam-XkF0eiWWjcvLzk-D52qcud2akPOOZsekgUXhvaw850whDPCWpAVTNuqfx0zU6k3Q1oz2Yc7JxHXlqaHTzbVoMTJa37E8vgjuGu1Xqr1OcBb52Q_g&sig=Cg0ArKJSzDlQ1iRXfrSsEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=280&cbvp=1&cstd=273&cisv=r20221027.46592&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 05 Nov 2022 01:05:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 05 Nov 2022 01:05:26 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 0AF6 0
0 144ms
81ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuGaKtkm23sa6ZlVt1TruImK-Bgks34zvAEDrnsDMP0IQ2jKlUCGSnXi3YMlNyf0xVQZKhcWBzKHy8oCtmAtfua8ZpUiHPcsyAV6vgiwyUu-UD_lNrZWBPikE5BxkoOmwUF0jaogMiS8yRZjK87axWWyIjoQVo92zazLU4IOz1Frbr3XU66OMLzdw4HNN0v-BhhcQNDfraVum8hxbXlRu98i0GzID0xJCkRGQGIBpl550tLx3Fc7qheAHFCdg8M5uBnmda2AoNZcAJdNYlRS6pVyIhijaK5uzG7t52g4zHBSqnQrnLhJE2KlUjFtrRZooNeMkZTX2lDc6j6-__JIvnXqVXg1QYPvXUgkbaQ3wU6LDG-Ko1UdbnXFjXe_Ie2P7126rMVL3uVg3dKSzX_3AH8VFKQAjPKKI9vZYJ8st0NG-1RBKbuCs0Uv_d_HwlJItOTkzIiLF7rjm9RDesP4OjgRMyqrF1_9zCE7gvJbkcwqnsdk6O543ywOBQLvWGLI7fAzrQk3rWsbrkDZCXchzjwkW11yLiUE6-paCIQdvhtMZqq3u5gsSEqNkB-sVhUDpEr6TYaib4Pqg4j4DMIrOoXsvIoquPTx4AH1GTwucC77eCHZjQvg_uupiNBzuds-8Vag3TRvrFy0uju-vOqZE-3NqHXBtS-rRWl5Epg1Loc806VadN7peyWOE6HkZaTWnGZr-32xnnDD6GcyM_oz2KjGdSLe8wiIk-JdV3jf8Aq8mkgmpDdyqrW0qQia88Rx03f107A_NHpuHkbvqiUXrJ0tXaWIzPT5PiFwg9FNzL-5uFpiEt24S_WeYKU7oIm7Af6xArLEhH7VreE-v5Cd17R0Pu8bfX1V5G9ZlvM4olIExUn6UK7aEQGPma6RyKiCSVqljKhNYU2or1SwMsOYFgJOF1kdZngvoEwrOJep4NMdge6hrv4ROW7O7dt4dPmAPq9D6yiwBseyGB9SMLm04sfGktC-Qtv9Pue4Fsrx_oTG69IWNtl7JXel-ZXojIBK6DBTUohs7NLucolcma5dW8KttTuFoqylv9G5S88jWGQDvxsSUJr-D9ena1HjplxyeGTb5rwBl0N8ObZ0PFfBhPSBbhXlcMNXSt3AF-inxq-BuNbXOdOa3m7h05HB00Wik8Vh4D5P1CWH23eO8pHnDz51mUZK6kn4QDqih_tQGFe8Br4TfANh8VkoxF6PxVS4RKU9eXE1vmopJ1IjHVRCtr8ujKsITIkbQnpyOMVBjqke4hpD9FltehHuxeXnMWRxGY2JQNqq3tAm6GqwD6tU8hd1sTmVW3kKYQVy1ZKqb70R4IDKfwCiD51zVo6h2qBZReYCA&sai=AMfl-YR9_hAviMrflAEQpMS1uXFQrMw3HdaHViCRtZd0_J39RyrLoYwt7lRMMn6YDPEuRzwLocuA-JDDWQpK2RNZkyZiU3aA4SiChd_NzAvqRbVJ1XHzX-Ccq4AIFXwJfWMONNyCMunGmMNYJDLnFzNL0ApR5Rrh1Xe6W16vrNgHii6zRiP70hDrPKXQHkkwmHI36pmYy7LpRuK1ntv_7uENvaKN-JNxiD48urkI6CT_hLvzxyYF0kKIoF-vrJ9FqLNjJTcAj7mPZ6dXSQ&sig=Cg0ArKJSzEmYUQDlMJTcEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=319&vt=11&dtpt=318&dett=2&cstd=0&cisv=r20221027.31505&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 01:05:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 05 Nov 2022 01:05:26 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame CF89 35 B
462 B 82ms
42ms Image
image/gif 2620:116:800d:21:5ed4:8d5d:fed7:f5ef
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEKBvg4iPWLQ4PIjLoS9eUDI&google_cver=1&google_push=ASkJ3FYKIC9z7oXK5W6iKNb9SMJwoMafbZAZZhKhYrUHstAEOKQ2DtbyeynOUBCWDG5wtxfSTkrvlbkXUZudZxlk7ZKXN2qpFUw

Requested by

Host: 8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com
URL: https://8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5ed4:8d5d:fed7:f5ef , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Nov 2022 01:05:26 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CF89
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DASkJ3FZ2-9QU...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DASkJ3FZ2-9QU...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjExMDUwMTA1MjYwMDAxMDM4NzIwMzcwOQ%3D%3D&google_push=ASkJ3FZ2-9QUS6PN6Bxt2288QOAXGRe-QYNAoSNZ3CbecJ2hKF5fjTxFm9-UQYig9G-Nmc...

170 B
188 B

51ms
50ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjExMDUwMTA1MjYwMDAxMDM4NzIwMzcwOQ%3D%3D&google_push=ASkJ3FZ2-9QUS6PN6Bxt2288QOAXGRe-QYNAoSNZ3CbecJ2hKF5fjTxFm9-UQYig9G-NmctRiX79osNwpO27ekqlewH0foeTkTSP

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Nov 2022 01:05:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjExMDUwMTA1MjYwMDAxMDM4NzIwMzcwOQ%3D%3D&google_push=ASkJ3FZ2-9QUS6PN6Bxt2288QOAXGRe-QYNAoSNZ3CbecJ2hKF5fjTxFm9-UQYig9G-NmctRiX79osNwpO27ekqlewH0foeTkTSP
pragma: no-cache
date: Sat, 05 Nov 2022 01:05:26 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 0
expires: Sat, 05 Nov 2022 01:05:26 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame CF89 43 B
134 B 58ms
32ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEGrCKwhHoT2FrEvA-guyhI0&google_cver=1&google_push=ASkJ3FbEGcG-adDq4dnC-Dq0lk4qG4C1-1lfBTdhNtEFTcIBbepn_TxQ_7Pqn6fu4CUE-BG5CKBdfSwjt9hv7p7TSEzaUWQdEgE
Requested by: Host: 8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com
URL: https://8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Nov 2022 01:05:26 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: r4lvmpqetf385l1gb8nu9ji1n3b9os2n

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CF89
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=_pf1xJWORwSax9POaTeWsA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

52ms
52ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=_pf1xJWORwSax9POaTeWsA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FZmodQc5KmqYLE1WUDyClSxWNTDUAeaP27LWSUQzy18acVwog7fTQXTtDsptLFYxed6cOUPIPs7K2yoYarM2FFDMOhh2CjS

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Nov 2022 01:05:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=_pf1xJWORwSax9POaTeWsA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FZmodQc5KmqYLE1WUDyClSxWNTDUAeaP27LWSUQzy18acVwog7fTQXTtDsptLFYxed6cOUPIPs7K2yoYarM2FFDMOhh2CjS
date: Sat, 05 Nov 2022 01:05:26 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CF89
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELMxQpNzqA2JLiH2h3lm26M&google_cver=1&google_push=ASkJ3FaeeKDkUk306GHR8gd92juWXpUa1Bxt6XWD5TBanJNU7j_GFTYZ6u-e8aPfkumTzZ12wn6...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEEzODRQTFEtVS02RTBJ&google_push=ASkJ3FaeeKDkUk306GHR8gd92juWXpUa1Bxt6XWD5TBanJNU7j_GFTYZ6u-e8aPfkumTzZ12wn6oB9VfKJvxo8i4kjzS0dV4AnU

170 B
188 B

57ms
52ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEEzODRQTFEtVS02RTBJ&google_push=ASkJ3FaeeKDkUk306GHR8gd92juWXpUa1Bxt6XWD5TBanJNU7j_GFTYZ6u-e8aPfkumTzZ12wn6oB9VfKJvxo8i4kjzS0dV4AnU

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Nov 2022 01:05:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEEzODRQTFEtVS02RTBJ&google_push=ASkJ3FaeeKDkUk306GHR8gd92juWXpUa1Bxt6XWD5TBanJNU7j_GFTYZ6u-e8aPfkumTzZ12wn6oB9VfKJvxo8i4kjzS0dV4AnU
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CF89
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEA_HQ4vks5S8_yRa_pROQ4I&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEA_HQ4vks5S8_yRa_pROQ4I&google_hm=Y2W21Q4NmwM8dt5vJ0ieUwAABKYAAAIB&google_nid=index&google_push=ASkJ3FY9vJZy_iq4ObGrne6YF3gFUhagjNRzs...

170 B
188 B

52ms
52ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEA_HQ4vks5S8_yRa_pROQ4I&google_hm=Y2W21Q4NmwM8dt5vJ0ieUwAABKYAAAIB&google_nid=index&google_push=ASkJ3FY9vJZy_iq4ObGrne6YF3gFUhagjNRzsGenOWgd_Hgk31bN4b6kGONkAmr9yO60YaWjyxnbgXEd0PTGxf-Wr55v8BL7Hil1

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Nov 2022 01:05:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 05 Nov 2022 01:05:26 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1GTjlYFSgFWZ%2B7ttk0LqruhJ%2FtyUt6Ow%2BZpUufuf23tQLoWRovTwItxDqN5iro1o3eVwJC7NBIcNm1z%2FVPy5xWWUep3dwMdPgNiIpvlszqJkcLZloieQS5LrutOMjhX%2BqoujjJcuPKEAFg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEA_HQ4vks5S8_yRa_pROQ4I&google_hm=Y2W21Q4NmwM8dt5vJ0ieUwAABKYAAAIB&google_nid=index&google_push=ASkJ3FY9vJZy_iq4ObGrne6YF3gFUhagjNRzsGenOWgd_Hgk31bN4b6kGONkAmr9yO60YaWjyxnbgXEd0PTGxf-Wr55v8BL7Hil1
cache-control: no-cache
cf-ray: 7651ae5b183ddc9b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 trk
ag.innovid.com/ Frame CF89 43 B
297 B 378ms
41ms Image
image/gif 2a05:d01c:1d8:8100:3d7c:b3e5:1d0f:44c5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEGcnYHUhRVOlOIZpZ0Ip9TU&google_cver=1&google_push=ASkJ3FYNoCvrEOFvCDIaZg29h1khygkEGNvvd1wn8JYWOX__q7Y-vht8V1c0fryHGCJYRrDHc23pDebOxg--k5VXl4hX-Duh7w
Requested by: Host: 8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com
URL: https://8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8100:3d7c:b3e5:1d0f:44c5 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 05 Nov 2022 01:05:26 GMT
cache-control: no-cache
content-length: 43
request-time: 1
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame CF89 0
12 B 51ms
50ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Llv2tUpmu74R_GXOtTfcuh86hvMK2vIqI6nJmzgcJviEVCPevZ_rI4Fk1CLvj3eufS_l03

Requested by

Host: 8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com
URL: https://8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 01:05:26 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js Show response
pagead2.googlesyndication.com/bg/ Frame AC5E 36 KB
15 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ce02e31e381a45f5ebf03455d54242ee5cd8fdd8dd0e27bb94fdfdd57ddae8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 22:11:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10412
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 Nov 2023 22:11:54 GMT

GET
H3 200 nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js Show response
pagead2.googlesyndication.com/bg/ Frame A05F 36 KB
15 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ce02e31e381a45f5ebf03455d54242ee5cd8fdd8dd0e27bb94fdfdd57ddae8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 22:11:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10412
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 Nov 2023 22:11:54 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 5407 35 B
463 B 66ms
41ms Image
image/gif 2620:116:800d:21:5ed4:8d5d:fed7:f5ef
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEKBvg4iPWLQ4PIjLoS9eUDI&google_cver=1&google_push=AZmPxg_JKuX1H9O3Y1hOr5H9qIhkS0jt_pvUPEeLTAB8hq43j8RMJwIYUw_R_EYS2-A_rw_KfRPZlxgtq9n7H_c-BUX7afIZ8dyHiw

Requested by

Host: 8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com
URL: https://8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5ed4:8d5d:fed7:f5ef , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Nov 2022 01:05:26 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 5407 43 B
106 B 52ms
41ms Image
image/gif 34.98.67.61
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESECnnXxrYmHD5mc6UoEJJ1W4&google_push=AZmPxg9cOgViKUtg6dPXfe4usPPAnlG3kdEnsjykgkjju12LWZGC9S4iWGkI5UcwmuPEZKDtoEO5CICxoGwZi2uC88suA5fulKYppQ&google_cver=1
Requested by: Host: 8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com
URL: https://8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Nov 2022 01:05:26 GMT
via: 1.1 google
server: Apache
content-type: image/gif;charset=UTF-8
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame 5407 43 B
134 B 43ms
31ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEGrCKwhHoT2FrEvA-guyhI0&google_cver=1&google_push=AZmPxg_Fu9TmvIlPSbNiMdQgxYuUZZRYGLl0KnDv0Uo0Vc3eUwYUOAycesXJYUWlt4M6kFeLCV20dPDgMigWLtp5DMkZeCtR4F4Nuw
Requested by: Host: 8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com
URL: https://8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Nov 2022 01:05:25 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: seulbd1li30seotdhg4ordd55cav52rg

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5407
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=heINhzTvThe4tHolhZymcQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

71ms
70ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=heINhzTvThe4tHolhZymcQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg_WMKP_RCOIx3p7lJG3lonQ3A3n2JEi-Uwa8m8pnk3Ql5s8HoaBb18hEoHQ0eF9mduaoHmreCDjZO4qKplfuZC3OCz_eH95_Q

Requested by

Host: 8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com
URL: https://8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Nov 2022 01:05:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=heINhzTvThe4tHolhZymcQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg_WMKP_RCOIx3p7lJG3lonQ3A3n2JEi-Uwa8m8pnk3Ql5s8HoaBb18hEoHQ0eF9mduaoHmreCDjZO4qKplfuZC3OCz_eH95_Q
date: Sat, 05 Nov 2022 01:05:25 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5407
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELMxQpNzqA2JLiH2h3lm26M&google_cver=1&google_push=AZmPxg9f-QcuCTQF1bW-_ppjeq82t2eD0WDm9B6rfn0BFndmYgRjLp3pLg9HpavKQQ-dern9LrL...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEEzODRQTFEtVS02RTBJ&google_push=AZmPxg9f-QcuCTQF1bW-_ppjeq82t2eD0WDm9B6rfn0BFndmYgRjLp3pLg9HpavKQQ-dern9LrLqAfj0ibjjE7uXdRAeH0AXveOvCA

170 B
188 B

60ms
58ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEEzODRQTFEtVS02RTBJ&google_push=AZmPxg9f-QcuCTQF1bW-_ppjeq82t2eD0WDm9B6rfn0BFndmYgRjLp3pLg9HpavKQQ-dern9LrLqAfj0ibjjE7uXdRAeH0AXveOvCA

Requested by

Host: 8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com
URL: https://8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Nov 2022 01:05:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEEzODRQTFEtVS02RTBJ&google_push=AZmPxg9f-QcuCTQF1bW-_ppjeq82t2eD0WDm9B6rfn0BFndmYgRjLp3pLg9HpavKQQ-dern9LrLqAfj0ibjjE7uXdRAeH0AXveOvCA
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5407
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEA_HQ4vks5S8_yRa_pROQ4I&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEA_HQ4vks5S8_yRa_pROQ4I&google_hm=Y2W21Q4NmwM8dt5vJ0ieUwAABKYAAAIB&google_nid=index&google_push=AZmPxg90LwaPRMuACG0xtHnemTT6xbbOS9msK...

170 B
188 B

52ms
52ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEA_HQ4vks5S8_yRa_pROQ4I&google_hm=Y2W21Q4NmwM8dt5vJ0ieUwAABKYAAAIB&google_nid=index&google_push=AZmPxg90LwaPRMuACG0xtHnemTT6xbbOS9msKY9_P_5OdcXYNDbdKClikHYzKHBTcuJa9bG1S0MsGtuNOHqC6FWd9zsP3hrvcMdvHA

Requested by

Host: 8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com
URL: https://8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Nov 2022 01:05:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 05 Nov 2022 01:05:26 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ATVO7ck9f6aRUyEoYFbOCuJWgjFCeBu6H%2F6WUmx%2BDLtPcWvgXZN%2BNshCaJ8vTLsAAWURpLHXeaN1NKJxP9U4kE%2Bb2xeacy%2BLEBmLQFoOcqufwdf00%2FA1AhJ41xkf%2B0cRHNr11on7w1SbNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEA_HQ4vks5S8_yRa_pROQ4I&google_hm=Y2W21Q4NmwM8dt5vJ0ieUwAABKYAAAIB&google_nid=index&google_push=AZmPxg90LwaPRMuACG0xtHnemTT6xbbOS9msKY9_P_5OdcXYNDbdKClikHYzKHBTcuJa9bG1S0MsGtuNOHqC6FWd9zsP3hrvcMdvHA
cache-control: no-cache
cf-ray: 7651ae5b183edc9b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET googleredir
googlecm.hit.gemius.pl/ Frame 5407 0
0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 5407 0
12 B 50ms
48ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K_iRApfVfPgm6_gj4ugZeH02GFYtH-75zsy1SB0gGy5Q64ITEyLMIbXSAsZZPJLesIf4ay3g

Requested by

Host: 8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com
URL: https://8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 01:05:26 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js Show response
pagead2.googlesyndication.com/bg/ Frame D204 36 KB
15 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ce02e31e381a45f5ebf03455d54242ee5cd8fdd8dd0e27bb94fdfdd57ddae8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 22:11:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10412
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 Nov 2023 22:11:54 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 0954 721 B
373 B 137ms
53ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oxygen:wght@400;700&display=swap

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9275241708497128449/index.html?e=69&leftOffset=0&topOffset=0&c=XUotlNYzy2&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ff2c9a302dc1f3bcefe0605a7fe38a85e7c712e40bd960ca5e38f93d6d3c18ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 05 Nov 2022 01:05:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 05 Nov 2022 01:05:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 05 Nov 2022 01:05:26 GMT

GET
H3 200 gwdpage_style.css
s0.2mdn.net/sadbundle/9275241708497128449/ Frame 0954 55 B
103 B 46ms
41ms Stylesheet
text/css 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9275241708497128449/gwdpage_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9275241708497128449/index.html?e=69&leftOffset=0&topOffset=0&c=XUotlNYzy2&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2afb3cf38deea01d461f29b961c8aab0da4f121a84a9c843f49dc7cced99b6a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9275241708497128449/index.html?e=69&leftOffset=0&topOffset=0&c=XUotlNYzy2&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 02:27:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81455
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 74
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 12:10:43 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 04 Nov 2023 02:27:51 GMT

GET
H3 200 gwdpagedeck_style.css
s0.2mdn.net/sadbundle/9275241708497128449/ Frame 0954 731 B
263 B 46ms
42ms Stylesheet
text/css 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9275241708497128449/gwdpagedeck_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9275241708497128449/index.html?e=69&leftOffset=0&topOffset=0&c=XUotlNYzy2&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3974624ff80521dbd81d3ed32f8ec10c7baef11c272f46626a6284538e90e44b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9275241708497128449/index.html?e=69&leftOffset=0&topOffset=0&c=XUotlNYzy2&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 04:28:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74222
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 234
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 12:10:43 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 04 Nov 2023 04:28:24 GMT

GET
H3 200 gwdgooglead_style.css
s0.2mdn.net/sadbundle/9275241708497128449/ Frame 0954 24 B
72 B 48ms
42ms Stylesheet
text/css 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9275241708497128449/gwdgooglead_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9275241708497128449/index.html?e=69&leftOffset=0&topOffset=0&c=XUotlNYzy2&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e52ad60cf8269c44381d5e0833e69b9b8f3b9f9346b7066b1dc5a52b390feedc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9275241708497128449/index.html?e=69&leftOffset=0&topOffset=0&c=XUotlNYzy2&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 04:28:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74222
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 12:10:43 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 04 Nov 2023 04:28:24 GMT

GET
H3 200 gwdimage_style.css
s0.2mdn.net/sadbundle/9275241708497128449/ Frame 0954 281 B
187 B 49ms
44ms Stylesheet
text/css 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9275241708497128449/gwdimage_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9275241708497128449/index.html?e=69&leftOffset=0&topOffset=0&c=XUotlNYzy2&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d3251d937d209def48e958bfeec683ca39dc0f15eb22f99bc3e7035995cd552

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9275241708497128449/index.html?e=69&leftOffset=0&topOffset=0&c=XUotlNYzy2&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 04:28:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74222
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 158
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 12:10:43 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 04 Nov 2023 04:28:24 GMT

GET
H3 200 gwdtaparea_style.css
s0.2mdn.net/sadbundle/9275241708497128449/ Frame 0954 157 B
144 B 50ms
45ms Stylesheet
text/css 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9275241708497128449/gwdtaparea_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9275241708497128449/index.html?e=69&leftOffset=0&topOffset=0&c=XUotlNYzy2&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

20160b923de864cdf44fa26bfd6281a9e0aba7eb800fac86804d9a41a93c2394

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9275241708497128449/index.html?e=69&leftOffset=0&topOffset=0&c=XUotlNYzy2&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 19:09:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 194156
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 115
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 12:10:43 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Nov 2023 19:09:30 GMT

GET
H3 200 gwdattached_style.css
s0.2mdn.net/sadbundle/9275241708497128449/ Frame 0954 26 B
74 B 50ms
45ms Stylesheet
text/css 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9275241708497128449/gwdattached_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9275241708497128449/index.html?e=69&leftOffset=0&topOffset=0&c=XUotlNYzy2&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fffa14e9a3c576087a9202af54e8f11669f29c37617df0c6f728ca24d95f60bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9275241708497128449/index.html?e=69&leftOffset=0&topOffset=0&c=XUotlNYzy2&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 02:27:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81455
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 12:10:43 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 04 Nov 2023 02:27:51 GMT

GET
H3 200 googbase_min.js Show response
s0.2mdn.net/sadbundle/9275241708497128449/ Frame 0954 400 B
304 B 58ms
53ms Script
application/x-javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9275241708497128449/googbase_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9275241708497128449/index.html?e=69&leftOffset=0&topOffset=0&c=XUotlNYzy2&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e13459782d7fc46c73821602bedc17cc2b3a2dc5ec07e91e30ed715193698a94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9275241708497128449/index.html?e=69&leftOffset=0&topOffset=0&c=XUotlNYzy2&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 02:27:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81455
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 275
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 12:10:43 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 04 Nov 2023 02:27:51 GMT

GET
H3 200 gwd_webcomponents_v1_min.js Show response
s0.2mdn.net/sadbundle/9275241708497128449/ Frame 0954 20 KB
6 KB 50ms
45ms Script
application/x-javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9275241708497128449/gwd_webcomponents_v1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9275241708497128449/index.html?e=69&leftOffset=0&topOffset=0&c=XUotlNYzy2&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c27626364eeaffb44ad2decb980dace7bedb3c8ea1575f81927fc9409cb5b49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9275241708497128449/index.html?e=69&leftOffset=0&topOffset=0&c=XUotlNYzy2&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 04:28:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74222
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6276
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 12:10:43 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 04 Nov 2023 04:28:24 GMT

GET
H3 200 gwdpage_min.js Show response
s0.2mdn.net/sadbundle/9275241708497128449/ Frame 0954 3 KB
1 KB 101ms
97ms Script
application/x-javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9275241708497128449/gwdpage_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9275241708497128449/index.html?e=69&leftOffset=0&topOffset=0&c=XUotlNYzy2&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3260225ba132e9bf8956514e81f6136265ee05250271a027bb2029cbbf4651d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9275241708497128449/index.html?e=69&leftOffset=0&topOffset=0&c=XUotlNYzy2&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 18:06:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 111541
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1308
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 12:10:43 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 03 Nov 2023 18:06:25 GMT

GET
H3 200 gwdpagedeck_min.js Show response
s0.2mdn.net/sadbundle/9275241708497128449/ Frame 0954 8 KB
3 KB 55ms
50ms Script
application/x-javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9275241708497128449/gwdpagedeck_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9275241708497128449/index.html?e=69&leftOffset=0&topOffset=0&c=XUotlNYzy2&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4eefdd923f73deeaec9e4ecb4cc3fae74379145f0fd3f5892165326bce8ed0ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9275241708497128449/index.html?e=69&leftOffset=0&topOffset=0&c=XUotlNYzy2&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 02:55:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79768
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3191
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 12:10:43 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 04 Nov 2023 02:55:58 GMT

GET
H3 200 Enabler_01_248.js Show response
s0.2mdn.net/879366/ Frame 0954 118 KB
40 KB 66ms
62ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_248.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9275241708497128449/index.html?e=69&leftOffset=0&topOffset=0&c=XUotlNYzy2&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4701dc5781a4f2bcdddd33cfe6b025b2e532b562faae5f3756973975556b4a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9275241708497128449/index.html?e=69&leftOffset=0&topOffset=0&c=XUotlNYzy2&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 08:52:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58359
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41094
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:45:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 05 Nov 2022 08:52:47 GMT

GET
H3 200 gwdgooglead_min.js Show response
s0.2mdn.net/sadbundle/9275241708497128449/ Frame 0954 13 KB
4 KB 93ms
89ms Script
application/x-javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9275241708497128449/gwdgooglead_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9275241708497128449/index.html?e=69&leftOffset=0&topOffset=0&c=XUotlNYzy2&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b671e2140966063715d21667867d60de45adc723cd1b31e0d2f7466105a90247

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9275241708497128449/index.html?e=69&leftOffset=0&topOffset=0&c=XUotlNYzy2&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 12:09:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46555
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4481
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 12:10:43 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 04 Nov 2023 12:09:31 GMT

GET
H3 200 gwdimage_min.js Show response
s0.2mdn.net/sadbundle/9275241708497128449/ Frame 0954 5 KB
2 KB 98ms
94ms Script
application/x-javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9275241708497128449/gwdimage_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9275241708497128449/index.html?e=69&leftOffset=0&topOffset=0&c=XUotlNYzy2&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

32ab0a5c85cabdb695704b5128a8fb7c9a8dfa3242cc36ceda6bb0650a45b35f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9275241708497128449/index.html?e=69&leftOffset=0&topOffset=0&c=XUotlNYzy2&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 04:28:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74222
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2014
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 12:10:43 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 04 Nov 2023 04:28:24 GMT

GET
H3 200 gwdtaparea_min.js Show response
s0.2mdn.net/sadbundle/9275241708497128449/ Frame 0954 3 KB
1 KB 97ms
93ms Script
application/x-javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9275241708497128449/gwdtaparea_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9275241708497128449/index.html?e=69&leftOffset=0&topOffset=0&c=XUotlNYzy2&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f2aac94d011ec45570ef1245e5fc8df73ebd09b1c6859c5a8393df5336e01b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9275241708497128449/index.html?e=69&leftOffset=0&topOffset=0&c=XUotlNYzy2&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 05:07:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71900
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1356
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 12:10:43 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 04 Nov 2023 05:07:06 GMT

GET
H3 200 gwdid.min.1.0.js Show response
s0.2mdn.net/sadbundle/9275241708497128449/ Frame 0954 3 KB
1 KB 91ms
88ms Script
application/x-javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9275241708497128449/gwdid.min.1.0.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9275241708497128449/index.html?e=69&leftOffset=0&topOffset=0&c=XUotlNYzy2&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bab745658ba458848b2d2df5e0557b98b70867124fd5a059fd25f9801e01a87c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9275241708497128449/index.html?e=69&leftOffset=0&topOffset=0&c=XUotlNYzy2&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 19:09:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 194156
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1125
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 12:10:43 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Nov 2023 19:09:30 GMT

GET
H3 200 gwd-events-support.1.0.js Show response
s0.2mdn.net/sadbundle/9275241708497128449/ Frame 0954 6 KB
1 KB 90ms
86ms Script
application/x-javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9275241708497128449/gwd-events-support.1.0.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9275241708497128449/index.html?e=69&leftOffset=0&topOffset=0&c=XUotlNYzy2&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3b13e741205ab4bcc7f3295fede5490d55e9389e5331990284bb334ddade0a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9275241708497128449/index.html?e=69&leftOffset=0&topOffset=0&c=XUotlNYzy2&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 04:28:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74222
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1468
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 12:10:43 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 04 Nov 2023 04:28:24 GMT

GET
H3 200 gwdgpadataprovider_min.js Show response
s0.2mdn.net/sadbundle/9275241708497128449/ Frame 0954 3 KB
1 KB 89ms
85ms Script
application/x-javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9275241708497128449/gwdgpadataprovider_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9275241708497128449/index.html?e=69&leftOffset=0&topOffset=0&c=XUotlNYzy2&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a170f5913eecb1afeda4cccca5d5b9589c8f068a04ae2c517b602e1484982b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9275241708497128449/index.html?e=69&leftOffset=0&topOffset=0&c=XUotlNYzy2&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 23:12:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 93183
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1293
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 12:10:43 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 03 Nov 2023 23:12:23 GMT

GET
H3 200 gwdattached_min.js Show response
s0.2mdn.net/sadbundle/9275241708497128449/ Frame 0954 1 KB
619 B 87ms
84ms Script
application/x-javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9275241708497128449/gwdattached_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9275241708497128449/index.html?e=69&leftOffset=0&topOffset=0&c=XUotlNYzy2&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd50ba290f74d344ad0d04ade63c55b02360bf4db99c0a2749f34deb0c8dcec9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9275241708497128449/index.html?e=69&leftOffset=0&topOffset=0&c=XUotlNYzy2&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 04:28:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74222
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 590
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 12:10:43 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 04 Nov 2023 04:28:24 GMT

GET
H3 200 gwdtexthelper_min.js Show response
s0.2mdn.net/sadbundle/9275241708497128449/ Frame 0954 7 KB
3 KB 82ms
78ms Script
application/x-javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9275241708497128449/gwdtexthelper_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9275241708497128449/index.html?e=69&leftOffset=0&topOffset=0&c=XUotlNYzy2&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dea5d8ba9e54379b26e109f61ceba20a0781d4f80eed75fce6ad0993d4784195

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9275241708497128449/index.html?e=69&leftOffset=0&topOffset=0&c=XUotlNYzy2&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 17:21:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 373427
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2823
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 12:10:43 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 31 Oct 2023 17:21:39 GMT

GET
H3 200 gwddatabinder_min.js Show response
s0.2mdn.net/sadbundle/9275241708497128449/ Frame 0954 5 KB
2 KB 84ms
80ms Script
application/x-javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9275241708497128449/gwddatabinder_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9275241708497128449/index.html?e=69&leftOffset=0&topOffset=0&c=XUotlNYzy2&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3460d76a3013a4bb9c689877b41f3eadbf5e780ed9230fb8f8bbd16fcc59842

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9275241708497128449/index.html?e=69&leftOffset=0&topOffset=0&c=XUotlNYzy2&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 09:11:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57237
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2351
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 12:10:43 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 04 Nov 2023 09:11:29 GMT

GET
H3 200 gwd-dynamic-binders.js Show response
s0.2mdn.net/sadbundle/9275241708497128449/ Frame 0954 23 KB
9 KB 56ms
53ms Script
application/x-javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9275241708497128449/gwd-dynamic-binders.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9275241708497128449/index.html?e=69&leftOffset=0&topOffset=0&c=XUotlNYzy2&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

df544db2e8b010512a5ec168d3a9b91355c7197d04a1b29325510e29405e6e0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9275241708497128449/index.html?e=69&leftOffset=0&topOffset=0&c=XUotlNYzy2&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 02:55:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79768
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9229
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 12:10:43 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 04 Nov 2023 02:55:58 GMT

GET
H2 200 URLUtil.js Show response
secure-ds.serving-sys.com/BurstingCachedScripts/Modules_1_94_0_0/ Frame 7985 7 KB
2 KB 44ms
44ms Script
application/javascript 2.16.186.35
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/BurstingCachedScripts/Modules_1_94_0_0/URLUtil.js
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_227_3_0/ebStdBanner.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.35 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-35.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 269bd69d6c1d25e848132ecfb48ec214040e49fd45e444760c3e226ca5fd7962

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 01:05:26 GMT
content-encoding: gzip
last-modified: Wed, 28 Sep 2022 12:41:48 GMT
server: AmazonS3
x-amz-cf-pop: EWR52-C1
etag: W/"5ac70b83663a79f3a383c3a53f62eafd"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1684507
accept-ranges: bytes
x-amz-cf-id: IYD_Lf_UrfAMYA7niW4B9cwQRCCjar49SobACAuG6Mh1vWvFbvLSwg==
content-length: 1947

GET
H2 200 TA_DEI_BEN_Social-Display_728x90_v1_74232120181016435.jpg
secure-ds.serving-sys.com/resources/PROD/asset/119359/IMAGE/20221006/ Frame 7985 17 KB
17 KB 66ms
65ms Image
image/jpeg 2.16.186.35
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-ds.serving-sys.com/resources/PROD/asset/119359/IMAGE/20221006/TA_DEI_BEN_Social-Display_728x90_v1_74232120181016435.jpg
Requested by: Host: 8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com
URL: https://8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.35 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-35.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 143b5a1b5044a13b9248e23198c41edfaab0465ba14cadcc031386d09a4cb754

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: FZf6Ch5TrCRf9.HCHlyE_xCZuLH7aAdM
date: Sat, 05 Nov 2022 01:05:26 GMT
last-modified: Thu, 06 Oct 2022 15:36:38 GMT
server: AmazonS3
x-amz-cf-pop: EWR52-C1
etag: "fb72c9755822f81724a84a1490d627db"
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
content-length: 17459
x-amz-cf-id: FEzw0UnqvumEIeco0zFp8xE_448gjOP4UrlDJw6CHgjpEZP-z2m7xA==
expires: Mon, 31 Dec 2035 00:00:00 GMT

GET
H2 200 OBA.png
secure-ds.serving-sys.com/BurstingCachedScripts/Res/Images_2_6_4_0//AdChoice/TopRight/ Frame 7985 1 KB
2 KB 55ms
54ms Image
image/png 2.16.186.35
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-ds.serving-sys.com/BurstingCachedScripts/Res/Images_2_6_4_0//AdChoice/TopRight/OBA.png
Requested by: Host: 8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com
URL: https://8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.35 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-35.deploy.static.akamaitechnologies.com
Software: / ARR/3.0
Resource Hash: 6ef81d1a436e54449d094e62ad44dc82221a1c752069947e0a2c071b49a9c701

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

unused62: 8096267
date: Sat, 05 Nov 2022 01:05:26 GMT
last-modified: Sun, 05 Jan 2020 08:33:11 GMT
server
etag: "984fa9c3a2c3d51:0"
x-powered-by: ARR/3.0
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 1411
expires: Mon, 31 Dec 2035 00:00:00 GMT

GET
H2 200 OBA_DEFAULT.png
secure-ds.serving-sys.com/BurstingCachedScripts/Res/Images_2_6_4_0//AdChoice/TopRight/ Frame 7985 2 KB
2 KB 54ms
54ms Image
image/png 2.16.186.35
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-ds.serving-sys.com/BurstingCachedScripts/Res/Images_2_6_4_0//AdChoice/TopRight/OBA_DEFAULT.png
Requested by: Host: 8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com
URL: https://8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.35 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-35.deploy.static.akamaitechnologies.com
Software: / ARR/2.5
Resource Hash: dc05187f20059fb91e255cbd76de4a7e0481e2f02d15ae5c45eeed42d59e2a09

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

unused62: 8096267
date: Sat, 05 Nov 2022 01:05:26 GMT
last-modified: Sun, 15 May 2016 06:53:22 GMT
server
etag: "05d697876aed11:0"
x-powered-by: ARR/2.5
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 2198
expires: Mon, 31 Dec 2035 00:00:00 GMT

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ 87 KB
28 KB 118ms
37ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19301/hb_299506_4371.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 01:05:26 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 29 Dec 2021 12:30:46 GMT
server: nginx
etag: W/"61cc54f6-15c19"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 06 Nov 2022 01:05:26 GMT

POST
H/1.1 200
OK evt Show response
lm.serving-sys.com/lm/ Frame 7985 0
230 B 533ms
41ms XHR
text/plain 3.73.221.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lm.serving-sys.com/lm/evt
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_227_3_0/ebStdBanner.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.73.221.153 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-73-221-153.eu-central-1.compute.amazonaws.com
Software: LogModule 0.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: https://8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com
Access-Control-Allow-Credentials: true
Server: LogModule 0.4
Content-Length: 0
Content-Type: text/plain

POST
H/1.1 200
OK evt Show response
lm.serving-sys.com/lm/ Frame 7985 0
230 B 536ms
42ms XHR
text/plain 3.73.221.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lm.serving-sys.com/lm/evt
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_227_3_0/ebStdBanner.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.73.221.153 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-73-221-153.eu-central-1.compute.amazonaws.com
Software: LogModule 0.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: https://8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com
Access-Control-Allow-Credentials: true
Server: LogModule 0.4
Content-Length: 0
Content-Type: text/plain

GET
H2 200 Serving Show response
bs.serving-sys.com/ Frame 7985 24 B
629 B 44ms
43ms XHR
text/html 3.67.219.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/Serving?cn=display&c=40&sessionid=5167128816072894638&ai=1088524938&usercookie=u2=24a6ea9a-f7a3-41e7-96f0-4a43e80f8e15&oo=0&clsrc=2&clbv=_2_227_3_0&gdprpurposes=1023&dg=1077389171&sdg=1078358589&ctick=122&ord=0.5850746739474464
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_227_3_0/ebStdBanner.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.67.219.61 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-67-219-61.eu-central-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 2e7778c6ed3c31a131da378d6e573a1b3b6723037cdeea4c4832da83e60c9399

Request headers

Referer: https://8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Nov 2022 01:05:26 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com
p3p: CP="NOI DEVa OUR BUS UNI"
cache-control: private
access-control-allow-credentials: true
content-length: 24
expires: Sun, 05-Jun-2005 22:00:00 GMT

GET
H2 200 adServer.bs Show response
bs.serving-sys.com/Serving/ Frame 7985 0
504 B 43ms
43ms XHR
text/html 3.67.219.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/Serving/adServer.bs?cn=int&iv=2&interactionsStr=$$1088524938~~0~~1077389171~~5167128816072894638%5EActualSize~728x90x0x1x0000x0x0x728x90~0~01020~125$$&usercookie=u2=24a6ea9a-f7a3-41e7-96f0-4a43e80f8e15&rnd=0.9293675772155341&flv=0&res=32
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_227_3_0/ebStdBanner.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.67.219.61 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-67-219-61.eu-central-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Nov 2022 01:05:26 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com
p3p: CP="NOI DEVa OUR BUS UNI"
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Sun, 05-Jun-2005 22:00:00 GMT

GET
H3 200 2sDfZG1Wl4LcnbuKjk0m.woff2
fonts.gstatic.com/s/oxygen/v15/ Frame 0954 16 KB
16 KB 122ms
40ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oxygen/v15/2sDfZG1Wl4LcnbuKjk0m.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oxygen:wght@400;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e64f128d5352d04ea5c87031e4cf1ad204b72a0afb003ece52eeb997d28a570

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 08:45:39 GMT
x-content-type-options: nosniff
age: 317987
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16348
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:31:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Nov 2023 08:45:39 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 0954 7 KB
6 KB 134ms
51ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_248&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_248.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

502fcfda991f98acde09ee183528df604daa89077ffdc15004838e009ba00d33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 01:05:26 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5807
x-xss-protection: 0

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 89 KB
29 KB 106ms
36ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 01:05:26 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Mon, 24 Oct 2022 11:21:19 GMT
server: nginx
etag: W/"6356752f-16294"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 06 Nov 2022 01:05:26 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AC5E 0
20 B 77ms
76ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B8_Af1bZlY7TdLPfkx_APmuy_uA0AAAAAOAHgBAI&bg=!9fal9rLNAAZPh4lnb4c7ACkAdvg8WpxM2TBuVeTxrHEjIxO92FCy8gd1tLqarGfuNXcnhxCpXfgvyQIAAAFNUgAAAARoAQcKABljgDIGMhA7x2SJnxB0SjCxOEZDr5xwhcKvmQLl-_Zr7a7AvfdKzfNYsEgSl5SdMP3TPp0py7cEeRdloqJLg4Ag9bK7UzNSjVfuf6sMquAOSrY1VN5S6fzXV70nWZhspx8IO0MmjaMgcnbj8mn6jqQfrAWjD9yAaFoC76GVhcbXSuC2MqkJdNGtoyd7DIf75HOEujHsQcldPfpPsJpVJKRFO-VYA9d5iR6Wu6vTqBbWQnYT3j5FuJEHLYnT62q-g6uu0dr5z4ZdFiVNsiE-VoskTBiSSoNs7Rp8nvWnDuKUoWQxekUQYH52VNBvvfTrTJHOUdILRWurEqDEVbeeXSO9qH_blWKJd6iIf-LBlIFiZNq-B5eri_GLI_IJ9BO0_qBueYCTgU_mTsNeqmdJcbk1wKykvqWVGPBlmmKomdKgJCZXm32QyIR7U9__ToQZBlbLp3iK08vtkuncagerVljJXn3mA_pDTlTSGLHuOimnfTtYFJ21mDBKX930V5Ze45muvYKfq3DcHY7hWousy1517cJMcZ3tclzNfL7scFnjjuquX-s6_KnYDnYmUjwAir15fbMRCYSd3dwrLBO8GHPu4NJDohRW0pt2La8Kbmf_2z5Abzhv1JRu0Sf43AKTJgAllYEWuVPdIyqGVl_pRMNtYf727SIi0M0VW2HBOfGg-wsDLKZfZlwcz8pGyID1D7bVK2QpxOMbdNEdVbzysC3rlSiUoFY0TfcWRfsS3ULk6N2-tDeSz72W9k5QW7Gf6Tsn-4B7QqNKjBGbZd2cIGxFcICFfVJIBmTVICmlsLtHNcr4D9ZxDYk7mv6N73b48F9XnYtCF-hM5zz5JlcNxj3E1_skqTYK37V3ZtRV1dVONCCB9HywF26vXuxiNTNZjxE4Nsi6i2jx3dbPbzNHESKeBcwTfW7jobhhfCuH3UsdSA9Gg_uaeCfSUcxRO7ypLPsqRuleOe_qmc8RB-AuQ0Z6Ijp6Yg2BeLRnUT_3rgnUEWGBA0TrjGy98uIF4kfOCl82

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Nov 2022 01:05:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D204 0
20 B 78ms
77ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BFEg_1bZlY7y4LM-G-gautoCoCwAAAAA4AeAEAg&bg=!VValVhLNAAZPh4lnb4c7ACkAdvg8WkpoWToq7-ZxS5I516kb70UV7WeL5svRVY9QoiWB4qdwk7zXCQIAAAE7UgAAAAJoAQeZAz7cvk2pmPAArO-e_kj8rD6avDC_B2NcgRjnWxif5Jb9HUkpBvikW7GERiVbFYlh3i1y7c0nD1hWbnAzUAl-TKInAAKWBzVPWPDXnknKC4LovCES6-QCy7i6E5WtOkw8Qbzwu2P6AXm3NBrO5xLzkm2Wo6EZFi5WrW9HeazQjg_nVVEiQuSHayuENOoffO4cDqk-qLI_a3XOgKZwWIrlTzco1o22RYq5DnCFLMlxyGltKWuNjOw_6nOHla-RBLSTKU9C5wk5ey2WQGAe4QE9tUN8H2lBwXV-ghN5SEO-RvrQiDsT-5usG51lP3p_xa5iAiRqvpXamW7GxIgUXZhkhWyPMbjFSvwDPo_OrChjDn-2kXFHEU2lWKP9nr5tyqHet_IQNTnAPd51FWqbDgB_6tk6mpkjhHKdOJc7TKbZknDWRmcWaU2iUpoCRg_tatACCbIsoMmasXGs7cyua44qs0WX7vwExxl4zHY1fDlKUxiqd9dHJF77qaiDWC8cJ8AmEd31wXH1PrxmhEt8AyK8VBWq3JaV2QtCGSxC2aiBA-oyBTNcPVEP0JN4Dxz1lB-Xl78FXU22EfTTjj9wO4LRyeyp55mx4Aoi1TAaZH-axfRnXZ1T4c9SNdIjUgyKW31QmM6xlN-C8z-g_kvWix6wJGYa54LeTUjUVrAaSkIRgpNzqpKaVvBSRVk8-9oBib6rGnGVq7XLcxoQCcwP3tlP5eOQ_oozZqkBoM8MsAZ2ITRm9bdq62eCZGHAoi5G0EGMJRJLtJZeq6SVApzfEBVgA94VZXVipw1imHhV_bLS8ksaP2MQ7idBboNYSmEQ1QepqlZPfTyGR8ycb_zIedMxAhPtQ6iHQliWAkF0zX_bilxK-CXB0MwtMEFXbOqiQYw6-_AH9NpZXV7vGptCvBdn1kW3yzKW0N6S_vq_WC9SulS9aZkWJTcXP_QLwbPL_9-Xllaxf6AfCvwioduHzVeufrrMveAgGUJpvcy1PWY5inFKZ6OprRiny6GOaZ9bSolYgavRpcrP4P5m6_pKWOsVtSP8R8slgeay-pasNs2Mh9R7QNDCRD3ko2mWVdwc1964RNm5PbpSHuRiyyhlDDU06g

Requested by

Host: 8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com
URL: https://8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Nov 2022 01:05:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A05F 0
20 B 77ms
76ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BFyUx1bZlY5HOLMe_9u8Pv62hyAEAAAAAOAHgBAI&bg=!ZmWlZSHNAAZPh4lnb4c7ACkAdvg8WhXVvfafnyUOrHBBq0FqWoldl3fWqa33kY9fiUZAXrnkkxvm3wIAAAFfUgAAAARoAQeZAuPsRfFpMuld1bZkwVIHVssAESpZ_jFtimenHa5aMDiZm5Mcy4dMcJJSwE7t9ET-6GoFGB-mhXWqIiRjl9xHi_xCP3VjdUNh39KNJV_3SaGc7qfJjj7rHMf9ozgOHCr4ZwgLqZVECHiWgQSpTCME5rSHFWcHIKoARVNocTFyAVDJ8hDy_CSZ1mx9NKg3qvnLBWZnNjdfbqYPHIG7HT52Ex2jeCfur3kJaV4xz5EqLHyjDJIZNY6AwHVoej1dd123Knpf3y9V7zzZKXINlycV0dkpE-AQK0JQh5cxfENJnkyIgqxeu2eAc7lGkeq9pERrGoGO8HyUjiPi3tgWBipZzXh45GL8_Ms2iInWt0ZW502X7RxYwGgMNxnryQcOn-nw8pexVkpQpEVM-gOIpaLjoIvhhMWrnR824hg8ygQ3OS0asJR5yW0xQ7NwzQw1FY6G0SUzm36Js3dR0erjKQuxWuE7sGZiY1Ej7RfLAcYxKonWei-h6cFSBt5Hs14mpYfC9VeR6JaBBa_gJ2Y09ZWoMV3mE1mo8UX8kekBDmJe0fLGU9MfTjsdorAIZOGBAx84jDny7QiWLKeIXGSpZcyqGDWCWnEhhfV7H6yhVsaOnom_ibIW_fIc4PUxF1rIqSP2idX1aYg2hmNhjX9u1gAeBQ2KvGjt7XimozMKGYj8BdmKzxwYcxaM3JffuZKARS-oMeN6QQ7VE2AuNy-BzDQDDxZCqdwFQh8E9px4-Od2J_m6eiDHtK80Vnxwi2dQ4wUtrxo8-T-UOpCHa0axslz3grebkRmEGFEzWIfGz4AC4EJYa94CuUw0Qc98nM6iqui_rwYuUVpu7RVlr2tceZBzBojhF1VMaBNyP1TJsaMAiwVWJQdDqcBnmpxVaqBOns9s4oqVJTAXViPDB-xoyS92rQLehDaGK0Ls4lLWYt_oVIFILub_nu5awjkUAt4xoSurS0UEjVxpe4Zk-dk97nSVFSE-aK8E

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Nov 2022 01:05:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame E53D 0
0 79ms
78ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu3ex7LBJHj8UXZqaLAFoQUW3bj4lo7hEp9i2IG_eCxYJZPc-y7lDzhrqXLLWUPKOe4Jhyypqts3riEwTkV5pnKQP62YstN5XHh20TPdrBK-jcFAumopFWOMM4ZU6k_Kj6fUajn5__sukphe81TDBPgBSeML2lam4Emaxvg6bvuLwZHNFV4q1rRJCpr-VAqZRg8j8fKVYEg3_rOGheG8hSbqVFio6dzcudaYxY8OlhdfQeURL2l0RqXiNRZE6NxUSlmOxmh9Od4MXlK83XNXuPz-qmSN_Sf8HaAVZ_4edN1b-aoWVhlgKnUQXp02xKPx1pj5GSptfs91RnDZACllzJGZH0Eg_uFAh9E7GwKP0snD9UC9Q4SbwMUnQPCDgjQfSCwbxW7WDXPzzIvwFIHnr5djvvxj8y-10MbcmBfPLYUfSN4bcYeO-LLkMsffnoZYLC1SFpAgn6XT1hT9ks0Uw03cio7rsVsg8wdViKMmXtaLc0g_vVrGVf04vyidLspd2acgzOeicEr0WtMwxH6oLgTV5torroVAgfCg_BgRTRbRo5iDv3uq4SYc8L6UEN9Ldn5emgE1mzo3Me2zigJOj-lRGk_HGQQv9PO0jsDL3ARNy41bt-V6IfXRuujwUaZpQhdiHPY5msOO25S4u2EM8V7SjTJsz1HGtp9gtpzTDMO60w6wWC4G3WnVt_DygDWWPIovDzKDSO55aL3owHsL1rJmcWRNvUrRHWg_16-F7EwwwdzQR2NOvx-yhL0C--wZpIY3nlxAf6rh7ZfbgEQoDb8C_AgYXKq2o4Vm2MIva5gwIv2yZV2srgmswoI2oYtoI_KHGxOz6vx8T6tSfKO3UR_HGqjVfREOck6unXsAb4wJURxBT28LxStrkPwR5NPqNlY9nY7YWMJKcWl2MM7FAKr4F-Z28TIy6Fp_hDmzM2j-4PsPAAv8Mf1nqfzn6lF2VTATp_x6c0ff0oujRiqC64xSJsRctGtnYpIpbOFFyEX075FOke2IrMqxAQjYBgQND2QER_8h-Qyrq4tTWnHPCLGs6HC0uywPfs6WyHTp0kUB8PoOp1dp4xsavQY1sx8kzEE2uW3Sf8SUVWE5VUcieuV6kn4BVr9yeP5XukGv25s9KLqgVia5cctLisgL030bnrYM6E29JqaHFu1tO297Bsfd_SXA3srLR87Bv15lYhs6nKHjXaSUL_W5F14u7UIrJRNWkProsfYTi8AHRNdfV_sx6viEgMElAdKo5jDLmjxdJMl7Q-RlQfHs-CITszdtC5c5CMXcQ&sai=AMfl-YS_wajqylkkDn5ZmSlLyjN0d9jDKZBQIAlRcbo0JLOeOm5Xyk7qDuMpolF4IG9m_-AKD8IgcjkBspDzwlBy7MmDx_yUyyZn4_t3n2h1E-IEKMrCiGLShyY9Ryh_n0j45sCJW5vPLVnbXsFq3AImBaP4Mhmam-XkF0eiWWjcvLzk-D52qcud2akPOOZsekgUXhvaw850whDPCWpAVTNuqfx0zU6k3Q1oz2Yc7JxHXlqaHTzbVoMTJa37E8vgjuGu1Xqr1OcBb52Q_g&sig=Cg0ArKJSzDlQ1iRXfrSsEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=796&vt=11&dtpt=516&dett=3&cstd=273&cisv=r20221027.46592&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 01:05:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 05 Nov 2022 01:05:26 GMT

GET
H3 200 23929287_20220303063109354_Logo.svg
s0.2mdn.net/ads/richmedia/studio/23929287/ Frame 0954 2 KB
1 KB 42ms
41ms Image
image/svg+xml 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/23929287/23929287_20220303063109354_Logo.svg

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5e30983e240508587941ff5cd02b3427418c884c69c48587b9390eb4a2fd43e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9275241708497128449/index.html?e=69&leftOffset=0&topOffset=0&c=XUotlNYzy2&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 01:13:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 85926
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1004
x-xss-protection: 0
last-modified: Wed, 28 Sep 2022 15:24:55 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 05 Nov 2022 01:13:20 GMT

GET
H3 200 23929287_20220315074513530_Awareness4.jpeg
s0.2mdn.net/ads/richmedia/studio/23929287/ Frame 0954 1 MB
1 MB 42ms
42ms Image
image/jpeg 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/23929287/23929287_20220315074513530_Awareness4.jpeg

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b92736323542c51b714890a8146f18df9eb8e6b6b4feb31e0933339e25e3491

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9275241708497128449/index.html?e=69&leftOffset=0&topOffset=0&c=XUotlNYzy2&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 08:40:07 GMT
x-content-type-options: nosniff
age: 59119
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1314467
x-xss-protection: 0
last-modified: Tue, 15 Mar 2022 14:45:13 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 05 Nov 2022 08:40:07 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 0954 17 KB
6 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_248.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 01:05:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 05 Nov 2022 01:05:26 GMT

GET
H3 200 nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js Show response
pagead2.googlesyndication.com/bg/ Frame 3F4C 36 KB
15 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ce02e31e381a45f5ebf03455d54242ee5cd8fdd8dd0e27bb94fdfdd57ddae8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 22:11:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10412
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 Nov 2023 22:11:54 GMT

GET
H3 200 23929287_20220315074513530_Awareness4.jpeg
s0.2mdn.net/ads/richmedia/studio/23929287/ Frame 0954 1 MB
1 MB 41ms
40ms Image
image/jpeg 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/23929287/23929287_20220315074513530_Awareness4.jpeg

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b92736323542c51b714890a8146f18df9eb8e6b6b4feb31e0933339e25e3491

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9275241708497128449/index.html?e=69&leftOffset=0&topOffset=0&c=XUotlNYzy2&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 08:40:07 GMT
x-content-type-options: nosniff
age: 59119
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1314467
x-xss-protection: 0
last-modified: Tue, 15 Mar 2022 14:45:13 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 05 Nov 2022 08:40:07 GMT

GET
DATA 200
OK truncated
/ Frame 0954 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E53D 42 B
64 B 85ms
84ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvViDAttrQG1sphwf2UpeB3DQzcYweVvTTpkoq8w0S-txa-JanVn16W3jcFDW0lLB5_zeXBzJIyVWn4y2TMO7IresTyY0K3fv1YAO9ZsvGohtBlcvxD2CWFsopxWJaUtYHomBvKHw&sai=AMfl-YS5-2Lbm0z6crr24_26XysXnYhLlDeGL1AGF3XxlxClyq_Rgm504K-op0G3YuX_jQvi75iE65pUDTXAveDkmaCHJea-jVcjHFGxBpZ9UF2JC0QHt7QakOvz85ioVC4&sig=Cg0ArKJSzM1ZjwlGH6_5EAE&cid=CAQSPADq26N9AXeZD9UC-R_LxboJND15Xsc2yc7o4T0KOAbWl_vuH4Bv_CShQXywiOabW4SubWGZ1IYW5NpB2hgBIA4&id=lidar2&mcvt=1000&p=1110,315,1200,1043&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221103&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3757304322&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1667610325615&rpt=400&isd=0&lsd=0&met=ce&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Nov 2022 01:05:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7985 42 B
64 B 77ms
77ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuj1saUAQklvdZos1Rlib7q5CYz4lPDzpN2RYxYWTpQOcC2xrFsAcl1LKD2VvLOFZuMaBIuwyfGrXOBaItiAtxiiAmECJXvwmEy1QUQeqaIZr8JmKKJ7ZCBTsd_&sai=AMfl-YSXiTce1n97TtTaWzT7zKmX6Ya5IE8C5EETaON7j4BAXvmK9DWpyPPZrnV5ahqhd6OVg9rcDJ1eSQyhcPBKclJNfXlxlLCJj7SHJWblmNP5CmFAvzNfKu2zs43TVXk&sig=Cg0ArKJSzM5lPKwdi0d1EAE&cid=CAQSPADq26N9AXeZD9UC-R_LxboJND15Xsc2yc7o4T0KOAbWl_vuH4Bv_CShQXywiOabW4SubWGZ1IYW5NpB2hgBIA4&id=lidar2&mcvt=1051&p=40,436,130,1164&mtos=1051,1051,1051,1051,1051&tos=1051,0,0,0,0&v=20221103&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1472868681&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1667610325455&rpt=638&isd=0&lsd=0&met=ce&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Nov 2022 01:05:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 102ms
34ms Preflight
application/json 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fbuhgalter.com.ua%2F&domain=buhgalter.com.ua&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://buhgalter.com.ua
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://buhgalter.com.ua
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sat, 05 Nov 2022 01:05:27 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 790765
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fbuhgalter.com.ua%2F&domain=buhgalter.com.ua&cw=1&pbt=1&lsw=1
https://mug.criteo.com/sid?cpp=-RURzXx4dXpPZk5nd3FHQTk3S0ZjVFNDQk5USVlmWmlzV0RabGJqdERmNFNjVkRrTGtSWmFkUnhpM0NIMno5RzNHV3VQc1RCS0RpbVlSOGk4eSs0MmRaa2U1UlVKUE5yK3l1RmdlZGYxUy8wT0w1NnNzRjlPTTNwcTVoan...

362 B
654 B

118ms
36ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=-RURzXx4dXpPZk5nd3FHQTk3S0ZjVFNDQk5USVlmWmlzV0RabGJqdERmNFNjVkRrTGtSWmFkUnhpM0NIMno5RzNHV3VQc1RCS0RpbVlSOGk4eSs0MmRaa2U1UlVKUE5yK3l1RmdlZGYxUy8wT0w1NnNzRjlPTTNwcTVoanZkT2gwZkhjaWFjRWdmWDVnU3Z4c2J4SDZRQXB2MlVNOG9iZDBJdTJOajBOcnRsaUFtSVFEckJkV2FoQWo2K0pvQTJ1d3ZKTmlIVGFTRTMrTVVwMVArNzJZUktXcmVyeDdJdmp2RWsxa1FHTlFuZm5BS0FCMFp5NktlVUowS04xOVZIWFc2NGNqfA&cppv=2

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

8d820c5c4178b5dab7238d8836c5d8fd666bca88d16cab359e343f52272739e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Nov 2022 01:05:28 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1081081
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 05 Nov 2022 01:05:27 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-methods: GET
location: https://mug.criteo.com/sid?cpp=-RURzXx4dXpPZk5nd3FHQTk3S0ZjVFNDQk5USVlmWmlzV0RabGJqdERmNFNjVkRrTGtSWmFkUnhpM0NIMno5RzNHV3VQc1RCS0RpbVlSOGk4eSs0MmRaa2U1UlVKUE5yK3l1RmdlZGYxUy8wT0w1NnNzRjlPTTNwcTVoanZkT2gwZkhjaWFjRWdmWDVnU3Z4c2J4SDZRQXB2MlVNOG9iZDBJdTJOajBOcnRsaUFtSVFEckJkV2FoQWo2K0pvQTJ1d3ZKTmlIVGFTRTMrTVVwMVArNzJZUktXcmVyeDdJdmp2RWsxa1FHTlFuZm5BS0FCMFp5NktlVUowS04xOVZIWFc2NGNqfA&cppv=2
access-control-allow-origin: https://buhgalter.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 489376
content-length: 0
expires: 0

POST
H/1.1 200 692.json Show response
id5-sync.com/g/v2/ 216 B
626 B 132ms
41ms XHR
application/json 162.19.138.118
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/692.json

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19301/hb_299506_4371.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.118 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533569.ip-162-19-138.eu

Software

Resource Hash

3d3e7dce58c425ccb9ad454a71f52998cc9ed166ad0d90d73df8819b0eb268f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://buhgalter.com.ua
date: Sat, 05 Nov 2022 01:05:27 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame B0AB 52 KB
17 KB 110ms
28ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19301/hb_299506_4371.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://buhgalter.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 73409
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sat, 05 Nov 2022 01:05:28 GMT
ETag: W/"623de86a-cf34"
Expires: Fri, 04 Nov 2022 04:41:58 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 280, 240440
X-Served-By: cache-lga13626-LGA, cache-lcy19274-LCY
X-Timer: S1667610328.000725,VS0,VE0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 7208 281 B
554 B 130ms
41ms Document
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?gdpr=0
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19301/hb_299506_4371.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://buhgalter.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 05 Nov 2022 01:05:28 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 cs.html Show response
cs.seedtag.com/ Frame 5ED7 50 KB
16 KB 89ms
33ms Document
text/html 104.18.133.145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cs.seedtag.com/cs.html?pt=9741-9206-01&pc=PL&cmp=true
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19301/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.133.145 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62533bce9accb17502e412cdef6558ac7375e50e1b6fc089f56606c0b6484a0d

Request headers

Referer: https://buhgalter.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 188
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=86400
cf-cache-status: HIT
cf-ray: 7651ae65df263628-MAN
content-encoding: br
content-type: text/html
date: Sat, 05 Nov 2022 01:05:27 GMT
etag: W/"13ca649e3208fe62aac60882d95c54f3"
expires: Sun, 06 Nov 2022 01:05:27 GMT
last-modified: Thu, 20 Oct 2022 13:01:08 GMT
server: cloudflare
vary: Accept-Encoding
x-goog-generation: 1666270868306825
x-goog-hash: crc32c=KeZweA== md5=E8pknjII/mKqxgiC2VxU8w==
x-goog-metageneration: 2
x-goog-storage-class: REGIONAL
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 15213
x-guploader-uploadid: ADPycdtllcXkb8VY9MnmkiaTrf7j9clphpDlTh8mg6ESmcdlrjaxi7I_K3iacHu7JbneAWxs_Bhx9GvMQ9fd3ANOfJTwTg

GET
H2 200 / Show response
spl.zeotap.com/ Frame 696D 8 KB
2 KB 117ms
48ms Document
text/html 2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19301/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60a551bf04769370c83a351ff34465d0f0c31d387c3755237de766e66a223e9a

Request headers

Referer: https://buhgalter.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://buhgalter.com.ua
cf-cache-status: DYNAMIC
cf-ray: 7651ae65fd8976d1-LHR
content-encoding: br
content-type: text/html
date: Sat, 05 Nov 2022 01:05:28 GMT
server: cloudflare
vary: Origin
via: 1.1 google

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 8204 15 KB
6 KB 132ms
41ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19301/hb_299506_4371.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://buhgalter.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=39410
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Sat, 05 Nov 2022 01:05:28 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Sat, 05 Nov 2022 12:02:18 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 204 /
csync.loopme.me/ Frame EDC8 0
0 37ms
37ms Document
text/plain 35.214.236.176
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D%26pubid%3D11378
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19301/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.214.236.176 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS: 176.236.214.35.bc.googleusercontent.com
Software: _ /
Resource Hash

Request headers

Referer: https://buhgalter.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

date: Sat, 05 Nov 2022 01:05:27 GMT
server: _

GET
H2 200 ixmatch.html Show response
js-sec.indexww.com/um/ Frame 7078 3 KB
2 KB 101ms
38ms Document
text/html 104.18.13.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19301/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.13.76 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://buhgalter.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 841
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 7651ae65eead3607-MAN
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 05 Nov 2022 01:05:28 GMT
expires: Sat, 05 Nov 2022 05:05:28 GMT
last-modified: Mon, 25 Jul 2022 19:18:30 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server: cloudflare
vary: Accept-Encoding

GET
H3

200

sync
odr.mookie1.com/t/v2/
Redirect Chain

https://x.bidswitch.net/sync?ssp=themediagrid&gdpr=0
https://x.bidswitch.net/ul_cb/sync?ssp=themediagrid&gdpr=0
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=ce36b093-9818-46cb-ae99-d45b061cb347&ssp=themediagrid&gdpr=0&gdpr_consent=

43 B
61 B

43ms
40ms

Image
image/gif

34.98.67.61
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=ce36b093-9818-46cb-ae99-d45b061cb347&ssp=themediagrid&gdpr=0&gdpr_consent=
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H3
Server: 34.98.67.61 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Nov 2022 01:05:28 GMT
via: 1.1 google
server: Apache
content-type: image/gif;charset=UTF-8
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: //odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=ce36b093-9818-46cb-ae99-d45b061cb347&ssp=themediagrid&gdpr=0&gdpr_consent=
Date: Sat, 05 Nov 2022 01:05:28 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 9C82
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=seedtag&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu

281 B
554 B

51ms
40ms

Document
text/html

104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu
Requested by: Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9741-9206-01&pc=PL&cmp=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://cs.seedtag.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 05 Nov 2022 01:05:28 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Sat, 05 Nov 2022 01:05:28 GMT
location: https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu
server: AkamaiGHost

GET
H/1.1 200
OK CookieSync.html Show response
csync.smartadserver.com/rtb/csync/ Frame 3F3C 435 B
744 B 192ms
43ms Document
text/html 2a02:26f0:1700:c::1737:6e47
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smartadserver.com/rtb/csync/CookieSync.html?nwid=3050&dcid=3
Requested by: Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9741-9206-01&pc=PL&cmp=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:c::1737:6e47 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 4a842d3295b35d0fdbaed094d22f5926f2bcaa2d892ec7ea9a9a89c1f84b33bf

Request headers

Referer: https://cs.seedtag.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=3600
Connection: keep-alive
Content-Length: 435
Content-Type: text/html
Date: Sat, 05 Nov 2022 01:05:28 GMT
ETag: "4b81e967df07d41c24270ccf669f7336:1645524912.090457"
Last-Modified: Tue, 22 Feb 2022 09:59:55 GMT
Server: AkamaiNetStorage

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame BAA0 15 KB
6 KB 44ms
41ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Requested by: Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9741-9206-01&pc=PL&cmp=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://cs.seedtag.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=39410
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Sat, 05 Nov 2022 01:05:28 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Sat, 05 Nov 2022 12:02:18 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 / Show response
sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/ Frame 6719 61 B
239 B 164ms
48ms Document
text/html 162.55.233.29
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1667610328020&pubconsent=&euconsent=&hasConsent=1
Requested by: Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9741-9206-01&pc=PL&cmp=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.55.233.29 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.29.233.55.162.clients.your-server.de
Software: nginx/1.14.2 /
Resource Hash: 0391042e0e111437f4a2dec7560098dbcc04b68df753281b207b3c956430c89c

Request headers

Referer: https://cs.seedtag.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 05 Nov 2022 01:05:28 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server: nginx/1.14.2
vary: Accept-Encoding

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame 0D2C 0
0 1085ms
115ms Document
text/plain 67.202.105.23

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X
Requested by: Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9741-9206-01&pc=PL&cmp=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.23 -, , ASN (),
Reverse DNS
Software: 33XP009 /
Resource Hash

Request headers

Referer: https://cs.seedtag.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

date: Sat, 05 Nov 2022 01:05:28 GMT
server: 33XP009
x-33x-status: 2000208

GET
H2 200 isync Show response
visitor.omnitagjs.com/visitor/ Frame B683 0
178 B 134ms
37ms Document
text/html 185.255.84.153
IGUANE-

General

Check archive.org

Show headers Download Go to

Full URL

https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=

Requested by

Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9741-9206-01&pc=PL&cmp=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.153 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://cs.seedtag.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 05 Nov 2022 01:05:27 GMT
expires: 0
pragma: no-cache
server: ayl-lb-fra02
vary: Accept-Encoding
x-content-type-options: nosniff
x-envoy-upstream-service-time: 2

GET
H2 204 /
onetag-sys.com/usync/ Frame 45DC 0
0 136ms
41ms Document
text/plain 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=75601b04186d260

Requested by

Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9741-9206-01&pc=PL&cmp=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://cs.seedtag.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 204 v1
match.sharethrough.com/universal/ Frame 9C72 0
0 191ms
46ms Document
text/plain 18.193.195.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.sharethrough.com/universal/v1?supply_id=2TwkgUpM&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9741-9206-01&pc=PL&cmp=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.195.35 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-195-35.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://cs.seedtag.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

date: Sat, 05 Nov 2022 01:05:28 GMT

GET
H3 204 s
s.seedtag.com/cs/st/ Frame 5ED7 0
14 B 97ms
37ms Image
text/plain 34.149.50.64
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.seedtag.com/cs/st/s
Requested by: Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9741-9206-01&pc=PL&cmp=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 64.50.149.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cs.seedtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 01:05:28 GMT
via: 1.1 google
access-control-allow-credentials: true
server: nginx
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD

GET
H3

204

appnexus
s.seedtag.com/cs/cookiesync/ Frame 5ED7
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fappnexus%3Fchanneluid%3D%24UID
https://s.seedtag.com/cs/cookiesync/appnexus?channeluid=2135954514127792914

0
15 B

41ms
36ms

Image
text/plain

34.149.50.64
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.seedtag.com/cs/cookiesync/appnexus?channeluid=2135954514127792914
Requested by: Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9741-9206-01&pc=PL&cmp=true
Protocol: H3
Server: 34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 64.50.149.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cs.seedtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 01:05:28 GMT
via: 1.1 google
access-control-allow-credentials: true
server: nginx
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

Pragma: no-cache
Date: Sat, 05 Nov 2022 01:05:28 GMT
AN-X-Request-Uuid: ca40be6c-0605-40bf-9e61-91bf971312f6
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://s.seedtag.com/cs/cookiesync/appnexus?channeluid=2135954514127792914
Connection: keep-alive
X-Proxy-Origin: 217.138.196.109; 217.138.196.109; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

getuid
sync.smartadserver.com/ Frame 5ED7
Redirect Chain

https://sync.smartadserver.com/getuid?gdpr_consent=&us_privacy=&nwid=3050&url=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fsmart%3Fchanneluid%3D%5Bsas_uid%5D
https://sync.smartadserver.com/getuid?gdpr_consent=&us_privacy=&nwid=3050&url=https://s.seedtag.com/cs/cookiesync/smart?channeluid=[sas_uid]&cklb=1

0
75 B

39ms
37ms

Image
text/plain

185.86.137.110
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.smartadserver.com/getuid?gdpr_consent=&us_privacy=&nwid=3050&url=https://s.seedtag.com/cs/cookiesync/smart?channeluid=[sas_uid]&cklb=1
Requested by: Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9741-9206-01&pc=PL&cmp=true
Protocol: HTTP/1.1
Server: 185.86.137.110 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cs.seedtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 01:05:28 GMT
content-length: 0

Redirect headers

location: https://sync.smartadserver.com:443/getuid?gdpr_consent=&us_privacy=&nwid=3050&url=https://s.seedtag.com/cs/cookiesync/smart?channeluid=[sas_uid]&cklb=1
pragma: no-cache
date: Sat, 05 Nov 2022 01:05:28 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H3

204

outbrain
s.seedtag.com/cs/cookiesync/ Frame 5ED7
Redirect Chain

https://b1sync.zemanta.com/usersync/seedtag?puid=&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Foutbrain%3Fchanneluid%3D__ZUID__
https://s.seedtag.com/cs/cookiesync/outbrain?channeluid=&gdpr=0

0
15 B

36ms
36ms

Image
text/plain

34.149.50.64
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.seedtag.com/cs/cookiesync/outbrain?channeluid=&gdpr=0
Requested by: Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9741-9206-01&pc=PL&cmp=true
Protocol: H3
Server: 34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 64.50.149.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cs.seedtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 01:05:28 GMT
via: 1.1 google
access-control-allow-credentials: true
server: nginx
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

Location: https://s.seedtag.com/cs/cookiesync/outbrain?channeluid=&gdpr=0
Pragma: no-cache
Date: Sat, 05 Nov 2022 01:05:28 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 90
Content-Type: text/html; charset=utf-8

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 5ED7 70 B
264 B 130ms
40ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=5jrh0rv&ttd_tpi=1&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9741-9206-01&pc=PL&cmp=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cs.seedtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 05 Nov 2022 01:05:28 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

204

Bidswitch
s.seedtag.com/cs/cookiesync/ Frame 5ED7
Redirect Chain

https://x.bidswitch.net/sync?ssp=seedtag&user_id=&gdpr=0&gdpr_consent=&us_privacy=
https://x.bidswitch.net/ul_cb/sync?ssp=seedtag&user_id=&gdpr=0&gdpr_consent=&us_privacy=
https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=seedtag&bsw_user_id=638970d8-9c3c-48f2-84e0-83dc47d9e575
https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=5d510084-e69a-49ef-999c-a48eb173c6bd&ssp=seedtag
https://s.seedtag.com/cs/cookiesync/Bidswitch?channeluid=638970d8-9c3c-48f2-84e0-83dc47d9e575

0
15 B

38ms
37ms

Image
text/plain

34.149.50.64
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.seedtag.com/cs/cookiesync/Bidswitch?channeluid=638970d8-9c3c-48f2-84e0-83dc47d9e575
Requested by: Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9741-9206-01&pc=PL&cmp=true
Protocol: H3
Server: 34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 64.50.149.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cs.seedtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 01:05:28 GMT
via: 1.1 google
access-control-allow-credentials: true
server: nginx
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

Location: //s.seedtag.com/cs/cookiesync/Bidswitch?channeluid=638970d8-9c3c-48f2-84e0-83dc47d9e575
Date: Sat, 05 Nov 2022 01:05:28 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H3

204

spotx
s.seedtag.com/cs/cookiesync/ Frame 5ED7
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=8651&redir=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fspotx%3Fchanneluid%3D%24SPOTX_USER_ID
https://sync.search.spotxchange.com/partner?adv_id=8651&redir=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fspotx%3Fchanneluid%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=efdc0d88-5ca5-11ed-825b-...
https://s.seedtag.com/cs/cookiesync/spotx?channeluid=efdc0d40-5ca5-11ed-825b-197e22df0406

0
15 B

47ms
39ms

Image
text/plain

34.149.50.64
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.seedtag.com/cs/cookiesync/spotx?channeluid=efdc0d40-5ca5-11ed-825b-197e22df0406
Requested by: Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9741-9206-01&pc=PL&cmp=true
Protocol: H3
Server: 34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 64.50.149.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cs.seedtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 01:05:28 GMT
via: 1.1 google
access-control-allow-credentials: true
server: nginx
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

Date: Sat, 05 Nov 2022 01:05:28 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Location: https://s.seedtag.com/cs/cookiesync/spotx?channeluid=efdc0d40-5ca5-11ed-825b-197e22df0406
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 102
Connection: keep-alive
Content-Length: 0

GET
H2

200

/
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame 5ED7
Redirect Chain

https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Frichaudience%3Fchanneluid%3D%5BPDID%5D
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcs.seedtag.com%2F

95 B
222 B

48ms
47ms

Image
image/png

162.55.233.29
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcs.seedtag.com%2F
Requested by: Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9741-9206-01&pc=PL&cmp=true
Protocol: H2
Server: 162.55.233.29 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.29.233.55.162.clients.your-server.de
Software: nginx/1.14.2 /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cs.seedtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/png
date: Sat, 05 Nov 2022 01:05:28 GMT
server: nginx/1.14.2
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

location: https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcs.seedtag.com%2F
date: Sat, 05 Nov 2022 01:05:28 GMT
server: nginx/1.14.2
content-type: text/html; charset=UTF-8

GET
H2

200

generic
match.adsrvr.org/track/cmf/ Frame 5ED7
Redirect Chain

https://sync.search.spotxchange.com/partner?source=249286
https://sync.search.spotxchange.com/partner?source=249286&__user_check__=1&sync_id=efdc00dc-5ca5-11ed-9e7e-1be234f70206
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_sc&gdpr=0&gdpr_consent=%24%7BGDPR_CONSENT_229%7D
https://sync.search.spotxchange.com/partner?adv_id=7025&gdpr=0&gdpr_consent=%24%7BGDPR_CONSENT_229%7D&uid=CAESEGdt_bkuF2SnHeeop5epinY&google_cver=1
https://match.adsrvr.org/track/cmf/generic?ttd_pid=spotx&ttd_tpi=1&gdpr=0&gdpr_consent=

70 B
264 B

40ms
38ms

Image
image/gif

52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=spotx&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9741-9206-01&pc=PL&cmp=true
Protocol: H2
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cs.seedtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 05 Nov 2022 01:05:28 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

Date: Sat, 05 Nov 2022 01:05:28 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Location: //match.adsrvr.org/track/cmf/generic?ttd_pid=spotx&ttd_tpi=1&gdpr=0&gdpr_consent=
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 79
Connection: keep-alive
Content-Length: 0

GET
H3

204

improvedigital
s.seedtag.com/cs/cookiesync/ Frame 5ED7
Redirect Chain

https://ad.360yield.com/server_match?partner_id=1680&r=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fimprovedigital%3Fchanneluid%3D%7BPUB_USER_ID%7D
https://ad.360yield.com/ul_cb/server_match?partner_id=1680&r=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fimprovedigital%3Fchanneluid%3D%7BPUB_USER_ID%7D
https://s.seedtag.com/cs/cookiesync/improvedigital?channeluid=10f00cbc-b28c-466d-97aa-6be54fe6a774

0
15 B

43ms
38ms

Image
text/plain

34.149.50.64
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.seedtag.com/cs/cookiesync/improvedigital?channeluid=10f00cbc-b28c-466d-97aa-6be54fe6a774
Requested by: Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9741-9206-01&pc=PL&cmp=true
Protocol: H3
Server: 34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 64.50.149.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cs.seedtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 01:05:28 GMT
via: 1.1 google
access-control-allow-credentials: true
server: nginx
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

location: https://s.seedtag.com/cs/cookiesync/improvedigital?channeluid=10f00cbc-b28c-466d-97aa-6be54fe6a774
access-control-allow-origin: *
date: Sat, 05 Nov 2022 01:05:28 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H3

204

indexexchange
s.seedtag.com/cs/cookiesync/ Frame 5ED7
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=191730&cb=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Findexexchange%3Fchanneluid%3D
https://s.seedtag.com/cs/cookiesync/indexexchange?channeluid=Y2W21Q4NmwM8dt5vJ0ieUwAA%261190

0
15 B

41ms
40ms

Image
text/plain

34.149.50.64
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.seedtag.com/cs/cookiesync/indexexchange?channeluid=Y2W21Q4NmwM8dt5vJ0ieUwAA%261190
Requested by: Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9741-9206-01&pc=PL&cmp=true
Protocol: H3
Server: 34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 64.50.149.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cs.seedtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 01:05:28 GMT
via: 1.1 google
access-control-allow-credentials: true
server: nginx
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

pragma: no-cache
date: Sat, 05 Nov 2022 01:05:28 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BYdINdSXa25y3ZFOTw2fh1oR6F4vbF5L2xs9Wp8aXnGdVNXlnHqhAjWGZMdq6jbnuhTJXzdgGIrixAmJxPs1VDBgOF0%2FZfdjbHOECkYM5aUQuOOV1tLF7DxAohIdFR9k7Nw0mb%2BacYfC2g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://s.seedtag.com/cs/cookiesync/indexexchange?channeluid=Y2W21Q4NmwM8dt5vJ0ieUwAA%261190
cache-control: no-cache
cf-ray: 7651ae669cd9dcd3-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

204

verizon
s.seedtag.com/cs/cookiesync/ Frame 5ED7
Redirect Chain

https://ups.analytics.yahoo.com/ups/58427/occ
https://ups.analytics.yahoo.com/ups/58427/occ?verify=true
https://s.seedtag.com/cs/cookiesync/verizon?channeluid=y-MHaGI31E2uFwee.M1rDGKBzOvnkl.IXBOFHv.ys-~A

0
15 B

44ms
37ms

Image
text/plain

34.149.50.64
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.seedtag.com/cs/cookiesync/verizon?channeluid=y-MHaGI31E2uFwee.M1rDGKBzOvnkl.IXBOFHv.ys-~A
Requested by: Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9741-9206-01&pc=PL&cmp=true
Protocol: H3
Server: 34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 64.50.149.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cs.seedtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 01:05:28 GMT
via: 1.1 google
access-control-allow-credentials: true
server: nginx
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

location: https://s.seedtag.com/cs/cookiesync/verizon?channeluid=y-MHaGI31E2uFwee.M1rDGKBzOvnkl.IXBOFHv.ys-~A
date: Sat, 05 Nov 2022 01:05:28 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 cookie
cm.adform.net/ Frame 5ED7 43 B
106 B 173ms
45ms Image
image/gif 37.157.6.253

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fadform%3Fchanneluid%3D%24UID
Requested by: Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9741-9206-01&pc=PL&cmp=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.253 , Denmark, ASN198622 (),
Reverse DNS: s1.adform.net
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cs.seedtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 01:05:28 GMT
server: nginx
content-length: 43
content-type: image/gif

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame 5ED7 0
277 B 183ms
183ms Image
text/plain 209.191.163.210
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fsovrn%3Fchanneluid%3D%24UID
Requested by: Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9741-9206-01&pc=PL&cmp=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 209.191.163.210 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cs.seedtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 05 Nov 2022 01:05:28 GMT
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap4sfo1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT

GET
H/1.1 400
Request failed due to privacy signals getuid
ib.adnxs.com/ Frame 696D 0
0 43ms
43ms Image
text/html 37.252.171.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7dd941a7-2158-462c-65c5-4439b4e13dd5&reqId=f3d2ce33-6a32-4c56-7d26-0eae88e9fa59&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 696D 170 B
188 B 51ms
51ms Image
image/png 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7dd941a7-2158-462c-65c5-4439b4e13dd5&reqId=f3d2ce33-6a32-4c56-7d26-0eae88e9fa59&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Nov 2022 01:05:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 696D
Redirect Chain

https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
https://mwzeom.zeotap.com/mw?cid=eb53dd69-74b9-4389-8e8f-93fb26d98b01&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7dd941a7-2158-462c-65c5-4439b4e13dd5&reqId=f3d2ce33-6a32-4c56...

95 B
152 B

48ms
41ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=eb53dd69-74b9-4389-8e8f-93fb26d98b01&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7dd941a7-2158-462c-65c5-4439b4e13dd5&reqId=f3d2ce33-6a32-4c56-7d26-0eae88e9fa59&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 01:05:28 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 7651ae67ff2e76d1-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

date: Sat, 05 Nov 2022 01:05:28 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://mwzeom.zeotap.com/mw?cid=eb53dd69-74b9-4389-8e8f-93fb26d98b01&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7dd941a7-2158-462c-65c5-4439b4e13dd5&reqId=f3d2ce33-6a32-4c56-7d26-0eae88e9fa59&zdid=1361
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 403 /
dmp.adform.net/serving/cookie/match/ Frame 696D 0
331 B 201ms
51ms Image
text/plain 37.157.6.248

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7dd941a7-2158-462c-65c5-4439b4e13dd5&reqId=f3d2ce33-6a32-4c56-7d26-0eae88e9fa59&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.248 , Denmark, ASN198622 (),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Nov 2022 01:05:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 696D 70 B
265 B 80ms
39ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D7dd941a7-2158-462c-65c5-4439b4e13dd5%26reqId%3Df3d2ce33-6a32-4c56-7d26-0eae88e9fa59%26zdid%3D1361&gdpr=0&gdpr_consent=
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 05 Nov 2022 01:05:28 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 cm
trc.taboola.com/sg/zeotap/1/ Frame 696D 0
161 B 129ms
35ms Image
text/plain 2a04:4e42:200::300
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7dd941a7-2158-462c-65c5-4439b4e13dd5&reqId=f3d2ce33-6a32-4c56-7d26-0eae88e9fa59&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Sat, 05 Nov 2022 01:05:28 GMT
via: 1.1 varnish
x-cache-hits: 0
server: nginx
x-timer: S1667610328.186692,VS0,VE9
x-cache: MISS
accept-ranges: bytes
content-length: 0
x-served-by: cache-lcy19231-LCY

GET
H/1.1 200
OK u
dmp.v.fwmrm.net/ad/ Frame 696D 0
411 B 699ms
144ms Image
text/html 2600:1f16:e61:3f01:9802:108e:78ba:29ea

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f16:e61:3f01:9802:108e:78ba:29ea -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 05 Nov 2022 01:05:28 GMT
Content-Type: text/html
P3P: policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control: no-store
Connection: keep-alive
Keep-Alive: timeout=300
Content-Length: 0
Expires: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 696D
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap...
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&cid=A69EE0D3-78E7-482C-8746-636E4A80DE47&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7dd941a7-2158-462c-65c5-4439b4e13dd5&reqId=f3d2ce...

95 B
180 B

52ms
40ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&cid=A69EE0D3-78E7-482C-8746-636E4A80DE47&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7dd941a7-2158-462c-65c5-4439b4e13dd5&reqId=f3d2ce33-6a32-4c56-7d26-0eae88e9fa59&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 01:05:28 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 7651ae66ee6576d1-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

location: https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&cid=A69EE0D3-78E7-482C-8746-636E4A80DE47&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7dd941a7-2158-462c-65c5-4439b4e13dd5&reqId=f3d2ce33-6a32-4c56-7d26-0eae88e9fa59&zdid=1361
date: Sat, 05 Nov 2022 01:05:26 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 696D
Redirect Chain

https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7dd941a7-2158-462c-65c5-4439b4e13dd5&reqId=f3d2ce33-6a32-4c56-7d26-0eae88e9fa59&zdid=1361
https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7dd941a7-2158-462c-65c5-4439b4e13dd5&reqId=f3d2ce33-6a32-4c56-7d26-0eae88e9fa59&zdid=136...
https://mwzeom.zeotap.com/mw?cid=9b933f2c-8277-4522-b47c-e464252e6b4f&zpartnerid=317&gdpr=1&gdpr_consent=

95 B
152 B

45ms
41ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=9b933f2c-8277-4522-b47c-e464252e6b4f&zpartnerid=317&gdpr=1&gdpr_consent=
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 01:05:28 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 7651ae68cfec76d1-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

location: https://mwzeom.zeotap.com/mw?cid=9b933f2c-8277-4522-b47c-e464252e6b4f&zpartnerid=317&gdpr=1&gdpr_consent=
pragma: no-cache
date: Sat, 05 Nov 2022 01:05:28 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
x-xss-protection: 1; mode=block
expires: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 696D
Redirect Chain

https://dpm.demdex.net/ibs:dpid=199624&dpuuid=7dd941a7-2158-462c-65c5-4439b4e13dd5&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=7dd941a7-2158-462c-65c5-4439b4e13dd5&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
https://mwzeom.zeotap.com/mw?cid=83846149001161129374434079806974675373&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7dd941a7-2158-462c-65c5-4439b4e13dd5&reqId=f3d2ce33-6a32-...

95 B
152 B

47ms
43ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=83846149001161129374434079806974675373&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7dd941a7-2158-462c-65c5-4439b4e13dd5&reqId=f3d2ce33-6a32-4c56-7d26-0eae88e9fa59&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 01:05:28 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 7651ae686f9276d1-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

DCS: dcs-prod-irl1-2-v045-034f2d6c4.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: AytPFDM5SLk=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://mwzeom.zeotap.com/mw?cid=83846149001161129374434079806974675373&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7dd941a7-2158-462c-65c5-4439b4e13dd5&reqId=f3d2ce33-6a32-4c56-7d26-0eae88e9fa59&zdid=1361
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 204 /
loadeu.exelator.com/load/ Frame 696D 0
324 B 227ms
45ms Image
text/plain 54.78.254.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7dd941a7-2158-462c-65c5-4439b4e13dd5&reqId=f3d2ce33-6a32-4c56-7d26-0eae88e9fa59&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 01:05:28 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 696D
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
https://mwzeom.zeotap.com/mw?cid=7162331821236287638&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7dd941a7-2158-462c-65c5-4439b4e13dd5&reqId=f3d2ce33-6a32-4c56-7d26-...

95 B
152 B

45ms
44ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=7162331821236287638&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7dd941a7-2158-462c-65c5-4439b4e13dd5&reqId=f3d2ce33-6a32-4c56-7d26-0eae88e9fa59&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 01:05:28 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 7651ae67cf0c76d1-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

Location: https://mwzeom.zeotap.com/mw?cid=7162331821236287638&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7dd941a7-2158-462c-65c5-4439b4e13dd5&reqId=f3d2ce33-6a32-4c56-7d26-0eae88e9fa59&zdid=1361
Date: Sat, 05 Nov 2022 01:05:28 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

check
pixel.tapad.com/idsync/ex/receive/ Frame 696D
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=7dd941a7-2158-462c-65c5-4439b4e13dd5
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=7dd941a7-2158-462c-65c5-4439b4e13dd5

95 B
122 B

78ms
43ms

Image
image/png

35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=7dd941a7-2158-462c-65c5-4439b4e13dd5

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

159.248.227.35.bc.googleusercontent.com

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 01:05:28 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type: image/png
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

Redirect headers

date: Sat, 05 Nov 2022 01:05:28 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=7dd941a7-2158-462c-65c5-4439b4e13dd5
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 696D
Redirect Chain

https://idsync.frontend.weborama.fr/ids?key=zeotap&value=7dd941a7-2158-462c-65c5-4439b4e13dd5&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
https://idsync.frontend.weborama.fr/ids?key=zeotap&value=7dd941a7-2158-462c-65c5-4439b4e13dd5&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
https://mwzeom.zeotap.com/mw?webouuid=BwlZKdoMSr1q35ewoPVBnu&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7dd941a7-2158-462c-65c5-4439b4e13dd5&reqId=f3d2ce33-6a32-4c...

95 B
152 B

50ms
50ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?webouuid=BwlZKdoMSr1q35ewoPVBnu&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7dd941a7-2158-462c-65c5-4439b4e13dd5&reqId=f3d2ce33-6a32-4c56-7d26-0eae88e9fa59&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 01:05:28 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 7651ae688fb276d1-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Sat, 05 Nov 2022 01:05:28 GMT
via: 1.1 google
last-modified: Sat, 05 Nov 2022 01:05:28 GMT
server: Weborama Collect Frontend
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location: https://mwzeom.zeotap.com/mw?webouuid=BwlZKdoMSr1q35ewoPVBnu&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7dd941a7-2158-462c-65c5-4439b4e13dd5&reqId=f3d2ce33-6a32-4c56-7d26-0eae88e9fa59&zdid=1361
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 696D
Redirect Chain

https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D[sas_uid]%26zpartnerid%3D592%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%...
https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https://mwzeom.zeotap.com/mw?cid=[sas_uid]&zpartnerid=592&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7dd941a7-2158-462c-65c5...
https://mwzeom.zeotap.com/mw?cid=

95 B
152 B

45ms
44ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 01:05:28 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 7651ae687faa76d1-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

location: https://mwzeom.zeotap.com/mw?cid=
pragma: no-cache
date: Sat, 05 Nov 2022 01:05:27 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2 404 tpid=7dd941a7-2158-462c-65c5-4439b4e13dd5
bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/ Frame 696D 49 B
265 B 131ms
39ms Image
image/gif 63.32.244.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=7dd941a7-2158-462c-65c5-4439b4e13dd5?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7dd941a7-2158-462c-65c5-4439b4e13dd5&reqId=f3d2ce33-6a32-4c56-7d26-0eae88e9fa59&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.32.244.82 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-32-244-82.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Nov 2022 01:05:28 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.6.38
content-length: 49
expires: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 696D
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
https://mwzeom.zeotap.com/mw?cid=y-N5ugquhE2oq.cCh_8u0IU11_9ejyUFuZ3A--~A&zpartnerid=570&env=mWeb

95 B
152 B

42ms
42ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=y-N5ugquhE2oq.cCh_8u0IU11_9ejyUFuZ3A--~A&zpartnerid=570&env=mWeb
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 01:05:28 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 7651ae68d80176d1-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

date: Sat, 05 Nov 2022 01:05:28 GMT
strict-transport-security: max-age=31536000
via: http/1.1 spdc0103.pbp.ir2.yahoo.com (ApacheTrafficServer)
server: ATS
age: 0
content-type: text/html;charset=utf-8
location: https://mwzeom.zeotap.com/mw?cid=y-N5ugquhE2oq.cCh_8u0IU11_9ejyUFuZ3A--~A&zpartnerid=570&env=mWeb
content-length: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 696D
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=GBR&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7dd941a7-2158-462c-65c5-4439b4e13dd5&reqId=f3d2ce33-6a32-4c56-7d26-0eae88e9fa59&zd...
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=GBR&zdid=1361&cid=ZR6S5X8XFTjOFO36oIE8fUC8IKvs9qmz%2BS41iYitP1U%3D

95 B
152 B

47ms
46ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=GBR&zdid=1361&cid=ZR6S5X8XFTjOFO36oIE8fUC8IKvs9qmz%2BS41iYitP1U%3D
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 01:05:28 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 7651ae69082f76d1-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Sat, 05 Nov 2022 01:05:28 GMT
server: AAWebServer
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=GBR&zdid=1361&cid=ZR6S5X8XFTjOFO36oIE8fUC8IKvs9qmz%2BS41iYitP1U%3D
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires: 0

GET
H3 200 v2
odr.mookie1.com/t/ Frame 696D 43 B
61 B 82ms
48ms Image
image/gif 34.98.67.61
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=7dd941a7-2158-462c-65c5-4439b4e13dd5&gdpr=0&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7dd941a7-2158-462c-65c5-4439b4e13dd5&reqId=f3d2ce33-6a32-4c56-7d26-0eae88e9fa59&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Nov 2022 01:05:28 GMT
via: 1.1 google
server: Apache
content-type: image/gif;charset=UTF-8
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 696D 0
338 B 150ms
38ms Image
text/plain 54.220.51.208
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7dd941a7-2158-462c-65c5-4439b4e13dd5&reqId=f3d2ce33-6a32-4c56-7d26-0eae88e9fa59&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.220.51.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-220-51-208.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-served-by: beacon-n006-dub-prod.krxd.net
date: Sat, 05 Nov 2022 01:05:28 GMT
cache-control: private, no-cache, no-store
x-request-time: D=36 t=1667610328
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 /
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame 696D 95 B
360 B 51ms
50ms Image
image/png 162.55.233.29
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=7dd941a7-2158-462c-65c5-4439b4e13dd5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7dd941a7-2158-462c-65c5-4439b4e13dd5&reqId=f3d2ce33-6a32-4c56-7d26-0eae88e9fa59&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.55.233.29 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.29.233.55.162.clients.your-server.de
Software: nginx/1.14.2 /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/png
date: Sat, 05 Nov 2022 01:05:28 GMT
server: nginx/1.14.2
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 696D
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr...
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=Y2W22AAAARhCSgA7&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7dd941a7-2158-462c-65c5-4439b4e13dd5&reqId=f3d2ce33-6a32-4c56-7d26-0ea...

95 B
152 B

54ms
54ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=Y2W22AAAARhCSgA7&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7dd941a7-2158-462c-65c5-4439b4e13dd5&reqId=f3d2ce33-6a32-4c56-7d26-0eae88e9fa59&zdid=1361&_test=Y2W22AAAARhCSgA7
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 01:05:28 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 7651ae68f82376d1-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

x-served-by: cache-lcy19259-LCY
pragma: no-cache
date: Sat, 05 Nov 2022 01:05:28 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1667610328.447580,VS0,VE0
x-cache: HIT
location: https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=Y2W22AAAARhCSgA7&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7dd941a7-2158-462c-65c5-4439b4e13dd5&reqId=f3d2ce33-6a32-4c56-7d26-0eae88e9fa59&zdid=1361&_test=Y2W22AAAARhCSgA7
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 696D
Redirect Chain

https://engine.widespace.com/map/ext/api/trackingcallback/v1?accessToken=zeotap-user-sync&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7dd941a7-2158-462c-65c5-4439b4e13dd5&reqId=f3d2ce33-6a...
https://mwzeom.zeotap.com/mw?zpartnerid=395&ws_uid=ck.10c5fc91-6523-40a2-bc69-6b0e1171718e&zdid=1361

95 B
152 B

43ms
43ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=395&ws_uid=ck.10c5fc91-6523-40a2-bc69-6b0e1171718e&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 01:05:28 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 7651ae69a8c776d1-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Sat, 05 Nov 2022 01:05:28 GMT
via: 1.1 68ce2f06efd4c9639aadce9f9d7fb096.cloudfront.net (CloudFront)
server: nginx/1.20.1
x-amz-cf-pop: DUS51-P2
x-cache: Miss from cloudfront
location: https://mwzeom.zeotap.com/mw?zpartnerid=395&ws_uid=ck.10c5fc91-6523-40a2-bc69-6b0e1171718e&zdid=1361
cache-control: must-revalidate, no-store, no-cache
content-length: 0
x-amz-cf-id: 1p_zh_4rNUX8zp2iBtkYp_SKsBz_Z_vuTgNTiv0vIikz6bjS4W61wQ==
expires: -1

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 696D
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7dd941a7-2158-462c-65c5-4439b4e13dd5&reqId=f3d2ce33-6a32-4c56-7d26-0eae88e9fa59&zdid=1361
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7dd941a7-2158-462c-65c5-4439b4e13dd5&reqId=f3d2ce33-6a32-4c56-7d26-0eae88e9...

0
337 B

39ms
38ms

Image
text/plain

54.220.51.208
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7dd941a7-2158-462c-65c5-4439b4e13dd5&reqId=f3d2ce33-6a32-4c56-7d26-0eae88e9fa59&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 54.220.51.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-220-51-208.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-served-by: beacon-n003-dub-prod.krxd.net
date: Sat, 05 Nov 2022 01:05:28 GMT
cache-control: private, no-cache, no-store
x-request-time: D=34 t=1667610328
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7dd941a7-2158-462c-65c5-4439b4e13dd5&reqId=f3d2ce33-6a32-4c56-7d26-0eae88e9fa59&zdid=1361
date: Sat, 05 Nov 2022 01:05:28 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a008-ash-prod.krxd.net

GET
H/1.1

200
OK

dcm
aax-eu.amazon-adsystem.com/s/ Frame 696D
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=7dd941a7-2158-462c-65c5-4439b4e13dd5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7dd941a7-2158-462c-65c...
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=7dd941a7-2158-462c-65c5-4439b4e13dd5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7dd941a7-2158-462c-65c...

43 B
568 B

42ms
42ms

Image
image/gif

52.95.118.179
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=7dd941a7-2158-462c-65c5-4439b4e13dd5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7dd941a7-2158-462c-65c5-4439b4e13dd5&reqId=f3d2ce33-6a32-4c56-7d26-0eae88e9fa59&zdid=1361&dcc=t

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

HTTP/1.1

Server

52.95.118.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 05 Nov 2022 01:05:28 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 531QRAT2P5717JW6A2D2
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 05 Nov 2022 01:05:28 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: YBTTYZKT5CWXEX389PJ5
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=7dd941a7-2158-462c-65c5-4439b4e13dd5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7dd941a7-2158-462c-65c5-4439b4e13dd5&reqId=f3d2ce33-6a32-4c56-7d26-0eae88e9fa59&zdid=1361&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 400 87734
tags.bluekai.com/site/ Frame 696D 0
145 B 232ms
205ms Image
text/plain 104.76.200.221
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/87734?id=7dd941a7-2158-462c-65c5-4439b4e13dd5&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7dd941a7-2158-462c-65c5-4439b4e13dd5&reqId=f3d2ce33-6a32-4c56-7d26-0eae88e9fa59&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.76.200.221 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-76-200-221.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 01:05:28 GMT
content-length: 0
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 696D
Redirect Chain

https://obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D7dd94...
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7dd941a7-2158-462c-65c5-4439b4e13dd5&reqId=f3d2ce33-6a32-4c56-7d26-0eae88e9fa59&zdid=1361

95 B
152 B

40ms
40ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7dd941a7-2158-462c-65c5-4439b4e13dd5&reqId=f3d2ce33-6a32-4c56-7d26-0eae88e9fa59&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 01:05:28 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 7651ae69f90676d1-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

location: https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7dd941a7-2158-462c-65c5-4439b4e13dd5&reqId=f3d2ce33-6a32-4c56-7d26-0eae88e9fa59&zdid=1361
date: Sat, 05 Nov 2022 01:05:28 GMT
cross-origin-resource-policy: cross-origin
content-length: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 696D
Redirect Chain

https://pixel.rubiconproject.com/token?pid=41544&puid=7dd941a7-2158-462c-65c5-4439b4e13dd5&gdpr=0&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7dd941a7-2158-462c-65c5-4439b4e1...
https://mwzeom.zeotap.com/mw?cid=LA384PLQ-U-6E0I&env=mWeb&zpartnerid=1770&gdpr=0

95 B
152 B

40ms
40ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=LA384PLQ-U-6E0I&env=mWeb&zpartnerid=1770&gdpr=0
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 01:05:28 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 7651ae69587476d1-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

Location: https://mwzeom.zeotap.com/mw?cid=LA384PLQ-U-6E0I&env=mWeb&zpartnerid=1770&gdpr=0
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 696D
Redirect Chain

https://x.bidswitch.net/syncd?dsp_id=461&user_group=1&expires=5&user_id=7dd941a7-2158-462c-65c5-4439b4e13dd5&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BBBSW_UUID%7D%26cookie_age%3D%24...
https://mwzeom.zeotap.com/mw?cid=${BBSW_UUID}&cookie_age=${COOKIE_AGE}&env=mWeb&zpartnerid=1771&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7dd941a7-2158-462c-65c5-4439b4e13dd5&reqId=f3d2c...

95 B
152 B

44ms
44ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=${BBSW_UUID}&cookie_age=${COOKIE_AGE}&env=mWeb&zpartnerid=1771&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7dd941a7-2158-462c-65c5-4439b4e13dd5&reqId=f3d2ce33-6a32-4c56-7d26-0eae88e9fa59&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 01:05:28 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 7651ae69587b76d1-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

Location: https://mwzeom.zeotap.com/mw?cid=${BBSW_UUID}&cookie_age=${COOKIE_AGE}&env=mWeb&zpartnerid=1771&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7dd941a7-2158-462c-65c5-4439b4e13dd5&reqId=f3d2ce33-6a32-4c56-7d26-0eae88e9fa59&zdid=1361
Date: Sat, 05 Nov 2022 01:05:28 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 7208 33 KB
10 KB 41ms
40ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 4bfae8a212bb009d6f937a0041b20247352ff3d7bb6aacd4b3b0447d19b55df7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?gdpr=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 05 Nov 2022 01:05:28 GMT
Content-Encoding: gzip
Last-Modified: Fri, 04 Nov 2022 17:48:53 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=60164
Connection: keep-alive
Content-Length: 9885
Expires: Sat, 05 Nov 2022 17:48:12 GMT

GET
H3 200 usermatch Show response
ssum-sec.casalemedia.com/ Frame E119 2 KB
1 KB 102ms
83ms Document
text/html 104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fbuhgalter.com.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d5558c71a83bc4733ab379e94c9799216c3c1a5cb90c6dc4f937f788e7f1559

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7651ae669cdcdcd3-LHR
content-encoding: br
content-type: text/html
date: Sat, 05 Nov 2022 01:05:28 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jwmY0ta4u9EtcnmEvC94ohrGt15lZ9uD5lDHfpTTD%2BFvGlnD7Trfn601Fzy5DCAMpz5o%2FRWgnpJdtiy17WIPdkmDP1phNOFew8NS1%2FMVC92Rg24mL6CMm%2BooYkZSU7C6smsgfjJtLvUfaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame B0AB 0
748 B 43ms
42ms Script
text/html 37.252.171.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 05 Nov 2022 01:05:28 GMT
AN-X-Request-Uuid: 2dd5f53a-a1bc-4d9d-a9dd-4213370a37bf
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.138.196.109; 217.138.196.109; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 8204 5 KB
6 KB 34ms
34ms Script
text/html 198.47.127.19
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=94599336&p=156813&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 545cb5d644d893e88fa4e11657a3c087a512641326f8125766280d0c1d9dec40

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Sat, 05 Nov 2022 01:05:26 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 124ms
35ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sat, 05 Nov 2022 01:05:28 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 497156
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

match Show response
c1.adform.net/serving/cookie/ Frame 1980
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&cid=A69EE0D3-78E7-482C-8746-636E4A80DE47&gdpr=0&gdpr_consent=
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=A69EE0D3-78E7-482C-8746-636E4A80DE47&gdpr=0&gdpr_consent=

35 B
467 B

52ms
48ms

Document
image/gif

37.157.6.246

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=A69EE0D3-78E7-482C-8746-636E4A80DE47&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.246 , Denmark, ASN198622 (),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
date: Sat, 05 Nov 2022 01:05:28 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 0
date: Sat, 05 Nov 2022 01:05:28 GMT
expires: -1
location: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=A69EE0D3-78E7-482C-8746-636E4A80DE47&gdpr=0&gdpr_consent=
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 77D7
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8237871583332428111

42 B
194 B

34ms
32ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8237871583332428111
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sat, 05 Nov 2022 01:05:27 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8237871583332428111
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 8628
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:74636365-b6d8-4e00-bcdc-6e3545f1516b&gdpr=0&gdpr_consent=

42 B
406 B

47ms
46ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:74636365-b6d8-4e00-bcdc-6e3545f1516b&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sat, 05 Nov 2022 01:05:26 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Content-Type: image/gif
Date: Sat, 05 Nov 2022 01:05:28 GMT
Expires: Sat, 05 Nov 2022 01:05:27 GMT
Keep-Alive: timeout=360
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 4629 97bee97 master hkg-pixel-x21 config:1.0.0
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:74636365-b6d8-4e00-bcdc-6e3545f1516b&gdpr=0&gdpr_consent=

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame 633A 43 B
363 B 140ms
35ms Document
image/gif 178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-cache
content-type: image/gif
cross-origin-resource-policy: cross-origin
date: Sat, 05 Nov 2022 01:05:27 GMT
expires: Sat, 05 Nov 2022 00:00:00 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 566988
strict-transport-security: max-age=31536000; preload;
x-errorlevel: 0

GET
H/1.1

200
OK

dcm Show response
aax-eu.amazon-adsystem.com/s/ Frame CB7E
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=A69EE0D3-78E7-482C-8746-636E4A80DE47&redir=true&gdpr=0&gdpr_consent=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=A69EE0D3-78E7-482C-8746-636E4A80DE47&redir=true&gdpr=0&gdpr_consent=&dcc=t

43 B
855 B

199ms
196ms

Document
image/gif

52.95.118.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=A69EE0D3-78E7-482C-8746-636E4A80DE47&redir=true&gdpr=0&gdpr_consent=&dcc=t

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.95.118.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Sat, 05 Nov 2022 01:05:28 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: RG4RR98368F8RBV8KCKM

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Sat, 05 Nov 2022 01:05:28 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=A69EE0D3-78E7-482C-8746-636E4A80DE47&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: Y67X8ZZ6MKGJQS773H3H

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 95E4
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2135954514127792914&gdpr=0&gdpr_consent=

42 B
297 B

122ms
34ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2135954514127792914&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sat, 05 Nov 2022 01:05:26 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

AN-X-Request-Uuid: 42829a2a-bc85-47ab-9b00-ec4388be405f
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=utf-8
Date: Sat, 05 Nov 2022 01:05:28 GMT
Expires: Sat, 15 Nov 2008 16:00:00 GMT
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2135954514127792914&gdpr=0&gdpr_consent=
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma: no-cache
Server: nginx/1.21.3
X-Proxy-Origin: 217.138.196.109; 217.138.196.109; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection: 0

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 5A6F
Redirect Chain

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=1907wYPYacLM3W6Vhd0gkdDZaMfM3muWg4_xJcMe

42 B
415 B

120ms
33ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=1907wYPYacLM3W6Vhd0gkdDZaMfM3muWg4_xJcMe
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sat, 05 Nov 2022 01:05:27 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
date: Sat, 05 Nov 2022 01:05:28 GMT
expires: Fri, 04 Aug 1978 12:00:00 GMT
location: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=1907wYPYacLM3W6Vhd0gkdDZaMfM3muWg4_xJcMe
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
strict-transport-security: max-age=86400

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame AF99
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7162331821235632278&gdpr=0&gdpr_consent=

42 B
447 B

121ms
35ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7162331821235632278&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sat, 05 Nov 2022 01:05:27 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Date: Sat, 05 Nov 2022 01:05:28 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7162331821235632278&gdpr=0&gdpr_consent=
Server: nginx
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H/1.1

200
OK

adx Show response
match.prod.bidr.io/cookie-sync/ Frame 16B4
Redirect Chain

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFNUTFVN0d5MjRBQUNFM2JtR1Vtdw&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1

43 B
433 B

44ms
41ms

Document
image/gif

54.171.64.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.171.64.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-171-64-74.eu-west-1.compute.amazonaws.com

Software

gunicorn /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Connection: keep-alive
Content-Length: 43
Date: Sat, 05 Nov 2022 01:05:28 GMT
Server: gunicorn
cache-control: no-cache, must-revalidate
content-type: image/gif
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma: no-cache
strict-transport-security: max-age=2592000; includeSubDomains

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 355
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 05 Nov 2022 01:05:28 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
location: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: HTTP server (unknown)
x-xss-protection: 0

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 90F9
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=BsrVmMlIRkpttmzYZ3WCNdmKxG0

42 B
268 B

35ms
35ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=BsrVmMlIRkpttmzYZ3WCNdmKxG0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sat, 05 Nov 2022 01:05:27 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Content-Length: 159
Content-Type: text/html; charset=utf-8
Date: Sat, 05 Nov 2022 01:05:28 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=BsrVmMlIRkpttmzYZ3WCNdmKxG0

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 20B7
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y2W22AAForVBHQA7&gdpr=0&gdpr_consent=&_test=Y2W22AAForVBHQA7

1 B
238 B

35ms
34ms

Document
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y2W22AAForVBHQA7&gdpr=0&gdpr_consent=&_test=Y2W22AAForVBHQA7
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 1
content-type: text/html; charset=utf-8
date: Sat, 05 Nov 2022 01:05:27 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

accept-ranges: bytes
cache-control: no-cache
content-length: 0
date: Sat, 05 Nov 2022 01:05:28 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y2W22AAForVBHQA7&gdpr=0&gdpr_consent=&_test=Y2W22AAForVBHQA7
pragma: no-cache
retry-after: 0
server: Varnish
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-lcy19259-LCY
x-timer: S1667610328.382771,VS0,VE0

GET
H2 204 /
csync.loopme.me/ Frame 6A61 0
0 42ms
41ms Document
text/plain 35.214.236.176
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.214.236.176 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS: 176.236.214.35.bc.googleusercontent.com
Software: _ /
Resource Hash

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

date: Sat, 05 Nov 2022 01:05:28 GMT
server: _

GET
H2

200

i.match Show response
s.tribalfusion.com/z/ Frame 0CD3
Redirect Chain

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...

43 B
414 B

188ms
173ms

Document
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache private
cf-cache-status: DYNAMIC
cf-ray: 7651ae68cd857308-LHR
content-length: 43
content-type: image/gif; charset=utf-8
date: Sat, 05 Nov 2022 01:05:28 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
x-function: 302

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache private
cf-cache-status: DYNAMIC
cf-ray: 7651ae678c0e7308-LHR
content-type: text/html
date: Sat, 05 Nov 2022 01:05:28 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
x-function: 206
x-reuse-index: 1849

GET
H/1.1 204
No Content pub
matching.truffle.bid/sync/ Frame 826E 0
0 355ms
108ms Document
text/plain 5.161.54.172
HETZNER-CLOUD2-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

5.161.54.172 , Germany, ASN213230 (HETZNER-CLOUD2-AS, DE),

Reverse DNS

static.172.54.161.5.clients.your-server.de

Software

nginx/1.23.1 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Connection: keep-alive
Date: Sat, 05 Nov 2022 01:05:28 GMT
Server: nginx/1.23.1
Strict-Transport-Security: max-age=15768000

GET
H2

404

gdpr_consent= Show response
sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=bfa07d0b059e0ebc/gdpr=0/ Frame 743C
Redirect Chain

https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=bfa07d0b059e0ebc/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%...

49 B
266 B

126ms
38ms

Document
image/gif

99.81.33.254
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=bfa07d0b059e0ebc/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DwoK5xk2lhMgaTQahaVRnanhj
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.81.33.254 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-81-33-254.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-cache
content-length: 49
content-type: image/gif
date: Sat, 05 Nov 2022 01:05:28 GMT
expires: 0
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma: no-cache
server: Jetty(9.4.38.v20210224)
x-server: 10.45.24.232

Redirect headers

content-length: 0
location: https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=bfa07d0b059e0ebc/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DwoK5xk2lhMgaTQahaVRnanhj

GET
H/1.1 200
OK cookiesync Show response
core.iprom.net/ Frame 7565 43 B
282 B 256ms
59ms Document
image/gif 195.5.165.20
IPROM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Connection: close
Content-Length: 43
Content-Type: image/gif
Date: Sat, 05 Nov 2022 01:05:28 GMT
Vary: Accept-Encoding
X-adserver-worker: leviathan-f8ec1b55c73e@version_1.530v2
X-core-time: 1ms
X-server-arch: v2

GET
H2 200 bridge Show response
cm.adgrx.com/ Frame 16CE 43 B
283 B 196ms
46ms Document
image/gif 63.251.232.165
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.251.232.165 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, proxy-revalidate
content-length: 43
content-type: image/gif
date: Sat, 05 Nov 2022 01:05:28 GMT
expires: Thu, 23 Sep 2004 17:42:04 GMT
p3p: CP="NOI OTC OTP OUR NOR"
pragma: no-cache
server: Cowboy
x-realserver-nx: ams-delivery-9

GET
H2

200

generic Show response
match.adsrvr.org/track/cmf/ Frame 8B8F
Redirect Chain

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1667610328262
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6352167345

70 B
264 B

42ms
39ms

Document
image/gif

52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6352167345
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-length: 70
content-type: image/gif
date: Sat, 05 Nov 2022 01:05:28 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

Redirect headers

cache-control: no-store, no-cache, must-revalidate
content-type: text/html
date: Sat, 05 Nov 2022 01:05:28 GMT
etag: RXa7dfd6bcacf843cba45b093df4c2c720003
expires: 0
location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6352167345
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma: no-cache

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8204
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=pp7g03jnSCyHRmNuSoDeRw%3D%3D&gdpr=0&gdpr_consent=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

15 KB
15 KB

47ms
43ms

Image
text/html

23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 01:05:28 GMT
content-encoding: gzip
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
server: Apache
etag: "1300708-3de4-5d6ef246ef4cf"
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=39410
accept-ranges: bytes
content-length: 5549
expires: Sat, 05 Nov 2022 12:02:18 GMT

Redirect headers

pragma: no-cache
date: Sat, 05 Nov 2022 01:05:28 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET img
sync.mathtag.com/sync/ Frame 8204 0
0

GET
H2

404

gdpr_consent=
sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=bfa07d0b059e0ebc/gdpr=0/ Frame 8204
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=A69EE0D3-78E7-482C-8746-636E4A80DE47&gdpr=0&gdpr_consent=
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=889dbef8f24d160fd1d7162840f7bc6c&gdpr=0
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=bfa07d0b059e0ebc/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...

49 B
264 B

92ms
39ms

Image
image/gif

99.81.33.254
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=bfa07d0b059e0ebc/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Server: 99.81.33.254 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-81-33-254.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Nov 2022 01:05:28 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.23.7
content-length: 49
expires: 0

Redirect headers

location: https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=bfa07d0b059e0ebc/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D
content-length: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 8204
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QTY5RUUwRDMtNzhFNy00ODJDLTg3NDYtNjM2RTRBODBERTQ3&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
245 B

66ms
33ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sat, 05 Nov 2022 01:05:27 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sat, 05 Nov 2022 01:05:28 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 8204
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEExBjZMe7_0NfeAnux1HHJ4&google_cver=1

42 B
298 B

69ms
36ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEExBjZMe7_0NfeAnux1HHJ4&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sat, 05 Nov 2022 01:05:27 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sat, 05 Nov 2022 01:05:28 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEExBjZMe7_0NfeAnux1HHJ4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 8204 43 B
610 B 141ms
37ms Image
image/gif 35.204.74.118
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

118.74.204.35.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 01:05:28 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Fri, 04 Nov 2022 01:05:28 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 8204
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3956611679389570165

42 B
219 B

36ms
35ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3956611679389570165
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sat, 05 Nov 2022 01:05:27 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sat, 05 Nov 2022 01:05:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3956611679389570165
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 8204 70 B
264 B 60ms
38ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 05 Nov 2022 01:05:28 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame 8204 43 B
220 B 107ms
41ms Image
image/gif 18.194.110.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.110.242 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-110-242.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 05 Nov 2022 01:05:28 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 A69EE0D3-78E7-482C-8746-636E4A80DE47
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 8204 43 B
425 B 192ms
54ms Image
image/gif 2a05:d018:d29:3602:1e36:6736:c41a:e1de
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/A69EE0D3-78E7-482C-8746-636E4A80DE47?gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3602:1e36:6736:c41a:e1de Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 01:05:28 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 8204
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=A69EE0D3-78E7-482C-8746-636E4A80DE47&redir=true&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=A69EE0D3-78E7-482C-8746-636E4A80DE47&redir=true&gdpr=0&gdpr_consent=&verify=true
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-b.dH1oJE2uUQBlYA0j0s4ChV6.Xd0iU-~A&gdpr=0&gdpr_consent=

0
260 B

127ms
36ms

Image
text/plain

198.47.127.20
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-b.dH1oJE2uUQBlYA0j0s4ChV6.Xd0iU-~A&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Server: 198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 01:05:26 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-b.dH1oJE2uUQBlYA0j0s4ChV6.Xd0iU-~A&gdpr=0&gdpr_consent=
date: Sat, 05 Nov 2022 01:05:28 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 204 current
pubmatic-match.dotomi.com/match/bounce/ Frame 8204 0
104 B 185ms
64ms Image
text/plain 2a02:fa8:8806:16::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=A69EE0D3-78E7-482C-8746-636E4A80DE47&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:16::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Nov 2022 01:05:28 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 8204 0
191 B 135ms
34ms Image
text/plain 66.155.71.149
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Sat, 05 Nov 2022 01:05:27 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 8204
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3136322242902205166&gdpr=0&gdpr_consent=&us_privacy=

1 B
193 B

35ms
35ms

Image
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3136322242902205166&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Sat, 05 Nov 2022 01:05:27 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3136322242902205166&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Sat, 05 Nov 2022 01:05:28 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 8204
Redirect Chain

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:2ff9fe69-3cd9-49c6-a9df-a55279a42180&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

42 B
95 B

36ms
35ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:2ff9fe69-3cd9-49c6-a9df-a55279a42180&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sat, 05 Nov 2022 01:05:28 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:2ff9fe69-3cd9-49c6-a9df-a55279a42180&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date: Sat, 05 Nov 2022 01:05:28 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 8204
Redirect Chain

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2135954514127792914

42 B
95 B

35ms
34ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2135954514127792914
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sat, 05 Nov 2022 01:05:28 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Sat, 05 Nov 2022 01:05:28 GMT
AN-X-Request-Uuid: e3e66514-2d7a-4bd1-8124-48c4a16fe760
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2135954514127792914
Connection: keep-alive
X-Proxy-Origin: 217.138.196.109; 217.138.196.109; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame E119 70 B
264 B 44ms
41ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fbuhgalter.com.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 05 Nov 2022 01:05:28 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame E119
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y2W21Q4NmwM8dt5vJ0ieUwAABKYAAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y2W21Q4NmwM8dt5vJ0ieUwAABKYAAAIB&dcc=t

43 B
855 B

142ms
141ms

Image
image/gif

52.46.151.131

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y2W21Q4NmwM8dt5vJ0ieUwAABKYAAAIB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fbuhgalter.com.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

HTTP/1.1

Server

52.46.151.131 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 05 Nov 2022 01:05:28 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: T4KA07BRB0696VR9C4R1
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 05 Nov 2022 01:05:28 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: K1JB27ZDFZXY01T8R4VY
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y2W21Q4NmwM8dt5vJ0ieUwAABKYAAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

usermatchredir
ssum-sec.casalemedia.com/ Frame E119
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y2W21Q4NmwM8dt5vJ0ieUwAABKYAAAIB&gdpr_consent=&us_privacy=&gdpr=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEA_HQ4vks5S8_yRa_pROQ4I&google_cver=1

43 B
840 B

77ms
76ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEA_HQ4vks5S8_yRa_pROQ4I&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fbuhgalter.com.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Server: 104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Nov 2022 01:05:28 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TiY4On%2BN9zPAh34fFaKllf%2BOoXEMM9AOT0eylDiI7DnJ8w9KsnrIocXTvkOhtKHf2p1v4YsfhzspNqFUU1wVO66%2BfphWgAEtosbBdQnEvZSJtCIstRkv9UiRc9xYhbbVB2i6AKCmtdHy3A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 7651ae679e34dcd3-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 05 Nov 2022 01:05:28 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEA_HQ4vks5S8_yRa_pROQ4I&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 342
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Y2W21Q4NmwM8dt5vJ0ieUwAABKYAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame E119 43 B
603 B 154ms
53ms Image
image/gif 2a05:d018:d29:3602:1e36:6736:c41a:e1de
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/Y2W21Q4NmwM8dt5vJ0ieUwAABKYAAAIB?gdpr_consent=&us_privacy=&gdpr=

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fbuhgalter.com.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3602:1e36:6736:c41a:e1de Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 01:05:28 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame E119
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=29
https://c1.adform.net/serving/cookie/match?CC=1&party=29
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=5667284144946096023&expiration=1668819928

43 B
766 B

87ms
39ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=5667284144946096023&expiration=1668819928
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fbuhgalter.com.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 05 Nov 2022 01:05:28 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sat, 05 Nov 2022 01:05:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=5667284144946096023&expiration=1668819928
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame E119
Redirect Chain

https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y2W21Q4NmwM8dt5vJ0ieUwAA%261190?gdpr_consent=&us_privacy=&gdpr=
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y2W21Q4NmwM8dt5vJ0ieUwAA%261190

42 B
942 B

41ms
41ms

Image
image/gif

34.249.157.182
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y2W21Q4NmwM8dt5vJ0ieUwAA%261190

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fbuhgalter.com.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

HTTP/1.1

Server

34.249.157.182 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-249-157-182.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v045-04c35fc5e.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 9519qwLWSgE=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-2-v045-0cfa310b8.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: Z67rQ7LZS1o=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y2W21Q4NmwM8dt5vJ0ieUwAA%261190
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 ix
ad4m.at/ad/sim/ Frame E119 0
0 132ms
60ms Image
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad4m.at/ad/sim/ix
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fbuhgalter.com.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame E119
Redirect Chain

https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=53a81637-4b82-4224-8281-8b545f1936b2

43 B
766 B

120ms
40ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=53a81637-4b82-4224-8281-8b545f1936b2
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fbuhgalter.com.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 05 Nov 2022 01:05:28 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=53a81637-4b82-4224-8281-8b545f1936b2
date: Sat, 05 Nov 2022 01:05:28 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131
content-type: text/html; charset=utf-8

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame E119 43 B
352 B 109ms
31ms Image
image/gif 104.18.12.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?Y2W21Q4NmwM8dt5vJ0ieUwAA%261190
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fbuhgalter.com.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.12.76 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 01:05:28 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
age: 9380
etag: "761e21-2b-546dc3a097100"
vary: Accept-Encoding
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7651ae67c872b2e7-MAN
content-length: 43
expires: Sun, 06 Nov 2022 01:05:28 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 9C82 33 KB
10 KB 47ms
47ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 4bfae8a212bb009d6f937a0041b20247352ff3d7bb6aacd4b3b0447d19b55df7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 05 Nov 2022 01:05:28 GMT
Content-Encoding: gzip
Last-Modified: Fri, 04 Nov 2022 17:48:53 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=60164
Connection: keep-alive
Content-Length: 9885
Expires: Sat, 05 Nov 2022 17:48:12 GMT

GET
H/1.1 200
OK cmp.js Show response
ced-ns.sascdn.com/diff/js/modules/ Frame 3F3C 9 KB
3 KB 326ms
44ms Script
application/x-javascript 2a02:26f0:1700:c::1737:6e45
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ced-ns.sascdn.com/diff/js/modules/cmp.js
Requested by: Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/rtb/csync/CookieSync.html?nwid=3050&dcid=3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:c::1737:6e45 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: b730ee413841da70b67f550de8ffce8148c3fd15dacc5274bd0b80bf18a44da7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://csync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Unused62: 8096267
Date: Sat, 05 Nov 2022 01:05:28 GMT
Content-Encoding: gzip
Last-Modified: Thu, 17 Feb 2022 11:31:40 GMT
Server: AkamaiNetStorage
ETag: "49623d3e5c04865dd012dafa25c82381:1645098702.977678"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2929

GET
H/1.1 200
OK CookieSync.min.js Show response
csync.smartadserver.com/rtb/csync/ Frame 3F3C 61 KB
14 KB 46ms
45ms Script
application/x-javascript 2a02:26f0:1700:c::1737:6e47
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smartadserver.com/rtb/csync/CookieSync.min.js
Requested by: Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/rtb/csync/CookieSync.html?nwid=3050&dcid=3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:c::1737:6e47 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 598686e7213f278bb341e3194022b4355d1cd95818eeb224ea48ca10e96144cf

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://csync.smartadserver.com/rtb/csync/CookieSync.html?nwid=3050&dcid=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 05 Nov 2022 01:05:28 GMT
Content-Encoding: gzip
Last-Modified: Thu, 20 Oct 2022 08:45:26 GMT
Server: AkamaiNetStorage
ETag: "e887ffeb10fe1e5e78f4cd0280a52ce6:1666255728.542245"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13713

GET
H/1.1 200
OK TemplatePool.min.js Show response
csync.smartadserver.com/rtb/csync/ Frame 3F3C 152 KB
4 KB 93ms
44ms Script
application/x-javascript 2a02:26f0:1700:c::1737:6e47
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smartadserver.com/rtb/csync/TemplatePool.min.js
Requested by: Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/rtb/csync/CookieSync.html?nwid=3050&dcid=3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:c::1737:6e47 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 5af3136530a33e7ac536f9e52da58b6d4419b30baf4eb6fe14462fc516643ce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://csync.smartadserver.com/rtb/csync/CookieSync.html?nwid=3050&dcid=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 05 Nov 2022 01:05:28 GMT
Content-Encoding: gzip
Last-Modified: Thu, 20 Oct 2022 08:45:26 GMT
Server: AkamaiNetStorage
ETag: "89c36d3d06737a5284fa51f4d50162e5:1666255729.181322"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4196

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 7208
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=fdAeRLnPTuOkIDz0jdtAyw&rk=usync-na&gdpr=0
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=fdAeRLnPTuOkIDz0jdtAyw&gdpr=0

43 B
479 B

120ms
119ms

Image
image/gif

52.46.151.131

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=fdAeRLnPTuOkIDz0jdtAyw&gdpr=0

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

HTTP/1.1

Server

52.46.151.131 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 05 Nov 2022 01:05:28 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: N8E3ZMR6M7DZ8Q0F3TXP
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=fdAeRLnPTuOkIDz0jdtAyw&gdpr=0
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

setuid
px.ads.linkedin.com/ Frame 7208
Redirect Chain

https://token.rubiconproject.com/token?pid=36584&gdpr=0
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LA384PLQ-U-6E0I&gdpr=0

0
707 B

191ms
123ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LA384PLQ-U-6E0I&gdpr=0
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 01:05:28 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 870A39BE7A9F45BF9CD672C1EF5DEAE0 Ref B: LTSEDGE0808 Ref C: 2022-11-05T01:05:28Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXsrslBtmvVDb1u5YfkVA==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LA384PLQ-U-6E0I&gdpr=0
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 7208
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0
https://pr-bh.ybp.yahoo.com/sync/rubicon/TRJIX7Ii2W4smMqPYGFzOg?csrc=&gdpr=0
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=6769945840981893239

0
239 B

43ms
43ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=6769945840981893239
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Sat, 05 Nov 2022 01:05:28 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=6769945840981893239
content-length: 0

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame 7208
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=QMUqyQbsTe6Z3DLFCPbL_g&rk=usync-other&gdpr=0
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=QMUqyQbsTe6Z3DLFCPbL_g&gdpr=0

43 B
479 B

44ms
43ms

Image
image/gif

52.95.118.179
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=QMUqyQbsTe6Z3DLFCPbL_g&gdpr=0

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

HTTP/1.1

Server

52.95.118.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 05 Nov 2022 01:05:28 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 727ETZBF3KFB4MA8D4Q7
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=QMUqyQbsTe6Z3DLFCPbL_g&gdpr=0
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7208
Redirect Chain

https://token.rubiconproject.com/token?pid=25470&gdpr=0
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEEzODRQTFEtVS02RTBJ&gdpr=0

170 B
188 B

55ms
52ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEEzODRQTFEtVS02RTBJ&gdpr=0

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Nov 2022 01:05:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEEzODRQTFEtVS02RTBJ&gdpr=0
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 7208 70 B
264 B 47ms
42ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 05 Nov 2022 01:05:28 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 7208
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESECBgs19rEGeq3BxYeMo7x7Q&google_cver=1

0
239 B

51ms
44ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESECBgs19rEGeq3BxYeMo7x7Q&google_cver=1
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Sat, 05 Nov 2022 01:05:28 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESECBgs19rEGeq3BxYeMo7x7Q&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 337
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7208
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=OGQwYjFiNjg2NmM3ZWI3YTRlYTkxMWNjM2Y1OTJlOGU4MWQzY2QwZg&google_cm&gdpr=0
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=0&google_gid=CAESELMxQpNzqA2JLiH2h3lm26M&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEEzODRQTFEtVS02RTBJ&google_push=&gdpr=0

170 B
188 B

51ms
51ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEEzODRQTFEtVS02RTBJ&google_push=&gdpr=0

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Nov 2022 01:05:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEEzODRQTFEtVS02RTBJ&google_push=&gdpr=0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Expires: 0

GET
H/1.1 204
No Content sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 9C82 0
239 B 233ms
44ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-eu.rubiconproject.com/exchange/sync.php?p=seedtag&khaos=LA384PLQ-U-6E0I
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame B0AB 0
748 B 43ms
42ms Script
text/html 37.252.171.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 05 Nov 2022 01:05:29 GMT
AN-X-Request-Uuid: 76dd034c-ec1d-47e0-b78c-01dc605b97e0
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.138.196.109; 217.138.196.109; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cs.admanmedia.com
URL: https://cs.admanmedia.com/981e2a0ec1c40493e59b139b8db4f728.gif?puid=[UID]&redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D737612%26extuid%3D%5BUID%5D

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEMN7h5md-5uoslKEagFfCPQ&google_cver=1&google_push=AZmPxg-w9lcryoLzMrt9DPBKTWixalR53Gg41Z2pPP5LJNI6FI_dXUe5R_fdrggF_qLNslz559GnbE1PizSZDunUE9A-e9lLR_GBfBw

Domain: sync.mathtag.com
URL: https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D

Verdicts & Comments Add Verdict or Comment

179 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

127 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
buhgalter.com.ua/	1970-01-20 07:56:42	Name: leads Value: a%3A1%3A%7Bs%3A13%3A%22subscr_source%22%3Ba%3A3%3A%7Bs%3A11%3A%22create_date%22%3Bs%3A10%3A%222022-11-05%22%3Bs%3A6%3A%22source%22%3Ba%3A4%3A%7Bs%3A10%3A%22utm_source%22%3Bs%3A6%3A%22direct%22%3Bs%3A10%3A%22utm_medium%22%3Bs%3A4%3A%22none%22%3Bs%3A3%3A%22url%22%3Bs%3A25%3A%22https%3A%2F%2Fbuhgalter.com.ua%2F%22%3Bs%3A11%3A%22refererData%22%3Ba%3A2%3A%7Bs%3A11%3A%22refererPath%22%3Bs%3A25%3A%22https%3A%2F%2Fbuhgalter.com.ua%2F%22%3Bs%3A7%3A%22referer%22%3Bs%3A16%3A%22buhgalter.com.ua%22%3B%7D%7Ds%3A2%3A%22ga%22%3Ba%3A1%3A%7Bs%3A3%3A%22cid%22%3Bs%3A36%3A%2248db0b8c-235d-4020-99f0-5924eaaaafe8%22%3B%7D%7D%7D
.buhgalter.com.ua/	1969-12-31 23:59:59	Name: sMHaSpM Value: 1
.buhgalter.com.ua/	1970-01-20 16:49:30	Name: __fp2_f2 Value: 0KgQrECQeJTWqqYQEMM5ernbJ8W3Of7H
.buhgalter.com.ua/	1969-12-31 23:59:59	Name: E751hCN Value: 1
.buhgalter.com.ua/	1970-01-20 16:49:30	Name: _faguid Value: 0KgQrECQeJTWqqYQEMM5ernbJ8W3Of7H
buhgalter.com.ua/	1970-01-20 07:17:49	Name: __factor_utm Value: %7B%22utm_medium%22%3A%22none%22%2C%22utm_source%22%3A%22direct%22%2C%22utm_campaign%22%3Anull%2C%22utm_content%22%3Anull%2C%22utm_term%22%3Anull%2C%22url_path%22%3A%22https%3A%2F%2Fbuhgalter.com.ua%2F%22%2C%22refer%22%3A%22%22%2C%22site%22%3A%22buhgalter.com.ua%22%7D
buhgalter.com.ua/	1969-12-31 23:59:59	Name: pageCount Value: 2
.buhgalter.com.ua/	1970-01-20 16:49:30	Name: _ga_6VVQ37Y1T2 Value: GS1.1.1667610323.1.0.1667610323.60.0.0
.buhgalter.com.ua/	1970-01-20 16:49:30	Name: _ga Value: GA1.3.1331834235.1667610324
.buhgalter.com.ua/	1970-01-20 07:14:56	Name: _gid Value: GA1.3.387927550.1667610324
.buhgalter.com.ua/	1970-01-20 07:13:30	Name: _gat_gtag_UA_35985798_1 Value: 1
.buhgalter.com.ua/	1970-01-20 07:13:30	Name: _gat_UA-53572572-5 Value: 1
.buhgalter.com.ua/	1970-01-20 07:13:30	Name: _gat_UA-35985798-1 Value: 1
buhgalter.com.ua/	1970-01-20 16:49:30	Name: cbtYmTName Value: nea/9Pm/p7+vqq78ra6oqa+r+aT5r6n7v+CF
.buhgalter.com.ua/	1970-01-20 09:23:06	Name: _fbp Value: fb.2.1667610324163.1767253448
buhgalter.com.ua/	1970-01-20 07:56:42	Name: _pbjs_userid_consent_data Value: 2024371239917068
.buhgalter.com.ua/	1970-01-20 15:59:06	Name: _pubcid Value: 3e1bd50b-bcda-41b5-a4c0-f29f148a8be9
a4p.adpartner.pro/	1970-01-20 08:39:54	Name: apuid Value: f2c8fd01-a680-437e-8b72-6c25a020981c
loadercdn.net/	1970-01-20 16:49:30	Name: vui Value: b141a25775734a278be92c6dd4fc853d
.mfadsrvr.com/	1970-01-20 16:49:30	Name: tuuid Value: 5d510084-e69a-49ef-999c-a48eb173c6bd
.mfadsrvr.com/	1970-01-20 16:49:30	Name: c Value: 1667610324
.mfadsrvr.com/	1970-01-20 16:49:30	Name: tuuid_lu Value: 1667610324
.doubleclick.net/	1970-01-20 16:35:06	Name: IDE Value: AHWqTUnFsNt2svYF7ay3f8UFeObr1itPcD9NjClqgu7-QGEUi8zZzvpYnCNfBZWjQV8
.buhgalter.com.ua/	1970-01-20 16:35:06	Name: __gads Value: ID=ad0dd2f4a3d05eca:T=1667610324:S=ALNI_Mawy3Fna8h4cuDhBIZAjHfO0on0vg
.buhgalter.com.ua/	1970-01-20 16:35:06	Name: __gpi Value: UID=00000b7cafa448b1:T=1667610324:RT=1667610324:S=ALNI_MYEoM57X5r7sTYlDsIs3ZkZtnCKdw
pbjs.e-planning.net/	1969-12-31 23:59:59	Name: CT Value: 1
.e-planning.net/	1970-01-20 16:49:30	Name: E Value: AICcbQCyeEjdBh-F
.rubiconproject.com/	1970-01-20 15:59:06	Name: khaos Value: LA384PLQ-U-6E0I
.rubiconproject.com/	1970-01-20 15:59:06	Name: audit Value: 1\|naVuGyos1qpfCIFbKhq50FqbBgMWySGKoH1GQZR6kugTcNOBtGbweCicAVGE1msVe8x9FX/SGzLD4PlHyE3qACYbB5SW5XQ3vWRd+B4fy7Gma+WVcS1g3g==
.seedtag.com/	1970-01-20 15:59:06	Name: st_uid Value: c06fa087-103c-4913-bd3a-89de8c9a9b1f
.seedtag.com/	1970-01-20 07:56:42	Name: st_ssp Value: Y291bnRyeV9uYW1lPVVuaXRlZCBLaW5nZG9tJmNvdW50cnlfaXNvMj1HQiZjb3VudHJ5X2lzbzM9R0JSJnJlZ2lvbl9uYW1lPU1hbmNoZXN0ZXImcmVnaW9uX2lzbzI9TUFOJmNpdHlfbmFtZT1NYW5jaGVzdGVyJmxvbmdpdHVkZT0tMi4zMTg2JmxhdGl0dWRlPTUzLjQ1MDcmemlwPU0zMg==
.adtelligent.com/	1970-01-20 08:42:47	Name: vmuid Value: bbd25b1aca4753d7
.adtelligent.com/	1970-01-20 08:42:47	Name: a736011 Value: 5d510084-e69a-49ef-999c-a48eb173c6bd
.adtelligent.com/	1970-01-20 08:42:47	Name: a307558 Value: f2c8fd01-a680-437e-8b72-6c25a020981c
.adnxs.com/	1970-01-20 09:23:06	Name: uuid2 Value: 2135954514127792914
.casalemedia.com/	1970-01-20 15:59:06	Name: CMID Value: Y2W21Q4NmwM8dt5vJ0ieUwAA
.casalemedia.com/	1970-01-20 09:23:06	Name: CMPS Value: 1190
.casalemedia.com/	1970-01-20 09:23:06	Name: CMPRO Value: 1190
.adnxs.com/	1970-01-20 09:23:06	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GVQuAfDK!]tbPl1M>e)ZlrFUfJ+tGXxp:AcjAGM^yGKI2PbK9wbNEU]h:taaUg+iv8u]3If)y3KL9D3I?+4_pe[E
.rlcdn.com/	1970-01-20 15:59:06	Name: rlas3 Value: 7I62DTQZBSZSMtqFmagBEFeXV9FT42nFFYSO3QiJLi8=
.quantserve.com/	1970-01-20 16:43:44	Name: mc Value: 6365b6d6-3cad3-e17e3-0fbba
.pubmatic.com/	1970-01-20 09:23:06	Name: KADUSERCOOKIE Value: A69EE0D3-78E7-482C-8746-636E4A80DE47
.rlcdn.com/	1970-01-20 08:39:54	Name: pxrc Value: CNbtlpsGEgUI6AcQABIGCOndKhAA
.e.dlx.addthis.com/	1970-01-20 16:43:44	Name: na_tc Value: Y
.serving-sys.com/	1970-01-20 09:23:06	Name: A6 Value: 10UpaaxOR11005xi000010000
.serving-sys.com/	1970-01-20 09:23:06	Name: u2 Value: 24a6ea9a-f7a3-41e7-96f0-4a43e80f8e154JB06g
.serving-sys.com/	1970-01-20 09:23:06	Name: eyeblaster Value: FLV=0&RES=32
.innovid.com/	1970-01-20 09:23:06	Name: uuid Value: 518d4fd0-cd13-4065-8f1d-db44f742f791-20221104 21:05:26
.addthis.com/	1970-01-20 16:43:44	Name: na_id Value: 2022110501052600010387203709
.addthis.com/	1970-01-20 16:43:44	Name: na_tc Value: Y
.addthis.com/	1970-01-20 16:43:44	Name: uid Value: 6365b6d632952fb4
.addthis.com/	1970-01-20 16:43:44	Name: ouid Value: 6365b6d60001c5a0de73390d2d363c4ee5011dbbe2ca174d06c1
.dlx.addthis.com/	1970-01-20 07:56:42	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-20 07:56:42	Name: na_sr Value: 20221105
.dlx.addthis.com/	1970-01-20 07:13:30	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-20 07:56:42	Name: na_sc_e Value: 0
.zeotap.com/	1970-01-20 15:59:06	Name: zc Value: 7dd941a7-2158-462c-65c5-4439b4e13dd5
.zeotap.com/	1970-01-20 07:14:56	Name: zsc Value: e%96%02%FB%1EH%E7%AF%C1r%BEm%BC%B7%0C%9F%22%F1%2F%2A7%B2%95X%AA%1ES%C1%08%F9%96%EET%B8%95%ECA%14%B2%1C%CB%FB%15%3Bxn%C9o%CCg%CA%DE%99wT%AA%25J%A4%B0%C0%95%EE%A4lg%E1rtY%9B%D9S7%89%BC%15lk%B2%CA+%9B%F1W%BE%9AM%C1%0Dk%9C%D5%7D%B7%8F%CA%C8%5B%40%CE%C5e%60%CC%3A%E5%C4%C2%28%D8%D5%29%7C%C5%F6E%C5%96%2BH%E7%EEt%D0%E4O%D2f%D5%B0a%84%B7r%0B%8C%E6%E9%3F%94%7F%02%B0eG%F4%A6%BB%CD%E3%DBmf%2Bw%7C%5Be%D9%CA%07%CC4%99%A7d%5E
.ads.pubmatic.com/	1970-01-20 07:14:56	Name: KCCH Value: YES
.pubmatic.com/	1970-01-20 09:23:06	Name: chkChromeAb67Sec Value: 1
.pubmatic.com/	1970-01-20 07:14:56	Name: pi Value: 156813:3
.pubmatic.com/	1970-01-20 09:23:06	Name: DPSync3 Value: 1668816000%3A201_197_219%7C1667692800%3A174
.pubmatic.com/	1970-01-20 09:23:06	Name: SyncRTB3 Value: 1668816000%3A71_81_161_54_55_21_165_8_233_234_176_243_13_3_166_22_88_99_220_251_56_204_7_238%7C1670198400%3A203%7C1668211200%3A2_15_223%7C1668470400%3A63%7C1668902400%3A35
.quantserve.com/	1970-01-20 09:23:06	Name: d Value: EL8BDgHAJ4EO-TA
.tapad.com/	1970-01-20 08:39:54	Name: TapAd_TS Value: 1667610328192
.tapad.com/	1970-01-20 08:39:54	Name: TapAd_DID Value: eb53dd69-74b9-4389-8e8f-93fb26d98b01
.bidswitch.net/	1970-01-20 15:59:06	Name: c Value: 1667610328
.bidswitch.net/	1970-01-20 15:59:06	Name: tuuid_lu Value: 1667610328
.spotxchange.com/	1970-01-20 07:53:49	Name: audience Value: efdc0d40-5ca5-11ed-825b-197e22df0406
.360yield.com/	1970-01-20 09:23:06	Name: tuuid Value: 10f00cbc-b28c-466d-97aa-6be54fe6a774
.360yield.com/	1970-01-20 09:23:06	Name: tuuid_lu Value: 1667610328
.adfarm1.adition.com/	1970-01-20 09:23:06	Name: UserID1 Value: 7162331821236287638
.onaudience.com/	1970-01-20 15:59:06	Name: cookie Value: bfa07d0b059e0ebc
.onaudience.com/	1970-01-20 07:14:56	Name: done_redirects161 Value: 1
.analytics.yahoo.com/	1970-01-20 15:59:06	Name: IDSYNC Value: 192z~2841
.bidswitch.net/	1970-01-20 15:59:06	Name: tuuid Value: 638970d8-9c3c-48f2-84e0-83dc47d9e575
.weborama.fr/	1970-01-20 16:39:25	Name: AFFICHE_W Value: eI6nXbrTbDx421
.simpli.fi/	1970-01-20 16:00:32	Name: suid Value: CD73996E20AD44EB9A51FBB0911D1B11
.tapad.com/	1970-01-20 08:39:54	Name: TapAd_3WAY_SYNCS Value:
.pubmatic.com/	1970-01-20 09:23:06	Name: KRTBCOOKIE_153 Value: 1923-1907wYPYacLM3W6Vhd0gkdDZaMfM3muWg4_xJcMe&KRTB&19420-1907wYPYacLM3W6Vhd0gkdDZaMfM3muWg4_xJcMe&KRTB&22979-1907wYPYacLM3W6Vhd0gkdDZaMfM3muWg4_xJcMe&KRTB&23403-1907wYPYacLM3W6Vhd0gkdDZaMfM3muWg4_xJcMe
.pubmatic.com/	1970-01-20 09:23:06	Name: KRTBCOOKIE_57 Value: 22776-2135954514127792914&KRTB&23339-2135954514127792914
.pubmatic.com/	1970-01-20 09:23:06	Name: KRTBCOOKIE_80 Value: 22987-CAESEExBjZMe7_0NfeAnux1HHJ4&KRTB&16514-CAESEExBjZMe7_0NfeAnux1HHJ4&KRTB&23025-CAESEExBjZMe7_0NfeAnux1HHJ4&KRTB&23386-CAESEExBjZMe7_0NfeAnux1HHJ4
.pubmatic.com/	1970-01-20 07:56:42	Name: PugT Value: 1667610327
.de17a.com/	1970-01-20 15:51:54	Name: guid Value: 1.8237871583332428111
.adform.net/	1970-01-20 07:56:42	Name: C Value: 1
.1rx.io/	1970-01-20 15:59:06	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-a7dfd6bc-acf8-43cb-a45b-093df4c2c720-003%22%2C%22zdxidn%22%3A%221508%22%2C%22nxtrdr%22%3Afalse%7D
.turn.com/	1970-01-20 11:32:42	Name: uid Value: 3136322242902205166
.smartadserver.com/	1970-01-20 15:59:06	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-20 15:59:06	Name: pbw Value: %24b%3d16990%3b%24o%3d11100
.mfadsrvr.com/	1970-01-20 16:49:30	Name: ssh Value: !bidswitch,1667610328!adtelligent,1667610324
.pubmatic.com/	1970-01-20 07:56:42	Name: KRTBCOOKIE_1101 Value: 23040-7162331821235632278&KRTB&23369-7162331821235632278
.buhgalter.com.ua/	1970-01-20 16:35:06	Name: cto_bundle Value: Kq33_V9NMWNMRG5DelBqSUx5WTlxS2YwQWRVSGc4Nm1SNXliNSUyRlMlMkZGNkZpd0ZPMU8wMFdQYWpMWW1KTThqNWtkejlXb3FPOHliY0cxUXo5R1d2c1RPQnclMkI3QnpFQnlDUlZRMzVTeVlPTHgyQiUyRkdqa3hUMjFrcG5kU2pQc2JXZEplOXVD
.buhgalter.com.ua/	1970-01-20 16:35:06	Name: cto_bidid Value: 6anAyV8lMkZvUUY2RmhwOWlDYWQ0NnMzVXdXc0hTVWVndDBobzljTmJyTU80QlF4YjBpcDRrR2puSnFzOEY1JTJCbnp1YyUyRkxtOU1KNGZFSGZHc1lTb0dqbHpUcHZrUSUzRCUzRA
.tidaltv.com/	1970-01-20 15:59:06	Name: tidal_ttid Value: 9b933f2c-8277-4522-b47c-e464252e6b4f
.spotxchange.com/	1970-01-20 07:13:30	Name: sl Value: eyJnIjpmYWxzZSwicyI6IjI0OTI4NiIsInNwIjoyLCJpIjp0cnVlLCJscCI6NzAyOCwidXBzIjoiIiwiZ2NzIjoiIiwicGwiOls2NjUzLDg0NTksNzU3Nyw2NDA5LDY0NjVdLCJzaWQiOiJlZmRjMDBkYy01Y2E1LTExZWQtOWU3ZS0xYmUyMzRmNzAyMDYiLCJzb2wiOjcsInNsIjo1fQ==
.pubmatic.com/	1970-01-20 07:56:42	Name: KRTBCOOKIE_22 Value: 14911-3136322242902205166&KRTB&23150-3136322242902205166
.richaudience.com/	1970-01-20 09:23:06	Name: avcid-zeo-uid Value: 7dd941a7-2158-462c-65c5-4439b4e13dd5
.dpm.demdex.net/	1970-01-20 11:32:42	Name: dpm Value: 42965251942075131633809418662110452034
.demdex.net/	1970-01-20 11:32:42	Name: demdex Value: 42965251942075131633809418662110452034
.bidr.io/	1970-01-20 16:42:03	Name: bito Value: AAMQ1U7Gy24AACE3bmGUmw
.bidr.io/	1970-01-20 16:42:03	Name: bitoIsSecure Value: ok
.adsby.bidtheatre.com/	1970-01-20 07:23:35	Name: __kuid Value: 2ff9fe69-3cd9-49c6-a9df-a55279a42180.436824328
.adform.net/	1970-01-20 08:39:54	Name: uid Value: 3956611679389570165
.pubmatic.com/	1970-01-20 07:56:42	Name: KRTBCOOKIE_336 Value: 5844-8237871583332428111
.pubmatic.com/	1970-01-20 07:56:42	Name: KRTBCOOKIE_391 Value: 22924-3956611679389570165&KRTB&23263-3956611679389570165
.pubmatic.com/	1970-01-20 07:56:42	Name: SPugT Value: 1667610326
.tidaltv.com/	1970-01-20 15:59:06	Name: sync-his Value: "H4sIAAAAAAAAADM0NrI0sjK0MAIAQOcedgkAAAA="
.casalemedia.com/	1970-01-20 09:23:06	Name: CMTS Value: 1133
ads.playground.xyz/	1970-01-20 07:22:29	Name: connect.sid Value: s%3Ahh9Ey_h6UGTEgYemiU64gmBB1sWbxSy9.yv%2BX1G4uryoqg9L6b8f66JiBciTi0yiHxT6p7%2BmoSDA
.onaudience.com/	1970-01-20 07:14:56	Name: done_redirects104 Value: 1
.everesttech.net/	1970-01-20 15:59:06	Name: everest_g_v2 Value: g_surferid~Y2W22AAAARhCSgA7
.pubmatic.com/	1970-01-20 09:23:06	Name: KRTBCOOKIE_218 Value: 4056-Y2W22AAForVBHQA7&KRTB&22978-Y2W22AAForVBHQA7&KRTB&23194-Y2W22AAForVBHQA7&KRTB&23209-Y2W22AAForVBHQA7
.krxd.net/	1970-01-20 11:32:42	Name: _kuid_ Value: PLgDpcZW
.agkn.com/	1970-01-20 15:59:06	Name: ab Value: 0001%3A9HXIdbHnho%2B%2FdHQwpbvqNW7rarLdSzjH
.seedtag.com/	1970-01-20 15:51:54	Name: st_cs Value: xGVuBojX6LqsUjCVGqo5GURLEWXxrJRMh+ypeGIh69cppTg5dplcyCLlBCBxzV6T5NvRbAv+0f50ykW+nBxBGjleRrG10cUHElSBlDPfXXMUvGKcqmZHnf5VUYGquo1NkWvmLt322hp3AywpfQNIo9TKpLekZ0YTy0gtYMYUCLxj7vJ0BfgWbtaPwfLfNgO3wy9ciXLK+Yr6raH1a3YxA/tDAaMBBWZxKAqPiLIELhEOKxj1GG0r4Xu3MfpAMxFqQbRYuFftSF9a4Tq2GDw4HCk3VWZB/S3R440gKchF7gwjwaydkzs0T1BgjT+hLSv/
.seedtag.com/	1970-01-20 15:51:54	Name: st_csd Value: 1667610328459:1667610328459
.yahoo.com/	1970-01-20 15:59:27	Name: A3 Value: d=AQABBNi2ZWMCEPWV60B5lElaqRbnJLfyRs0FEgEBAQEIZ2NvYwAAAAAA_eMAAA&S=AQAAAnxhUHghS2PG9F4pvRbOSUQ
.amazon-adsystem.com/	1970-01-20 16:49:30	Name: ad-privacy Value: 0
.tribalfusion.com/	1970-01-20 09:23:06	Name: ANON_ID Value: aSnseFN3IdbSIdwFUNGF1iyMBvARq96S8D2HBKkVGoKqUaXWU0kGk7wZbpgiketwAcWp8ncyfBWW87RhZbFq8V
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 15:59:06	Name: bcookie Value: "v=2&72fd8147-610f-433e-863d-b25d48b34e55"
.linkedin.com/	1970-01-20 11:32:42	Name: li_gc Value: MTswOzE2Njc2MTAzMjg7MjswMjGIAGIUn3yaKb80izzj+XuhCVz4t/MhhQzbOK4OVDYVFA==
.linkedin.com/	1970-01-20 07:14:56	Name: lidc Value: "b=VGST06:s=V:r=V:a=V:p=V:g=2515:u=1:x=1:i=1667610328:t=1667696728:v=2:sig=AQH0lxrhFtEUUnnGvB640NucHHljS3o0"
sync.srv.stackadapt.com/	1970-01-20 15:59:06	Name: sa-user-id Value: s%3A0-06cad598-c948-464a-6db6-6cd867758235.zGmwn59Y1BWJEd8E9C6jfiu%2BTWOx%2B3wabpNwweaE6m4
.srv.stackadapt.com/	1970-01-20 15:59:06	Name: sa-user-id-v2 Value: s%3ABsrVmMlIRkpttmzYZ3WCNdmKxG0.9wfcWpIGGWBGWKcg2xINc2YgEcumzp1oK0aP%2BS6hUSI
.pubmatic.com/	1970-01-20 09:23:06	Name: KRTBCOOKIE_860 Value: 16335-BsrVmMlIRkpttmzYZ3WCNdmKxG0&KRTB&23334-BsrVmMlIRkpttmzYZ3WCNdmKxG0&KRTB&23417-BsrVmMlIRkpttmzYZ3WCNdmKxG0
.amazon-adsystem.com/	1970-01-20 12:56:13	Name: ad-id Value: A9uSOpIK5kTzvAX26Qp5nKs\|t

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://www.googleadservices.com/pagead/conversion.js(Line 26) Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
network	error	URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEMN7h5md-5uoslKEagFfCPQ&google_cver=1&google_push=AZmPxg-w9lcryoLzMrt9DPBKTWixalR53Gg41Z2pPP5LJNI6FI_dXUe5R_fdrggF_qLNslz559GnbE1PizSZDunUE9A-e9lLR_GBfBw Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE
network	error	URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7dd941a7-2158-462c-65c5-4439b4e13dd5&reqId=f3d2ce33-6a32-4c56-7d26-0eae88e9fa59&zdid=1361 Message: Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network	error	URL: https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7dd941a7-2158-462c-65c5-4439b4e13dd5&reqId=f3d2ce33-6a32-4c56-7d26-0eae88e9fa59&zdid=1361 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=7dd941a7-2158-462c-65c5-4439b4e13dd5?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7dd941a7-2158-462c-65c5-4439b4e13dd5&reqId=f3d2ce33-6a32-4c56-7d26-0eae88e9fa59&zdid=1361 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=bfa07d0b059e0ebc/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=bfa07d0b059e0ebc/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DwoK5xk2lhMgaTQahaVRnanhj Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://tags.bluekai.com/site/87734?id=7dd941a7-2158-462c-65c5-4439b4e13dd5&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7dd941a7-2158-462c-65c5-4439b4e13dd5&reqId=f3d2ce33-6a32-4c56-7d26-0eae88e9fa59&zdid=1361 Message: Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=15768000; includeSubdomains;
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8db4c0f9f6b429253fdb2c52c8b3bafc.safeframe.googlesyndication.com
a.tribalfusion.com
a4p.adpartner.pro
aa.agkn.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ad.turn.com
ad4m.at
ads.playground.xyz
ads.pubmatic.com
adservice.google.co.uk
adservice.google.com
ag.innovid.com
analytics.factor.ua
ap.lijit.com
b1sync.zemanta.com
bcp.crwdcntrl.net
beacon.krxd.net
bidder.criteo.com
bs.serving-sys.com
buhgalter.com.ua
c1.adform.net
c2shb.ssp.yahoo.com
cdn.gravitec.net
cdn.indexww.com
cdn.jsdelivr.net
ced-ns.sascdn.com
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
cms.quantserve.com
connect.facebook.net
core.iprom.net
cs.admanmedia.com
cs.seedtag.com
csync.loopme.me
csync.smartadserver.com
d5p.de17a.com
dis.criteo.com
dmp.adform.net
dmp.v.fwmrm.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
e.dlx.addthis.com
engine.widespace.com
euexchangesync.digitaleast.mobi
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
ghb.adtelligent.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
googlecm.hit.gemius.pl
green.erne.co
grid.bidswitch.net
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id.gravitec.net
id.rlcdn.com
id5-sync.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
js-sec.indexww.com
jsonip.com
lm.serving-sys.com
loada.exelator.com
loadercdn.net
loadeu.exelator.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
matching.truffle.bid
mug.criteo.com
mwzeom.zeotap.com
obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com
odr.mookie1.com
onetag-sys.com
pagead2.googlesyndication.com
pbjs.e-planning.net
pixel-eu.onaudience.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.rubiconproject.com
pixel.tapad.com
player.adtelligent.com
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
region1.analytics.google.com
rtb.mfadsrvr.com
rtb.openx.net
s.amazon-adsystem.com
s.seedtag.com
s.tribalfusion.com
s.zmctrack.net
s0.2mdn.net
secure-assets.rubiconproject.com
secure-ds.serving-sys.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
spl.zeotap.com
ssc-cms.33across.com
ssum-sec.casalemedia.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.adtelligent.com
sync.crwdcntrl.net
sync.mathtag.com
sync.richaudience.com
sync.search.spotxchange.com
sync.smartadserver.com
sync.srv.stackadapt.com
sync.teads.tv
sync.tidaltv.com
tags.bluekai.com
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
use.fontawesome.com
usermatch.krxd.net
visitor.omnitagjs.com
www.facebook.com
www.google-analytics.com
www.google.co.uk
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
cs.admanmedia.com
googlecm.hit.gemius.pl
sync.mathtag.com
103.229.206.240
104.109.78.125
104.18.12.76
104.18.13.76
104.18.133.145
104.18.19.126
104.75.89.75
104.76.200.221
108.157.4.25
136.144.183.196
141.94.171.212
141.94.171.214
141.94.242.206
142.250.184.226
142.250.185.226
151.101.65.108
151.101.66.49
162.19.138.118
162.55.233.29
178.250.0.157
178.250.0.163
178.62.202.251
18.156.0.31
18.193.195.35
18.194.110.242
185.172.90.251
185.184.8.90
185.187.81.40
185.255.84.153
185.64.189.110
185.64.189.112
185.80.39.216
185.86.137.110
185.94.180.126
195.5.165.20
198.47.127.19
198.47.127.20
2.16.186.35
2001:4860:4802:32::36
2001:678:cb4:bbbb::11
209.191.163.210
212.82.100.182
213.155.156.180
213.19.147.44
216.58.212.130
23.35.236.201
2600:1f16:e61:3f01:9802:108e:78ba:29ea
2600:3c01::f03c:91ff:fe79:43b
2602:803:c003:200::61
2606:4700:10::6816:1857
2606:4700:20::681a:ad1
2606:4700::6810:5814
2606:4700::6812:19ad
2606:4700:e2::ac40:850f
2620:116:800d:21:5ed4:8d5d:fed7:f5ef
2620:1ec:21::14
2a00:1450:4001:801::2002
2a00:1450:4001:806::2003
2a00:1450:4001:809::2002
2a00:1450:4001:80b::2003
2a00:1450:4001:80b::2008
2a00:1450:4001:80b::200a
2a00:1450:4001:810::2004
2a00:1450:4001:811::2002
2a00:1450:4001:813::2002
2a00:1450:4001:827::2001
2a00:1450:4001:828::2002
2a00:1450:4001:829::2006
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2001
2a00:1450:4001:831::2002
2a00:1450:400c:c08::9c
2a02:2638:1::13
2a02:2638:1::3
2a02:2638::24
2a02:26f0:1700:c::1737:6e45
2a02:26f0:1700:c::1737:6e47
2a02:6ea0:c700::21
2a02:fa8:8806:16::1400
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:200::300
2a05:d018:24:b002:eb7b:3a65:f7da:a48f
2a05:d018:d29:3602:1e36:6736:c41a:e1de
2a05:d01c:1d8:8100:3d7c:b3e5:1d0f:44c5
2a0c:5c81:5142::2
3.126.154.37
3.67.219.61
3.69.126.235
3.73.221.153
34.102.253.54
34.111.131.239
34.149.50.64
34.231.120.233
34.249.157.182
34.95.81.168
34.98.67.61
35.157.246.167
35.204.74.118
35.214.236.176
35.227.248.159
35.227.252.103
35.244.159.8
35.244.174.68
37.157.6.246
37.157.6.248
37.157.6.253
37.252.171.53
37.252.171.84
45.133.44.4
5.161.54.172
51.83.220.94
51.89.9.253
52.0.57.188
52.223.40.198
52.46.151.131
52.48.137.153
52.95.118.179
54.171.64.74
54.220.51.208
54.78.254.47
54.93.123.108
62.149.1.122
63.251.232.165
63.32.244.82
63.34.132.59
64.202.112.223
66.155.71.149
67.202.105.23
69.173.144.138
69.173.144.165
85.114.159.93
95.170.82.90
96.16.141.156
99.81.33.254
0391042e0e111437f4a2dec7560098dbcc04b68df753281b207b3c956430c89c
060bb8520b20eb55d3627c997fb70a310ee7340fca81019d845ec4d411f1f28d
061543b6ada60edddffd9f7c3f5a4fd1fa7c37e0f023816dbe1a8d4091daf49e
069fa4a53ecdae0cc19bdf1670cb417bd395f8a6992713efb2c35352d41e1100
070c6a88baf2c4343d160947a92bca770098ac95a360fddb108906450e2cf06b
07ab47c07bab62e7d7ff7bc8ec64936785a7e488438074dd3510227aa5c466b0
07b382d14e2714223655f23745e8bfad2b87de32d3bc5d145403ed07dbcce891
08062237a2f036354dc3634789c4f19fb2a043eb270e11ef1cb973bfad05cae9
08e04409d774299c7ac6fbbd18203bb89d0febac102760ed40a76864a6bb4066
0945e4fad72d0c08a7eeb945cd19a38c4e1b159550a38336f397fd408223b8ad
09bf76bf9a693f6d1ff70fb63a0f530e6d880240a4cf8b53baa070cb244852c0
09cf7684a243dfc294f30f108a7a97ad7807efebc4699aeff4baf8b94c65d749
0a91fbed903c7ee569d116adee58d579d0c64775a469ee86d3cc4281f913bda1
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c593b478bac40d4bd1c30ccf349c6e118c347e0ed9881ff7e70a7c5de86493e
0ec6ec68e76060e6e0f198370a11ad3dacf581cdd43dff9ea9f7dbb4ce9c351f
0ecdc6188a4b2ec48e2ebf84a2a6584e78473f1216d7119832b5dc109bec7492
0f2aac94d011ec45570ef1245e5fc8df73ebd09b1c6859c5a8393df5336e01b2
0fe555c545ce31ccaab91b006de8641643b03a6f711ecf2f1b1a595dd55e414e
110b303089a71f1b1c392a22406acdad508b9b0d39a1f39626827e86f3a5a78f
11fa7dd09354bb92a7a7d91957829139dcec442cf9b97425d9a09ec5b96538ee
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1317cc113f88a2351f0ad0abd0cbf9452a1932ac68533a08c4854473c783d031
143b5a1b5044a13b9248e23198c41edfaab0465ba14cadcc031386d09a4cb754
152f839f1d2ed606614566a6933a38b94d57343db5762619594156d2ecb69b63
1585a63de06e86f3628396b28041a5cfc5b364764172ad98d48edc6c75649e76
159210f9ceb6561cae10aa34238d9c3d4a601a5ac825ff6d9f3e669d8bd0df0e
17380452670e8c3216bc2cf483c28eec5059a45c47cabf1b216e09a6815f12cb
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
188fc2045c73ceb0931b06357ec5c0a8c0b93045b831c79e557c25e4c8959d01
1965ab898ac65a6f70b092acbbbe9a86e01feaf039a32d82b97e96d3e2e98941
1a94513c00f154dcc1d95e5a7147e961e0e57d5553e30f95dfdc62bc912b90cd
1bbfd61c97a054036bf74ad64cf26a5fdd5ee76532654241cb14cf5d64577b0c
1be0d5413a37ceb76ac7616b5f3174315878e50e52835c67c97d69df9e98e273
1cd795d06d23422370a772ff4f11b2149589c1ef15e91de8194d92403ca2ffdb
1d5558c71a83bc4733ab379e94c9799216c3c1a5cb90c6dc4f937f788e7f1559
1e18095b9d6ac7a64d0acc19a7691ceac4bb92f0da943acbe4183c75ab07f27e
20160b923de864cdf44fa26bfd6281a9e0aba7eb800fac86804d9a41a93c2394
22ef740962bc0b112be9cf31438b5f65689bee5ea052a5538cf05d959cd4d96c
23b89bb3578573b474d7a69e2df32e8f0ee7839a44392edb040e4117a07ce6fa
23e8a3b1252dc6dbba72ed3e85f470ff7272b0feede620c5656805d2616e1fa6
23f0661ae223a88b368c6d1fc5f21ddeda89c000c1540abe9ea36e923d355062
24c8e6876d97d0788bdac327fbe14458c5b87b9dd8497c81aa2e95e71153306b
24cf3401a026a6badaa51cf22fc122483fd3e44877e0091060a55813d49e6ef0
24d2d062a3432cd4d5b5079a056eaa1c0267f7ac8299bbff426395d70d081f2d
258d50dbf4cab23137a3412959435104c330684a7ccc9dc1ce428bc51231901d
259c000134f1b62928de5c6c5b2fbd055aa9c1133a3d95ae6794acf455f86458
269bd69d6c1d25e848132ecfb48ec214040e49fd45e444760c3e226ca5fd7962
26e4bc69cfd0679a29a6a025a24ee83101e9e07099cd32d3e304c48cad7fb383
2794e4bee8b85e3e25f439d6e2eff996da14eee39f04ccd2ab65436562be1fe9
27bf5587dcdf6b46c008ea961d5a4792d2d7b8cdff11db21f9251425e4c1c20b
285edc335fb41a9377365e2c594776895ef1c517630a0fc924451bfebe8b8296
296a988d4d9033be4c070388508bd7d4e7e2d149bd3f985ef21bf8de7cff2f9c
2afb3cf38deea01d461f29b961c8aab0da4f121a84a9c843f49dc7cced99b6a5
2c30bce9316a009e9a17785731b7c5b52af0e3f3f162efbc5787513b54cea138
2d27a1810a9c43b17603247c2757dba5e852432b29416d66de79bf6a3bbd1fd3
2d505760a7beeb8e418aef95037d4bf0e83040a32de39ac3cf9e70aae9fdf30b
2de059c14703eb5c8982ab9b19ee3af6e8c8206d776c065965cdbb465b2c6d84
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e7778c6ed3c31a131da378d6e573a1b3b6723037cdeea4c4832da83e60c9399
2ee69f515b17f5b570b287e1d92f35e94e76139440dbd97db70805430ffda58d
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3061a71d8be14bbf325156cea941da0e53ef184eef60c14331e15b4145b4dc7e
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31f4bdaba2cc68f8c489f5ac20ab4e40ee82a2aca3c3fffe89c213f0ff849688
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32ab0a5c85cabdb695704b5128a8fb7c9a8dfa3242cc36ceda6bb0650a45b35f
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
36bfcbfb8c235969f901acae944343611139ad8fe2ab577e907cbd2ca7cbef55
37f376a73f39392070af85e39ac5c6be73777dcebf401a4d485b0465eb23b0cd
3971a86564fe25b2262b78bf830d8af076f7cde4fe7b2167585b38571b3f180a
3974624ff80521dbd81d3ed32f8ec10c7baef11c272f46626a6284538e90e44b
3a7fe21fbdc30a51c25ce995ca92497fc92d1b9800c52073de554863621625ef
3b542bc706a41d36ca02e27cc3a6165104c2b7fdc57aa9a23ca63e164495c2c8
3b92736323542c51b714890a8146f18df9eb8e6b6b4feb31e0933339e25e3491
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
3d3251d937d209def48e958bfeec683ca39dc0f15eb22f99bc3e7035995cd552
3d3e7dce58c425ccb9ad454a71f52998cc9ed166ad0d90d73df8819b0eb268f9
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ebb42a42d0bde44e111a2d63ff241f9bcc3799a9e411c92e1ed76df2c42d5d3
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4007561f50fbe870e767d5b1f455574b5e1fa44d6ed996f1fd16daf6f34b3f56
40cf551965abb3907196d630825291b27d1b77dd499bbbf12e07905a25afcf59
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4701dc5781a4f2bcdddd33cfe6b025b2e532b562faae5f3756973975556b4a38
481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a
4871f1a4b49f6f833392c1c86533273da7cde1fe452d8c518592dbdc4e9bf29c
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a842d3295b35d0fdbaed094d22f5926f2bcaa2d892ec7ea9a9a89c1f84b33bf
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bfae8a212bb009d6f937a0041b20247352ff3d7bb6aacd4b3b0447d19b55df7
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e54a4e1093719499f227854e31568e062cbb3eb158697d3a4ab56df81450ce6
4eefdd923f73deeaec9e4ecb4cc3fae74379145f0fd3f5892165326bce8ed0ea
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f9695de838f580539a55fb51b39700729e469625f429ef612e7e3173bd004bc
4fa18ae7faa4c864e0c14d23b00a46e5cb48f7509335d3d9ece052ff93c328d5
502fcfda991f98acde09ee183528df604daa89077ffdc15004838e009ba00d33
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
52b55ae47fb6f7ce41328be63dce372ff1e2c28be04a4d1e7a3ba68152acfa7c
52db729bbfda2646c18d63f4ad32c8bb07ab396a30c8cd49b22d0481af5310c2
535946a252c40c77ab43e14058f88b772ba7c0e1af48a832762e03f8d61de97f
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
545cb5d644d893e88fa4e11657a3c087a512641326f8125766280d0c1d9dec40
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
57433e1293341458165bf38974563d349e5c2116f089af926afe7bf6a4e4a49c
5833f676a69a7385d07b129f61b2545762ac94c5691a5c8fc82b1eff66d74737
598686e7213f278bb341e3194022b4355d1cd95818eeb224ea48ca10e96144cf
5a7574d6c4f16ba782edc2cda407bc438b52dd81bccbbedb647cf318854cb3d5
5af3136530a33e7ac536f9e52da58b6d4419b30baf4eb6fe14462fc516643ce0
5e1055767f6d4ebc018c9e2386d3ca843ce1cc24daf9add01c652a15b7fdaf4d
5f09cdc828de6fb873d19ba69903074f0ed9092960b885e3be1569df45160c6f
601ef7449dc95e639cc066e45cfc66233a9bd38bf4e24decac0d3375c7e29a6c
60a551bf04769370c83a351ff34465d0f0c31d387c3755237de766e66a223e9a
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62533bce9accb17502e412cdef6558ac7375e50e1b6fc089f56606c0b6484a0d
625614d0c74d2cd49b55966090b740556a74d6f81fab60a6ba40cbeb2a328ebd
6356465097a91fe7436546d26b9a0575a5092cdea33572d65d1ee447777890c5
6689b10d16d6c6f738c2fae6e209c53d7b4ad2d597ba712e0ecc2f1852a280ac
679449bd06f6cbbe46b129b5009ce6b490d323677b02fac4a62b10bdfc678ddb
681e9eca26f5da24a3fca2ec30e0a1615deb2ee5e6e843117ac82489022500ca
69768ececc08139a577e3382f14cdec2f0c549663ab259f280e2f83e709065a2
6aa60dd23a74b3701f5ed911709abd25ac4e7f4a8cbd13d777fda48db32915f8
6b8fd7dd4105ce1ed396f303763969895138f914f8a96914107f5f0423881eba
6d726276ed26c9cee416eb8c7c8205d7984a3075d4507301e002a60bd64cdc90
6e337204ed03b6e4418d9b9b436cd2614831b06c4e1a9ca156d47ece9ad0951c
6ef81d1a436e54449d094e62ad44dc82221a1c752069947e0a2c071b49a9c701
70fd72f7d3cde0e0d476edf7c562646b029a0f78d3f430475434dee123d5f5d6
71d49d865114d9bb25bfdfc0272b738cdfd771749b21360ce5fb40eee3b4d986
725c2afbd8a90a3dd2ef89f647d3fa090bfee275f98e0e3502a7779f42a5e16f
741cb5b795c866f5aef2c01f64bf8eda484c92bfebe3ee309c9ed35cd252f033
74c3d6e4e68a777357e0779c0dac3ab4b146a1b9f95f5884893f453e703ef745
7525c9a65786a8363d1fdbec81ae589180465e75db385445e7e0603ec54aa0c3
7535435b268eceb5a194a8a6065e853af11815cedcbe1769155617d3a8487d60
75471d692aeb9322e75a041dcb0c363657eb51db495b14d5555c5e7a907fa799
7565e0142ebd9f54c2ff452f90ef96a06b35ed67b20689e69abb801a77923fe8
7704281ee0b386ac39b9b1f6ca82401efc3500b75ac160e9a46ab6246974d9a5
78fdf1ca5c35b334ce8b24a0264271f2f5a6329272a9c64c455a654614979847
7b39675aae03b1051c7a4f604f4ba06543bd6e1fb5e5206be310ebf926bee7ef
7b63f721e824f90d7f3144b2458f93b1697419fc8790f35537a064ed757a1b80
7c7733a7e768a71fda4b684ab4a9ef7e318600a519671e965be98ab6960c07d0
7cb32d973638c94c708c3bfd9d908d9c899f1f77930c149059a1ce06ef4cefb0
7d5bed178d04622ad95cab658071133ce2ea6b1b394fd71179ec07b5de122bc5
7dd25d04429575c13f1c5b0e13e65fa7bb8d8e2035fbe3194c5eecc7bfbb7f29
7fa2dc82324a628f7b1f6e555fc90d3cdc3f8a0cf20e727bfeb967d302b58cf5
82a4df0a6f0f70b0df90aeef7e01e356a0a5859da073e4139145dffd0844b226
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83d5505ada1e5854e102770c16f194cfd07b91f4e0b537d56c6102d177c5bb70
83f2963ac96def32a52b88d46767a0e6b4f7d5deeabe40bdcd795ce25b99217a
84d368b23e95809600d8e96a8532cc3b88c49cecd69a058d249b4ec0024073ba
84e0875f56455b8337949d7447a131aa48791ade7f793447339048ddab9b8f16
87a156566bf61f245a0b0d6c16f0446eb7cc4a36a9350be545fa37259a40b71a
89ebc4f90c46f332dc50e0587d30b6ba6f3c2ee2ad73fd303508c48996012dd8
8a170f5913eecb1afeda4cccca5d5b9589c8f068a04ae2c517b602e1484982b4
8d08002698e3eea9504529fb40cb7ee307d4bfcb79b26e6b7a9f0d88583ae8ae
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d820c5c4178b5dab7238d8836c5d8fd666bca88d16cab359e343f52272739e8
8ec5bd4e68091bb43fe87be05228cbc56e134f25555c71914b9bca20dd83fb94
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
924339eded485f251c61823b9a3a3785a2ee6655fc8f6d8cb14bb5636ca076b8
937347f7c164f8e01afd5ebf1a1096c0397ab2fdcffaeac813a96100d67dd580
94463a219c41f4bf2e6e50b2e43375884d2d062c3edef9ad87a7c55f2a84846e
9470cefc06f77a5d581924356175da48eae11ea730fa49ee52b3485780cce50e
94d7ec1ea563f6e407c32352b0a74f09bb645a4c4a4805951c3a168e57fbb554
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
983775b438c242df7cb0ceb87bd2582f96ff0d4e8043f822adf3a3e93261b9a8
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9a467f82075614b11fd7b0ec72010f8387c6ad66cdee4c8971384f0c28d6d186
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c27626364eeaffb44ad2decb980dace7bedb3c8ea1575f81927fc9409cb5b49
9ce02e31e381a45f5ebf03455d54242ee5cd8fdd8dd0e27bb94fdfdd57ddae8f
9ce75ed467996485eace448fc8554374409488e31678c2e1efb995c77449c0e4
9d1cb86ec27e86dfdefab39206fb510070d00b81d91f11ddc6720e3c62629d32
9e64f128d5352d04ea5c87031e4cf1ad204b72a0afb003ece52eeb997d28a570
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a18472ae86a7b20ced524d98ed60a37cc38d222dd6891200a0edcc335d3d9350
a1b43339886c2df3f1451af8474e95a8923085ef0fc240820e7a8218110d573b
a3492ab3d262a82e24fbabfecd777c0800964578ca1e00a363307bd3e590dc77
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4f9fa103935fadea54ea87412c9697a65d9545e2b4d67b3b3f984590c1f0dea
a56602d44222ff0e9c9c9d8faa30c87de0a0b053145aff4a43be4588d216157f
a6472dfc80c8f802f77d5064919c2a55627874b498be25b655ffd9a6c80a432c
a6e139420501c07877ec62682f783b60662ae4dc43f08c03fb16d7c45871981e
a7175d1d334c622399772f16264ac7a80176047397f32836b6e0b004a59969e8
a765b6b49657c03fd21414da60eed05a7978b91fcf9f0818ca51cbca2f7ede0b
a76b33dac4c383bcc7a25318187f835ba0e1e8ba18eb68a53ac4a7144ab8a36f
a84684c392beb111f1ffc575860f0fd182e14aa8953829b5655a90cf5094e898
aa7d00eefe0b4610697ae7d4bdd52e0fcc48e82806bafb322e16e7ee66678ace
aac16f954d581bdc9117839285ab45c1e9c71133dbdf18d0e72f420f18d99f13
aac32479b7e00e374a47b5c6daeb907574805cd3320d6d2c520764c6ee96c12d
abf2a4b981439fd1bfd908b09d480d4ddcd77b220c5d68f2aa342e7582396db8
ac2981f24edf55887ee6a667bf1d0234e3de3fcbea3ee3bb1aed214b2ff3e0fa
ac32377ae624ac720172de6cd59d7fad67c0c78fe658c7a7b2b43be14b9d74ab
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b044100db87d9ea6f2baea5b4c2cacbd92d3f76a8fb521cdcddca8c26c196c1f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b265408716dbe3e1a43a7bb536defb88b2a4df5e02fd12f1262ded3e46b2c9c2
b272da8532a2532b094eb8b01d0c38fac4cb5cbc2a48e620f40cdf886db497a1
b3513b034d0ecb8f59408a1ca4b9b3a8ba63c68f07f877b2e1e1f34da644afe1
b35b72ac1876a9d5ec1b9955529f4070e971ce9439a1394970143145b499117f
b36e2f24c228d4aa3773ac182616c0cf6835f37725be8de6ce7305caa2a99348
b3d7d3c47dc2ed2229601da34d1b8d1a9f7e7405e2a495c582544cd4fe82dc20
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b466c1db4704e7378f48b5f8b6883f2487f52758dfc48c2ca604b25cb5ac8856
b4b6d898c081feaaf31175668b7a4837cf08ee6480fce388cbb93fc710646d07
b5bc2ffb01d5a2cc94dca3b37aa5042386731aebb441b5f1f548cc7eef0a0885
b61c483c1ef272649d59390899f6ba6dacc4a0047fd5f31fb66a5a4bcb5af0ea
b6681c00074d8e62bb49a4c31444da8096a55f8830f62e4e8cf7b00882ba6cdb
b671e2140966063715d21667867d60de45adc723cd1b31e0d2f7466105a90247
b67de69ac38ef466efce7caad06bb16a15142c1a28b4889a380eacfa684c3e20
b730ee413841da70b67f550de8ffce8148c3fd15dacc5274bd0b80bf18a44da7
b856b041a9d49584925e619dd339d53a96e49e2e998059ee57d934a583d1421c
bab745658ba458848b2d2df5e0557b98b70867124fd5a059fd25f9801e01a87c
bc74e2c1a748e40c4f6e9236068f32592f3b84435d06766101f4a456b9d49ee4
c17ad4d252a901fe536cfa477eb785d99a6a27cb86a2be017b32750e908fd61e
c1862f5fa7dd3945e2bab43995b64fa4f720581a0b070afea4dc9431b9cfabd8
c1ccf8f543009a813c29e737c9d9b1c5348169995360fbab23c402ab35c93374
c1dffd59aa695c7624ba66ca5c2a1f152f44821259b74a05a3e76f59e84331fb
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c29d67f4e9401f25dc64727b141330574b2392bfd7713ee2c2346c89d7c0d09e
c4a5a12744673c5a2dbb3653fcf99e1d86f9630f2a49ff4aa892cc5018794720
c4a6f381a5dfdcf76a9c61b3aeec81e4899cf5b2141eeb80db87a81ecc4e1d21
c52a8264c8a4dfb27b101c226b29ed7df32bd643d17550a6aabf8d44d880c75d
c52ea3c0b9b1233a70ed9ee281fec4418c13f8688c556ba31e587e0570cc2b43
c5a7e1a01e97fddf0d6fea76f7a895d53516d76728a4615816a71afa8141d8df
c6edfb7c948f22551441519f9f274eebea903edeca3b4ac53356eefb34df2fcf
c8726cd8cb2197ffa7ff14488818c07eb30ae350e3ddcce4642e56a2b864cb57
c96507386689e69f6112a5d0a91ea851a260e5c023642dc374a8489271f53246
ca30c33aa5f114d6c4810f2546893395a3047705d5a8b23cb60bba9a157a77ef
cb89401c31c55eaf5d321b8d956d8b26717e2fe7663101a173619f642cb11d63
cc023eeba3f8f45637a71c615b0c02ed2ee17aa1d4f3bd4c6956315fb5d1b1ef
cc58e1bb42c5dccfdd5de12d5559b7c28f31eeaefe615714d9cf964437504106
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0e59aaca8c9a62d2ae97808a1d7c958012a860f486ecf0f35c73308ac3623cb
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d285ddb67b0c0d1642d8dbc0d6c122085eaf32cc6df3f165febbb4a47d05c9b5
d3460d76a3013a4bb9c689877b41f3eadbf5e780ed9230fb8f8bbd16fcc59842
d453778582484007a5a8c9b610fbe6a12a863260562fadd46f8e402f740ab12e
d4c5780344a410ba6f301b65ec5a0fff84b5ff87bdf3e65c7f6f52958beba7e0
d4fd99fb81b7a54dde7ec7af98a536d555323b8c4445005fd82aeaa0351c975c
d564e795aec94a8c74308ecec87cb269c8b536135086e36ba14ffa7f22434264
d57d9b0ec43302abd831b7baa5dd82223b11d3691aa9d123e3c63a784a45d15d
d5e30983e240508587941ff5cd02b3427418c884c69c48587b9390eb4a2fd43e
d691477018d0f0957939aa725df7f8a979d42731cd24ffc4b2a91e8cb456db82
d700ae77216a20a48ecfe5b065869f22113029c0398a66c567e7d097a788033d
d80bd54f6f01cdaa4f9b4bf238a45def7223316f3613971da9a6a417c62b5364
d99afc14ad1bc9abfe0246c93f4d8b4bf075efc128f4f4a6f5f2261a71454c5a
dad7fcdff59738b281018aeabbaab227d9eb602acdbef9c6ffc25a512341f61c
dafaa937eadd710a78845e1e43b6facb9b04efd0c94ef1b5d0639b70a9e4b76c
db25cc3dc4d02b365412b1014ae2b3ec47f3e670fdb31c012f38288222e60492
dc05187f20059fb91e255cbd76de4a7e0481e2f02d15ae5c45eeed42d59e2a09
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd50ba290f74d344ad0d04ade63c55b02360bf4db99c0a2749f34deb0c8dcec9
dd9366b123766ecaeec85d47719aaa8ddbd3b68aa7e1fae5434fec5133ebd7cd
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de845987f3459366a295fa160b916e6945c7b96961d7ba73d441b03f211811e8
dea5d8ba9e54379b26e109f61ceba20a0781d4f80eed75fce6ad0993d4784195
df352596341aef158df4b1735cf3b02723951a0a584685f896ce3782f6e33f29
df544db2e8b010512a5ec168d3a9b91355c7197d04a1b29325510e29405e6e0f
e027435211ef2a57f103c525775456d802bd6ad5acaa62117d45e10930c7af7e
e0d05cdd713850472fd456ab68a7b974b5681aab4165d5da7e832955da0e9b8f
e13459782d7fc46c73821602bedc17cc2b3a2dc5ec07e91e30ed715193698a94
e142124087c412eef969cd891c1fc1e1629fc878fc1641dbfe44bf9ef38b187c
e20e767839f09483c5eae25b181b720e31943d94a40dda6e7a6ea1e2809dcdb7
e2375265c2c58ff376a5b20241c598a2822e043c80935b4a27b50306b4338280
e33ae4ac9e22b7092fb0c84c566799270dfa4e1210213a2bc9868b5ef43ec62a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b13e741205ab4bcc7f3295fede5490d55e9389e5331990284bb334ddade0a2
e3e6a01be2cdcfdad712654ba549b3b69fd95bab59b04dfb9161cae975a58cc4
e52ad60cf8269c44381d5e0833e69b9b8f3b9f9346b7066b1dc5a52b390feedc
e7cc82c2f80285dc5822ad6e9412f3a6fe431c52bf88f2d37342a7f562f7a9c9
e94d0e2d56d7e7d35935918e549a374568fad167f2c8f4e5189104fa6546d8d5
e955ea3c7cea5f641e22b09184850d60c3a4a8eef354d739ca9e0ac25daebfaf
ea35c5d1362d678749f64a9e5e667ff8e8cde215869401caa753c5e6585f568f
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ec7cf723e138fd1ced41f6f1c2c0d724c43183a65b54ebaef160e9635fc222d6
ec9a6a134495fc31016482ce1ce0d49e93109e58c7309c7480f667c59e9a1221
ecc36cc1d2a1b39c6dcc4d23c5e1c029f1d2c78e8f696e094c8ea8db964e5664
ed32338f4a079121b1a1f1522c5b14d2375f417189dbd4ab6152bdfae84ebe77
eed474a49bdbf745c19e463f070e67977c1ab27835603eb749d9e5c249cf81f8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efb33eb1b288153ae6f7e4ae1c0138f8bd39401789dce83bd7dab34986bf8d74
f009046c8dfa738f7b73d46544595b6d47858c62f8af8c9a1fa87be048d17330
f146d2ce47755c02e9da1d068674194cda04199554231cba412849cd943fc72a
f1b4809c02c833ef4a89170232005bdb3b7b825cd4a1b16e1f7868fdcef834d7
f1bb0ca338f496307dafa965e2c5429c8df952986576cb812f0f0ba83e4d1f25
f1f2c754697a52684fccacaa9e300ac3268d6c13837b9ac7f46475cc67de8d4c
f268e67bed4c1584ddf22b804ba2e482c2ed18c8905a1f032406bf846d7887dc
f3260225ba132e9bf8956514e81f6136265ee05250271a027bb2029cbbf4651d
f3fb84ac22d9aa3bcb4eb5a032abb61f745d15a6e89e4b5c87a60d08bb48bbd8
f419ad7a4477f36ce73c74a23dce784150ca38fa5075a8e06109709cbb716903
f77bdfc493418da1a85260cc1b790bd02c9d0a09426ed1ad89a9613aa16e5758
f7c81f756187282cde04eb081009912e336f388013eb18b70b9895f4cefb6a79
f7ec7b8677014393b78f8e512a7b08dd6227d6d54fb6c145ab0ccc5a71b11600
f7ec9f64994c0f12acd8ab801d6709a5373b161d22752d64c316fc4dc6b04026
f896040524443394b8b1ba4fbd1de94be74378ab901e53b3b40c1323d1735143
f8ba37da1ee4d52bb2b9febb0e0375b7243505124cdce6c94328d11640ff785e
f9bad2aecfdb39fb2e9264866ab025389bfb131dd233074ca01b82ba4ad86bda
fa730e45f1461662728ed590039a2cb0900eee5486af662670dccca0e7f0ddd6
fafa5479d243e29bf383205610f403dc1e1e77825397efb346e27970b6d21141
fb43b5ce4c02877bfc43b15a4817e5955e3fa594c7b1b6f9dd7a0316c0b7961e
fbbdd11e5206d320d0fb1bb5e15ebb724e743c6c8fb9871e2536c96d43fb7e4c
fd3eec52805f5b6243e9fe47efb617a37254f80fdeafe26f9d39e007635e0266
fe62ea519a5ecbde97359fbb46aa01d61e754a1bc7b8aa9e8d7214718af3b773
ff2c9a302dc1f3bcefe0605a7fe38a85e7c712e40bd960ca5e38f93d6d3c18ee
ffa2e149a7cb4362696d47b85863b157283c7225b648bf0ea43e0591165e4c2d
fffa14e9a3c576087a9202af54e8f11669f29c37617df0c6f728ca24d95f60bc

buhgalter.com.ua Open in urlscan Pro 136.144.183.196 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

425 Requests

82 %HTTPS

31 %IPv6

98 Domains

146 Subdomains

107 IPs

14 Countries

5305 kBTransfer

10086 kBSize

127 Cookies

14 Outgoing links

Page URL History

Redirected requests

425 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 87 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

buhgalter.com.ua Open in urlscan Pro
136.144.183.196 Public Scan

Screenshot
Live screenshot

Full Image

425
Requests

82 %
HTTPS

31 %
IPv6

98
Domains

146
Subdomains

107
IPs

14
Countries

5305 kB
Transfer

10086 kB
Size

127
Cookies

425 HTTP transactions
87 data transactions