jweinercpas.com Open in urlscan Pro
2606:4700:3030::ac43:9caf Public Scan

Go To Rescan
Add Verdict Report

URL:
http://jweinercpas.com/
Submission: On December 10 via api (December 10th 2023, 1:07:32 am UTC) from US — Scanned from US

Summary HTTP 98 Redirects Links 40 Behaviour Indicators

Summary

This website contacted 39 IPs in 6 countries across 51 domains to perform 98 HTTP transactions. The main IP is 2606:4700:3030::ac43:9caf, located in United States and belongs to CLOUDFLARENET, US. The main domain is jweinercpas.com.

This is the only time jweinercpas.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
23	2606:4700:303... 2606:4700:3030::ac43:9caf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	172.67.36.70 172.67.36.70	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2607:f8b0:400... 2607:f8b0:4006:80f::2008	15169 (GOOGLE) (GOOGLE)
1	185.167.164.45 185.167.164.45	198622 (ADFORM) (ADFORM)
5	2607:f8b0:400... 2607:f8b0:4006:80c::200e	15169 (GOOGLE) (GOOGLE)
2 12	185.167.164.39 185.167.164.39	198622 (ADFORM) (ADFORM)
2	2001:4860:480... 2001:4860:4802:38::181	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c06::9b	15169 (GOOGLE) (GOOGLE)
5	185.167.164.43 185.167.164.43	198622 (ADFORM) (ADFORM)
4 4	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
4 5	68.67.179.164 68.67.179.164	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	69.173.151.100 69.173.151.100	26667 (RUBICONPR...) (RUBICONPROJECT)
3 3	3.225.218.10 3.225.218.10	14618 (AMAZON-AES) (AMAZON-AES)
1	23.204.152.38 23.204.152.38	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 3	3.210.80.44 3.210.80.44	14618 (AMAZON-AES) (AMAZON-AES)
1	23.215.41.148 23.215.41.148	16625 (AKAMAI-AS) (AKAMAI-AS)
1	35.156.237.51 35.156.237.51	16509 (AMAZON-02) (AMAZON-02)
1 1	23.105.12.136 23.105.12.136	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
1	63.251.28.133 63.251.28.133	26558 (FREEWHEEL) (FREEWHEEL)
2 2	35.211.178.172 35.211.178.172	15169 (GOOGLE) (GOOGLE)
1	3.140.180.43 3.140.180.43	16509 (AMAZON-02) (AMAZON-02)
1 2	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	50.57.31.206 50.57.31.206	19994 (RACKSPACE) (RACKSPACE)
1 2	50.16.174.192 50.16.174.192	14618 (AMAZON-AES) (AMAZON-AES)
2 2	34.229.3.43 34.229.3.43	14618 (AMAZON-AES) (AMAZON-AES)
1	2a02:6ea0:c40... 2a02:6ea0:c400::12	60068 (CDN77 ^_^) (CDN77 ^_^)
2 2	35.244.154.8 35.244.154.8	15169 (GOOGLE) (GOOGLE)
1 1	107.178.254.65 107.178.254.65	15169 (GOOGLE) (GOOGLE)
1 2	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	3.225.254.35 3.225.254.35	14618 (AMAZON-AES) (AMAZON-AES)
2	23.47.69.85 23.47.69.85	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	99.81.243.254 99.81.243.254	16509 (AMAZON-02) (AMAZON-02)
1	52.92.3.40 52.92.3.40	16509 (AMAZON-02) (AMAZON-02)
1	44.218.245.106 44.218.245.106	14618 (AMAZON-AES) (AMAZON-AES)
3 3	142.250.80.34 142.250.80.34	15169 (GOOGLE) (GOOGLE)
1	8.28.7.83 8.28.7.83	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	13.224.214.106 13.224.214.106	16509 (AMAZON-02) (AMAZON-02)
2 3	52.16.120.138 52.16.120.138	16509 (AMAZON-02) (AMAZON-02)
2 2	18.206.67.229 18.206.67.229	14618 (AMAZON-AES) (AMAZON-AES)
1 1	13.224.214.26 13.224.214.26	16509 (AMAZON-02) (AMAZON-02)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	54.221.60.142 54.221.60.142	14618 (AMAZON-AES) (AMAZON-AES)
3 4	162.19.138.116 162.19.138.116	16276 (OVH) (OVH)
2 2	35.190.24.218 35.190.24.218	15169 (GOOGLE) (GOOGLE)
1	23.51.53.155 23.51.53.155	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	2600:9000:25c... 2600:9000:25c8:b200:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2 3	199.127.204.171 199.127.204.171	26120 (RHYTHMONE) (RHYTHMONE)
1	46.19.11.36 46.19.11.36	51790 (SIEL) (SIEL)
1	18.208.73.39 18.208.73.39	14618 (AMAZON-AES) (AMAZON-AES)
1 2	35.71.139.29 35.71.139.29	16509 (AMAZON-02) (AMAZON-02)
1	34.235.210.13 34.235.210.13	14618 (AMAZON-AES) (AMAZON-AES)
1	2607:f8b0:400... 2607:f8b0:4006:81d::2004	15169 (GOOGLE) (GOOGLE)
98	39

23 2606:4700:3030::ac43:9caf (United States)

ASN13335 (CLOUDFLARENET, US)

jweinercpas.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 172.67.36.70 (United States)

ASN13335 (CLOUDFLARENET, US)

lift.opensnow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
blizzard.opensnow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80f::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.167.164.45 (Denmark)

ASN198622 (ADFORM, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:80c::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 185.167.164.39 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

a2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:38::181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c06::9b (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.167.164.43 (Denmark)

ASN198622 (ADFORM, DK)

a1.seadform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.71.131.137 (United States) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 68.67.179.164 (North Bergen, United States) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.151.100 (United States) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.225.218.10 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-218-10.compute-1.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.204.152.38 (Edison, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-204-152-38.deploy.static.akamaitechnologies.com

hb.yahoo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.210.80.44 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-210-80-44.compute-1.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ice.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.215.41.148 (McAllen, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-215-41-148.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.156.237.51 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-237-51.eu-central-1.compute.amazonaws.com

ih.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.105.12.136 (Manassas, United States) 1 redirects

ASN30633 (LEASEWEB-USA-WDC, US)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.251.28.133 (Secaucus, United States)

ASN26558 (FREEWHEEL, US)

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.211.178.172 (North Charleston, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.140.180.43 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-140-180-43.us-east-2.compute.amazonaws.com

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.36.155 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 50.57.31.206 (United States) 1 redirects

ASN19994 (RACKSPACE, US)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 50.16.174.192 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-174-192.compute-1.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.229.3.43 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-229-3-43.compute-1.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c400::12 (New York, United States)

ASN60068 (CDN77 ^_^, GB)

load77.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.154.8 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 8.154.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.178.254.65 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com

pippio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.225.254.35 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-254-35.compute-1.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.47.69.85 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-47-69-85.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.81.243.254 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-243-254.eu-west-1.compute.amazonaws.com

api.adrtx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.92.3.40 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1.amazonaws.com

s3-eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.218.245.106 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-218-245-106.compute-1.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.80.34 (Plainview, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s34-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.214.106 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-106.phl50.r.cloudfront.net

pdw-adf.userreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.16.120.138 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-120-138.eu-west-1.compute.amazonaws.com

a.audrte.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.206.67.229 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-206-67-229.compute-1.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.214.26 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-26.phl50.r.cloudfront.net

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Loerrach, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.221.60.142 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-221-60-142.compute-1.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 162.19.138.116 (Frankfurt am Main, Germany) 3 redirects

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.24.218 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 218.24.190.35.bc.googleusercontent.com

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.51.53.155 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-51-53-155.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:25c8:b200:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 199.127.204.171 (United States) 2 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.19.11.36 (Slovenia)

ASN51790 (SIEL, SI)
PTR: ilog.vsn.si

match.contentexchange.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.208.73.39 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-208-73-39.compute-1.amazonaws.com

bpi.rtactivate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.139.29 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.235.210.13 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-235-210-13.compute-1.amazonaws.com

e1.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81d::2004 (United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	jweinercpas.com jweinercpas.com	1017 KB
17	adform.net 2 redirects s2.adform.net — Cisco Umbrella Rank: 6115 a2.adform.net — Cisco Umbrella Rank: 8098 c1.adform.net — Cisco Umbrella Rank: 560 dmp.adform.net — Cisco Umbrella Rank: 2870	43 KB
16	opensnow.com lift.opensnow.com — Cisco Umbrella Rank: 276864 blizzard.opensnow.com — Cisco Umbrella Rank: 264178	3 MB
5	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 229 secure.adnxs.com — Cisco Umbrella Rank: 478	4 KB
5	doubleclick.net 3 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 75 cm.g.doubleclick.net — Cisco Umbrella Rank: 219	1 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	72 KB
4	id5-sync.com 3 redirects id5-sync.com — Cisco Umbrella Rank: 425	5 KB
4	adsrvr.org 4 redirects insight.adsrvr.org — Cisco Umbrella Rank: 557 match.adsrvr.org — Cisco Umbrella Rank: 331	2 KB
3	audrte.com 2 redirects a.audrte.com — Cisco Umbrella Rank: 2112	2 KB
3	exelator.com 2 redirects loadm.exelator.com — Cisco Umbrella Rank: 1661 load77.exelator.com — Cisco Umbrella Rank: 3503	2 KB
3	360yield.com 2 redirects ad.360yield.com — Cisco Umbrella Rank: 666 ice.360yield.com — Cisco Umbrella Rank: 1817	1 KB
3	yahoo.com 3 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 307	876 B
3	google.com analytics.google.com — Cisco Umbrella Rank: 152 www.google.com — Cisco Umbrella Rank: 2	706 B
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	159 KB
2	3lift.com 1 redirects eb2.3lift.com — Cisco Umbrella Rank: 372	717 B
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 546	969 B
2	weborama.fr 2 redirects redirect.frontend.weborama.fr — Cisco Umbrella Rank: 12816	628 B
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 818	1 KB
2	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 208	1 KB
2	openx.net 1 redirects eu-u.openx.net — Cisco Umbrella Rank: 2473	490 B
2	bluekai.com tags.bluekai.com — Cisco Umbrella Rank: 638	792 B
2	crwdcntrl.net 1 redirects sync.crwdcntrl.net — Cisco Umbrella Rank: 799	836 B
2	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 327	889 B
2	rlcdn.com 2 redirects idsync.rlcdn.com — Cisco Umbrella Rank: 408	815 B
2	eyeota.net 1 redirects ps.eyeota.net — Cisco Umbrella Rank: 981	1 KB
2	semasio.net 1 redirects uipglob.semasio.net — Cisco Umbrella Rank: 1234	1 KB
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578	1 KB
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 336	1 KB
2	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 339 token.rubiconproject.com — Cisco Umbrella Rank: 461	1 KB
1	emxdgt.com e1.emxdgt.com — Cisco Umbrella Rank: 1855	120 B
1	rtactivate.com bpi.rtactivate.com — Cisco Umbrella Rank: 1491	109 B
1	contentexchange.me match.contentexchange.me — Cisco Umbrella Rank: 23748	49 B
1	unrulymedia.com sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1258	452 B
1	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 674	511 B
1	teads.tv sync.teads.tv — Cisco Umbrella Rank: 1299	278 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1428	456 B
1	agkn.com 1 redirects aa.agkn.com — Cisco Umbrella Rank: 499	647 B
1	userreport.com pdw-adf.userreport.com — Cisco Umbrella Rank: 20737	443 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 723	470 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 699	338 B
1	amazonaws.com s3-eu-west-1.amazonaws.com	390 B
1	adrtx.net 1 redirects api.adrtx.net — Cisco Umbrella Rank: 23648	407 B
1	pippio.com 1 redirects pippio.com — Cisco Umbrella Rank: 777	633 B
1	omnitagjs.com visitor.omnitagjs.com — Cisco Umbrella Rank: 656	386 B
1	stickyadstv.com ads.stickyadstv.com — Cisco Umbrella Rank: 526	634 B
1	smartadserver.com 1 redirects rtb-csync.smartadserver.com — Cisco Umbrella Rank: 622	668 B
1	adscale.de ih.adscale.de — Cisco Umbrella Rank: 4608	38 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 4166	400 B
1	yahoo.net hb.yahoo.net — Cisco Umbrella Rank: 866	659 B
1	seadform.net a1.seadform.net — Cisco Umbrella Rank: 20484	457 B
0	ib-ibi.com Failed global.ib-ibi.com Failed
98	51

	Domain	Requested by
23	jweinercpas.com	jweinercpas.com
11	blizzard.opensnow.com	jweinercpas.com
9	c1.adform.net	1 redirects a2.adform.net c1.adform.net
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com jweinercpas.com
5	lift.opensnow.com	jweinercpas.com
4	id5-sync.com	3 redirects c1.adform.net
4	dmp.adform.net	c1.adform.net
3	a.audrte.com	2 redirects c1.adform.net
3	cm.g.doubleclick.net	3 redirects
3	ups.analytics.yahoo.com	3 redirects
3	match.adsrvr.org	3 redirects
3	ib.adnxs.com	3 redirects
3	a2.adform.net	1 redirects jweinercpas.com s2.adform.net
3	www.googletagmanager.com	jweinercpas.com www.googletagmanager.com
2	eb2.3lift.com	1 redirects c1.adform.net
2	sync.1rx.io	2 redirects
2	redirect.frontend.weborama.fr	2 redirects
2	ice.360yield.com	2 redirects
2	pm.w55c.net	2 redirects
2	dpm.demdex.net	2 redirects
2	secure.adnxs.com	1 redirects c1.adform.net
2	eu-u.openx.net	1 redirects c1.adform.net
2	tags.bluekai.com	c1.adform.net
2	sync.crwdcntrl.net	1 redirects c1.adform.net
2	px.ads.linkedin.com	1 redirects c1.adform.net
2	idsync.rlcdn.com	2 redirects
2	loadm.exelator.com	2 redirects
2	ps.eyeota.net	1 redirects c1.adform.net
2	uipglob.semasio.net	1 redirects c1.adform.net
2	dsum-sec.casalemedia.com	1 redirects c1.adform.net
2	x.bidswitch.net	2 redirects
2	stats.g.doubleclick.net	www.googletagmanager.com jweinercpas.com
2	analytics.google.com	www.googletagmanager.com
1	www.google.com	jweinercpas.com
1	e1.emxdgt.com	c1.adform.net
1	bpi.rtactivate.com	c1.adform.net
1	match.contentexchange.me	c1.adform.net
1	sync.targeting.unrulymedia.com	c1.adform.net
1	s.ad.smaato.net	1 redirects
1	sync.teads.tv	c1.adform.net
1	dsp.adfarm1.adition.com	1 redirects
1	aa.agkn.com	1 redirects
1	pdw-adf.userreport.com	c1.adform.net
1	simage2.pubmatic.com	c1.adform.net
1	beacon.krxd.net	c1.adform.net
1	s3-eu-west-1.amazonaws.com	c1.adform.net
1	api.adrtx.net	1 redirects
1	pippio.com	1 redirects
1	load77.exelator.com	c1.adform.net
1	visitor.omnitagjs.com	c1.adform.net
1	ads.stickyadstv.com	c1.adform.net
1	rtb-csync.smartadserver.com	1 redirects
1	ih.adscale.de	c1.adform.net
1	token.rubiconproject.com	c1.adform.net
1	ad.yieldlab.net	c1.adform.net
1	ad.360yield.com	c1.adform.net
1	hb.yahoo.net	a2.adform.net
1	pixel.rubiconproject.com	1 redirects
1	insight.adsrvr.org	1 redirects
1	a1.seadform.net	jweinercpas.com
1	s2.adform.net	jweinercpas.com
0	global.ib-ibi.com Failed	c1.adform.net
98	62

This site contains links to these domains. Also see Links.

Domain
support.opensnow.com
lift.opensnow.com
open.spotify.com
opensnow.com
shop.opensnow.com
itunes.apple.com
play.google.com
www.facebook.com
www.instagram.com
x.com
www.youtube.com

Subject Issuer	Validity	Valid
lift.opensnow.com E1	`2023-11-13` - `2024-02-11`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-28` - `2024-04-27`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
track.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-06` - `2024-09-19`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.seadform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-23` - `2024-11-08`	a year	crt.sh
*.360yield.com Amazon RSA 2048 M01	`2023-07-17` - `2024-08-13`	a year	crt.sh
*.yieldlab.net DigiCert TLS RSA SHA256 2020 CA1	`2023-09-17` - `2024-09-17`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.adscale.de Amazon RSA 2048 M02	`2023-07-18` - `2024-08-15`	a year	crt.sh
*.ads.stickyadstv.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-19` - `2024-05-19`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-07` - `2024-02-08`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2023-04-14` - `2024-04-12`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.userreport.com Amazon RSA 2048 M02	`2023-11-20` - `2024-12-17`	a year	crt.sh
teads.tv R3	`2023-11-03` - `2024-02-01`	3 months	crt.sh
*.contentexchange.me Sectigo RSA Domain Validation Secure Server CA	`2023-05-29` - `2024-06-04`	a year	crt.sh
rtactivate.com Amazon RSA 2048 M01	`2023-03-14` - `2024-04-11`	a year	crt.sh
*.emxdgt.com Go Daddy Secure Certificate Authority - G2	`2023-06-14` - `2024-06-14`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 3 frames:

Primary Page: http://jweinercpas.com/
Frame ID: 20B715B6C0993873E298A1CA9A713423
Requests: 56 HTTP requests in this frame

Frame: https://a2.adform.net/serving/container/?pm=3104993&lid=137965036&ctype=0&media=0&PageName=Retargeting&rnd=1067976644&cpref=&loc=http%3a%2f%2fjweinercpas.com%2f
Frame ID: 089D44FCE88464380A2352EE196B0110
Requests: 2 HTTP requests in this frame

Frame: https://c1.adform.net/imatch/pixels?uid=972156233504487137&agencyId=6276&advertiserId=2170899&src=tp&rnd=2757
Frame ID: E6AAB06E9C252DDB4F15495AFCC6A8C1
Requests: 41 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

OpenSnow: Weather Forecasts & Snow Reports | OpenSnow

Detected technologies

Nuxt.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

/_nuxt/

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

98
Requests

51 %
HTTPS

17 %
IPv6

51
Domains

62
Subdomains

39
IPs

6
Countries

4350 kB
Transfer

6972 kB
Size

77
Cookies

40 Outgoing links

These are links going to different origins than the main page.

URL: https://support.opensnow.com/
Title: Help

Search URL Search Domain Scan URL

URL: https://lift.opensnow.com/hosted-files/16385681189a83e00ab16be8cb1008e67fdbdbfeb4.png
Title: Email Storm Updates

Search URL Search Domain Scan URL

URL: https://lift.opensnow.com/hosted-files/16385683119a83e00ab16be8cb1008e67fdbdbfeb4.png
Title: Favorite Ski Resort List

Search URL Search Domain Scan URL

URL: https://lift.opensnow.com/hosted-files/1638569439626994d88c643b194c5f1f55e17d141c.png
Title: Full Daily Snow Forecast

Search URL Search Domain Scan URL

URL: https://lift.opensnow.com/hosted-files/1639055555626994d88c643b194c5f1f55e17d141c.png
Title: 10-Day Snow Forecasts

Search URL Search Domain Scan URL

URL: https://lift.opensnow.com/hosted-files/16713760949a83e00ab16be8cb1008e67fdbdbfeb4.png
Title: Save Forecasts Anywhere on Earth

Search URL Search Domain Scan URL

URL: https://lift.opensnow.com/hosted-files/16385698009a83e00ab16be8cb1008e67fdbdbfeb4.png
Title: 5-Day Hourly Forecasts

Search URL Search Domain Scan URL

URL: https://lift.opensnow.com/hosted-files/16385683999a83e00ab16be8cb1008e67fdbdbfeb4.png
Title: Compare Favorite Forecasts

Search URL Search Domain Scan URL

URL: https://lift.opensnow.com/hosted-files/16385690709a83e00ab16be8cb1008e67fdbdbfeb4.png
Title: High-Resolution Weather Maps

Search URL Search Domain Scan URL

URL: https://lift.opensnow.com/hosted-files/16811662459a83e00ab16be8cb1008e67fdbdbfeb4.png
Title: 10-Day Historical Weather

Search URL Search Domain Scan URL

URL: https://lift.opensnow.com/hosted-files/16385699198266e4bfeda1bd42d8f9794eb4ea0a13.png
Title: Custom Powder Alerts

Search URL Search Domain Scan URL

URL: https://lift.opensnow.com/hosted-files/16385700479a83e00ab16be8cb1008e67fdbdbfeb4.png
Title: Favorite & Offline Trail Maps

Search URL Search Domain Scan URL

URL: https://lift.opensnow.com/hosted-files/16811665129a83e00ab16be8cb1008e67fdbdbfeb4.png
Title: Season Snowfall

Search URL Search Domain Scan URL

URL: https://lift.opensnow.com/hosted-files/16390567909a83e00ab16be8cb1008e67fdbdbfeb4.png
Title: Favorite & Timelapse Cams

Search URL Search Domain Scan URL

URL: https://lift.opensnow.com/hosted-files/16385705249a83e00ab16be8cb1008e67fdbdbfeb4.png
Title: Snowpack Graphs

Search URL Search Domain Scan URL

URL: https://lift.opensnow.com/hosted-files/1638570541626994d88c643b194c5f1f55e17d141c.png
Title: Historical Snow Reports

Search URL Search Domain Scan URL

URL: https://lift.opensnow.com/hosted-files/16811663859a83e00ab16be8cb1008e67fdbdbfeb4.png
Title: Estimated Trail Conditions

Search URL Search Domain Scan URL

URL: https://lift.opensnow.com/hosted-files/16717348999a83e00ab16be8cb1008e67fdbdbfeb4.png
Title: Offline Satellite & Terrain Maps

Search URL Search Domain Scan URL

URL: https://lift.opensnow.com/hosted-files/16385679979a83e00ab16be8cb1008e67fdbdbfeb4.png
Title: Hourly Forecasts

Search URL Search Domain Scan URL

URL: https://lift.opensnow.com/hosted-files/16385685089a83e00ab16be8cb1008e67fdbdbfeb4.png
Title: Forecasts for Mountains

Search URL Search Domain Scan URL

URL: https://lift.opensnow.com/hosted-files/16385686049a83e00ab16be8cb1008e67fdbdbfeb4.png
Title: Expert Forecasters

Search URL Search Domain Scan URL

URL: https://lift.opensnow.com/hosted-files/16385688349a83e00ab16be8cb1008e67fdbdbfeb4.png
Title: Day & Night Snow Forecast

Search URL Search Domain Scan URL

URL: https://lift.opensnow.com/hosted-files/16385711709a83e00ab16be8cb1008e67fdbdbfeb4.png
Title: Backcountry Snow Reports

Search URL Search Domain Scan URL

URL: https://lift.opensnow.com/hosted-files/16385708499a83e00ab16be8cb1008e67fdbdbfeb4.png
Title: Forecast & Report Alerts

Search URL Search Domain Scan URL

URL: https://lift.opensnow.com/hosted-files/16385695689a83e00ab16be8cb1008e67fdbdbfeb4.png
Title: Compare Nearby Ski Resorts

Search URL Search Domain Scan URL

URL: https://lift.opensnow.com/hosted-files/16385695089a83e00ab16be8cb1008e67fdbdbfeb4.png
Title: Compare Season Passes

Search URL Search Domain Scan URL

URL: https://lift.opensnow.com/hosted-files/16390568869a83e00ab16be8cb1008e67fdbdbfeb4.png
Title: Compare Snow Stake Cams

Search URL Search Domain Scan URL

URL: https://lift.opensnow.com/hosted-files/16385682079a83e00ab16be8cb1008e67fdbdbfeb4.png
Title: Offline Trail Maps

Search URL Search Domain Scan URL

URL: https://support.opensnow.com/getting-started
Title: Getting Started

Search URL Search Domain Scan URL

URL: https://support.opensnow.com/feature-guides
Title: Feature Guides

Search URL Search Domain Scan URL

URL: https://open.spotify.com/show/2hDI6YOg6PLXUKYoOrWV1s?si=dVM_oEi6TfmqlyHmzLEqVw&nd=1
Title: Flakes Podcast

Search URL Search Domain Scan URL

URL: https://opensnow.com/news/post/opensnow-electricity-usage-100-renewable
Title: Climate

Search URL Search Domain Scan URL

URL: https://shop.opensnow.com/
Title: Shop

Search URL Search Domain Scan URL

URL: https://support.opensnow.com/contact-us/advertising-on-opensnow
Title: Advertise

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/us/app/opensnow-ski-forecasts-reports/id780890907?ls=1&mt=8

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.opensnow.android

Search URL Search Domain Scan URL

URL: https://www.facebook.com/OpenSnow

Search URL Search Domain Scan URL

URL: https://www.instagram.com/opensnow/

Search URL Search Domain Scan URL

URL: https://x.com/OpenSnow

Search URL Search Domain Scan URL

URL: https://www.youtube.com/@Open-Snow

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 44

https://a2.adform.net/Serving/TrackPoint/?pm=3104993&ADFPageName=Retargeting&ADFdivider=%7C&ord=990578461450&ADFtpmode=2&loc=http%3A%2F%2Fjweinercpas.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24 HTTP 302
https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=3104993&ADFPageName=Retargeting&ADFdivider=%7C&ord=990578461450&ADFtpmode=2&loc=http%3A%2F%2Fjweinercpas.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24

Request Chain 52

https://insight.adsrvr.org/track/pxl/?adv=s0gqw47&ct=0:md2k8zv&fmt=3 HTTP 302
https://ib.adnxs.com/getuid?https%3a%2f%2fmatch.adsrvr.org%2ftrack%2fcmf%2fappnexus%3fttd%3d1%26anid%3d%24UID&ttd_tdid=81d0642c-a0f6-43a7-a53f-a9b7a4c3933a HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fmatch.adsrvr.org%252ftrack%252fcmf%252fappnexus%253fttd%253d1%2526anid%253d%2524UID%26ttd_tdid%3D81d0642c-a0f6-43a7-a53f-a9b7a4c3933a HTTP 302
https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=8865539027973279301&ttd_tdid=81d0642c-a0f6-43a7-a53f-a9b7a4c3933a HTTP 302
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=81d0642c-a0f6-43a7-a53f-a9b7a4c3933a&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon HTTP 302
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0 HTTP 302
https://ups.analytics.yahoo.com/ups/55953/sync?uid=81d0642c-a0f6-43a7-a53f-a9b7a4c3933a&_origin=1&redir=true&gdpr=0&gdpr_consent=&redir=true HTTP 302
https://ups.analytics.yahoo.com/ups/55953/sync?uid=81d0642c-a0f6-43a7-a53f-a9b7a4c3933a&_origin=1&redir=true&gdpr=0&gdpr_consent=&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=55953&ovsid=81d0642c-a0f6-43a7-a53f-a9b7a4c3933a&gdpr=0&redir=true HTTP 302
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1yamxaTmExRTJ1RXU5NjdINzd2TGtzQkJiajdkalNKMn5B&gdpr=0&ovsid=81d0642c-a0f6-43a7-a53f-a9b7a4c3933a&dpid=55953

Request Chain 58

https://rtb-csync.smartadserver.com/redir/?partnerid=22&partneruserid=972156233504487137&redirurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d10%26cid%3DSMART_USER_ID HTTP 302
https://c1.adform.net/serving/cookie/match?party=10&cid=2336191261542622197

Request Chain 60

https://x.bidswitch.net/sync?dsp_id=70&user_id=972156233504487137 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=70&user_id=972156233504487137 HTTP 302
https://visitor.omnitagjs.com/visitor/sync?uid=2a62ca3297af454b8f19eb7922ed945f&visitor=29d8609b-c201-4a58-a50f-de0428a6d83f&name=BIDSWITCH&gdpr=&gdpr_consent=

Request Chain 61

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=972156233504487137&expiration=1703380046 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=972156233504487137&expiration=1703380046&C=1

Request Chain 62

https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=972156233504487137&sInitiator=external HTTP 302
https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=972156233504487137&sInitiator=external

Request Chain 63

https://ps.eyeota.net/match?uid=972156233504487137&bid=9gdtmu1 HTTP 302
https://ps.eyeota.net/match/bounce/?uid=972156233504487137&bid=9gdtmu1

Request Chain 64

https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=972156233504487137 HTTP 302
https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=972156233504487137&xl8blockcheck=1 HTTP 302
https://load77.exelator.com/pixel.gif

Request Chain 65

https://idsync.rlcdn.com/398366.gif?partner_uid=972156233504487137 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CJ6oGBIdChkIARCUdRoSOTcyMTU2MjMzNTA0NDg3MTM3EAAaDQjOntSrBhIFCOgHEABCAEoA HTTP 307
https://pippio.com/api/sync?pid=5324&it=1&iv=a873ff97b7ff34d0bd436fdcf258dfbb363d3e65a44d7940ff52c17aee6f99c6791426b5417dce21&_=2 HTTP 307
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=a873ff97b7ff34d0bd436fdcf258dfbb363d3e65a44d7940ff52c17aee6f99c6791426b5417dce21&rand=02777806 HTTP 302
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=a873ff97b7ff34d0bd436fdcf258dfbb363d3e65a44d7940ff52c17aee6f99c6791426b5417dce21&rand=02777806&expected_cookie=aeb3278d-287a-4605-a694-0396f895da3a

Request Chain 66

https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=972156233504487137/gdpr=/gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=972156233504487137/gdpr=/gdpr_consent=

Request Chain 68

https://eu-u.openx.net/w/1.0/sd?id=537113484&val=972156233504487137 HTTP 302
https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=972156233504487137

Request Chain 69

https://api.adrtx.net/thirdparty/click?p=adfo HTTP 302
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif

Request Chain 71

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=OTcyMTU2MjMzNTA0NDg3MTM3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm=&google_ula=1641347&party=1&google_hm=OTcyMTU2MjMzNTA0NDg3MTM3&google_tc= HTTP 302
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESENUehwKUKO-N5wjFSLAvZB4&google_cver=1&google_ula=1641347,0

Request Chain 73

https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=3&id=8865539027973279301&redirect=1 HTTP 302
https://secure.adnxs.com/setuid?entity=91&code=972156233504487137

Request Chain 76

https://a.audrte.com/a?adform_uid=972156233504487137 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=MGw1UzRnck4wTXhUSUs5NTF5bi1IZXRpQQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
https://a.audrte.com/p

Request Chain 77

https://dpm.demdex.net/ibs:dpid=1586&dpuuid=972156233504487137&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=972156233504487137&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=1007&cid=00617673387515775053565078690299351445&noredirect=1

Request Chain 78

https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=972156233504487137 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=214050604726000646785

Request Chain 79

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7310766402091939992

Request Chain 81

https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
https://c1.adform.net/serving/cookie/match?party=1084&cid=MrRg3rCg1Rc8i35

Request Chain 82

https://match.adsrvr.org/track/cmf/generic?ttd_pid=71ei9rr&ttd_tpi=1 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=81d0642c-a0f6-43a7-a53f-a9b7a4c3933a

Request Chain 84

https://id5-sync.com/s/10/0.gif?puid=972156233504487137 HTTP 302
https://id5-sync.com/c/10/10/2/1.gif?puid=972156233504487137&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://ib.adnxs.com/getuid?https://id5-sync.com/c/10/2/1/2.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/10/2/1/2.gif?puid=8865539027973279301&gdpr=0&gdpr_consent= HTTP 302
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-13d7OVRLPT_ls65XO0HbaaWCBYOoMIKQiVXKveLuxw&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F10%2F124%2F0%2F3.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-13d7OVRLPT_ls65XO0HbaaWCBYOoMIKQiVXKveLuxw&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F10%2F124%2F0%2F3.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/cq/10/124/0/3.gif?puid=c6b55dd0-a765-4f70-b422-945d7d0734bf&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=

Request Chain 85

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D HTTP 307
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=2033298184 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=5sYLAkorjaBg1lj8bWm4ne

Request Chain 87

https://s.ad.smaato.net/c/?dspInit=1001213&dspCookie=972156233504487137 HTTP 302
https://sync.1rx.io/usersync/smaato/e0ebe14000?gdpr=0&gdpr_consent= HTTP 302
https://sync.1rx.io/usersync/smaato/e0ebe14000?zcc=1&cb=1702170448107 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-0f4d227e-90a2-4424-8a29-d4bf76ea49f1-005

Request Chain 90

https://eb2.3lift.com/xuid?mid=7354&xuid=972156233504487137&dongle=AD20 HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=7354&xuid=972156233504487137&dongle=AD20&gdpr=0&cmp_cs=&us_privacy=

98 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
jweinercpas.com/ 249 KB
42 KB 311ms
229ms Document
text/html 2606:4700:3030::ac43:9caf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://jweinercpas.com/
Protocol: HTTP/1.1
Server: 2606:4700:3030::ac43:9caf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a1e289c88271062a8795449bbd1271584a33681928e6880f17274212bc92b27

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 833197404cdc029b-MIA
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Sun, 10 Dec 2023 01:07:25 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EHYDIcgxMYFCEow7TVojNK7K%2Bu3V9YfmvCSb6uPMu6fNR3ocaxgRFW3ulV5bqEJh%2FRqfgEzaMnyQhNKpjXEOrppiIHXKwY2GxDQ%2FZK2njYVxB4I4tOC2uC5XMbBHBhZf7b8JV7bx2UZ8Rm%2B339E%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: User-Agent, Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK 9dd2bc8.modern.js Show response
jweinercpas.com/_nuxt/ 7 KB
4 KB 84ms
78ms Script
application/javascript 2606:4700:3030::ac43:9caf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://jweinercpas.com/_nuxt/9dd2bc8.modern.js
Requested by: Host: jweinercpas.com
URL: http://jweinercpas.com/
Protocol: HTTP/1.1
Server: 2606:4700:3030::ac43:9caf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a5aeb8c8c0267952aab0edcdbcaca676f1e7fea4dc7494f61eed3187a3bd0cf0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://jweinercpas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sun, 10 Dec 2023 01:07:25 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Fri, 01 Dec 2023 19:33:13 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
ETag: W/"1a84-18c26def052"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MQces1WVNHv3dnRaT%2FpjYmm%2FM09647qevhnxhTHQUl%2F%2F2WdEE23%2BqxckzyIy5teV6RFq8w53nFHeKaYRswZKijKE4KQvqYYQ2BgBMBnn0vusC5CKGK77WsF5hgBZRpGMCoeS8Z1jqnLeF11mQT8%3D"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=31536000
Connection: keep-alive
CF-RAY: 83319741cebe029b-MIA
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK df01377.modern.js Show response
jweinercpas.com/_nuxt/ 238 KB
82 KB 164ms
131ms Script
application/javascript 2606:4700:3030::ac43:9caf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://jweinercpas.com/_nuxt/df01377.modern.js
Requested by: Host: jweinercpas.com
URL: http://jweinercpas.com/
Protocol: HTTP/1.1
Server: 2606:4700:3030::ac43:9caf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c51d4cce1b3d937dd07e5f0069956444009219cbcb84ce64c4e3f424129b37f

Request headers

accept-language: en-US,en;q=0.9
Referer: http://jweinercpas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sun, 10 Dec 2023 01:07:25 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Fri, 01 Dec 2023 19:33:13 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
ETag: W/"3b8de-18c26def02e"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yiUz3SgOXP70gmXutFIopKK7S3iiaYiEVnEMHhqGmtrlCIqOfrwcz0YqBCoCYcNNWFJbVC7qH%2BjiO3ACuHdm7uY73pHDIkosq%2BQzKW%2F5b7nedPwD4GEdmnb91xPYfirpkJbXduZlZIpXX3T2sFQ%3D"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=31536000
Connection: keep-alive
CF-RAY: 83319741fd0fdacd-MIA
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK 0c5590b.modern.js Show response
jweinercpas.com/_nuxt/ 2 MB
539 KB 158ms
125ms Script
application/javascript 2606:4700:3030::ac43:9caf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://jweinercpas.com/_nuxt/0c5590b.modern.js
Requested by: Host: jweinercpas.com
URL: http://jweinercpas.com/
Protocol: HTTP/1.1
Server: 2606:4700:3030::ac43:9caf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb1fc549c6d8e6989bf6f99b7f6d8c37ec37a308d56443916e32acac5b700d0a

Request headers

accept-language: en-US,en;q=0.9
Referer: http://jweinercpas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sun, 10 Dec 2023 01:07:25 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Fri, 01 Dec 2023 19:33:13 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
ETag: W/"1d9598-18c26def052"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AgjueY1UupNb0m5VttaXd5lcUQSBSWL9Yn7JbsPl94RYQGq60DxG2EkX582gqSaICU1j%2FnmyV3Vt8qd63lbkEHbgVrNMPo7dYRrNHkYF1CULMnld1BFQKOqNtk%2B63lN9yHACXOLy3h2VDW%2Bf%2Fqg%3D"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=31536000
Connection: keep-alive
CF-RAY: 83319741f92edab1-MIA
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK 2d5f4e5.modern.js Show response
jweinercpas.com/_nuxt/ 276 KB
70 KB 122ms
89ms Script
application/javascript 2606:4700:3030::ac43:9caf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://jweinercpas.com/_nuxt/2d5f4e5.modern.js
Requested by: Host: jweinercpas.com
URL: http://jweinercpas.com/
Protocol: HTTP/1.1
Server: 2606:4700:3030::ac43:9caf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a5315d79b321941d03af635d0245c1611641b3d340b4c209d2ee285656b59331

Request headers

accept-language: en-US,en;q=0.9
Referer: http://jweinercpas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sun, 10 Dec 2023 01:07:25 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Fri, 01 Dec 2023 19:33:13 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
ETag: W/"450e4-18c26def02e"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jE4PD5wcNxTx38scQfZz56cS6%2BgJpMNlXgezUgAkTs4ATfDyj8cXGJJHKBuDsUHyPeWWnxanHrpzlDNg31%2F47OE3aX6tQb%2FIUpgXBqZltRS%2BtOH8x3d18clRKUKcJNXrRshhHMrJ9kltGcfb0Dk%3D"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=31536000
Connection: keep-alive
CF-RAY: 83319741fed867ea-MIA
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK 93f62bb.modern.js Show response
jweinercpas.com/_nuxt/ 601 B
1 KB 158ms
124ms Script
application/javascript 2606:4700:3030::ac43:9caf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://jweinercpas.com/_nuxt/93f62bb.modern.js
Requested by: Host: jweinercpas.com
URL: http://jweinercpas.com/
Protocol: HTTP/1.1
Server: 2606:4700:3030::ac43:9caf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56f0e091355582c24408b588172b53b25fe4313597dd1b3ed12bdd912ecdd752

Request headers

accept-language: en-US,en;q=0.9
Referer: http://jweinercpas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sun, 10 Dec 2023 01:07:25 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Fri, 01 Dec 2023 19:33:13 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
ETag: W/"259-18c26def042"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1MiQgl7iCpk94xkdfFOHLuuvvFBsQzUwDpF4aokqPA0NHp44eUt0lThg2G9uCEBw89oEFI5WCTnefWFd75OcwNAGhuf%2Fj%2Fr7UUjB0s0uUtWO9FAK9CXNM2Bi4PhpuRCUkdo3y8LybYGFYLnbQlU%3D"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=31536000
Connection: keep-alive
CF-RAY: 833197420d968deb-MIA
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK 65e7b16.modern.js Show response
jweinercpas.com/_nuxt/ 15 KB
5 KB 126ms
92ms Script
application/javascript 2606:4700:3030::ac43:9caf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://jweinercpas.com/_nuxt/65e7b16.modern.js
Requested by: Host: jweinercpas.com
URL: http://jweinercpas.com/
Protocol: HTTP/1.1
Server: 2606:4700:3030::ac43:9caf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11ca0ce3e768c90fe2293f173d7b9194fb3c341c2054f4a14a211e0aec7a99dc

Request headers

accept-language: en-US,en;q=0.9
Referer: http://jweinercpas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sun, 10 Dec 2023 01:07:25 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Fri, 01 Dec 2023 19:33:13 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
ETag: W/"3d3c-18c26def02a"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MlNAMkM2Lz8JFsj0nU2LDFchY9n9QhAGtSKHEz7X7NpkItiY1cSmfkqLwGC2CR%2BvH4YvNtoP1%2BbH37uHEFXzM5%2FZD8dDfB44AylbVa8JCTeDlcR6WbC9av7rZu7whF%2B8GLwqXChEkD%2FnJUIa%2FeQ%3D"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=31536000
Connection: keep-alive
CF-RAY: 83319741fc032251-MIA
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK badea62.modern.js Show response
jweinercpas.com/_nuxt/ 26 KB
7 KB 250ms
83ms Script
application/javascript 2606:4700:3030::ac43:9caf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://jweinercpas.com/_nuxt/badea62.modern.js
Requested by: Host: jweinercpas.com
URL: http://jweinercpas.com/
Protocol: HTTP/1.1
Server: 2606:4700:3030::ac43:9caf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 848f214321332e0760959f6238b9ae525b43efbbb86cd6b2ea8651a91314a0ee

Request headers

accept-language: en-US,en;q=0.9
Referer: http://jweinercpas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sun, 10 Dec 2023 01:07:25 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Fri, 01 Dec 2023 19:33:13 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
ETag: W/"69e9-18c26def02a"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=njybR2ukHIc9Y1zlNX1hEQoqwqA1%2FVuoyRCKSop2Q2dNNmIzH9t44T5YKJwhuvEbWB63Itr8xeMYlV3Dyh7MbXTS%2F8Wj8L9Yvvps2qUWPFXkPOQjLgZGTtfcVE8bcOWl2SNDmIszxxK%2F%2Fp3UbTg%3D"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=31536000
Connection: keep-alive
CF-RAY: 83319742c864029b-MIA
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK 0450f27.modern.js Show response
jweinercpas.com/_nuxt/ 35 KB
10 KB 278ms
78ms Script
application/javascript 2606:4700:3030::ac43:9caf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://jweinercpas.com/_nuxt/0450f27.modern.js
Requested by: Host: jweinercpas.com
URL: http://jweinercpas.com/
Protocol: HTTP/1.1
Server: 2606:4700:3030::ac43:9caf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 403e2888f51e94d47e2036cecf5c185aa50e749f793860f6f1f9ec795babbca1

Request headers

accept-language: en-US,en;q=0.9
Referer: http://jweinercpas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sun, 10 Dec 2023 01:07:25 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Fri, 01 Dec 2023 19:33:13 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
ETag: W/"8a71-18c26def02a"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rsE7fypm1Iy4gEf%2Foeflwg1CHMziP4dkmyNd0XBoz%2B%2BObK%2B7lWMmFoBZhmGdWkjUfPB6s0xeWyKNzVBAee81zl7jSnQRpbvP1w1xbhS4s4NB%2B85LxHZ9XqRCGIrpM9KgxLPxRbQSrxaHIQxyw14%3D"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=31536000
Connection: keep-alive
CF-RAY: 833197430eeedacd-MIA
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK OpenSnowLogo.7fe2d19.png
jweinercpas.com/_nuxt/img/ 8 KB
9 KB 191ms
82ms Image
image/png 2606:4700:3030::ac43:9caf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://jweinercpas.com/_nuxt/img/OpenSnowLogo.7fe2d19.png
Requested by: Host: jweinercpas.com
URL: http://jweinercpas.com/
Protocol: HTTP/1.1
Server: 2606:4700:3030::ac43:9caf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01e11547653298afecff82a44a6a4e43c66a8d0ff42c95f4dfdb8506c593f360

Request headers

accept-language: en-US,en;q=0.9
Referer: http://jweinercpas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sun, 10 Dec 2023 01:07:25 GMT
CF-Cache-Status: HIT
Last-Modified: Fri, 01 Dec 2023 19:33:13 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
ETag: W/"202b-18c26def026"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vzqxBhcbLCu4lYFjXTKyBPjHZaBDRvXNOF6DIKmAV%2FFV7tCwejYxaPGCKXoPwe2h4bWf%2FSgvtDG4KI1lPYnM%2Fi%2Bau1%2BVNOd5HqKIZXnbSWsQ0VvMqgQzs%2BmsgOLBoAlzufDUZGd2Nvihxu%2FQaRY%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 833197431d5c2251-MIA
alt-svc: h3=":443"; ma=86400
Content-Length: 8235

GET
H2 200 16717374939a83e00ab16be8cb1008e67fdbdbfeb4.png
lift.opensnow.com/hosted-files/ 289 KB
289 KB 235ms
136ms Image
image/png 172.67.36.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lift.opensnow.com/hosted-files/16717374939a83e00ab16be8cb1008e67fdbdbfeb4.png

Requested by

Host: jweinercpas.com
URL: http://jweinercpas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.36.70 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

18fabf6388c12071b501c47d4fb577d69ebd92e4d2a366b597169326c568b4f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000

Request headers

accept-language: en-US,en;q=0.9
Referer: http://jweinercpas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 01:07:25 GMT
strict-transport-security: max-age=5184000
cf-cache-status: REVALIDATED
x-amz-request-id: tx0000000000000571b12e8-00654e23b8-4d30364f-nyc3b
cf-polished: origSize=301149, status=vary_header_present
surrogate-control: max-age=514;hw-h2proxy
alt-svc: h3=":443"; ma=86400
content-length: 295531
cf-bgj: imgq:85,h2pri
last-modified: Fri, 23 Dec 2022 14:38:32 GMT
server: cloudflare
etag: "ccd4da9799f7f8965fd27a0d73f4b58d"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin, Accept-Encoding
x-hw: 1699622854.cdn4-pxy039-mia02.mi1.evs,1699622854.cds233.mi1.c
content-type: image/png
cache-control: max-age=514
x-rgw-object-type: Normal
accept-ranges: bytes
cf-ray: 83319742bab131e0-MIA

GET
H2 200 16713760949a83e00ab16be8cb1008e67fdbdbfeb4-338x658.png
lift.opensnow.com/hosted-files/ 291 KB
292 KB 234ms
135ms Image
image/png 172.67.36.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lift.opensnow.com/hosted-files/16713760949a83e00ab16be8cb1008e67fdbdbfeb4-338x658.png

Requested by

Host: jweinercpas.com
URL: http://jweinercpas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.36.70 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65edc71d51741e0f98b68e5b2bcc4bd9b128e0c45b9a9261b8080246073700fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000

Request headers

accept-language: en-US,en;q=0.9
Referer: http://jweinercpas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 01:07:25 GMT
strict-transport-security: max-age=5184000
cf-cache-status: REVALIDATED
x-amz-request-id: tx00000000000005adc2eb9-0065518f9b-4cff3ece-nyc3b
cf-polished: origSize=301187, status=vary_header_present
x-envoy-upstream-healthchecked-cluster
alt-svc: h3=":443"; ma=86400
content-length: 298272
cf-bgj: imgq:85,h2pri
last-modified: Fri, 23 Dec 2022 17:10:22 GMT
server: cloudflare
etag: "9b37da1eaf4d7c34b213a19f9f57383f"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: image/png
x-do-cdn-uuid: c6b28816-f904-4e9d-8046-a85ca3ad71b0
cache-control: max-age=3600
x-rgw-object-type: Normal
accept-ranges: bytes
cf-ray: 83319742bab431e0-MIA

GET
H2 200 16714083499a83e00ab16be8cb1008e67fdbdbfeb4-338x658.png
lift.opensnow.com/hosted-files/ 127 KB
128 KB 235ms
137ms Image
image/png 172.67.36.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lift.opensnow.com/hosted-files/16714083499a83e00ab16be8cb1008e67fdbdbfeb4-338x658.png

Requested by

Host: jweinercpas.com
URL: http://jweinercpas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.36.70 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a4d63722cba32ac8477fc2fb6c1aee244f12e7909279473fce483885db65a4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000

Request headers

accept-language: en-US,en;q=0.9
Referer: http://jweinercpas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 01:07:25 GMT
strict-transport-security: max-age=5184000
cf-cache-status: REVALIDATED
x-amz-request-id: tx000000000000071ca9c31-00656a23c2-4d33653d-nyc3b
cf-polished: origSize=132818, status=vary_header_present
x-envoy-upstream-healthchecked-cluster
alt-svc: h3=":443"; ma=86400
content-length: 130529
cf-bgj: imgq:85,h2pri
last-modified: Fri, 23 Dec 2022 17:10:22 GMT
server: cloudflare
etag: "7144b711229a6fe3466039d62cce8591"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: image/png
x-do-cdn-uuid: c6b28816-f904-4e9d-8046-a85ca3ad71b0
cache-control: max-age=3600
x-rgw-object-type: Normal
accept-ranges: bytes
cf-ray: 83319742bab231e0-MIA

GET
H2 200 1671376244c6d6bd4a06053521455476923b6d6fe8-338x658.png
lift.opensnow.com/hosted-files/ 327 KB
327 KB 199ms
101ms Image
image/png 172.67.36.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lift.opensnow.com/hosted-files/1671376244c6d6bd4a06053521455476923b6d6fe8-338x658.png

Requested by

Host: jweinercpas.com
URL: http://jweinercpas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.36.70 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3aeaabf264d02ce7dae505d49c9f4c8d134957c665804414a27f017402846496

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000

Request headers

accept-language: en-US,en;q=0.9
Referer: http://jweinercpas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 01:07:25 GMT
strict-transport-security: max-age=5184000
cf-cache-status: REVALIDATED
x-amz-request-id: tx000000000000060fef099-006557cf8f-4d35fff7-nyc3b
cf-polished: origSize=337308, status=vary_header_present
x-envoy-upstream-healthchecked-cluster
alt-svc: h3=":443"; ma=86400
content-length: 334432
cf-bgj: imgq:85,h2pri
last-modified: Fri, 23 Dec 2022 17:10:22 GMT
server: cloudflare
etag: "fb086090e69eb907a6ba14939472af91"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: image/png
x-do-cdn-uuid: c6b28816-f904-4e9d-8046-a85ca3ad71b0
cache-control: max-age=3600
x-rgw-object-type: Normal
accept-ranges: bytes
cf-ray: 83319742bab531e0-MIA

GET
H2 200 16714089119a83e00ab16be8cb1008e67fdbdbfeb4.png
lift.opensnow.com/hosted-files/ 297 KB
298 KB 234ms
136ms Image
image/png 172.67.36.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lift.opensnow.com/hosted-files/16714089119a83e00ab16be8cb1008e67fdbdbfeb4.png

Requested by

Host: jweinercpas.com
URL: http://jweinercpas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.36.70 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0fbbbb63ebb16a0a04a4124202d8a3a8171beab5091e7490771a0ed9ea8529d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000

Request headers

accept-language: en-US,en;q=0.9
Referer: http://jweinercpas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 01:07:25 GMT
strict-transport-security: max-age=5184000
cf-cache-status: REVALIDATED
x-amz-request-id: tx000000000000059f0c4e5-006550be06-4d30364f-nyc3b
cf-polished: origSize=309127, status=vary_header_present
surrogate-control: max-age=3600;hw-h2proxy
x-envoy-upstream-healthchecked-cluster
alt-svc: h3=":443"; ma=86400
content-length: 304334
cf-bgj: imgq:85,h2pri
last-modified: Tue, 20 Dec 2022 22:08:59 GMT
server: cloudflare
etag: "c9593e720d5974a5fe457484118448a3"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin, Accept-Encoding
x-hw: 1699790342.cdn4-pxy046-mia02.mi1.evs,1699790342.cds051.mi1.pr
content-type: image/png
cache-control: max-age=3600
x-rgw-object-type: Normal
accept-ranges: bytes
cf-ray: 83319742bab631e0-MIA

GET
H/1.1 200
OK OpenSnowLogoMarkWhite.a8077ab.png
jweinercpas.com/_nuxt/img/ 3 KB
4 KB 91ms
87ms Image
image/png 2606:4700:3030::ac43:9caf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://jweinercpas.com/_nuxt/img/OpenSnowLogoMarkWhite.a8077ab.png
Requested by: Host: jweinercpas.com
URL: http://jweinercpas.com/
Protocol: HTTP/1.1
Server: 2606:4700:3030::ac43:9caf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a5885c19a11810454ba5fcd8b8aa48aab877177b59b9f9ee585d60edbb9a3a38

Request headers

accept-language: en-US,en;q=0.9
Referer: http://jweinercpas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sun, 10 Dec 2023 01:07:25 GMT
CF-Cache-Status: HIT
Last-Modified: Fri, 01 Dec 2023 19:33:13 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
ETag: W/"bf1-18c26def026"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=um5GQcsLVE9Ad8m50rC81uz4qTkK3utH6IqzR4N4zRrg5aen3EnfsKQcw60b4OLfffjm18Eexa6lfJlshY5yvYyBrnjv2xDw%2B3T8P3T3dR6ytdyJTm91lq0f47bD%2Fb6ysTgUCYx6%2B8hRIlgQjBY%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 833197435f898deb-MIA
alt-svc: h3=":443"; ma=86400
Content-Length: 3057

GET
H/1.1 200
OK appstore_black.276d3bd.png
jweinercpas.com/_nuxt/img/ 22 KB
22 KB 84ms
83ms Image
image/png 2606:4700:3030::ac43:9caf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://jweinercpas.com/_nuxt/img/appstore_black.276d3bd.png
Requested by: Host: jweinercpas.com
URL: http://jweinercpas.com/
Protocol: HTTP/1.1
Server: 2606:4700:3030::ac43:9caf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 78ea22a13907d6b2b10444886948b9884ae0ebfaa61514ddddac28c8240eaa8a

Request headers

accept-language: en-US,en;q=0.9
Referer: http://jweinercpas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sun, 10 Dec 2023 01:07:25 GMT
CF-Cache-Status: HIT
Last-Modified: Fri, 01 Dec 2023 19:33:13 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
ETag: W/"5648-18c26def026"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y%2FIa8J78KqfN%2BacHe254mpBSvQeqy8CA0sBlfqcQW0ZOvJ1T71BGvtlKtyDjyCj8GfcCNz8LjhZ4G8jPXzBl3Y3at6mDc5eGdNoDjQ5VaC8ycz5mijhrnxwW1oZXHgq%2FIQtrhSN7bxe2SGYrK%2BA%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 833197435957029b-MIA
alt-svc: h3=":443"; ma=86400
Content-Length: 22088

GET
H/1.1 200
OK play_store.63889ce.png
jweinercpas.com/_nuxt/img/ 36 KB
36 KB 90ms
90ms Image
image/png 2606:4700:3030::ac43:9caf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://jweinercpas.com/_nuxt/img/play_store.63889ce.png
Requested by: Host: jweinercpas.com
URL: http://jweinercpas.com/
Protocol: HTTP/1.1
Server: 2606:4700:3030::ac43:9caf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6fe05f92cebfacc6ef600f19789f5b69f91d97f7a5ad3e5fe650871daffd001

Request headers

accept-language: en-US,en;q=0.9
Referer: http://jweinercpas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sun, 10 Dec 2023 01:07:25 GMT
CF-Cache-Status: HIT
Last-Modified: Fri, 01 Dec 2023 19:33:13 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
ETag: W/"8efe-18c26def026"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=41WK52alGDE9Fv%2BJwO1MpT6WB7YAIG1tXffBFIfa4rhzBwVWe3hZfFtxM%2FymuLANlZt%2BbitTXKp6mFgVd%2FKserhhTdslaJRxJ4UMunjWNcHB0106DkD%2FLx2y2337fob6kPITPfJPjSCF7l%2BqHAc%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 83319743ae1d2251-MIA
alt-svc: h3=":443"; ma=86400
Content-Length: 36606

GET
H2 200 home-background-2018.jpg
blizzard.opensnow.com/images/home-page/ 353 KB
353 KB 239ms
131ms Image
image/jpeg 172.67.36.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blizzard.opensnow.com/images/home-page/home-background-2018.jpg

Requested by

Host: jweinercpas.com
URL: http://jweinercpas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.36.70 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3bf012ab5ca793d7fba90caba09df22549232f06fbc94f465e439c524e8f2b6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000

Request headers

accept-language: en-US,en;q=0.9
Referer: http://jweinercpas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-fastly-request-id: 4216456f9f9a0759c32817701904c2f86db576d4
date: Sun, 10 Dec 2023 01:07:25 GMT
via: 1.1 varnish
cf-cache-status: REVALIDATED
strict-transport-security: max-age=5184000
x-proxy-cache: MISS
cf-polished: origSize=411297
x-cache: MISS
x-cache-hits: 0
alt-svc: h3=":443"; ma=86400
content-length: 361313
x-served-by: cache-mia-kmia1760085-MIA
cf-bgj: imgq:85,h2pri
last-modified: Fri, 10 Nov 2023 18:51:09 GMT
x-github-request-id: ECB6:5D27:5E8296:80054A:656726A8
x-timer: S1701258921.298767,VS0,VE144
server: cloudflare
etag: "654e7b9d-646a1"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
x-origin-cache: HIT
cf-ray: 83319742caa4db21-MIA
expires: Sun, 10 Dec 2023 01:17:25 GMT

GET
H2 200 forecast-anywhere.jpg
blizzard.opensnow.com/images/home-page/ 223 KB
223 KB 268ms
161ms Image
image/jpeg 172.67.36.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blizzard.opensnow.com/images/home-page/forecast-anywhere.jpg

Requested by

Host: jweinercpas.com
URL: http://jweinercpas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.36.70 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de99dc904811f66430b0fe92fd3ab948324c8a2193c57af4c22a8d17298f9c6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000

Request headers

accept-language: en-US,en;q=0.9
Referer: http://jweinercpas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-fastly-request-id: 3b4f9343fbb66a3e9e53313d12446ea06a678662
date: Sun, 10 Dec 2023 01:07:25 GMT
via: 1.1 varnish
cf-cache-status: REVALIDATED
strict-transport-security: max-age=5184000
x-proxy-cache: MISS
cf-polished: origSize=246145
x-cache: MISS
x-cache-hits: 0
alt-svc: h3=":443"; ma=86400
content-length: 228360
x-served-by: cache-mia-kmia1760058-MIA
cf-bgj: imgq:85,h2pri
last-modified: Fri, 10 Nov 2023 18:51:09 GMT
x-github-request-id: 289A:1028:6454CC:879B39:654EA12A
x-timer: S1699651883.665476,VS0,VE218
server: cloudflare
etag: "654e7b9d-3c181"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
cf-ray: 83319742caa7db21-MIA
expires: Sun, 10 Dec 2023 01:17:25 GMT

GET
H2 200 daily-analysis.jpg
blizzard.opensnow.com/images/home-page/ 328 KB
329 KB 349ms
242ms Image
image/jpeg 172.67.36.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blizzard.opensnow.com/images/home-page/daily-analysis.jpg

Requested by

Host: jweinercpas.com
URL: http://jweinercpas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.36.70 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

52c81e8e5e007de22f35802bfb95296a8843c524b73e8d6f90c5970737d6e364

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000

Request headers

accept-language: en-US,en;q=0.9
Referer: http://jweinercpas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-fastly-request-id: afe311cbb813a272d6d7da033527b3c5b4ccead2
date: Sun, 10 Dec 2023 01:07:25 GMT
via: 1.1 varnish
cf-cache-status: REVALIDATED
strict-transport-security: max-age=5184000
x-proxy-cache: MISS
cf-polished: origSize=359415
x-cache: MISS
x-cache-hits: 0
alt-svc: h3=":443"; ma=86400
content-length: 335620
x-served-by: cache-mia-kmia1760038-MIA
cf-bgj: imgq:85,h2pri
last-modified: Fri, 10 Nov 2023 18:51:09 GMT
x-github-request-id: C36E:4D6B:2E52DB2:3C7712F:654EA12B
x-timer: S1699651883.112524,VS0,VE222
server: cloudflare
etag: "654e7b9d-57bf7"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
x-origin-cache: HIT
cf-ray: 83319742caacdb21-MIA
expires: Sun, 10 Dec 2023 01:17:25 GMT

GET
H2 200 track-storms.jpg
blizzard.opensnow.com/images/home-page/ 380 KB
380 KB 268ms
162ms Image
image/jpeg 172.67.36.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blizzard.opensnow.com/images/home-page/track-storms.jpg

Requested by

Host: jweinercpas.com
URL: http://jweinercpas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.36.70 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79308377b6156ba4937585153d3fe3e000df29c547b5d45125c870f408f36763

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000

Request headers

accept-language: en-US,en;q=0.9
Referer: http://jweinercpas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-fastly-request-id: 285844fbcbd5714fa3192907636aa20e43b2b52b
date: Sun, 10 Dec 2023 01:07:25 GMT
via: 1.1 varnish
cf-cache-status: REVALIDATED
strict-transport-security: max-age=5184000
x-proxy-cache: MISS
cf-polished: origSize=410640
x-cache: MISS
x-cache-hits: 0
alt-svc: h3=":443"; ma=86400
content-length: 388855
x-served-by: cache-mia-kmia1760073-MIA
cf-bgj: imgq:85,h2pri
last-modified: Fri, 10 Nov 2023 18:51:09 GMT
x-github-request-id: E1B8:0912:64A6E7:8614CD:656726A8
x-timer: S1701258921.303141,VS0,VE140
server: cloudflare
etag: "654e7b9d-64410"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
x-origin-cache: HIT
cf-ray: 83319742caaadb21-MIA
expires: Sun, 10 Dec 2023 01:17:25 GMT

GET
H2 200 powder-chasing-tools.jpg
blizzard.opensnow.com/images/home-page/ 251 KB
252 KB 238ms
131ms Image
image/jpeg 172.67.36.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blizzard.opensnow.com/images/home-page/powder-chasing-tools.jpg

Requested by

Host: jweinercpas.com
URL: http://jweinercpas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.36.70 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c121c6af027b91be0707e2264a87b4bb49f6fffde5f754d8fe1c55288c3bae86

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000

Request headers

accept-language: en-US,en;q=0.9
Referer: http://jweinercpas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-fastly-request-id: dd4c4f19cf86f863dcf242987d0ee4a2b453771e
date: Sun, 10 Dec 2023 01:07:25 GMT
via: 1.1 varnish
cf-cache-status: REVALIDATED
strict-transport-security: max-age=5184000
x-proxy-cache: MISS
cf-polished: origSize=274476
x-cache: HIT
x-cache-hits: 1
alt-svc: h3=":443"; ma=86400
content-length: 257081
x-served-by: cache-mia-kmia1760098-MIA
cf-bgj: imgq:85,h2pri
last-modified: Fri, 10 Nov 2023 18:51:09 GMT
x-github-request-id: 4144:1468:699D99:860C90:656F22A0
x-timer: S1701784800.873765,VS0,VE35
server: cloudflare
etag: "654e7b9d-4302c"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
x-origin-cache: HIT
cf-ray: 83319742caaedb21-MIA
expires: Sun, 10 Dec 2023 01:17:25 GMT

GET
H2 200 trusted-by-millions.jpg
blizzard.opensnow.com/images/home-page/ 92 KB
92 KB 161ms
94ms Image
image/jpeg 172.67.36.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blizzard.opensnow.com/images/home-page/trusted-by-millions.jpg

Requested by

Host: jweinercpas.com
URL: http://jweinercpas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.36.70 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57a0da6d8bbfc52263c09655649815704e199ea274f956bbda66da5a0592463d

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000

Request headers

accept-language: en-US,en;q=0.9
Referer: http://jweinercpas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-fastly-request-id: 3974513efa892f390e0e00864c59a101c1b20d71
date: Sun, 10 Dec 2023 01:07:25 GMT
via: 1.1 varnish
cf-cache-status: REVALIDATED
strict-transport-security: max-age=5184000
x-proxy-cache: MISS
cf-polished: origSize=109927
x-cache: MISS
x-cache-hits: 0
alt-svc: h3=":443"; ma=86400
content-length: 93848
x-served-by: cache-mia-kmia1760032-MIA
cf-bgj: imgq:85,h2pri
last-modified: Fri, 10 Nov 2023 18:51:09 GMT
x-github-request-id: B04C:36C6:575CC4:78B15A:6558F2EC
x-timer: S1700328174.817483,VS0,VE58
server: cloudflare
etag: "654e7b9d-1ad67"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
cf-ray: 83319742cab0db21-MIA
expires: Sat, 09 Dec 2023 13:00:34 GMT

GET
H2 200 climate-change.jpg
blizzard.opensnow.com/images/home-page/ 80 KB
81 KB 136ms
130ms Image
image/jpeg 172.67.36.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blizzard.opensnow.com/images/home-page/climate-change.jpg

Requested by

Host: jweinercpas.com
URL: http://jweinercpas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.36.70 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e0872831509d835f8410fe0bc8dece319409869f4016cf2444d9960d94cc07e

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000

Request headers

accept-language: en-US,en;q=0.9
Referer: http://jweinercpas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-fastly-request-id: 46ed66ba5cd5a24c9608c69329ca807f7f59f599
date: Sun, 10 Dec 2023 01:07:25 GMT
via: 1.1 varnish
cf-cache-status: REVALIDATED
strict-transport-security: max-age=5184000
x-proxy-cache: MISS
cf-polished: degrade=85, origSize=85027
x-cache: MISS
x-cache-hits: 0
alt-svc: h3=":443"; ma=86400
content-length: 82390
x-served-by: cache-mia-kmia1760039-MIA
cf-bgj: imgq:85,h2pri
last-modified: Fri, 10 Nov 2023 18:51:09 GMT
x-github-request-id: 6412:3050:1072CB5:14C66A6:6558F2F0
x-timer: S1700328177.305882,VS0,VE34
server: cloudflare
etag: "654e7b9d-14c23"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
cf-ray: 83319742cab3db21-MIA
expires: Sat, 09 Dec 2023 13:00:34 GMT

GET
H2 200 facebook.svg
blizzard.opensnow.com/icons/fa/brands/ 512 B
541 B 134ms
61ms Image
image/svg+xml 172.67.36.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blizzard.opensnow.com/icons/fa/brands/facebook.svg

Requested by

Host: jweinercpas.com
URL: http://jweinercpas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.36.70 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad3f6a7546902b413908a7a4601703a4f9fa87a2798a7c8c1a1731c0d9b520d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000

Request headers

Referer: http://jweinercpas.com/
Origin: http://jweinercpas.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-fastly-request-id: 8c51439f747b71d4cc8afe3c27deae8d8dc616ff
date: Sun, 10 Dec 2023 01:07:25 GMT
via: 1.1 varnish
content-encoding: br
cf-cache-status: MISS
strict-transport-security: max-age=5184000
expires: Tue, 05 Dec 2023 09:19:20 GMT
x-cache: HIT
x-proxy-cache: MISS
alt-svc: h3=":443"; ma=86400
x-served-by: cache-mia-kmia1760027-MIA
last-modified: Fri, 10 Nov 2023 18:51:08 GMT
server: cloudflare
x-github-request-id: 4BBC:0E4D:568427:6D4D0E:656EE8C0
x-timer: S1702170445.336787,VS0,VE3
etag: W/"654e7b9c-200"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 833197433e690362-MIA
x-cache-hits: 1

GET
H2 200 instagram.svg
blizzard.opensnow.com/icons/fa/brands/ 1 KB
803 B 136ms
63ms Image
image/svg+xml 172.67.36.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blizzard.opensnow.com/icons/fa/brands/instagram.svg

Requested by

Host: jweinercpas.com
URL: http://jweinercpas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.36.70 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

544f45ef277797fbfd606b6793db6826dc8bf61612aedf3dfc0f5320d2c18be4

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000

Request headers

Referer: http://jweinercpas.com/
Origin: http://jweinercpas.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-fastly-request-id: 507663abd30f4dd9d96ff2e3b7aef53404a00933
date: Sun, 10 Dec 2023 01:07:25 GMT
via: 1.1 varnish
content-encoding: br
expires: Tue, 05 Dec 2023 06:01:32 GMT
cf-cache-status: MISS
strict-transport-security: max-age=5184000
x-proxy-cache: HIT
x-cache: HIT
alt-svc: h3=":443"; ma=86400
x-served-by: cache-mia-kmia1760047-MIA
last-modified: Fri, 10 Nov 2023 18:51:08 GMT
server: cloudflare
x-github-request-id: B6DA:2B84:38B4D8:4ADC23:656EBAA7
x-timer: S1702170445.334186,VS0,VE1
etag: W/"654e7b9c-492"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=3600
x-origin-cache: HIT
cf-ray: 833197433e6a0362-MIA
x-cache-hits: 1

GET
H2 200 x-twitter.svg
blizzard.opensnow.com/icons/fa/brands/ 404 B
473 B 133ms
60ms Image
image/svg+xml 172.67.36.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blizzard.opensnow.com/icons/fa/brands/x-twitter.svg

Requested by

Host: jweinercpas.com
URL: http://jweinercpas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.36.70 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8f35a67f2129d433d9a690160ea7f637686033f5055199a7788f1bb500fe0e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000

Request headers

Referer: http://jweinercpas.com/
Origin: http://jweinercpas.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-fastly-request-id: 388a5e83862fa11a9068a086ff07f07a5cd5a34a
date: Sun, 10 Dec 2023 01:07:25 GMT
via: 1.1 varnish
content-encoding: br
expires: Thu, 30 Nov 2023 10:36:12 GMT
cf-cache-status: MISS
strict-transport-security: max-age=5184000
x-proxy-cache: MISS
x-cache: HIT
alt-svc: h3=":443"; ma=86400
x-served-by: cache-mia-kmia1760068-MIA
last-modified: Fri, 10 Nov 2023 18:51:08 GMT
server: cloudflare
x-github-request-id: 3364:21D0:BB5134:101100D:65686343
x-timer: S1702170445.337729,VS0,VE1
etag: W/"654e7b9c-194"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=3600
x-origin-cache: HIT
cf-ray: 833197433e6d0362-MIA
x-cache-hits: 1

GET
H2 200 youtube.svg
blizzard.opensnow.com/icons/fa/brands/ 718 B
880 B 132ms
59ms Image
image/svg+xml 172.67.36.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blizzard.opensnow.com/icons/fa/brands/youtube.svg

Requested by

Host: jweinercpas.com
URL: http://jweinercpas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.36.70 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f03c1bf1b4b726d09b8d6babd5fbe3703d14bf9eaed7d0c23f9ee4d2a1dc9e84

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000

Request headers

Referer: http://jweinercpas.com/
Origin: http://jweinercpas.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-fastly-request-id: 53847cfed87cd94321e98ef966feef10f6dbbc95
date: Sun, 10 Dec 2023 01:07:25 GMT
via: 1.1 varnish
content-encoding: br
expires: Tue, 05 Dec 2023 11:49:28 GMT
cf-cache-status: MISS
strict-transport-security: max-age=5184000
x-proxy-cache: MISS
x-cache: HIT
alt-svc: h3=":443"; ma=86400
x-served-by: cache-mia-kmia1760093-MIA
last-modified: Fri, 10 Nov 2023 18:51:08 GMT
server: cloudflare
x-github-request-id: F58A:2B70:4F2912:6946EA:656F0BF0
x-timer: S1702170445.336706,VS0,VE1
etag: W/"654e7b9c-2ce"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=3600
x-origin-cache: HIT
cf-ray: 833197433e6c0362-MIA
x-cache-hits: 1

GET
H/1.1 200
OK ClearSans-Regular-webfont.c806cea.woff
jweinercpas.com/_nuxt/fonts/ 22 KB
23 KB 93ms
79ms Font
font/woff 2606:4700:3030::ac43:9caf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://jweinercpas.com/_nuxt/fonts/ClearSans-Regular-webfont.c806cea.woff
Requested by: Host: jweinercpas.com
URL: http://jweinercpas.com/
Protocol: HTTP/1.1
Server: 2606:4700:3030::ac43:9caf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ad16100f60b85bc3154054e1f1a6631ddfb001f1dd3df8bd3940973b441c8f1

Request headers

Referer: http://jweinercpas.com/
Origin: http://jweinercpas.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sun, 10 Dec 2023 01:07:25 GMT
CF-Cache-Status: HIT
Last-Modified: Fri, 01 Dec 2023 19:33:13 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
ETag: W/"5958-18c26def02a"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jEYPyHtw%2FsK0IShj0tUhzLrPCS3jxXn5PN730mHjGLZ0jAcIRrLMEYgEyA2NoyyTMlWsaPPML%2F1NrcUUvEF1HIr11tUzelPwirKXacZgK1YZCaJGlFTL%2F5FuK%2Fw3hVpoRBnldIBKTn90Nk71O7g%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: font/woff
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 833197424f66029b-MIA
alt-svc: h3=":443"; ma=86400
Content-Length: 22872

GET
H/1.1 200
OK ClearSans-Bold-webfont.0eb2724.woff
jweinercpas.com/_nuxt/fonts/ 23 KB
23 KB 138ms
81ms Font
font/woff 2606:4700:3030::ac43:9caf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://jweinercpas.com/_nuxt/fonts/ClearSans-Bold-webfont.0eb2724.woff
Requested by: Host: jweinercpas.com
URL: http://jweinercpas.com/
Protocol: HTTP/1.1
Server: 2606:4700:3030::ac43:9caf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f46e73a4a5fb0ea80b932d1aaff9a0d7150e713d670d6e51a354ccdf49e73fdb

Request headers

Referer: http://jweinercpas.com/
Origin: http://jweinercpas.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sun, 10 Dec 2023 01:07:25 GMT
CF-Cache-Status: HIT
Last-Modified: Fri, 01 Dec 2023 19:33:13 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
ETag: W/"5aac-18c26def02a"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iZFQAIYcvD56Mb3RA537x1FURgOBkZwwKOuASJY0jVwqOMeA76Bsv%2BABtdMDnNWrBZjjLvt%2B7BssupoaXmMTm0h%2Bl637Q%2BLYzlVlbuPfP48ju2UMV2lzF4oGHuESfIHMWyYhj4hmZqESpxMx8JI%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: font/woff
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 833197428cbd2251-MIA
alt-svc: h3=":443"; ma=86400
Content-Length: 23212

GET
H/1.1 200
OK ClearSans-Light-webfont.1244ed9.woff
jweinercpas.com/_nuxt/fonts/ 24 KB
25 KB 188ms
98ms Font
font/woff 2606:4700:3030::ac43:9caf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://jweinercpas.com/_nuxt/fonts/ClearSans-Light-webfont.1244ed9.woff
Requested by: Host: jweinercpas.com
URL: http://jweinercpas.com/
Protocol: HTTP/1.1
Server: 2606:4700:3030::ac43:9caf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ba25ccb4fb517b87d4962892d074383d41e8d6f19a590a2ebbc380587261ffd

Request headers

Referer: http://jweinercpas.com/
Origin: http://jweinercpas.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sun, 10 Dec 2023 01:07:25 GMT
CF-Cache-Status: HIT
Last-Modified: Fri, 01 Dec 2023 19:33:13 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
ETag: W/"6160-18c26def02a"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1kgppueJPtDLLJy%2F4tDH2dxwzV%2F6BVOgNQt6fyeirf8wAZX8cUK9gxsM9n%2F%2B4DtwgPEau%2BPgQSjvea3JIHajVUDT9Ke5GNp3ZZjW%2FuqFa7MBVr8T4W5l9c6M0Hst5G8eNaNLeuczdW8M%2BA9W49U%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: font/woff
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 83319742c85b67ea-MIA
alt-svc: h3=":443"; ma=86400
Content-Length: 24928

GET
H/1.1 200
OK ClearSans-Medium-webfont.72ee158.woff
jweinercpas.com/_nuxt/fonts/ 25 KB
25 KB 176ms
81ms Font
font/woff 2606:4700:3030::ac43:9caf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://jweinercpas.com/_nuxt/fonts/ClearSans-Medium-webfont.72ee158.woff
Requested by: Host: jweinercpas.com
URL: http://jweinercpas.com/
Protocol: HTTP/1.1
Server: 2606:4700:3030::ac43:9caf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be05b718089dda8278a8627a2a2b5ee63f84f8f59202e9cfa52d2e171dc9602c

Request headers

Referer: http://jweinercpas.com/
Origin: http://jweinercpas.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sun, 10 Dec 2023 01:07:25 GMT
CF-Cache-Status: HIT
Last-Modified: Fri, 01 Dec 2023 19:33:13 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
ETag: W/"6238-18c26def02a"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EChKAjX%2FbwxW%2Fc6r1%2FKZAyFKTY8Z5JxU8Izefcf3BZqYATfr2g4P5AKOZ3gGiMDMJEDpX%2BGzEF8IeYmB7qwXqkAf%2Fh09vajGQDqciH1Fm%2BbC8vVjhK8AjBiFmpHXxSdwN4ZKpnxsKC1WgP4SsBE%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: font/woff
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 83319742cece8deb-MIA
alt-svc: h3=":443"; ma=86400
Content-Length: 25144

GET
DATA 200
OK truncated
/ 38 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9

Request headers

accept-language: en-US,en;q=0.9
Referer: http://jweinercpas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 187 KB
68 KB 254ms
81ms Script
application/javascript 2607:f8b0:4006:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-26524288-1&l=dataLayer

Requested by

Host: jweinercpas.com
URL: http://jweinercpas.com/_nuxt/0c5590b.modern.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d690a823793c01c0f594aaa8315cc1dad19f8f2e63340523252d95f968dc8811

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://jweinercpas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 01:07:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 68982
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 10 Dec 2023 01:07:25 GMT

GET
H2 200 trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/ 81 KB
31 KB 342ms
72ms Script
application/javascript 185.167.164.45
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: jweinercpas.com
URL: http://jweinercpas.com/_nuxt/2d5f4e5.modern.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.167.164.45 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 99c28ba77690124b83aea8cdbbb17ab1145ba247c791aeb4bad747b4248ac459

Request headers

accept-language: en-US,en;q=0.9
Referer: http://jweinercpas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 01:07:25 GMT
content-encoding: gzip
last-modified: Tue, 23 May 2023 09:56:34 GMT
server: nginx
x-amz-request-id: tx000002c3f35d322d138ac-00646c8ee1-32950a49-default
etag: W/"f937ab3eef01c118930b200e5087d00d"
x-cache-status: HIT, HIT, HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H/1.1 200
OK c3061eb.modern.js Show response
jweinercpas.com/_nuxt/ 139 KB
41 KB 84ms
83ms Script
application/javascript 2606:4700:3030::ac43:9caf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://jweinercpas.com/_nuxt/c3061eb.modern.js
Requested by: Host: jweinercpas.com
URL: http://jweinercpas.com/_nuxt/9dd2bc8.modern.js
Protocol: HTTP/1.1
Server: 2606:4700:3030::ac43:9caf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e2592720dee70d19701db6fc0999a468f2ec7b0a04159993d0dcdbd4bae65a8

Request headers

accept-language: en-US,en;q=0.9
Referer: http://jweinercpas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sun, 10 Dec 2023 01:07:25 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Fri, 01 Dec 2023 19:33:13 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
ETag: W/"22db1-18c26def052"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v%2BPB5VeG93HAsbjl6JxJs13%2FqSNjVAia0ZHCQIpFfzd43tq2ZjJ%2BVczcimN9gpeQdEXJEzrOAGk%2Fl49rAknBseFTXqkhorQALtQ0FIxGUqS8jk74i7LdQL9BNpnmhRAFdQPC8RHs7fHmQdtr%2FvI%3D"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=31536000
Connection: keep-alive
CF-RAY: 8331974578612251-MIA
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK 94db150.modern.js Show response
jweinercpas.com/_nuxt/ 26 KB
9 KB 101ms
96ms Script
application/javascript 2606:4700:3030::ac43:9caf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://jweinercpas.com/_nuxt/94db150.modern.js
Requested by: Host: jweinercpas.com
URL: http://jweinercpas.com/_nuxt/9dd2bc8.modern.js
Protocol: HTTP/1.1
Server: 2606:4700:3030::ac43:9caf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 526f2d8bfa0b9c2c3cefdcbf04b3ea9c3a7e9ecaa9f5883c0a4445e0108c635e

Request headers

accept-language: en-US,en;q=0.9
Referer: http://jweinercpas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sun, 10 Dec 2023 01:07:26 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Fri, 01 Dec 2023 19:33:13 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
ETag: W/"67cf-18c26def02a"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8hl5XwUFZheRhU%2Fh3Y5zf0BwEeojn%2FH2BlQLaz%2Bj%2FJ4eO6Xm2Hsk43kWiAZsKzStKhRFHS%2BjlAqczrP1%2F7IuWGdsQe6WZfk3%2B4iYWcq0BIGAaK0SqchEUNOBGseXZXxy%2FFB%2F8UK8JV3FheXpxvE%3D"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=31536000
Connection: keep-alive
CF-RAY: 833197472b272251-MIA
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK 11fefe9.modern.js Show response
jweinercpas.com/_nuxt/ 34 KB
9 KB 96ms
95ms Script
application/javascript 2606:4700:3030::ac43:9caf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://jweinercpas.com/_nuxt/11fefe9.modern.js
Requested by: Host: jweinercpas.com
URL: http://jweinercpas.com/_nuxt/9dd2bc8.modern.js
Protocol: HTTP/1.1
Server: 2606:4700:3030::ac43:9caf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8968245401605aa73e6fdfbfaba12f8a6148e51f2316f9a94431fb326cb6d2c9

Request headers

accept-language: en-US,en;q=0.9
Referer: http://jweinercpas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sun, 10 Dec 2023 01:07:26 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Fri, 01 Dec 2023 19:33:13 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
ETag: W/"895e-18c26def046"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V%2Br%2B%2Bq%2B1HdcLDxit8pP27ct6utH%2B%2FC421TEgSZPXQMJ3S%2BFUM5dgBkJHcs5qZ7SAo1dtnLk%2FCEpmTiJpXl%2BQaPyMQpUvMRTfkfyvrscrDlFLW6dqlLwpCBGATDCZbVfy7BG5LxbXPCM%2Fl6mpCEg%3D"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=31536000
Connection: keep-alive
CF-RAY: 833197472c058deb-MIA
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK 47c8d0c.modern.js Show response
jweinercpas.com/_nuxt/ 33 KB
10 KB 86ms
85ms Script
application/javascript 2606:4700:3030::ac43:9caf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://jweinercpas.com/_nuxt/47c8d0c.modern.js
Requested by: Host: jweinercpas.com
URL: http://jweinercpas.com/_nuxt/9dd2bc8.modern.js
Protocol: HTTP/1.1
Server: 2606:4700:3030::ac43:9caf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d73313356fb474f170c5fa28a221202137522806c6d1d1fb5b522c8037608f6

Request headers

accept-language: en-US,en;q=0.9
Referer: http://jweinercpas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sun, 10 Dec 2023 01:07:26 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Fri, 01 Dec 2023 19:33:13 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
ETag: W/"834c-18c26def046"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6QCJDgaP4%2BfxpNLQS%2B7kt%2FceTrNkTIrJMbbnBGqnmoZ%2FqytNVdAVTvjxo7Xu%2BP4TZ9HEuHvN6A%2FZ8lB2Q%2FL3fHyB9dPow%2FMXYG4ftZ0gknU2iiPusruK6SjX8OlS3oNt3H0Y7OdMQ6v0cZK2CWY%3D"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=31536000
Connection: keep-alive
CF-RAY: 833197472e42029b-MIA
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK ad410e4.modern.js Show response
jweinercpas.com/_nuxt/ 28 KB
8 KB 93ms
92ms Script
application/javascript 2606:4700:3030::ac43:9caf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://jweinercpas.com/_nuxt/ad410e4.modern.js
Requested by: Host: jweinercpas.com
URL: http://jweinercpas.com/_nuxt/9dd2bc8.modern.js
Protocol: HTTP/1.1
Server: 2606:4700:3030::ac43:9caf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51e9a448efae3d151d8e5322e52f2bcdcc42032849447389a25605b82bf2fbd5

Request headers

accept-language: en-US,en;q=0.9
Referer: http://jweinercpas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sun, 10 Dec 2023 01:07:26 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Fri, 01 Dec 2023 19:33:13 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
ETag: W/"709c-18c26def046"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pZrvsA9P%2FFLoAtZQrpYazeyvXvfq4HK6%2FN5Lkqoqu%2BvhL2h4ws4p94Zd40S3Bj2NWx%2F1jWCK4cxW1TzdkAByIZfgQp72mBWOBsJH2NKVS9mvZ6LdkqYfTBAOxgd6smhpP3G9Cb6XZO4F2RVyZ2I%3D"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=31536000
Connection: keep-alive
CF-RAY: 833197472a89dab1-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 275 KB
91 KB 92ms
90ms Script
application/javascript 2607:f8b0:4006:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Z6F2F1ZKRY&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-26524288-1&l=dataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9b73dd917ca218745e22f9ef4bcfff5746b1d3395e9e44b6235ee05cfd3c9b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://jweinercpas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 01:07:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92906
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 10 Dec 2023 01:07:26 GMT

GET
H2 404 js
www.googletagmanager.com/gtag/ 0
0 116ms
115ms Script
text/html 2607:f8b0:4006:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.googletagmanager.com/gtag/js?id=G-GW6B21GDJ7&l=dataLayer&cx=c
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-26524288-1&l=dataLayer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:80f::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: http://jweinercpas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 213ms
67ms Script
text/javascript 2607:f8b0:4006:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-26524288-1&l=dataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: http://jweinercpas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 09 Dec 2023 23:32:59 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 5667
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 10 Dec 2023 01:32:59 GMT

GET
H/1.1 200
OK 09a1eff.modern.js Show response
jweinercpas.com/_nuxt/ 37 KB
12 KB 94ms
94ms Script
application/javascript 2606:4700:3030::ac43:9caf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://jweinercpas.com/_nuxt/09a1eff.modern.js
Requested by: Host: jweinercpas.com
URL: http://jweinercpas.com/_nuxt/9dd2bc8.modern.js
Protocol: HTTP/1.1
Server: 2606:4700:3030::ac43:9caf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d41adf3bf5eeafa510fb30f0a6e2ada66e8f00a743cc44970563a33d03d99728

Request headers

accept-language: en-US,en;q=0.9
Referer: http://jweinercpas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sun, 10 Dec 2023 01:07:26 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Fri, 01 Dec 2023 19:33:13 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
ETag: W/"9546-18c26def046"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xoyI68f68FCyBZnwCzTVdlHTdc8Thp49yjigprFor6kwG3oOpTxi35jbZzKpd5biYpxVB%2F3EEQ8yrYtrPro%2F7z1bWx26BfNdhFWI%2B3dtjxFZ5BibhKepCShFOQl7CzYFgKBYAQTmI5XUa7bTuMU%3D"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=31536000
Connection: keep-alive
CF-RAY: 833197475d6edacd-MIA
alt-svc: h3=":443"; ma=86400

GET
H2

200

/ Show response
a2.adform.net/Serving/TrackPoint/
Redirect Chain

https://a2.adform.net/Serving/TrackPoint/?pm=3104993&ADFPageName=Retargeting&ADFdivider=%7C&ord=990578461450&ADFtpmode=2&loc=http%3A%2F%2Fjweinercpas.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24
https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=3104993&ADFPageName=Retargeting&ADFdivider=%7C&ord=990578461450&ADFtpmode=2&loc=http%3A%2F%2Fjweinercpas.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24

1 KB
1 KB

70ms
70ms

Script
text/javascript

185.167.164.39
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=3104993&ADFPageName=Retargeting&ADFdivider=%7C&ord=990578461450&ADFtpmode=2&loc=http%3A%2F%2Fjweinercpas.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24

Requested by

Host: jweinercpas.com
URL: http://jweinercpas.com/

Protocol

Server

185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

c66e2e63e2e1bd54eb1b59eba0701a17fa3c64ad29f092c6defecbada2b85333

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: http://jweinercpas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 01:07:26 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 789
expires: -1

Redirect headers

pragma: no-cache
date: Sun, 10 Dec 2023 01:07:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
content-type: text/html; charset=utf-8
location: https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=3104993&ADFPageName=Retargeting&ADFdivider=%7C&ord=990578461450&ADFtpmode=2&loc=http%3A%2F%2Fjweinercpas.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

POST
H2 204 collect
analytics.google.com/g/ 0
253 B 156ms
58ms Ping
text/plain 2001:4860:4802:38::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-Z6F2F1ZKRY&gtm=45je3bt0v881476004&_p=1702170445540&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=711857870.1702170446&ul=en-us&sr=1600x1200&_eu=AAAI&_s=1&sid=1702170446&sct=1&seg=0&dl=http%3A%2F%2Fjweinercpas.com%2F&dt=OpenSnow%3A%20Weather%20Forecasts%20%26%20Snow%20Reports%20%7C%20OpenSnow&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1416
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z6F2F1ZKRY&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:38::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: http://jweinercpas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 01:07:26 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://jweinercpas.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
253 B 198ms
69ms Ping
text/plain 2607:f8b0:4004:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-Z6F2F1ZKRY&cid=711857870.1702170446&gtm=45je3bt0v881476004&aip=1&dma=0&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z6F2F1ZKRY&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c06::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: http://jweinercpas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 01:07:26 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://jweinercpas.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1 KB 70ms
68ms Script
text/javascript 2607:f8b0:4006:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://jweinercpas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 00:44:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1360
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 697
x-xss-protection: 0
last-modified: Fri, 30 Jun 2023 18:58:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 10 Dec 2023 01:44:46 GMT

GET
H2 200 js Show response
www.google-analytics.com/gtm/ 128 KB
50 KB 90ms
89ms Script
application/javascript 2607:f8b0:4006:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-KRNGQMN&t=gtag_UA_26524288_1&cid=711857870.1702170446

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d89b53b747de1ff94aea68cd5b15bb1b39e879af0ead4e0c039d016bf61f4e45

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://jweinercpas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 01:07:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50792
x-xss-protection: 0
last-modified: Sun, 10 Dec 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 10 Dec 2023 01:07:26 GMT

GET
H2 200 / Show response
a2.adform.net/serving/container/ Frame 089D 891 B
980 B 73ms
70ms Document
text/html 185.167.164.39
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://a2.adform.net/serving/container/?pm=3104993&lid=137965036&ctype=0&media=0&PageName=Retargeting&rnd=1067976644&cpref=&loc=http%3a%2f%2fjweinercpas.com%2f

Requested by

Host: s2.adform.net
URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

4e0c729a90c7ea25c6bc70d54e10067e1fa35955fc16a71bca9fdd9571cba80e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://jweinercpas.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 10 Dec 2023 01:07:26 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding

GET
H2 200 pixels Show response
c1.adform.net/imatch/ Frame E6AA 4 KB
2 KB 92ms
72ms Document
text/html 185.167.164.39
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/imatch/pixels?uid=972156233504487137&agencyId=6276&advertiserId=2170899&src=tp&rnd=2757

Requested by

Host: a2.adform.net
URL: https://a2.adform.net/Serving/TrackPoint/?pm=3104993&ADFPageName=Retargeting&ADFdivider=%7C&ord=990578461450&ADFtpmode=2&loc=http%3A%2F%2Fjweinercpas.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

b3c5a9eef388ef06405ba2100ca54417a1829f1307ad590465823a31cb5143b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://jweinercpas.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 10 Dec 2023 01:07:26 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding

GET
H2 200 /
a1.seadform.net/serving/cookie/sync/ 35 B
457 B 434ms
70ms Image
image/gif 185.167.164.43
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a1.seadform.net/serving/cookie/sync/?uid=972156233504487137&stamp=Tk-xYcR5TRcDvP-67D9Y4w2

Requested by

Host: jweinercpas.com
URL: http://jweinercpas.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.164.43 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: http://jweinercpas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 01:07:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
content-type: image/gif
cache-control: private

GET
H2

200

cksync
hb.yahoo.net/ Frame 089D
Redirect Chain

https://insight.adsrvr.org/track/pxl/?adv=s0gqw47&ct=0:md2k8zv&fmt=3
https://ib.adnxs.com/getuid?https%3a%2f%2fmatch.adsrvr.org%2ftrack%2fcmf%2fappnexus%3fttd%3d1%26anid%3d%24UID&ttd_tdid=81d0642c-a0f6-43a7-a53f-a9b7a4c3933a
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fmatch.adsrvr.org%252ftrack%252fcmf%252fappnexus%253fttd%253d1%2526anid%253d%2524UID%26ttd_tdid%3D81d0642c-a0f6-43a7-a53f-a9b7a4c3933a
https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=8865539027973279301&ttd_tdid=81d0642c-a0f6-43a7-a53f-a9b7a4c3933a
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=81d0642c-a0f6-43a7-a53f-a9b7a4c3933a&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
https://ups.analytics.yahoo.com/ups/55953/sync?uid=81d0642c-a0f6-43a7-a53f-a9b7a4c3933a&_origin=1&redir=true&gdpr=0&gdpr_consent=&redir=true
https://ups.analytics.yahoo.com/ups/55953/sync?uid=81d0642c-a0f6-43a7-a53f-a9b7a4c3933a&_origin=1&redir=true&gdpr=0&gdpr_consent=&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=55953&ovsid=81d0642c-a0f6-43a7-a53f-a9b7a4c3933a&gdpr=0&redir=true
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1yamxaTmExRTJ1RXU5NjdINzd2TGtzQkJiajdkalNKMn5B&gdpr=0&ovsid=81d0642c-a0f6-43a7-a53f-a9b7a4c3933a&dpid=55953

53 B
659 B

488ms
96ms

Image
image/gif

23.204.152.38
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hb.yahoo.net/cksync?cs=63&axid_e=eS1yamxaTmExRTJ1RXU5NjdINzd2TGtzQkJiajdkalNKMn5B&gdpr=0&ovsid=81d0642c-a0f6-43a7-a53f-a9b7a4c3933a&dpid=55953

Requested by

Host: a2.adform.net
URL: https://a2.adform.net/serving/container/?pm=3104993&lid=137965036&ctype=0&media=0&PageName=Retargeting&rnd=1067976644&cpref=&loc=http%3a%2f%2fjweinercpas.com%2f

Protocol

Server

23.204.152.38 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-204-152-38.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://a2.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=86400 ; includeSubDomains, max-age=604800
date: Sun, 10 Dec 2023 01:07:28 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 53
x-mnet-hl2: E
expires: Sun, 10 Dec 2023 01:07:28 GMT

Redirect headers

location: https://hb.yahoo.net/cksync?cs=63&axid_e=eS1yamxaTmExRTJ1RXU5NjdINzd2TGtzQkJiajdkalNKMn5B&gdpr=0&ovsid=81d0642c-a0f6-43a7-a53f-a9b7a4c3933a&dpid=55953
date: Sun, 10 Dec 2023 01:07:27 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 plf
c1.adform.net/imatch/ Frame E6AA 0
384 B 76ms
75ms Image
text/plain 185.167.164.39
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plff

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=972156233504487137&agencyId=6276&advertiserId=2170899&src=tp&rnd=2757

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=972156233504487137&agencyId=6276&advertiserId=2170899&src=tp&rnd=2757
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 01:07:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2 200 match
ad.360yield.com/ Frame E6AA 43 B
199 B 205ms
60ms Image
image/gif 3.210.80.44
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/match?publisher_dsp_id=42&external_user_id=972156233504487137&Expiration=1703380046
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=972156233504487137&agencyId=6276&advertiserId=2170899&src=tp&rnd=2757
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.210.80.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-210-80-44.compute-1.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 10 Dec 2023 01:07:26 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame E6AA 0
400 B 407ms
236ms Image
text/plain 23.215.41.148
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.yieldlab.net/m?dt_id=4879&ext_id=972156233504487137
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=972156233504487137&agencyId=6276&advertiserId=2170899&src=tp&rnd=2757
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.215.41.148 McAllen, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-215-41-148.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 10 Dec 2023 01:07:26 GMT
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
Expires: Sat, 09 Dec 2023 01:07:26 GMT

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame E6AA 0
654 B 259ms
61ms Image
text/plain 69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=5232&puid=972156233504487137
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=972156233504487137&agencyId=6276&advertiserId=2170899&src=tp&rnd=2757
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: af308bb17a856a105b8c87aaae7d7f8c
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 tpui
ih.adscale.de/adscale-ih/ Frame E6AA 0
38 B 462ms
146ms Image
text/plain 35.156.237.51
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=972156233504487137&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=972156233504487137&agencyId=6276&advertiserId=2170899&src=tp&rnd=2757
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.237.51 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-237-51.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 01:07:26 GMT
content-length: 0

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame E6AA
Redirect Chain

https://rtb-csync.smartadserver.com/redir/?partnerid=22&partneruserid=972156233504487137&redirurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d10%26cid%3DSMART_USER_ID
https://c1.adform.net/serving/cookie/match?party=10&cid=2336191261542622197

35 B
599 B

70ms
69ms

Image
image/gif

185.167.164.39
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=10&cid=2336191261542622197

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=972156233504487137&agencyId=6276&advertiserId=2170899&src=tp&rnd=2757

Protocol

Server

185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 01:07:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

location: https://c1.adform.net/serving/cookie/match?party=10&cid=2336191261542622197
pragma: no-cache
date: Sun, 10 Dec 2023 01:07:26 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H/1.1 200 user-registering
ads.stickyadstv.com/ Frame E6AA 43 B
634 B 386ms
71ms Image
image/gif 63.251.28.133
FREEWHEEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=972156233504487137
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=972156233504487137&agencyId=6276&advertiserId=2170899&src=tp&rnd=2757
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 63.251.28.133 Secaucus, United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 10 Dec 2023 01:07:26 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
x-sticky-vk: 1702170446818017-179

GET
H2

200

sync
visitor.omnitagjs.com/visitor/ Frame E6AA
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=70&user_id=972156233504487137
https://x.bidswitch.net/ul_cb/sync?dsp_id=70&user_id=972156233504487137
https://visitor.omnitagjs.com/visitor/sync?uid=2a62ca3297af454b8f19eb7922ed945f&visitor=29d8609b-c201-4a58-a50f-de0428a6d83f&name=BIDSWITCH&gdpr=&gdpr_consent=

49 B
386 B

247ms
78ms

Image
image/gif

3.140.180.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=2a62ca3297af454b8f19eb7922ed945f&visitor=29d8609b-c201-4a58-a50f-de0428a6d83f&name=BIDSWITCH&gdpr=&gdpr_consent=

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=972156233504487137&agencyId=6276&advertiserId=2170899&src=tp&rnd=2757

Protocol

Server

3.140.180.43 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-140-180-43.us-east-2.compute.amazonaws.com

Software

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 01:07:26 GMT
via: kong/2.8.4
x-content-type-options: nosniff
x-kong-proxy-latency: 0
vary: Accept-Encoding
p3p: CP="CAO PSA OUR"
content-type: image/gif
x-kong-upstream-latency: 11
cache-control: no-cache, no-store, must-revalidate
content-length: 49
expires: 0

Redirect headers

Location: //visitor.omnitagjs.com/visitor/sync?uid=2a62ca3297af454b8f19eb7922ed945f&visitor=29d8609b-c201-4a58-a50f-de0428a6d83f&name=BIDSWITCH&gdpr=&gdpr_consent=
Date: Sun, 10 Dec 2023 01:07:26 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame E6AA
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=972156233504487137&expiration=1703380046
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=972156233504487137&expiration=1703380046&C=1

43 B
338 B

84ms
83ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=972156233504487137&expiration=1703380046&C=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=972156233504487137&agencyId=6276&advertiserId=2170899&src=tp&rnd=2757
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 01:07:26 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VakBKyEG5W9I2VoDJ0RuG13ojt6cunjGf8VpfKn1q%2F2gB%2BEgMhytN1Xti9RsOkkfT8IrqZtqyIGEkhfO46F79%2BQ%2BtUaVUkUg50gh1aPko5lh9tDwzizTlbtZi3yZ0xOYD4kFpkVvh%2B8I9g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8331974bfc70da67-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 10 Dec 2023 01:07:26 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HXsCSFKXIi4FxRYeEWYQxkOSxJwsRCt9A4OtR1IriS8Yd9LNi72PXa3lZ5cibrXT5qF8bHnKycBv8%2FZMiTijCzHE8Zxmy%2BpPHeBBslQ5V4p1DxAQAjzIyusaxmDfWrMlWSC41FnuSOWNQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=111&external_user_id=972156233504487137&expiration=1703380046&C=1
cache-control: no-cache
cf-ray: 8331974b1b08da67-MIA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H/1.1

200
OK

info2
uipglob.semasio.net/adform/1/ Frame E6AA
Redirect Chain

https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=972156233504487137&sInitiator=external
https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=972156233504487137&sInitiator=external

42 B
603 B

74ms
73ms

Image
image/gif

50.57.31.206
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=972156233504487137&sInitiator=external
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=972156233504487137&agencyId=6276&advertiserId=2170899&src=tp&rnd=2757
Protocol: HTTP/1.1
Server: 50.57.31.206 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 10 Dec 2023 01:07:26 GMT
Frontend-ID: 7
P3P: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Content-Type: image/gif
UIP-Response-Status: Ok
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Origin: *
Content-Length: 42
Routing-Server-ID: -1
Expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 10 Dec 2023 01:07:26 GMT
Frontend-ID: 8
P3P: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Location: /adform/1/info2?sType=sync&sExtCookieId=972156233504487137&sInitiator=external
UIP-Response-Status: Ok
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Content-Length: 0
Routing-Server-ID: -1
Expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H/1.1

200
OK

/
ps.eyeota.net/match/bounce/ Frame E6AA
Redirect Chain

https://ps.eyeota.net/match?uid=972156233504487137&bid=9gdtmu1
https://ps.eyeota.net/match/bounce/?uid=972156233504487137&bid=9gdtmu1

70 B
440 B

62ms
62ms

Image
image/gif

50.16.174.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match/bounce/?uid=972156233504487137&bid=9gdtmu1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=972156233504487137&agencyId=6276&advertiserId=2170899&src=tp&rnd=2757
Protocol: HTTP/1.1
Server: 50.16.174.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-174-192.compute-1.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/gif
Date: Sun, 10 Dec 2023 01:07:26 GMT
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location: /match/bounce/?uid=972156233504487137&bid=9gdtmu1
Date: Sun, 10 Dec 2023 01:07:26 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2

200

pixel.gif
load77.exelator.com/ Frame E6AA
Redirect Chain

https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=972156233504487137
https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=972156233504487137&xl8blockcheck=1
https://load77.exelator.com/pixel.gif

43 B
385 B

236ms
66ms

Image
image/gif

2a02:6ea0:c400::12
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://load77.exelator.com/pixel.gif
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=972156233504487137&agencyId=6276&advertiserId=2170899&src=tp&rnd=2757
Protocol: H2
Server: 2a02:6ea0:c400::12 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-77-pop: newyorkUSNY
date: Sun, 10 Dec 2023 01:07:27 GMT
x-age-lb: 312752
x-77-cache: HIT
x-accel-date: 1701857695
content-length: 43
x-77-nzt: EQwBWbuxDwH3sMUEAA
x-accel-expires: @1702894495
x-77-age: 312752
x-cache-lb: HIT
last-modified: Wed, 25 Oct 2017 17:03:56 GMT
server: CDN77-Turbo
etag: "59f0c3fc-2b"
x-77-nzt-ray: 49be14087a6333e64f0f75652e018a0a
content-type: image/gif
access-control-allow-origin: *
accept-ranges: bytes

Redirect headers

date: Sun, 10 Dec 2023 01:07:26 GMT
server: nginx
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://load77.exelator.com/pixel.gif
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
content-length: 0

GET
H2

200

db_sync
px.ads.linkedin.com/ Frame E6AA
Redirect Chain

https://idsync.rlcdn.com/398366.gif?partner_uid=972156233504487137
https://idsync.rlcdn.com/1000.gif?memo=CJ6oGBIdChkIARCUdRoSOTcyMTU2MjMzNTA0NDg3MTM3EAAaDQjOntSrBhIFCOgHEABCAEoA
https://pippio.com/api/sync?pid=5324&it=1&iv=a873ff97b7ff34d0bd436fdcf258dfbb363d3e65a44d7940ff52c17aee6f99c6791426b5417dce21&_=2
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=a873ff97b7ff34d0bd436fdcf258dfbb363d3e65a44d7940ff52c17aee6f99c6791426b5417dce21&rand=02777806
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=a873ff97b7ff34d0bd436fdcf258dfbb363d3e65a44d7940ff52c17aee6f99c6791426b5417dce21&rand=02777806&expected_cookie=aeb3278d-287a-4605-a694-0396f895da3a

0
141 B

130ms
129ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=10339&puuid=a873ff97b7ff34d0bd436fdcf258dfbb363d3e65a44d7940ff52c17aee6f99c6791426b5417dce21&rand=02777806&expected_cookie=aeb3278d-287a-4605-a694-0396f895da3a
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=972156233504487137&agencyId=6276&advertiserId=2170899&src=tp&rnd=2757
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 01:07:27 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: E48771564A7C4B0183988DE05C2ACE52 Ref B: MIAEDGE1521 Ref C: 2023-12-10T01:07:27Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYMHXDda04q4jFTczJNGw==

Redirect headers

date: Sun, 10 Dec 2023 01:07:26 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: A7FE37932E324807B654DF257ECD608A Ref B: MIAEDGE1521 Ref C: 2023-12-10T01:07:27Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: /db_sync?pid=10339&puuid=a873ff97b7ff34d0bd436fdcf258dfbb363d3e65a44d7940ff52c17aee6f99c6791426b5417dce21&rand=02777806&expected_cookie=aeb3278d-287a-4605-a694-0396f895da3a
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYMHXDbHtqLcGyXM/7i6w==

GET
H2

200

gdpr_consent=
sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=972156233504487137/gdpr=/ Frame E6AA
Redirect Chain

https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=972156233504487137/gdpr=/gdpr_consent=
https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=972156233504487137/gdpr=/gdpr_consent=

49 B
543 B

71ms
70ms

Image
image/gif

3.225.254.35
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=972156233504487137/gdpr=/gdpr_consent=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=972156233504487137&agencyId=6276&advertiserId=2170899&src=tp&rnd=2757
Protocol: H2
Server: 3.225.254.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-225-254-35.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 01:07:26 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.14.8
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 10 Dec 2023 01:07:26 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=972156233504487137/gdpr=/gdpr_consent=
cache-control: no-cache
x-server: 10.40.3.102
content-length: 0
expires: 0

GET
H2 200 29729
tags.bluekai.com/site/ Frame E6AA 62 B
432 B 319ms
163ms Image
image/gif 23.47.69.85
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/29729?id=972156233504487137
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=972156233504487137&agencyId=6276&advertiserId=2170899&src=tp&rnd=2757
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.47.69.85 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-47-69-85.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Sun, 10 Dec 2023 01:07:27 GMT
content-length: 62
content-type: image/gif

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame E6AA
Redirect Chain

https://eu-u.openx.net/w/1.0/sd?id=537113484&val=972156233504487137
https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=972156233504487137

43 B
171 B

60ms
60ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=972156233504487137
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=972156233504487137&agencyId=6276&advertiserId=2170899&src=tp&rnd=2757
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 01:07:27 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=972156233504487137
date: Sun, 10 Dec 2023 01:07:26 GMT
via: 1.1 google
server: OXGW/0.0.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H/1.1

200
OK

pixel.gif
s3-eu-west-1.amazonaws.com/adality-cdn-content/ Frame E6AA
Redirect Chain

https://api.adrtx.net/thirdparty/click?p=adfo
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif

35 B
390 B

456ms
147ms

Image
image/gif

52.92.3.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=972156233504487137&agencyId=6276&advertiserId=2170899&src=tp&rnd=2757
Protocol: HTTP/1.1
Server: 52.92.3.40 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sun, 10 Dec 2023 01:07:28 GMT
Last-Modified: Thu, 29 Oct 2015 16:41:57 GMT
Server: AmazonS3
x-amz-request-id: W3J1MSYPCQHRA212
ETag: "c2196de8ba412c60c22ab491af7b1409"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 35
x-amz-id-2: Jpw2YEHrmnKdwhvCblBYmLOwcVHth7mJBZVcAcspX/laLcNz9aQ8AryCdN/5OjlcefHcDDDCkfA=

Redirect headers

X-Error-Reason: Missing UserId
Date: Sun, 10 Dec 2023 01:07:27 GMT
Server: akka-http/10.2.10
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 137

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame E6AA 0
338 B 186ms
58ms Image
text/plain 44.218.245.106
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=adform&partner_uid=972156233504487137
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=972156233504487137&agencyId=6276&advertiserId=2170899&src=tp&rnd=2757
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.218.245.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-218-245-106.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-served-by: beacon-n025-ash-prod.krxd.net
date: Sun, 10 Dec 2023 01:07:27 GMT
cache-control: private, no-cache, no-store
x-request-time: D=55 t=1702170447
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

/
c1.adform.net/serving/cookie/match/ Frame E6AA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=OTcyMTU2MjMzNTA0NDg3MTM3
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm=&google_ula=1641347&party=1&google_hm=OTcyMTU2MjMzNTA0NDg3MTM3&google_tc=
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESENUehwKUKO-N5wjFSLAvZB4&google_cver=1&google_ula=1641347,0

35 B
590 B

71ms
70ms

Image
image/gif

185.167.164.39
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESENUehwKUKO-N5wjFSLAvZB4&google_cver=1&google_ula=1641347,0

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=972156233504487137&agencyId=6276&advertiserId=2170899&src=tp&rnd=2757

Protocol

Server

185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 01:07:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Sun, 10 Dec 2023 01:07:27 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESENUehwKUKO-N5wjFSLAvZB4&google_cver=1&google_ula=1641347,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 334
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 plf
c1.adform.net/imatch/ Frame E6AA 0
384 B 72ms
69ms Image
text/plain 185.167.164.39
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plfm

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=972156233504487137&agencyId=6276&advertiserId=2170899&src=tp&rnd=2757

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=972156233504487137&agencyId=6276&advertiserId=2170899&src=tp&rnd=2757
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 01:07:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2

200

setuid
secure.adnxs.com/ Frame E6AA
Redirect Chain

https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1
https://c1.adform.net/serving/cookie/match?party=3&id=8865539027973279301&redirect=1
https://secure.adnxs.com/setuid?entity=91&code=972156233504487137

43 B
836 B

71ms
68ms

Image
image/gif

68.67.179.164
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/setuid?entity=91&code=972156233504487137

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=972156233504487137&agencyId=6276&advertiserId=2170899&src=tp&rnd=2757

Protocol

Server

68.67.179.164 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 01:07:27 GMT
an-x-request-uuid: 63f76a29-1c29-4bf9-acdb-02dbc07dba3d
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 38.132.118.68; 38.132.118.68; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 10 Dec 2023 01:07:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://secure.adnxs.com/setuid?entity=91&code=972156233504487137
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame E6AA 42 B
470 B 178ms
58ms Image
image/gif 8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=972156233504487137
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=972156233504487137&agencyId=6276&advertiserId=2170899&src=tp&rnd=2757
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sun, 10 Dec 2023 01:07:26 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 200
OK cs
pdw-adf.userreport.com/ Frame E6AA 43 B
443 B 463ms
77ms Image
image/gif 13.224.214.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pdw-adf.userreport.com/cs
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=972156233504487137&agencyId=6276&advertiserId=2170899&src=tp&rnd=2757
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-106.phl50.r.cloudfront.net
Software: nginx/1.22.0 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 23:18:30 GMT
Via: 1.1 18235244f92adbfef142c197cb3eac0c.cloudfront.net (CloudFront)
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx/1.22.0
X-Amz-Cf-Pop: PHL50-C1
Age: 6537
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Content-Length: 43
X-Amz-Cf-Id: wj2GW6Omr82_SWnW6195Y8l-3gd7mc2VIU1f_JHnDcV4ssXJzgJSnA==

GET
H/1.1

200

p
a.audrte.com/ Frame E6AA
Redirect Chain

https://a.audrte.com/a?adform_uid=972156233504487137
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=MGw1UzRnck4wTXhUSUs5NTF5bi1IZXRpQQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
https://a.audrte.com/p

68 B
424 B

142ms
142ms

Image
image/png

52.16.120.138
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.audrte.com/p
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=972156233504487137&agencyId=6276&advertiserId=2170899&src=tp&rnd=2757
Protocol: HTTP/1.1
Server: 52.16.120.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-16-120-138.eu-west-1.compute.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sun, 10 Dec 2023 01:07:28 GMT
Server: nginx/1.22.1
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 68

Redirect headers

Date: Sun, 10 Dec 2023 01:07:27 GMT
Server: nginx/1.22.1
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: *
Location: https://a.audrte.com:443/p
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame E6AA
Redirect Chain

https://dpm.demdex.net/ibs:dpid=1586&dpuuid=972156233504487137&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=972156233504487137&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirec...
https://c1.adform.net/serving/cookie/match?party=1007&cid=00617673387515775053565078690299351445&noredirect=1

35 B
590 B

71ms
71ms

Image
image/gif

185.167.164.39
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1007&cid=00617673387515775053565078690299351445&noredirect=1

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=972156233504487137&agencyId=6276&advertiserId=2170899&src=tp&rnd=2757

Protocol

Server

185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 01:07:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

dcs: dcs-prod-va6-2-v053-080f9a2ef.edge-va6.demdex.com 2 ms
pragma: no-cache
date: Sun, 10 Dec 2023 01:07:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: o+9vTUZQQTY=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://c1.adform.net/serving/cookie/match?party=1007&cid=00617673387515775053565078690299351445&noredirect=1
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame E6AA
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=972156233504487137
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=214050604726000646785

35 B
590 B

71ms
71ms

Image
image/gif

185.167.164.43
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1014&cid=214050604726000646785

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=972156233504487137&agencyId=6276&advertiserId=2170899&src=tp&rnd=2757

Protocol

Server

185.167.164.43 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 01:07:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Sun, 10 Dec 2023 01:07:27 GMT
via: 1.1 e5ff4a3d69612691bbce9d66888e6aa4.cloudfront.net (CloudFront)
server: AAWebServer
x-amz-cf-pop: PHL50-C1
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://dmp.adform.net/serving/cookie/match/?party=1014&cid=214050604726000646785
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-cache: Miss from cloudfront
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
x-amz-cf-id: zC1vYLM5z6bWygZ3NYDYVhgYPPCDVESqIXjDhfCi_IPMilYBdom1rQ==
expires: 0

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame E6AA
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7310766402091939992

35 B
590 B

70ms
70ms

Image
image/gif

185.167.164.43
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7310766402091939992

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=972156233504487137&agencyId=6276&advertiserId=2170899&src=tp&rnd=2757

Protocol

Server

185.167.164.43 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 01:07:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Location: https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7310766402091939992
Date: Sun, 10 Dec 2023 01:07:27 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2 200 33302
tags.bluekai.com/site/ Frame E6AA 62 B
360 B 148ms
148ms Image
image/gif 23.47.69.85
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/33302?id=972156233504487137
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=972156233504487137&agencyId=6276&advertiserId=2170899&src=tp&rnd=2757
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.47.69.85 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-47-69-85.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Sun, 10 Dec 2023 01:07:27 GMT
content-length: 62
content-type: image/gif

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame E6AA
Redirect Chain

https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
https://c1.adform.net/serving/cookie/match?party=1084&cid=MrRg3rCg1Rc8i35

35 B
599 B

69ms
69ms

Image
image/gif

185.167.164.39
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1084&cid=MrRg3rCg1Rc8i35

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=972156233504487137&agencyId=6276&advertiserId=2170899&src=tp&rnd=2757

Protocol

Server

185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 01:07:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Pragma: no-cache
Date: Sun, 10 Dec 2023 01:07:27 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-02f65c698d0566c80@us-east-1d@dxedge-app-us-east-1-prod-asg
Location: https://c1.adform.net/serving/cookie/match?party=1084&cid=MrRg3rCg1Rc8i35
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame E6AA
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=71ei9rr&ttd_tpi=1
https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=81d0642c-a0f6-43a7-a53f-a9b7a4c3933a

35 B
591 B

215ms
73ms

Image
image/gif

185.167.164.43
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=81d0642c-a0f6-43a7-a53f-a9b7a4c3933a

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=972156233504487137&agencyId=6276&advertiserId=2170899&src=tp&rnd=2757

Protocol

Server

185.167.164.43 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 01:07:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

location: https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=81d0642c-a0f6-43a7-a53f-a9b7a4c3933a
date: Sun, 10 Dec 2023 01:07:27 GMT
server: Kestrel
content-length: 225

GET image.sbmx
global.ib-ibi.com/ Frame E6AA 0
0

GET
H2

200

3.gif
id5-sync.com/cq/10/124/0/ Frame E6AA
Redirect Chain

https://id5-sync.com/s/10/0.gif?puid=972156233504487137
https://id5-sync.com/c/10/10/2/1.gif?puid=972156233504487137&gdpr=0&gdpr_consent=&us_privacy=
https://ib.adnxs.com/getuid?https://id5-sync.com/c/10/2/1/2.gif?puid=$UID&gdpr=0&gdpr_consent=
https://id5-sync.com/c/10/2/1/2.gif?puid=8865539027973279301&gdpr=0&gdpr_consent=
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-13d7OVRLPT_ls65XO0HbaaWCBYOoMIKQiVXKveLuxw&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F10%2F124%2F0%2F3.gif%3Fpuid%3D%...
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-13d7OVRLPT_ls65XO0HbaaWCBYOoMIKQiVXKveLuxw&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F10%2F124%2F0%2F3.gif%3Fpu...
https://id5-sync.com/cq/10/124/0/3.gif?puid=c6b55dd0-a765-4f70-b422-945d7d0734bf&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=

43 B
1 KB

143ms
143ms

Image
image/gif

162.19.138.116
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/cq/10/124/0/3.gif?puid=c6b55dd0-a765-4f70-b422-945d7d0734bf&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=972156233504487137&agencyId=6276&advertiserId=2170899&src=tp&rnd=2757

Protocol

Server

162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Sun, 10 Dec 2023 01:07:27 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"

Redirect headers

location: https://id5-sync.com/cq/10/124/0/3.gif?puid=c6b55dd0-a765-4f70-b422-945d7d0734bf&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
access-control-allow-origin: *
date: Sun, 10 Dec 2023 01:07:28 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame E6AA
Redirect Chain

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=2033298184
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=5sYLAkorjaBg1lj8bWm4ne

35 B
590 B

70ms
69ms

Image
image/gif

185.167.164.43
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1145&cid=5sYLAkorjaBg1lj8bWm4ne

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=972156233504487137&agencyId=6276&advertiserId=2170899&src=tp&rnd=2757

Protocol

Server

185.167.164.43 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 01:07:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Sun, 10 Dec 2023 01:07:26 GMT
via: 1.1 google
last-modified: Sun, 10 Dec 2023 01:07:27 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location: https://dmp.adform.net/serving/cookie/match/?party=1145&cid=5sYLAkorjaBg1lj8bWm4ne
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame E6AA 23 B
278 B 295ms
76ms Image
image/gif 23.51.53.155
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=119&uid=972156233504487137
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=972156233504487137&agencyId=6276&advertiserId=2170899&src=tp&rnd=2757
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.51.53.155 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-53-155.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires: Sun, 10 Dec 2023 01:07:27 GMT
pragma: no-cache
date: Sun, 10 Dec 2023 01:07:27 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

GET
H/1.1

200
OK

RX-0f4d227e-90a2-4424-8a29-d4bf76ea49f1-005
sync.targeting.unrulymedia.com/csync/ Frame E6AA
Redirect Chain

https://s.ad.smaato.net/c/?dspInit=1001213&dspCookie=972156233504487137
https://sync.1rx.io/usersync/smaato/e0ebe14000?gdpr=0&gdpr_consent=
https://sync.1rx.io/usersync/smaato/e0ebe14000?zcc=1&cb=1702170448107
https://sync.targeting.unrulymedia.com/csync/RX-0f4d227e-90a2-4424-8a29-d4bf76ea49f1-005

43 B
452 B

616ms
64ms

Image
image/gif

199.127.204.171
RHYTHMONE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.targeting.unrulymedia.com/csync/RX-0f4d227e-90a2-4424-8a29-d4bf76ea49f1-005
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=972156233504487137&agencyId=6276&advertiserId=2170899&src=tp&rnd=2757
Protocol: HTTP/1.1
Server: 199.127.204.171 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sun, 10 Dec 2023 01:07:28 GMT
Server: Tengine
Connection: keep-alive
Content-Length: 43
P3P: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

Pragma: no-cache
Date: Sun, 10 Dec 2023 01:07:28 GMT
Server: Tengine
Transfer-Encoding: chunked
Content-Type: text/html
Location: https://sync.targeting.unrulymedia.com/csync/RX-0f4d227e-90a2-4424-8a29-d4bf76ea49f1-005
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Expires: 0

GET
H2 200 972156233504487137
match.contentexchange.me/adform/ Frame E6AA 0
49 B 661ms
158ms Image
text/plain 46.19.11.36
SIEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.contentexchange.me/adform/972156233504487137?redirect_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1219
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=972156233504487137&agencyId=6276&advertiserId=2170899&src=tp&rnd=2757
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.19.11.36 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: ilog.vsn.si
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 01:07:28 GMT
content-length: 0
server: nginx/1.16.1

GET
H2 200 /
bpi.rtactivate.com/tag/ Frame E6AA 43 B
109 B 265ms
120ms Image
image/gif 18.208.73.39
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bpi.rtactivate.com/tag/?id=16974&user_id=972156233504487137
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=972156233504487137&agencyId=6276&advertiserId=2170899&src=tp&rnd=2757
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.208.73.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-208-73-39.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 01:07:27 GMT
server: awselb/2.0
content-length: 43
content-type: image/gif

GET
H2

200

xuid
eb2.3lift.com/ Frame E6AA
Redirect Chain

https://eb2.3lift.com/xuid?mid=7354&xuid=972156233504487137&dongle=AD20
https://eb2.3lift.com/xuid?ld=1&mid=7354&xuid=972156233504487137&dongle=AD20&gdpr=0&cmp_cs=&us_privacy=

37 B
353 B

62ms
61ms

Image
image/gif

35.71.139.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=7354&xuid=972156233504487137&dongle=AD20&gdpr=0&cmp_cs=&us_privacy=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=972156233504487137&agencyId=6276&advertiserId=2170899&src=tp&rnd=2757
Protocol: H2
Server: 35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type: image/gif
date: Sun, 10 Dec 2023 01:07:27 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=7354&xuid=972156233504487137&dongle=AD20&gdpr=0&cmp_cs=&us_privacy=
date: Sun, 10 Dec 2023 01:07:27 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 put
e1.emxdgt.com/ Frame E6AA 43 B
120 B 403ms
59ms Image
image/gif 34.235.210.13
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d52&uid=972156233504487137
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=972156233504487137&agencyId=6276&advertiserId=2170899&src=tp&rnd=2757
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.235.210.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-235-210-13.compute-1.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 01:07:27 GMT
content-length: 43
x-nosync: emp
content-type: image/gif

GET
H2 200 plf
c1.adform.net/imatch/ Frame E6AA 0
384 B 70ms
69ms Image
text/plain 185.167.164.39
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plfl

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=972156233504487137&agencyId=6276&advertiserId=2170899&src=tp&rnd=2757

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=972156233504487137&agencyId=6276&advertiserId=2170899&src=tp&rnd=2757
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 01:07:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 81ms
80ms XHR
text/plain 2607:f8b0:4006:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=920884761&t=event&_s=1&dl=http%3A%2F%2Fjweinercpas.com%2F&ul=en-us&de=UTF-8&dt=OpenSnow%3A%20Weather%20Forecasts%20%26%20Snow%20Reports%20%7C%20OpenSnow&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=general&ea=status_dimension&_u=6CDAAUIjQAAAACAAI~&jid=43906288&gjid=974615221&cid=711857870.1702170446&tid=UA-26524288-1&_gid=383846810.1702170446&_r=1&gtm=457e3bt0&gcd=11l1l1l1l1&dma=0&cd2=n&jsscut=1&z=798486999

Requested by

Host: jweinercpas.com
URL: http://jweinercpas.com/_nuxt/c3061eb.modern.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://jweinercpas.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 01:07:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://jweinercpas.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 67ms
66ms Image
image/gif 2607:f8b0:4006:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=920884761&t=pageview&_s=2&dl=http%3A%2F%2Fjweinercpas.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=index&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=6CDAAUIjQAAAACgCI~&jid=&gjid=&cid=711857870.1702170446&tid=UA-26524288-1&_gid=383846810.1702170446&gtm=457e3bt0&gcd=11l1l1l1l1&dma=0&jsscut=1&z=43467779

Requested by

Host: jweinercpas.com
URL: http://jweinercpas.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: http://jweinercpas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 23:11:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 6939
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
149 B 71ms
69ms XHR
text/plain 2607:f8b0:4004:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-26524288-1&cid=711857870.1702170446&jid=43906288&gjid=974615221&_gid=383846810.1702170446&_u=6CDAAUIiQAAAACAAI~&z=816969232

Requested by

Host: jweinercpas.com
URL: http://jweinercpas.com/_nuxt/c3061eb.modern.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://jweinercpas.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 10 Dec 2023 01:07:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://jweinercpas.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 229ms
85ms Image
image/gif 2607:f8b0:4006:81d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-26524288-1&cid=711857870.1702170446&jid=43906288&_u=6CDAAUIiQAAAACAAI~&z=664885594

Requested by

Host: jweinercpas.com
URL: http://jweinercpas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://jweinercpas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 01:07:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
45 B 60ms
59ms Ping
text/plain 2001:4860:4802:38::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-Z6F2F1ZKRY&gtm=45je3bt0v881476004&_p=1702170445540&gcd=11l1l1l1l1&dma=0&cid=711857870.1702170446&ul=en-us&sr=1600x1200&_eu=AAAI&sid=1702170446&sct=1&seg=0&dl=http%3A%2F%2Fjweinercpas.com%2F&dt=OpenSnow%3A%20Weather%20Forecasts%20%26%20Snow%20Reports%20%7C%20OpenSnow&_s=2&tfd=6601
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z6F2F1ZKRY&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:38::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://jweinercpas.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 01:07:31 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://jweinercpas.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: global.ib-ibi.com
URL: https://global.ib-ibi.com/image.sbmx?go=302927&pid=567&xid=972156233504487137

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

77 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.jweinercpas.com/	1970-01-21 02:25:30	Name: _ga Value: GA1.2.711857870.1702170446
.jweinercpas.com/	1970-01-20 16:50:56	Name: _gid Value: GA1.2.383846810.1702170446
.adform.net/	1970-01-20 17:34:08	Name: C Value: 1
.adform.net/	1970-01-20 18:15:54	Name: receive-cookie-deprecation Value: 1
.adform.net/	1970-01-20 18:15:54	Name: uid Value: 972156233504487137
.adform.net/	1970-01-20 16:50:56	Name: CM Value: 1\|1
.jweinercpas.com/	1970-01-21 02:25:30	Name: _ga_Z6F2F1ZKRY Value: GS1.1.1702170446.1.1.1702170446.60.0.0
.adform.net/	1970-01-20 17:09:40	Name: CM14 Value: 1702256846_1702170446_1_Hu7u4e4e4R7u4e4REREeEREREQ
.jweinercpas.com/	1970-01-20 16:49:30	Name: _gat_gtag_UA_26524288_1 Value: 1
.adsrvr.org/	1970-01-21 01:36:32	Name: TDID Value: 81d0642c-a0f6-43a7-a53f-a9b7a4c3933a
.smartadserver.com/	1970-01-21 02:19:44	Name: pid Value: 2336191261542622197
.smartadserver.com/	1970-01-21 02:19:44	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-21 01:36:32	Name: csync Value: 22:972156233504487137
.bidswitch.net/	1970-01-21 01:35:06	Name: tuuid Value: 29d8609b-c201-4a58-a50f-de0428a6d83f
.bidswitch.net/	1970-01-21 01:35:06	Name: c Value: 1702170446
.bidswitch.net/	1970-01-21 01:35:06	Name: tuuid_lu Value: 1702170446
.casalemedia.com/	1970-01-21 01:35:06	Name: CMID Value: ZXUPTouAdleEOe5MU8-laQAA
.casalemedia.com/	1970-01-20 18:59:06	Name: CMPS Value: 2786
.casalemedia.com/	1970-01-20 18:59:06	Name: CMPRO Value: 2786
.rubiconproject.com/	1970-01-21 01:35:06	Name: khaos Value: LPYSC2GB-11-BU4J
.semasio.net/	1970-01-21 01:35:06	Name: SEUNCY Value: 7B249FC06B392FDC
.eyeota.net/	1970-01-21 01:36:32	Name: mako_uid Value: 18c5143cba7-60560000010a5fe9
.eyeota.net/	1970-01-20 16:49:31	Name: SERVERID Value: 24553~DM
.seadform.net/	1970-01-20 18:15:54	Name: uid Value: 972156233504487137
.ads.stickyadstv.com/	1970-01-20 18:15:54	Name: uid-bp-617 Value: 972156233504487137
.ads.stickyadstv.com/	1970-01-20 17:32:42	Name: UID Value: 6e230773cbb33511373ad3eed39
.adnxs.com/	1970-01-20 18:59:06	Name: uuid2 Value: 8865539027973279301
.rlcdn.com/	1970-01-21 01:35:06	Name: rlas3 Value: IjUaAYGlIHoVDy8E9QDZ1oFEA7CIixoyrsvlIbHCYWs=
.exelator.com/	1970-01-20 19:42:18	Name: EE Value: "adf0532a1c96a399e9a67cfb3c402f76"
.rlcdn.com/	1970-01-20 18:15:54	Name: pxrc Value: CM6e1KsGEgUI6AcQABIFCOhHEAA=
.exelator.com/	1970-01-20 19:42:18	Name: ud Value: "eJxrXxzq6XKLQSExJc3A1Ngo0TDZ0izR2NIy1TLRzDw5Lck42cTAKM3cbHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDIYEl%252BUWb6otDgxUUpaQyLSopPBR%252FTWAQAt18qdA%253D%253D"
.crwdcntrl.net/	1970-01-20 23:18:18	Name: _cc_dc Value: 0
.crwdcntrl.net/	1970-01-20 23:18:18	Name: _cc_id Value: e3650a3241426c2626b1d24946a9c5c4
.openx.net/	1970-01-21 01:35:06	Name: i Value: d485b372-92ca-46ba-9f86-43d412decd1f\|1702170446
.omnitagjs.com/	1970-01-20 17:32:42	Name: ayl_visitor Value: 7eef3496042d9892fe1e36c789436868
.krxd.net/	1970-01-20 21:08:42	Name: _kuid_ Value: P9yuAbGg
.bluekai.com/	1970-01-20 21:13:01	Name: bku Value: /Ux99WXw5VPKZX1k
.pippio.com/	1970-01-21 01:35:06	Name: did Value: ZY2BnXS59JDrtJmP
.pippio.com/	1970-01-21 01:35:06	Name: didts Value: 1702170447
.pippio.com/	1970-01-20 18:15:54	Name: nnls Value:
.pippio.com/	1970-01-20 18:15:54	Name: pxrc Value: CM+e1KsGEgYIgr0rEAA=
.pubmatic.com/	1970-01-20 17:32:42	Name: KRTBCOOKIE_391 Value: 22924-972156233504487137&KRTB&23263-972156233504487137&KRTB&23481-972156233504487137
.pubmatic.com/	1970-01-20 17:32:42	Name: PugT Value: 1702170446
.doubleclick.net/	1970-01-21 02:25:30	Name: IDE Value: AHWqTUlQVxSbGQ8_X4EHskzEfQQceAoeZdKMg4Jw7MpJMPqYNiSXTNrXCmePWFB-riI
.adnxs.com/	1970-01-20 18:59:06	Name: anj Value: dTM7k!M4/YErk#WF']wIg2C$Urz%Is!]tbPl1MO?+q([.UbW(WSjNgFSl53oNZk8?a^9>Ad#n:[@oTDS#BI7y)N[UD!!#xy(GPS^
.demdex.net/	1970-01-20 21:08:42	Name: demdex Value: 00617673387515775053565078690299351445
.rubiconproject.com/	1970-01-21 01:35:06	Name: audit Value: 1\|ZLSDVhb8g+en32VWhdZ4Srn5dwNDRvrg4DYw1kAoN/ybz16xSA9sXfqXCwH8dITuqFzskhDuQSHyUhTWCqUS/I+whRf0v/l/ZTYMaWzNL0VkAlj+fOs776T1ZtmhgqKscCygDcYSdD/OZF4C5xzkLg==
.dpm.demdex.net/	1970-01-20 21:08:42	Name: dpm Value: 00617673387515775053565078690299351445
.adsrvr.org/	1970-01-21 01:36:32	Name: TDCPM Value: CAESFwoIYXBwbmV4dXMSCwj6q7KGzcm8PBAFEhYKB3J1Ymljb24SCwjm1rKGzcm8PBAFEhkKCnJpZ2h0bWVkaWESCwiW1LuJzcm8PBAFGAUgAigBMgsIoLDir-PJvDwQBUIPIg0IARIJCgV0aWVyMhABWgdzMGdxdzQ3YAFyCnJpZ2h0bWVkaWE.
.linkedin.com/	1970-01-20 18:59:06	Name: li_sugr Value: aeb3278d-287a-4605-a694-0396f895da3a
.linkedin.com/	1970-01-21 01:35:06	Name: bcookie Value: "v=2&8c597ec9-bad8-4136-812c-9336e20a8d99"
.linkedin.com/	1970-01-20 16:50:56	Name: lidc Value: "b=OGST03:s=O:r=O:a=O:p=O:g=3071:u=1:x=1:i=1702170447:t=1702256847:v=2:sig=AQFBYq4ath2dmJ6QC3wvLtMmXVnnMo7Y"
.agkn.com/	1970-01-21 01:35:06	Name: ab Value: 0001%3AfRyeP%2BLrNYbJRYL9MwlEhBWVlEg1QAod
.w55c.net/	1970-01-21 02:21:11	Name: wfivefivec Value: MrRg3rCg1Rc8i35
.yahoo.com/	1970-01-21 01:35:28	Name: A3 Value: d=AQABBE8PdWUCED6f4m_nURp0wf6WRRcp5OsFEgEBAQFgdmV-ZdxH0iMA_eMAAA&S=AQAAArtAI0kx7YQvKC1gzM0miFM
.w55c.net/	1970-01-20 17:32:42	Name: matchadform Value: 5
.adfarm1.adition.com/	1970-01-20 18:59:06	Name: UserID1 Value: 7310766402091939992
.analytics.yahoo.com/	1970-01-21 01:35:06	Name: IDSYNC Value: "1769~2fip:19e0~2fip"
.audrte.com/	1970-01-20 17:11:06	Name: arcki2 Value: 0l5S4grN0MxTIK951yn-HetiA!20220908!1702170447626!ip#38.132.118.68
.audrte.com/	1970-01-20 17:11:06	Name: arcki2_adform Value: 972156233504487137!20220908!1702170447626
.weborama.fr/	1970-01-21 02:15:25	Name: AFFICHE_W Value: ynz0wBNWzA3K69
.teads.tv/	1970-01-21 01:33:40	Name: tt_viewer Value: 91fc3063-4e0a-45c7-93f6-9bbce15ea808
.smaato.net/	1970-01-20 17:19:44	Name: SCM Value: e0ebe14000
.smaato.net/	1970-01-20 17:19:44	Name: SCMu Value: e0ebe14000
.smaato.net/	1970-01-20 17:19:44	Name: SCM1001213 Value: e0ebe14000
.3lift.com/	1970-01-20 18:59:06	Name: tluid Value: 306666019409944173765
.audrte.com/	1970-01-20 17:11:06	Name: arcki2_ddp2 Value: 0l5S4grN0MxTIK951yn-HetiA!20220908!1702170447862
.id5-sync.com/	1970-01-20 18:59:06	Name: id5 Value: feb32cc1-3c13-7bfc-89dd-39c590d1e0c7#1702170447773#2
.1rx.io/	1970-01-21 01:35:06	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-0f4d227e-90a2-4424-8a29-d4bf76ea49f1-005%22%7D
.hb.yahoo.net/	1970-01-20 21:08:42	Name: visitor-id Value: 3451720481523640000V10
.hb.yahoo.net/	1970-01-20 17:09:40	Name: data-ttd Value: 81d0642c-a0f6-43a7-a53f-a9b7a4c3933a~~63
.360yield.com/	1970-01-20 18:59:06	Name: tuuid Value: c6b55dd0-a765-4f70-b422-945d7d0734bf
.360yield.com/	1970-01-20 18:59:06	Name: tuuid_lu Value: 1702170448
.360yield.com/	1970-01-20 18:59:06	Name: um Value: !79,mcLixX253jiChFxKqp.MWVA7nIbOSiQOnhpRsZFRWjuzSUFNQ8y4GRhn7egR8Du.kM0VIAWPy997qdT0,1709946448
.360yield.com/	1970-01-20 18:59:06	Name: umeh Value: !79,0,1764378448,-1
.id5-sync.com/	1970-01-20 18:59:06	Name: 3pi Value: 2#1702170448132#-1582324260#8865539027973279301\|10#1702170447916#-1996843033#972156233504487137\|124#1702170448428#1263952616
.targeting.unrulymedia.com/	1970-01-21 01:35:06	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-0f4d227e-90a2-4424-8a29-d4bf76ea49f1-005%22%7D

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.googletagmanager.com/gtag/js?id=G-GW6B21GDJ7&l=dataLayer&cx=c Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://global.ib-ibi.com/image.sbmx?go=302927&pid=567&xid=972156233504487137 Message: Failed to load resource: net::ERR_CONNECTION_RESET

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
a1.seadform.net
a2.adform.net
aa.agkn.com
ad.360yield.com
ad.yieldlab.net
ads.stickyadstv.com
analytics.google.com
api.adrtx.net
beacon.krxd.net
blizzard.opensnow.com
bpi.rtactivate.com
c1.adform.net
cm.g.doubleclick.net
dmp.adform.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
e1.emxdgt.com
eb2.3lift.com
eu-u.openx.net
global.ib-ibi.com
hb.yahoo.net
ib.adnxs.com
ice.360yield.com
id5-sync.com
idsync.rlcdn.com
ih.adscale.de
insight.adsrvr.org
jweinercpas.com
lift.opensnow.com
load77.exelator.com
loadm.exelator.com
match.adsrvr.org
match.contentexchange.me
pdw-adf.userreport.com
pippio.com
pixel.rubiconproject.com
pm.w55c.net
ps.eyeota.net
px.ads.linkedin.com
redirect.frontend.weborama.fr
rtb-csync.smartadserver.com
s.ad.smaato.net
s2.adform.net
s3-eu-west-1.amazonaws.com
secure.adnxs.com
simage2.pubmatic.com
stats.g.doubleclick.net
sync.1rx.io
sync.crwdcntrl.net
sync.targeting.unrulymedia.com
sync.teads.tv
tags.bluekai.com
token.rubiconproject.com
uipglob.semasio.net
ups.analytics.yahoo.com
visitor.omnitagjs.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
x.bidswitch.net
global.ib-ibi.com
104.18.36.155
107.178.254.65
13.224.214.106
13.224.214.26
142.250.80.34
162.19.138.116
172.67.36.70
18.206.67.229
18.208.73.39
185.167.164.39
185.167.164.43
185.167.164.45
199.127.204.171
2001:4860:4802:38::181
23.105.12.136
23.204.152.38
23.215.41.148
23.47.69.85
23.51.53.155
2600:9000:25c8:b200:1b:5138:8a40:93a1
2606:4700:3030::ac43:9caf
2607:f8b0:4004:c06::9b
2607:f8b0:4006:80c::200e
2607:f8b0:4006:80f::2008
2607:f8b0:4006:81d::2004
2620:1ec:21::14
2a02:6ea0:c400::12
3.140.180.43
3.210.80.44
3.225.218.10
3.225.254.35
34.229.3.43
34.235.210.13
34.98.64.218
35.156.237.51
35.190.24.218
35.211.178.172
35.244.154.8
35.71.131.137
35.71.139.29
44.218.245.106
46.19.11.36
50.16.174.192
50.57.31.206
52.16.120.138
52.92.3.40
54.221.60.142
63.251.28.133
68.67.179.164
69.173.151.100
8.28.7.83
85.114.159.93
99.81.243.254
01e11547653298afecff82a44a6a4e43c66a8d0ff42c95f4dfdb8506c593f360
05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9
0a1e289c88271062a8795449bbd1271584a33681928e6880f17274212bc92b27
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0fbbbb63ebb16a0a04a4124202d8a3a8171beab5091e7490771a0ed9ea8529d0
11ca0ce3e768c90fe2293f173d7b9194fb3c341c2054f4a14a211e0aec7a99dc
18fabf6388c12071b501c47d4fb577d69ebd92e4d2a366b597169326c568b4f9
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2ad16100f60b85bc3154054e1f1a6631ddfb001f1dd3df8bd3940973b441c8f1
2ba25ccb4fb517b87d4962892d074383d41e8d6f19a590a2ebbc380587261ffd
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3aeaabf264d02ce7dae505d49c9f4c8d134957c665804414a27f017402846496
3bf012ab5ca793d7fba90caba09df22549232f06fbc94f465e439c524e8f2b6a
403e2888f51e94d47e2036cecf5c185aa50e749f793860f6f1f9ec795babbca1
4a4d63722cba32ac8477fc2fb6c1aee244f12e7909279473fce483885db65a4a
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d73313356fb474f170c5fa28a221202137522806c6d1d1fb5b522c8037608f6
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e0c729a90c7ea25c6bc70d54e10067e1fa35955fc16a71bca9fdd9571cba80e
51e9a448efae3d151d8e5322e52f2bcdcc42032849447389a25605b82bf2fbd5
526f2d8bfa0b9c2c3cefdcbf04b3ea9c3a7e9ecaa9f5883c0a4445e0108c635e
52c81e8e5e007de22f35802bfb95296a8843c524b73e8d6f90c5970737d6e364
544f45ef277797fbfd606b6793db6826dc8bf61612aedf3dfc0f5320d2c18be4
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
56f0e091355582c24408b588172b53b25fe4313597dd1b3ed12bdd912ecdd752
57a0da6d8bbfc52263c09655649815704e199ea274f956bbda66da5a0592463d
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
65edc71d51741e0f98b68e5b2bcc4bd9b128e0c45b9a9261b8080246073700fb
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
78ea22a13907d6b2b10444886948b9884ae0ebfaa61514ddddac28c8240eaa8a
79308377b6156ba4937585153d3fe3e000df29c547b5d45125c870f408f36763
7e0872831509d835f8410fe0bc8dece319409869f4016cf2444d9960d94cc07e
7e2592720dee70d19701db6fc0999a468f2ec7b0a04159993d0dcdbd4bae65a8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
848f214321332e0760959f6238b9ae525b43efbbb86cd6b2ea8651a91314a0ee
8968245401605aa73e6fdfbfaba12f8a6148e51f2316f9a94431fb326cb6d2c9
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
99c28ba77690124b83aea8cdbbb17ab1145ba247c791aeb4bad747b4248ac459
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b73dd917ca218745e22f9ef4bcfff5746b1d3395e9e44b6235ee05cfd3c9b4b
9c51d4cce1b3d937dd07e5f0069956444009219cbcb84ce64c4e3f424129b37f
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a5315d79b321941d03af635d0245c1611641b3d340b4c209d2ee285656b59331
a5885c19a11810454ba5fcd8b8aa48aab877177b59b9f9ee585d60edbb9a3a38
a5aeb8c8c0267952aab0edcdbcaca676f1e7fea4dc7494f61eed3187a3bd0cf0
ad3f6a7546902b413908a7a4601703a4f9fa87a2798a7c8c1a1731c0d9b520d3
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3c5a9eef388ef06405ba2100ca54417a1829f1307ad590465823a31cb5143b7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
be05b718089dda8278a8627a2a2b5ee63f84f8f59202e9cfa52d2e171dc9602c
c121c6af027b91be0707e2264a87b4bb49f6fffde5f754d8fe1c55288c3bae86
c66e2e63e2e1bd54eb1b59eba0701a17fa3c64ad29f092c6defecbada2b85333
c6fe05f92cebfacc6ef600f19789f5b69f91d97f7a5ad3e5fe650871daffd001
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d41adf3bf5eeafa510fb30f0a6e2ada66e8f00a743cc44970563a33d03d99728
d690a823793c01c0f594aaa8315cc1dad19f8f2e63340523252d95f968dc8811
d89b53b747de1ff94aea68cd5b15bb1b39e879af0ead4e0c039d016bf61f4e45
d8f35a67f2129d433d9a690160ea7f637686033f5055199a7788f1bb500fe0e6
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de99dc904811f66430b0fe92fd3ab948324c8a2193c57af4c22a8d17298f9c6e
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb1fc549c6d8e6989bf6f99b7f6d8c37ec37a308d56443916e32acac5b700d0a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f03c1bf1b4b726d09b8d6babd5fbe3703d14bf9eaed7d0c23f9ee4d2a1dc9e84
f46e73a4a5fb0ea80b932d1aaff9a0d7150e713d670d6e51a354ccdf49e73fdb

jweinercpas.com Open in urlscan Pro 2606:4700:3030::ac43:9caf Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

98 Requests

51 %HTTPS

17 %IPv6

51 Domains

62 Subdomains

39 IPs

6 Countries

4350 kBTransfer

6972 kBSize

77 Cookies

40 Outgoing links

Redirected requests

98 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

jweinercpas.com Open in urlscan Pro
2606:4700:3030::ac43:9caf Public Scan

Screenshot
Live screenshot

Full Image

98
Requests

51 %
HTTPS

17 %
IPv6

51
Domains

62
Subdomains

39
IPs

6
Countries

4350 kB
Transfer

6972 kB
Size

77
Cookies

98 HTTP transactions
1 data transactions