buhgalter.com.ua Open in urlscan Pro
136.144.183.196 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://buhgalter.com.ua/
Effective URL:
https://buhgalter.com.ua/
Submission: On November 07 via api (November 7th 2022, 12:55:26 am UTC) from GB — Scanned from GB

Summary HTTP 460 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 96 IPs in 11 countries across 92 domains to perform 460 HTTP transactions. The main IP is 136.144.183.196, located in Haarlem, Netherlands and belongs to TRANSIP-AS Amsterdam, the Netherlands, NL. The main domain is buhgalter.com.ua.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on October 31st 2022. Valid for: a year.

This is the only time buhgalter.com.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 39	136.144.183.196 136.144.183.196	20857 (TRANSIP-A...) (TRANSIP-AS Amsterdam)
4	45.133.44.3 45.133.44.3	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
3	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5914	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
4	45.133.44.4 45.133.44.4	7018 (ATT-INTER...) (ATT-INTERNET4)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
5	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	95.170.82.90 95.170.82.90	20857 (TRANSIP-A...) (TRANSIP-AS Amsterdam)
2	185.187.81.40 185.187.81.40	43332 (IDSTRATEG...) (IDSTRATEGY-AS)
1	2600:3c01::f0... 2600:3c01::f03c:91ff:fe79:43b	63949 (LINODE-AP...) (LINODE-AP Linode)
4	2606:4700:e2:... 2606:4700:e2::ac40:850f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
32	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:6ea0:c70... 2a02:6ea0:c700::20	60068 (CDN77 ^_^) (CDN77 ^_^)
10	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
6	2a0c:5c81:514... 2a0c:5c81:5142::2	55081 (24SHELLS) (24SHELLS)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:80b::2004	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	185.187.81.41 185.187.81.41	43332 (IDSTRATEG...) (IDSTRATEGY-AS)
3	35.214.236.176 35.214.236.176	15169 (GOOGLE) (GOOGLE)
2 2	3.124.32.217 3.124.32.217	16509 (AMAZON-02) (AMAZON-02)
2	62.149.1.122 62.149.1.122	15497 (COLOCALL ...) (COLOCALL Internet Data Center ColoCALL)
1 1	137.74.6.209 137.74.6.209	16276 (OVH) (OVH)
2	72.251.249.9 72.251.249.9	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
6	34.149.50.64 34.149.50.64	15169 (GOOGLE) (GOOGLE)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4 7	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2602:803:c004... 2602:803:c004:200::141	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	185.172.90.252 185.172.90.252	49981 (WORLDSTREAM) (WORLDSTREAM)
1	2a02:2638::24 2a02:2638::24	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	3.67.210.236 3.67.210.236	16509 (AMAZON-02) (AMAZON-02)
6 11	185.89.210.46 185.89.210.46	29990 (ASN-APPNEX) (ASN-APPNEX)
1	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
36	52.28.203.152 52.28.203.152	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
2	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	52.17.139.148 52.17.139.148	16509 (AMAZON-02) (AMAZON-02)
17	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:802::2006	15169 (GOOGLE) (GOOGLE)
6	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
3	18.198.85.91 18.198.85.91	16509 (AMAZON-02) (AMAZON-02)
15 36	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
4 8	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
4	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	104.75.89.75 104.75.89.75	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
4 4	88.221.168.166 88.221.168.166	16625 (AKAMAI-AS) (AKAMAI-AS)
3	34.98.67.61 34.98.67.61	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
6 7	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	2a05:d01c:1d8... 2a05:d01c:1d8:8100:3d7c:b3e5:1d0f:44c5	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:214... 2600:9000:214f:be00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
17	2.16.202.8 2.16.202.8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 4	2620:116:800d... 2620:116:800d:21:ef75:8280:f209:5ba1	16509 (AMAZON-02) (AMAZON-02)
3 4	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	3.122.209.252 3.122.209.252	16509 (AMAZON-02) (AMAZON-02)
1	213.202.235.8 213.202.235.8	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
4	2600:1f18:1ac... 2600:1f18:1aca:4282:68fb:6c08:1bca:4f5f	14618 (AMAZON-AES) (AMAZON-AES)
3	3.73.221.153 3.73.221.153	16509 (AMAZON-02) (AMAZON-02)
1	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:1::13 2a02:2638:1::13	() ()
1	162.19.138.82 162.19.138.82	() ()
4	23.79.143.124 23.79.143.124	() ()
1	104.18.133.145 104.18.133.145	() ()
6	2606:4700:10:... 2606:4700:10::ac43:db6	() ()
1	104.18.13.76 104.18.13.76	() ()
1	23.35.236.188 23.35.236.188	() ()
3	88.221.168.201 88.221.168.201	() ()
3 4	35.227.248.159 35.227.248.159	() ()
1	37.157.6.247 37.157.6.247	() ()
6	35.71.131.137 35.71.131.137	() ()
1	2a04:4e42:400... 2a04:4e42:400::300	() ()
2 2	18.202.164.188 18.202.164.188	() ()
1	54.78.254.47 54.78.254.47	() ()
2 2	85.114.159.118 85.114.159.118	() ()
3 4	185.86.137.132 185.86.137.132	() ()
1	3.248.126.7 3.248.126.7	() ()
1 4	168.119.79.223 168.119.79.223	() ()
1 1	96.16.141.156 96.16.141.156	() ()
3	2a02:26f0:350... 2a02:26f0:3500:e::1732:835c	() ()
1	185.255.84.152 185.255.84.152	() ()
1	51.89.9.251 51.89.9.251	() ()
1	3.65.142.183 3.65.142.183	() ()
2 2	52.48.219.191 52.48.219.191	() ()
4 4	18.156.0.31 18.156.0.31	() ()
1	37.157.4.28 37.157.4.28	() ()
3 4	37.157.6.245 37.157.6.245	() ()
2 2	185.29.134.248 185.29.134.248	() ()
7	185.64.189.110 185.64.189.110	() ()
1	178.250.0.163 178.250.0.163	() ()
1	72.251.245.179 72.251.245.179	() ()
2 2	213.19.147.45 213.19.147.45	() ()
2	185.64.190.81 185.64.190.81	() ()
1	34.91.62.186 34.91.62.186	() ()
2	2a05:d018:d29... 2a05:d018:d29:3601:66b:1664:ed6:c452	() ()
1	2a02:fa8:8806... 2a02:fa8:8806:12::1370	() ()
1	66.155.71.150 66.155.71.150	() ()
1	104.18.12.76 104.18.12.76	() ()
460	96

39 136.144.183.196 (Haarlem, Netherlands) 1 redirects

ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL)
PTR: 136-144-183-196.colo.transip.net

buhgalter.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 45.133.44.3 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

cdn.gravitec.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 45.133.44.4 (Philadelphia, United States)

ASN7018 (ATT-INTERNET4, US)

player.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.170.82.90 (Amsterdam, Netherlands)

ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL)
PTR: 95-170-82-90.colo.transip.net

analytics.factor.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.187.81.40 (Kyiv, Ukraine)

ASN43332 (IDSTRATEGY-AS, UA)

s.zmctrack.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:3c01::f03c:91ff:fe79:43b (Fremont, United States)

ASN63949 (LINODE-AP Linode, LLC, US)

jsonip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:e2::ac40:850f (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::20 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

id.gravitec.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a0c:5c81:5142::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)

ghb.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.187.81.41 (Kyiv, Ukraine)

ASN43332 (IDSTRATEGY-AS, UA)

loadercdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.214.236.176 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 176.236.214.35.bc.googleusercontent.com

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.124.32.217 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-32-217.eu-central-1.compute.amazonaws.com

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 62.149.1.122 (Ukraine)

ASN15497 (COLOCALL Internet Data Center ColoCALL, UA)

sync.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 137.74.6.209 (Warsaw, Poland) 1 redirects

ASN16276 (OVH, FR)
PTR: app-ngx-pl-02.adpartner.pro

a4p.adpartner.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.251.249.9 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

b421d36273e048925721661df0521728.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.149.50.64 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 64.50.149.34.bc.googleusercontent.com

s.seedtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.18.19.126 (Shahr, Iran, Islamic Republic Of) 4 redirects

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2602:803:c004:200::141 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.172.90.252 (Naaldwijk, Netherlands) 1 redirects

ASN49981 (WORLDSTREAM, NL)
PTR: ads.us.e-planning.net

pbjs.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::24 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.67.210.236 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-67-210-236.eu-central-1.compute.amazonaws.com

grid.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 185.89.210.46 (Frankfurt am Main, Germany) 6 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 52.28.203.152 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com

c2shb.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.17.139.148 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-139-148.eu-west-1.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:802::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.198.85.91 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-85-91.eu-central-1.compute.amazonaws.com

bs.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 216.58.212.130 (United States) 15 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.80.39.216 (Canada) 4 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.75.89.75 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-89-75.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.174.68 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 88.221.168.166 (Frankfurt am Main, Germany) 4 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-168-166.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.98.67.61 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.64.190.78 (United Kingdom) 6 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d01c:1d8:8100:3d7c:b3e5:1d0f:44c5 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:214f:be00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2.16.202.8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-202-8.deploy.static.akamaitechnologies.com

secure-ds.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:116:800d:21:ef75:8280:f209:5ba1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.138 (Frankfurt am Main, Germany) 3 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.122.209.252 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-209-252.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.202.235.8 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

m.exactag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:1f18:1aca:4282:68fb:6c08:1bca:4f5f (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.73.221.153 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-73-221-153.eu-central-1.compute.amazonaws.com

lm.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::13 (None, )

ASN- ()

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.82 (None, )

ASN- ()

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.79.143.124 (None, )

ASN- ()

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.133.145 (None, )

ASN- ()

cs.seedtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:10::ac43:db6 (None, )

ASN- ()

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.13.76 (None, )

ASN- ()

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.236.188 (None, )

ASN- ()

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 88.221.168.201 (None, )

ASN- ()

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.227.248.159 (None, ) 3 redirects

ASN- ()

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.247 (None, )

ASN- ()

dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.71.131.137 (None, )

ASN- ()

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::300 (None, )

ASN- ()

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.202.164.188 (None, ) 2 redirects

ASN- ()

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.78.254.47 (None, )

ASN- ()

loadeu.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.114.159.118 (None, ) 2 redirects

ASN- ()

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.86.137.132 (None, ) 3 redirects

ASN- ()

sync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.248.126.7 (None, )

ASN- ()

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 168.119.79.223 (None, ) 1 redirects

ASN- ()

sync.richaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 96.16.141.156 (None, ) 1 redirects

ASN- ()

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:3500:e::1732:835c (None, )

ASN- ()

csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.152 (None, )

ASN- ()

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.251 (None, )

ASN- ()

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.65.142.183 (None, )

ASN- ()

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.48.219.191 (None, ) 2 redirects

ASN- ()

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.156.0.31 (None, ) 4 redirects

ASN- ()

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.4.28 (None, )

ASN- ()

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.6.245 (None, ) 3 redirects

ASN- ()

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.29.134.248 (None, ) 2 redirects

ASN- ()

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.64.189.110 (None, )

ASN- ()

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.163 (None, )

ASN- ()

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.251.245.179 (None, )

ASN- ()

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.19.147.45 (None, ) 2 redirects

ASN- ()

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.81 (None, )

ASN- ()

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.91.62.186 (None, )

ASN- ()

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:d29:3601:66b:1664:ed6:c452 (None, )

ASN- ()

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:12::1370 (None, )

ASN- ()

pubmatic-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.155.71.150 (None, )

ASN- ()

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.12.76 (None, )

ASN- ()

cdn.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
60	doubleclick.net 15 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 66 stats.g.doubleclick.net — Cisco Umbrella Rank: 166 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 264 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 367 cm.g.doubleclick.net — Cisco Umbrella Rank: 320	280 KB
50	googlesyndication.com b421d36273e048925721661df0521728.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 167 pagead2.googlesyndication.com — Cisco Umbrella Rank: 131 ade.googlesyndication.com — Cisco Umbrella Rank: 315	288 KB
42	yahoo.com 4 redirects c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 1519 cms.analytics.yahoo.com Failed ups.analytics.yahoo.com pr-bh.ybp.yahoo.com	5 KB
39	buhgalter.com.ua 1 redirects buhgalter.com.ua	647 KB
23	serving-sys.com bs.serving-sys.com — Cisco Umbrella Rank: 1479 secure-ds.serving-sys.com — Cisco Umbrella Rank: 2535 lm.serving-sys.com — Cisco Umbrella Rank: 2639	297 KB
20	pubmatic.com 6 redirects hbopenbid.pubmatic.com — Cisco Umbrella Rank: 724 image6.pubmatic.com — Cisco Umbrella Rank: 922 ads.pubmatic.com image2.pubmatic.com Failed simage2.pubmatic.com image4.pubmatic.com	38 KB
18	rubiconproject.com fastlane.rubiconproject.com — Cisco Umbrella Rank: 681 Failed pixel.rubiconproject.com — Cisco Umbrella Rank: 483 eus.rubiconproject.com secure-assets.rubiconproject.com token.rubiconproject.com Failed pixel-eu.rubiconproject.com Failed	33 KB
15	casalemedia.com 8 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 743 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 819 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 666	12 KB
12	adnxs.com 6 redirects ib.adnxs.com — Cisco Umbrella Rank: 313 acdn.adnxs.com secure.adnxs.com	26 KB
12	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3868 www.google.com — Cisco Umbrella Rank: 17 adservice.google.com — Cisco Umbrella Rank: 134	2 KB
12	adtelligent.com player.adtelligent.com — Cisco Umbrella Rank: 7108 ghb.adtelligent.com — Cisco Umbrella Rank: 6584 sync.adtelligent.com — Cisco Umbrella Rank: 5175	147 KB
11	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 352	344 KB
8	openx.net us-u.openx.net — Cisco Umbrella Rank: 683 rtb.openx.net — Cisco Umbrella Rank: 2255	1 KB
8	adsafeprotected.com pixel.adsafeprotected.com — Cisco Umbrella Rank: 827 static.adsafeprotected.com — Cisco Umbrella Rank: 747 dt.adsafeprotected.com — Cisco Umbrella Rank: 677	97 KB
8	google.co.uk www.google.co.uk — Cisco Umbrella Rank: 2368 adservice.google.co.uk — Cisco Umbrella Rank: 3745	2 KB
7	smartadserver.com 3 redirects sync.smartadserver.com csync.smartadserver.com	20 KB
7	seedtag.com s.seedtag.com — Cisco Umbrella Rank: 7069 cs.seedtag.com	17 KB
6	adsrvr.org match.adsrvr.org	2 KB
6	adform.net 3 redirects dmp.adform.net cm.adform.net c1.adform.net	2 KB
6	zeotap.com spl.zeotap.com mwzeom.zeotap.com	3 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 97	64 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 223	216 KB
5	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	202 KB
5	gravitec.net cdn.gravitec.net — Cisco Umbrella Rank: 23171 id.gravitec.net — Cisco Umbrella Rank: 118488	32 KB
4	richaudience.com 1 redirects sync.richaudience.com	978 B
4	tapad.com 3 redirects pixel.tapad.com	1 KB
4	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 989	2 KB
4	addthis.com 4 redirects e.dlx.addthis.com — Cisco Umbrella Rank: 2645	3 KB
4	teads.tv sync.teads.tv — Cisco Umbrella Rank: 1604	688 B
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	233 B
4	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1510	179 KB
3	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 1394	478 B
3	rlcdn.com 2 redirects id.rlcdn.com — Cisco Umbrella Rank: 899	630 B
3	criteo.com bidder.criteo.com — Cisco Umbrella Rank: 866 gum.criteo.com mug.criteo.com Failed dis.criteo.com	581 B
3	loopme.me csync.loopme.me — Cisco Umbrella Rank: 1264
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 121	189 KB
2	1rx.io 2 redirects sync.1rx.io	1 KB
2	mathtag.com 2 redirects sync.mathtag.com	1 KB
2	360yield.com 2 redirects ad.360yield.com	647 B
2	adition.com 2 redirects dsp.adfarm1.adition.com	1 KB
2	demdex.net 2 redirects dpm.demdex.net	2 KB
2	indexww.com js-sec.indexww.com cdn.indexww.com	2 KB
2	innovid.com ag.innovid.com — Cisco Umbrella Rank: 2229	591 B
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 782	57 KB
2	e-planning.net 1 redirects pbjs.e-planning.net — Cisco Umbrella Rank: 7654	2 KB
2	lijit.com ap.lijit.com — Cisco Umbrella Rank: 872	554 B
2	mfadsrvr.com 2 redirects rtb.mfadsrvr.com — Cisco Umbrella Rank: 1347	1 KB
2	zmctrack.net s.zmctrack.net — Cisco Umbrella Rank: 146981	24 KB
1	sitescout.com pixel-sync.sitescout.com	191 B
1	dotomi.com pubmatic-match.dotomi.com casale-match.dotomi.com Failed	104 B
1	simpli.fi um.simpli.fi	612 B
1	adgrx.com cm.adgrx.com	283 B
1	sharethrough.com match.sharethrough.com
1	onetag-sys.com onetag-sys.com
1	omnitagjs.com visitor.omnitagjs.com	178 B
1	crwdcntrl.net bcp.crwdcntrl.net	266 B
1	exelator.com loadeu.exelator.com loada.exelator.com Failed	324 B
1	taboola.com trc.taboola.com	161 B
1	id5-sync.com id5-sync.com	626 B
1	exactag.com m.exactag.com — Cisco Umbrella Rank: 10378	60 B
1	agkn.com 1 redirects d.agkn.com — Cisco Umbrella Rank: 913 aa.agkn.com Failed	759 B
1	gstatic.com fonts.gstatic.com	16 KB
1	creativecdn.com prebid-eu.creativecdn.com — Cisco Umbrella Rank: 5766	178 B
1	bidswitch.net grid.bidswitch.net — Cisco Umbrella Rank: 1351 x.bidswitch.net Failed	240 B
1	adpartner.pro 1 redirects a4p.adpartner.pro — Cisco Umbrella Rank: 10469	259 B
1	loadercdn.net loadercdn.net — Cisco Umbrella Rank: 456772	169 B
1	jsonip.com jsonip.com — Cisco Umbrella Rank: 31981	451 B
1	factor.ua analytics.factor.ua	242 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 118	1 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 156	17 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 475	12 KB
0	sascdn.com Failed ced-ns.sascdn.com Failed
0	playground.xyz Failed ads.playground.xyz Failed
0	bidtheatre.com Failed match.adsby.bidtheatre.com Failed
0	onaudience.com Failed pixel-eu.onaudience.com Failed
0	iprom.net Failed core.iprom.net Failed
0	truffle.bid Failed matching.truffle.bid Failed
0	tribalfusion.com Failed a.tribalfusion.com Failed
0	stackadapt.com Failed sync.srv.stackadapt.com Failed
0	admedo.com Failed pool.admedo.com Failed
0	zemanta.com Failed b1sync.zemanta.com Failed
0	33across.com Failed ssc-cms.33across.com Failed
0	imrworldwide.com Failed obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com Failed
0	bluekai.com Failed tags.bluekai.com Failed
0	amazon-adsystem.com Failed aax-eu.amazon-adsystem.com Failed s.amazon-adsystem.com Failed
0	widespace.com Failed engine.widespace.com Failed
0	everesttech.net Failed sync-tm.everesttech.net Failed
0	krxd.net Failed beacon.krxd.net Failed usermatch.krxd.net Failed
0	tidaltv.com Failed sync.tidaltv.com Failed
0	fwmrm.net Failed dmp.v.fwmrm.net Failed
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
0	admanmedia.com Failed cs.admanmedia.com Failed
460	92

	Domain	Requested by
39	buhgalter.com.ua	1 redirects buhgalter.com.ua
36	cm.g.doubleclick.net	15 redirects googleads.g.doubleclick.net buhgalter.com.ua b421d36273e048925721661df0521728.safeframe.googlesyndication.com spl.zeotap.com cs.seedtag.com ads.pubmatic.com
36	c2shb.ssp.yahoo.com	player.adtelligent.com
27	pagead2.googlesyndication.com	buhgalter.com.ua b421d36273e048925721661df0521728.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net www.googletagservices.com
17	secure-ds.serving-sys.com	bs.serving-sys.com secure-ds.serving-sys.com b421d36273e048925721661df0521728.safeframe.googlesyndication.com buhgalter.com.ua
17	tpc.googlesyndication.com	buhgalter.com.ua b421d36273e048925721661df0521728.safeframe.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net s0.2mdn.net
11	s0.2mdn.net	buhgalter.com.ua b421d36273e048925721661df0521728.safeframe.googlesyndication.com s0.2mdn.net
10	ib.adnxs.com	5 redirects player.adtelligent.com googleads.g.doubleclick.net spl.zeotap.com acdn.adnxs.com
9	fastlane.rubiconproject.com	player.adtelligent.com
9	www.google.com	buhgalter.com.ua b421d36273e048925721661df0521728.safeframe.googlesyndication.com
9	googleads.g.doubleclick.net	www.googleadservices.com www.googletagmanager.com buhgalter.com.ua b421d36273e048925721661df0521728.safeframe.googlesyndication.com
8	dsum-sec.casalemedia.com	4 redirects googleads.g.doubleclick.net ssum-sec.casalemedia.com
7	image6.pubmatic.com	6 redirects ads.pubmatic.com
6	match.adsrvr.org	spl.zeotap.com cs.seedtag.com ads.pubmatic.com ssum-sec.casalemedia.com buhgalter.com.ua
6	ssum-sec.casalemedia.com	4 redirects js-sec.indexww.com ssum-sec.casalemedia.com
6	googleads4.g.doubleclick.net	buhgalter.com.ua googleads.g.doubleclick.net
6	s.seedtag.com	player.adtelligent.com cs.seedtag.com
6	www.google.co.uk	buhgalter.com.ua
6	ghb.adtelligent.com	player.adtelligent.com
6	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com buhgalter.com.ua
5	mwzeom.zeotap.com	spl.zeotap.com
5	b421d36273e048925721661df0521728.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
5	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net
5	www.googletagservices.com	buhgalter.com.ua b421d36273e048925721661df0521728.safeframe.googlesyndication.com
5	connect.facebook.net	buhgalter.com.ua www.googletagmanager.com connect.facebook.net
4	image2.pubmatic.com	ads.pubmatic.com
4	c1.adform.net	3 redirects ads.pubmatic.com
4	ups.analytics.yahoo.com	4 redirects
4	sync.richaudience.com	1 redirects spl.zeotap.com cs.seedtag.com
4	sync.smartadserver.com	3 redirects cs.seedtag.com
4	pixel.tapad.com	3 redirects spl.zeotap.com
4	eus.rubiconproject.com	player.adtelligent.com cs.seedtag.com eus.rubiconproject.com
4	dt.adsafeprotected.com	b421d36273e048925721661df0521728.safeframe.googlesyndication.com
4	pixel.rubiconproject.com	3 redirects spl.zeotap.com buhgalter.com.ua
4	cms.quantserve.com	1 redirects b421d36273e048925721661df0521728.safeframe.googlesyndication.com
4	rtb.openx.net	b421d36273e048925721661df0521728.safeframe.googlesyndication.com
4	e.dlx.addthis.com	4 redirects
4	sync.teads.tv	googleads.g.doubleclick.net
4	us-u.openx.net	googleads.g.doubleclick.net
4	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
4	www.facebook.com	buhgalter.com.ua
4	use.fontawesome.com	buhgalter.com.ua use.fontawesome.com
4	player.adtelligent.com	buhgalter.com.ua player.adtelligent.com
4	cdn.gravitec.net	buhgalter.com.ua cdn.gravitec.net
3	simage2.pubmatic.com	ads.pubmatic.com
3	csync.smartadserver.com	cs.seedtag.com csync.smartadserver.com
3	ads.pubmatic.com	player.adtelligent.com cs.seedtag.com ads.pubmatic.com
3	lm.serving-sys.com	secure-ds.serving-sys.com buhgalter.com.ua
3	odr.mookie1.com	b421d36273e048925721661df0521728.safeframe.googlesyndication.com spl.zeotap.com
3	id.rlcdn.com	2 redirects b421d36273e048925721661df0521728.safeframe.googlesyndication.com
3	bs.serving-sys.com	b421d36273e048925721661df0521728.safeframe.googlesyndication.com secure-ds.serving-sys.com
3	csync.loopme.me	player.adtelligent.com ads.pubmatic.com
3	www.googletagmanager.com	buhgalter.com.ua www.googletagmanager.com
2	pr-bh.ybp.yahoo.com	ads.pubmatic.com ssum-sec.casalemedia.com
2	image4.pubmatic.com	ads.pubmatic.com
2	sync.1rx.io	2 redirects
2	sync.mathtag.com	2 redirects
2	ad.360yield.com	2 redirects
2	dsp.adfarm1.adition.com	2 redirects
2	dpm.demdex.net	2 redirects
2	static.adsafeprotected.com	pixel.adsafeprotected.com b421d36273e048925721661df0521728.safeframe.googlesyndication.com
2	ag.innovid.com	b421d36273e048925721661df0521728.safeframe.googlesyndication.com
2	pixel.adsafeprotected.com	buhgalter.com.ua b421d36273e048925721661df0521728.safeframe.googlesyndication.com
2	static.criteo.net	player.adtelligent.com static.criteo.net
2	pbjs.e-planning.net	1 redirects buhgalter.com.ua
2	adservice.google.com	securepubads.g.doubleclick.net
2	adservice.google.co.uk	securepubads.g.doubleclick.net
2	ap.lijit.com	buhgalter.com.ua cs.seedtag.com
2	sync.adtelligent.com	player.adtelligent.com buhgalter.com.ua
2	rtb.mfadsrvr.com	2 redirects
2	s.zmctrack.net	buhgalter.com.ua
1	cdn.indexww.com	ssum-sec.casalemedia.com
1	pixel-sync.sitescout.com	ads.pubmatic.com
1	pubmatic-match.dotomi.com	ads.pubmatic.com
1	um.simpli.fi	ads.pubmatic.com
1	cm.adgrx.com	ads.pubmatic.com
1	dis.criteo.com	ads.pubmatic.com
1	cm.adform.net	cs.seedtag.com
1	secure.adnxs.com	1 redirects
1	match.sharethrough.com	cs.seedtag.com
1	onetag-sys.com	cs.seedtag.com
1	visitor.omnitagjs.com	cs.seedtag.com
1	secure-assets.rubiconproject.com	1 redirects
1	bcp.crwdcntrl.net	spl.zeotap.com
1	loadeu.exelator.com	spl.zeotap.com
1	trc.taboola.com	spl.zeotap.com
1	dmp.adform.net	spl.zeotap.com
1	acdn.adnxs.com	player.adtelligent.com
1	js-sec.indexww.com	player.adtelligent.com
1	spl.zeotap.com	player.adtelligent.com
1	cs.seedtag.com	player.adtelligent.com
1	id5-sync.com	player.adtelligent.com
1	gum.criteo.com
1	ade.googlesyndication.com	buhgalter.com.ua
1	m.exactag.com	b421d36273e048925721661df0521728.safeframe.googlesyndication.com
1	d.agkn.com	1 redirects
1	fonts.gstatic.com	fonts.googleapis.com
1	prebid-eu.creativecdn.com	player.adtelligent.com
1	grid.bidswitch.net	player.adtelligent.com
1	bidder.criteo.com	player.adtelligent.com
1	htlb.casalemedia.com	player.adtelligent.com
1	hbopenbid.pubmatic.com	player.adtelligent.com
1	a4p.adpartner.pro	1 redirects
1	loadercdn.net	buhgalter.com.ua
1	region1.analytics.google.com	www.googletagmanager.com
1	id.gravitec.net	cdn.gravitec.net
1	jsonip.com	buhgalter.com.ua
1	analytics.factor.ua	buhgalter.com.ua
1	fonts.googleapis.com	buhgalter.com.ua
1	www.googleadservices.com	buhgalter.com.ua
1	cdn.jsdelivr.net	buhgalter.com.ua
0	pixel-eu.rubiconproject.com Failed	eus.rubiconproject.com
0	token.rubiconproject.com Failed	buhgalter.com.ua
0	ced-ns.sascdn.com Failed	csync.smartadserver.com
0	casale-match.dotomi.com Failed	ssum-sec.casalemedia.com
0	s.amazon-adsystem.com Failed	ssum-sec.casalemedia.com buhgalter.com.ua
0	ads.playground.xyz Failed	ads.pubmatic.com
0	match.adsby.bidtheatre.com Failed	ads.pubmatic.com
0	loada.exelator.com Failed	ads.pubmatic.com
0	pixel-eu.onaudience.com Failed	ads.pubmatic.com
0	core.iprom.net Failed	ads.pubmatic.com
0	matching.truffle.bid Failed	ads.pubmatic.com
0	a.tribalfusion.com Failed	ads.pubmatic.com
0	sync.srv.stackadapt.com Failed	ads.pubmatic.com ssum-sec.casalemedia.com
0	pool.admedo.com Failed	cs.seedtag.com
0	b1sync.zemanta.com Failed	cs.seedtag.com ssum-sec.casalemedia.com
0	ssc-cms.33across.com Failed	cs.seedtag.com
0	obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com Failed	spl.zeotap.com
0	tags.bluekai.com Failed	spl.zeotap.com
0	aax-eu.amazon-adsystem.com Failed	spl.zeotap.com ads.pubmatic.com buhgalter.com.ua
0	usermatch.krxd.net Failed	spl.zeotap.com
0	engine.widespace.com Failed	spl.zeotap.com
0	sync-tm.everesttech.net Failed	spl.zeotap.com ads.pubmatic.com
0	beacon.krxd.net Failed	spl.zeotap.com
0	aa.agkn.com Failed	spl.zeotap.com
0	cms.analytics.yahoo.com Failed	spl.zeotap.com
0	sync.tidaltv.com Failed	spl.zeotap.com
0	dmp.v.fwmrm.net Failed	spl.zeotap.com
0	x.bidswitch.net Failed	buhgalter.com.ua spl.zeotap.com ads.pubmatic.com
0	mug.criteo.com Failed	buhgalter.com.ua
0	googlecm.hit.gemius.pl Failed	b421d36273e048925721661df0521728.safeframe.googlesyndication.com
0	cs.admanmedia.com Failed	player.adtelligent.com
460	142

This site contains links to these domains. Also see Links.

Domain
i.factor.ua
factor.academy
buhgalter911.com
reklama.factor.ua
bit.ly
fit.com.ua
www.youtube.com

Subject Issuer	Validity	Valid
buhgalter.com.ua Sectigo RSA Domain Validation Secure Server CA	`2022-10-31` - `2023-10-31`	a year	crt.sh
*.gravitec.net AlphaSSL CA - SHA256 - G2	`2022-03-22` - `2023-04-23`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-02` - `2023-06-01`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
player.adtelligent.com R3	`2022-09-18` - `2022-12-17`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-08-16` - `2022-11-14`	3 months	crt.sh
*.factor.ua Sectigo RSA Domain Validation Secure Server CA	`2021-12-28` - `2022-12-28`	a year	crt.sh
s.zmctrack.net Sectigo RSA Domain Validation Secure Server CA	`2022-04-20` - `2023-04-25`	a year	crt.sh
jsonip.com R3	`2022-09-13` - `2022-12-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
ghb.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2022-10-04` - `2023-01-02`	3 months	crt.sh
www.google.co.uk GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
loadercdn.net R3	`2022-10-12` - `2023-01-10`	3 months	crt.sh
loopme.com R3	`2022-09-26` - `2022-12-25`	3 months	crt.sh
sync.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2022-09-26` - `2022-12-25`	3 months	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2022-06-27` - `2023-06-05`	a year	crt.sh
*.google.co.uk GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.seedtag.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-28` - `2023-04-28`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-31` - `2023-01-26`	3 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2022-04-05` - `2023-05-04`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-17` - `2023-04-12`	a year	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-08-02` - `2023-01-25`	6 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-01` - `2022-11-30`	3 months	crt.sh
fw.adsafeprotected.com Amazon	`2022-04-28` - `2023-05-27`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
bs.serving-sys.com Amazon	`2022-04-10` - `2023-05-09`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
teads.tv R3	`2022-10-27` - `2023-01-25`	3 months	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-24` - `2023-03-27`	a year	crt.sh
*.innovid.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-15` - `2023-04-15`	a year	crt.sh
static.adsafeprotected.com Amazon	`2022-08-06` - `2023-09-04`	a year	crt.sh
secure-ds.serving-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-05` - `2023-03-08`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.exactag.com Sectigo ECC Domain Validation Secure Server CA	`2022-08-19` - `2023-09-15`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
dt.adsafeprotected.com Amazon	`2022-04-10` - `2023-05-08`	a year	crt.sh
lm.serving-sys.com Amazon	`2022-02-15` - `2023-03-16`	a year	crt.sh
*.id5-sync.com R3	`2022-08-18` - `2022-11-16`	3 months	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2021-12-10` - `2022-12-09`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
*.exelator.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-08` - `2023-06-10`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2022-05-01` - `2023-06-02`	a year	crt.sh
*.richaudience.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-11` - `2023-03-10`	a year	crt.sh
*.smartadserver.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-08` - `2023-08-09`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-21` - `2023-07-21`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-10` - `2023-01-03`	a year	crt.sh
*.sharethrough.com Amazon	`2022-07-14` - `2023-08-12`	a year	crt.sh
*.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-05-18` - `2023-06-16`	a year	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-01` - `2023-03-28`	a year	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2021-10-27` - `2022-11-27`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-06-14` - `2022-12-07`	6 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
*.sitescout.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-15` - `2023-01-15`	a year	crt.sh

This page contains 65 frames:

Primary Page: https://buhgalter.com.ua/
Frame ID: BECCDC5B2A0AA5946E5D2997EE4C962F
Requests: 252 HTTP requests in this frame

Frame: https://s.zmctrack.net/z
Frame ID: 63BBAF66ACDA3AE088F201571536313C
Requests: 1 HTTP requests in this frame

Frame: https://id.gravitec.net/
Frame ID: 281CE9686319E39BE8A97C264674B0FA
Requests: 1 HTTP requests in this frame

Frame: https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D%26pubid%3D11378
Frame ID: EF7D65FC6D2B2678D53EED13D535A98F
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=736011&extuid=4bc5d70f-ba3d-4e84-970e-c8d441e962d4
Frame ID: DAF9711942D018CA0364AD2B5D072327
Requests: 1 HTTP requests in this frame

Frame: https://cs.admanmedia.com/981e2a0ec1c40493e59b139b8db4f728.gif?puid=[UID]&redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D737612%26extuid%3D%5BUID%5D
Frame ID: 1D4C3032E2F6186BEADC3678228781D5
Requests: 1 HTTP requests in this frame

Frame: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Frame ID: 2FF395B5779C29A15441EB697205E4C9
Requests: 1 HTTP requests in this frame

Frame: https://s.zmctrack.net/z
Frame ID: 65579E03FC8A5BFBD542EDF776E352B7
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 72A7110449097625289BD6DAA68862FB
Requests: 1 HTTP requests in this frame

Frame: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Frame ID: A11D73F91B3F81A5F9C3D3C289E04A8F
Requests: 22 HTTP requests in this frame

Frame: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Frame ID: 6B1488BF71DAEFB3F3F0F79FE9DAFA1E
Requests: 14 HTTP requests in this frame

Frame: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Frame ID: B648F9B9D5CFBDC9CCEEDDEEFB367F3E
Requests: 1 HTTP requests in this frame

Frame: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Frame ID: 6048DF109C573A62C83A04BA2E486B8B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQmYSshgMY--WavQEwAQ&v=APEucNUvyGYZxrkQMkijp0ZU6lqRbJKFP6NwCNYZkX9hnCmT1jU_vIjE5_uQfkp_TxLiIfh5ojg2J_rdgQpFM8BDUCBD8EzAachzD_E4VAMkaCIB8qlrANqGn0fpwodRfzuEKlA_kopurqwtnnMOhvlr9fqnLA0R24OPqLRswcCnHpTP-Tj-XWw
Frame ID: F3591BA539FEBCA6402370BFBED266A2
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DlTO3a7MK1FbWR5KUbOXfE9oQl0nwaeVA-WoGcWX7ggNh0_jqMtQ18Gqx_Ru3wGUp7C3Vq18pTgUo-tg9T0i61W5a-xyNddK0ZL8PhAKxjhh6TH1VBpFpX9YX7o61B7XjwN2hBOkTM23DGFMzmfEEmHADmuVsDhvjqDBTxY2YI0lg5irc&dbm_d=AKAmf-AHm7AEMb4Vv0ZengD8zmY8_ElbjmCAfcg4b0RfXJoAfvBuFxzJu1nV_7rM0FaOAwAQ_S0SIUnytLFbtLt75FvlQE3W98aRyNmKhqLmlytxc90CY7hkZiUbOpgV-OagX59lAtwro8x-dUt08giRnZWMYJbiuQYZ7Mh0goLWhVB6a8cVMuYsREcyYOdN5bRYNewxnwCqZH6xfAK30PjG2QCO1eytfTshsxBHjh3p28v-6wE5h6E7A2l0eXZe6SAcVGgyg4bSKuoaR05jelIokYM9uCuoMjdhWvIh-Ti2QDHFB9Y6R6bK77ULjoTKkTXKp4R_8nMHSsHAz9AwF6IIzN-PcN2FqZhVjaS_SdflymWekMBHo3YMBUAvABOUgARVWQhIA-90OV70w-TFElIqDVZxHTVfkNuPlmRup1Ztbn6caQnqcUtBBOS6MXwosmptgIskL8juGjv2yGPhEb7U92D9KUXboY1q1hyBoy_6TD6pSyU8ZvFSVSuQ5PTv1tWb3jQRkGcZNGwQieplEmq1HNlrpJIVHiBpt8Tm9iHIUUE6I-T1H_jTqRwc8tMZvqtxgF14FCVJjOw3FK3N6eCrId08vUD-LKrIHac1_BOStBhdbTGEHhr2M8RZjJXJ3vHXfW__klz_zswI9OtnPDG4O2PQIEq1oUXmn4oDwLHPLjvhTC0XDhO1jAEm_DbHzdeY267djiR8g35wzjnmqsEznKlrtzOSD4vYuX7Pjz81e75PmapAHFCiPcnAhZcmTWrDd72UPgRQ0g-kZ4-GqcD1OeF6uPSkerehJng0tjruYe6avkH1kBI99Aelsr0EhXfMV_-krV4hdeyn0cfACD2pudR6oVo0W2VILOKILZ0oE9TljsaVwgnxq5MSt8Jll4TYIpi4Vbop-uW2LOCWDTK8kRtIN0-fjnshfhsXgB1euhVuxjmLfhY1eoWHxL19MAORJ_pkrGL_Lez3rMsoD7Tho64KDB5m5vfXhJntnTuo36-zGlWDbMUyOOjRGJQSOOXZLsQ8gCIi4RIhQqoZCNWfUBPVvfBtx4aaqGL7lefi93KwvimbBN9xX5k7QJdDt5dsAwTjFKvNoGbdOOytNBP5q8DjI2iKUpJcVC57dRJ3QusU2z_KEyiFYJHLiar6Lp1t8D9m6fhPQhO6dwFHTMDwNneKYrMeKAlbp8yPe52rmBRHEEg4Obs7EYvFBnzf7epHOxYwWiloYX1epyPMsy4Pf73UkUsq8mm1omc5wb-AUpsOw8IjsYxd_5i3FWIy6rf4rKc3XjRnNY0TuQeMusHyeFciqNvN0UVM-YIuvLIasyhwN1UuxASaIm6BNgmMvxJj_8RE_l1ePY9vKaZayPtpHIC0AdtJ415I1y4xAfGZ4TDfWVbEiJVRAiPdq18beNL4H5glqyKaGuQ0T7NdOpTFzC5t6QtxemlisOQycrDct6dz1kyiGZ5531Dl2uX-WZgSy7uDpUeA0_aa4I5w2J67pWRGTUyVhr9H-FoWMTx6zvChIuKUYBjm1C7Z1ieAkMNmTFJ83vMk03yjmYBFoEyF88QT0xeUz5csradk14-iZbEqBYSEGRXOqAvaKOfMSDTChkjtuz8NIpMQ7ex6Owq-6UeRtnK8S0Uz5uoOt9bQfkVlv48-9kNVpAD6XgZ90iQl8haS5bY-lvxpm7PJ9evmJyWdfRKMSAje5zb_F21W2uQkbkVctEmKMZ-AqpVLBuKGImGFxI3iZ3th0PZNhDNqh2CMvY8EkPmhWD9qCMb6fgNBWF5_ZpPQUps9Ln1ss0Y3ltdhFu1xFyFk6f1ZAf--dYn7tbr0sd5Nkmf2zG2sMXHqZFPMnUflL4CAKOftokHh6XYP62Mpdxg0PhBrIRwK2vTmOApGRi_6sPxB_RTMkUn2nuz_W5Bj51H-51fE-lnU8b6bNGKNCRhtr0vl-jPR5aCil3vNRCVoL4svUgMg91c6OsK6hf0Q0whdNqPPZL_Ry1JVpqjV4r2Bh5COOSBL0Ycf0IvLJSMQrEJ4HTPIJ-El7Ayp1YZPo4KuHsVoNcJJA0o8UYTnZcJi2y4o1ScSzHhO7GEePQVrpfMdBVq9cCdFikZnO-0HVXBl-dtxxiXIgAXeKup5WVKpAdDQjUKRfZ2PP0fBdavfeir3W3W8M0gR6ncydDSvN6wFrguTHdcSWAXONNQXNNWpUII_ItLocxYleFcE30mmtIfP6Red7WQURvS8rj1ez_OVnB0KNHhLm1zKvShcQ6eh2-eeS3949snlkeh4xoOTvd-y3diOybXXATlf86hNugzZHboUGdPYkin6TijDDjD69Hjagb4Kg0ZH_NokQcXNToY1F49JZ6C4aOb0hME4G3X4MG4I7st6wfQK87ZHMI3Yzy_1S6SXEF2GJimw1Zmzl0qXjo7cjg3chzLNC2zVN89EqcyAsLS2_MjAxMOKyLBjmcC06EfjUBUs38unXgdNYxeUztj7CjmL_c3xegZIcvvjx3hKNeKOL78KPTUli5kAKBh6oNCZCx6k5ZrynaSeK9TVBxjj8Dj7OyT4DOI52jkRc6VVj1ieBPCzlJ-Mm0sBDnYVObXlE_ltXSASiC9tgBAAWpNAZlI9hb60jUNUH1F0eQ3Q6GN1GbOe7aUbftFmw_DWFP447JyE3kIBmJqDNwBgRK-MRF7IQ6nRh3NQK_aXaik5qdVipzBAA9p4oIB2qouK97GahQWmtvE1LzzE1wNUKgejw4vPOSEbf6jqfV7G4BH4yvPUfjE70usVY-FjUIZ_6jCADjaBi6PZF7Zi5LWH0ryMUQNWUDvhhtznPz7Ay2LmbwvPXlpDrladNARlL23IpsPGy5pwt041TIWFYa9k6vvGjK5URE1gp5UrNq0e6PRiIJei0--EU7MxxWpmRlNaBQ4vQjV2pbRXhHox8mq006gLFvg9KKSSxB3_UJCjiyU6V22ung7fw1KCGuVEk00uZQsBAPXZU3nN0PiV0ednyvVN25pk2mokSTiOuICr32FTBbb7rUZN7fWNm9cO2fKNvxURQgv2P0dl-a9h3hfMjf1zhVXZBW0nBBpBy4CZ_Fu7ZqYzpGmdfgfXN10lrBzXlDLItfZ_7Ij9zO0hF2EUc63LVLfdMN8Jeo7VSqpLoa4qv-KzReqvvH3d9maM3Px7ktgpZFR_uUkoXIv_2G9KGSqGOuBRYfKfND6a0mXV9LRkTd7IpeS8KbI1KzpKu0FDTnPxKF9PE-kTDgPaWtKy4Ylk8K9wFIPpK1LEfiwd6A7NyRvhA6ncrhb7anh0g_ZK7ETSKDhO2nYVYM2SLMpsOBnmLjg8CbM1fzA85cxqFuZ2_1ct62CdwevI2wEGyqhSZLkKwz757b3to2Sqkd9Eb4aLT16USgs9p1Q4b8CJQJLAVXU07PKII8_-qRnPK6QMGj-qhVHsxspR0bIs4D21TEQncwpvkyqH5CTyG2LAwE9QB8_SM2u2dZJRUvZoMIYUqfxmXHH072_PnWiZ78sKYmtA8m7LuB2yx4eEJh9rFP0OWhrAVg0ES3E0F3xnGKFEv0sTxsTg9v0u4cDVa4NelhkbUviKGO1ztT2s_B6Aov2aoQ6E6Gu_MpWaiS8Z0dVaDWIdFe2pr2wH0JmMOI79ZzxNi6NcdhaDvdREGFTIz7Y-qprY93qpJyBZDvkqQvvFwDDkJh4uP7KON0czqFz_Tp0Jp3IMvaGIVlAb6Mz0l2SAqr1-mN6TCRcWjrJCS5m-7nglAil-1i_E_gc4kxk-pz0NRm8RLeWpGER62AzP0vmyhnEB5NytjVdxEOXnkCKReB7sysO0_s0DxKrTN8Wr9dh72TnyFDsW8tg&cid=CAQSPADq26N9P-iQ2CR10tcO4Qn2VNG2t4heQ71sKGjZCqYF6xBXPvpxy9g03YzMsAA3ScVgYC53s_rcJ-aTZRgBIA4&rfl=2%2Chttps%253A%252F%252Fbuhgalter.com.ua%252F%240
Frame ID: 8CE18032FFB81948D2ED0F6F1C8C8504
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHJsb0CEPztzbYDGLGk8dcBMAE&v=APEucNX99tYksgMGcS_BO7rjni9XIfdaX97ce0-5aOqPdqPNXxAKK-fHMO8I69phty_aLsGqTd-zPqNH_f_jv-zc4sxLIdUUi1MzlzWtF_CnZBUmoxmjjwS8VpzGq_2FuI75HojKxlag_TkJD0qMmw_lm7S3bUpySuikhmvAJjKjLtZHglrqHeQ
Frame ID: 2CDB09395B42A9E360320DE1854223FB
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20221101/r20110914/abg_lite_fy2021.js
Frame ID: 5F1E150C69DAC8CC91F08DD77A08D91C
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIaBahCjyH4Y-ojj1wEwAQ&v=APEucNXKOgQrHqJzjCC1HcfFt5qpA5PnP1bbIB3iRbt46E3IKeZZSsqBqqw7rwxfHtkGI3k2C27yS8xy_qr3osQWJk487W5zgB3xJ0dk2TNtFR5bCENFfNMSJHgVdnZfunFIVzu_nuG0W60BMhl-6wYm1sHtEwV9iqoPM704Dj1sa7nKPNqO_DQ
Frame ID: F1FF746455CA5EE6C75866D6D2438542
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3Y4tMCEIis7NsCGL6xhMYBMAE&v=APEucNXAdF8vcp9ioi7CVRiU9BYWs101lfU8XYSaeroZ8m3gVU8wABpwajg-IdJm2aAqTytdVTDaze-tLxeKO_Yql6hVZfsU9kkQn3oBK-qGr4wt2syjEgqDrEz75BHi7Vy6YUUbHhJiPr4ajp7-rSG-hD_pLot4uuLzf_E70sHoMlKd0k8U-lA
Frame ID: 9561D8AD3C1C2F504EA0C1D2D994A75B
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: FF3BB3ED87165557D21BC9F226184A0F
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 45DE6C732C4C414257D10CB6D76E1FFF
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 85F002860580F5E6E24D5D12DFBDAE5F
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8F9ECE0D3240D762A065AC813170DD6C
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 112B07CBE3896E15A39AE1E5C1066987
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 38EAA885F0202EA26BA21C0421191385
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 14D98E220706FBB173436BADF71F647B
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: F93810BB85E231B3A4F73551070F3DAA
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/10309684648181567772/index.html?e=69&leftOffset=0&topOffset=0&c=RIv4wR5awE&t=1&renderingType=2&ev=01_247
Frame ID: 2F87BFEF3AA01BE385E907B322B856E0
Requests: 12 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 081B4332F57A47DFA03F12C3E1DABA00
Requests: 1 HTTP requests in this frame

Frame: https://secure-ds.serving-sys.com/resources/PROD/html5/119359/20220323/1076467707/69656689895315216/728x90.html?v=_2_156_1_0&n=1&sHost=secure-ds.serving-sys.com
Frame ID: B65DB129365228DD91F1628B682E8839
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js
Frame ID: 37DD96DF8F272A0EA26E16D6DD60A2D7
Requests: 1 HTTP requests in this frame

Frame: https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D%26pubid%3D11378
Frame ID: 80D882A7F3500AA9CB626AE05054F71D
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=0
Frame ID: ED6D0472E5E45570544B62721E296916
Requests: 10 HTTP requests in this frame

Frame: https://cs.seedtag.com/cs.html?pt=9741-9206-01&pc=PL&cmp=true
Frame ID: F14D7A425C720E4E41B37992CC0C6E9A
Requests: 15 HTTP requests in this frame

Frame: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Frame ID: 6750D2CB58C56E7EE28B9E71B7187551
Requests: 30 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 6601B1653D5E483AD32D226F9E738981
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: C24B7B6E7E0DD35BE65B4FCB5A5A2FBF
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Frame ID: 28CB0A121B4A8DA2BD5A64DDC3513167
Requests: 18 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fbuhgalter.com.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: EF76175DED365E8918D3B433D7E70918
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu
Frame ID: A11D61B9FD6B6B89992D4E30E663D54C
Requests: 3 HTTP requests in this frame

Frame: https://csync.smartadserver.com/rtb/csync/CookieSync.html?nwid=3050&dcid=3
Frame ID: CC4BF443A7225C2C7063DFD7B3CF0D22
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Frame ID: E7084A61F04256A3F6B43FCC7ADE622C
Requests: 1 HTTP requests in this frame

Frame: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1667782525472&pubconsent=&euconsent=&hasConsent=1
Frame ID: CF87F8375CF5A5F85520E8E374EB5F84
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X
Frame ID: CAD000EAD09FF87D23BA1E355ACE625E
Requests: 1 HTTP requests in this frame

Frame: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Frame ID: 9B3B7C2832FE8435773785D2CD3154E2
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=75601b04186d260
Frame ID: C9F7846A24A3AFA119A2DB48DB422C1F
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/universal/v1?supply_id=2TwkgUpM&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: BF6AA159DFFC6A52ACDC80AD504EE1FB
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=144B8434-3FC8-4550-920F-6FACB83B3751&gdpr=0&gdpr_consent=
Frame ID: 6A0352538AC9B3D13478B93B027D6C19
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7185896234098286157
Frame ID: 0BA3EACFF974A830A9DBA73A26A80162
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:82846368-577d-4100-b174-c8d18d5a97ce&gdpr=0&gdpr_consent=
Frame ID: 0DE1809171FC6E4683E0D2C6B2599B83
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 8550F167BED4F56C15532ECB9BB52171
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=144B8434-3FC8-4550-920F-6FACB83B3751&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: 65CF3C46246BDF936E9D21A38A9C18F4
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=545822583133375418&gdpr=0&gdpr_consent=
Frame ID: 268198563FBB398F11558360302E5477
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=mBIaYJsWGzqDGR89mEcBOZYUSWiDEh9rn0ChYKJT
Frame ID: BC7F6A8B2B4804D6399E512DB850081E
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7163071401727752347&gdpr=0&gdpr_consent=
Frame ID: 1DC9C618A2E4B70AAC9751ACE9674785
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCdkNVN0cwSzhBQUNGU0J0V0U5QQ&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Frame ID: 1AF04DC6F6C79D49182961F97CCFACB9
Requests: 1 HTTP requests in this frame

Frame: https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
Frame ID: 304DA0A142B134021C32FF94D4AB2BE9
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=Y2hXfQAGGcAxNQAr
Frame ID: 2E6401DF871D068B45037BA297E20855
Requests: 1 HTTP requests in this frame

Frame: https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}&gdpr=0&gdpr_consent=
Frame ID: A2E8462A93482808BE174EADDAE7FA33
Requests: 1 HTTP requests in this frame

Frame: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 50C78F3787C1FE1BEC6B5C1752AD3832
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: 9FD0E29898866F84A97DB7430DDE5BF6
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 884FEF9C82313C90ED9C81A2670C9BB6
Requests: 1 HTTP requests in this frame

Frame: https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid
Frame ID: 18F0BC2E19FB496790C42D1B34BE448B
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 976A04D610736CCEE820019EC851C88E
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6709912834
Frame ID: 83382356070534190C3A0CD55EC9F271
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Сайт для бухгалтерів бюджетних установ

Page URL History Show full URLs

http://buhgalter.com.ua/ HTTP 301
https://buhgalter.com.ua/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Sizmek (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

serving-sys\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

460
Requests

78 %
HTTPS

34 %
IPv6

92
Domains

142
Subdomains

96
IPs

11
Countries

3280 kB
Transfer

9095 kB
Size

65
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://i.factor.ua/?utm_source=all-sites&utm_medium=top-menu&utm_campaign=from-top-menu
Title: Factor Електронні версії бухгалтерських журналів

Search URL Search Domain Scan URL

URL: https://factor.academy/?utm_source=all-sites&utm_medium=top-menu&utm_campaign=from-top-menu
Title: FactorAcademy Онлайн курси, вебінари для бухгалтера

Search URL Search Domain Scan URL

URL: https://buhgalter911.com/?utm_source=all-sites&utm_medium=top-menu&utm_campaign=from-top-menu
Title: Бухгалтер 911 Бухгалтерський облік, оподаткування, звітність

Search URL Search Domain Scan URL

URL: https://reklama.factor.ua/?utm_source=all-sites&utm_medium=top-menu&utm_campaign=from-top-menu
Title: РЕКЛАМОДАВЦЯМ

Search URL Search Domain Scan URL

URL: https://bit.ly/2Xc9ih4
Title: Відео

Search URL Search Domain Scan URL

URL: https://fit.com.ua/?utm_source=buhgalter.com.ua&utm_medium=top-menu&utm_campaign=fit-budget-2
Title: FIT-Бюджет

Search URL Search Domain Scan URL

URL: https://i.factor.ua/ukr/complect/premium/?utm_source=buhgalter.com.ua&utm_medium=left-button&utm_campaign=pro-2022
Title: PRO-доступ

Search URL Search Domain Scan URL

URL: https://bit.ly/2TJ43qe
Title: Архів чату

Search URL Search Domain Scan URL

URL: https://fit.com.ua/?utm_source=buhgalter.com.ua&utm_medium=footer-menu&utm_campaign=fit-budget-2
Title: FIT-Бюджет

Search URL Search Domain Scan URL

URL: https://i.factor.ua/complect/premium/
Title: PRO-доступ

Search URL Search Domain Scan URL

URL: https://bit.ly/3eOTfff

Search URL Search Domain Scan URL

URL: https://bit.ly/2XonSCj

Search URL Search Domain Scan URL

URL: https://bit.ly/2XoPSWH

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCmwRxt86epRSvAdM_Crlp3Q

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://buhgalter.com.ua/ HTTP 301
https://buhgalter.com.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 97

https://rtb.mfadsrvr.com/sync?ssp=adtelligent&ssp_user_id={} HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=adtelligent&ssp_user_id={} HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=736011&extuid=4bc5d70f-ba3d-4e84-970e-c8d441e962d4

Request Chain 99

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=53d07f38-a9f9-463a-96b4-ccde080678f4

Request Chain 127

https://pbjs.e-planning.net/pbjs/1/2e43c/1/buhgalter.com.ua/ROS?rnd=0.519101693750263&e=728x90_0%3A728x90%2C970x90%2C1x1%2B468x60_0%3A468x60%2C610x90%2C620x90%2B160x600_0%3A160x600%2C250x600%2C250x500%2C250x250%2C240x400%2C240x500%2C250x400%2B160x600_1%3A160x600%2C250x600%2C250x500%2C250x250%2C240x400%2C240x500%2C250x400%2B970x90_0%3A970x90%2C1420x90%2C1420x180&ur=https%3A%2F%2Fbuhgalter.com.ua%2F&pbv=6.25.1-c&ncb=1&vs=FFFFF&crs=UTF-8&fr=https%3A%2F%2Fbuhgalter.com.ua%2F&gdpr=0&e_pubcid=88f13056-c0f6-45ac-bc15-03baf473f259 HTTP 302
https://pbjs.e-planning.net/hb/1/2e43c/1/buhgalter.com.ua/ROS?ct=1&r=pbjs&rnd=0.519101693750263&e=728x90_0%3A728x90%2C970x90%2C1x1%2B468x60_0%3A468x60%2C610x90%2C620x90%2B160x600_0%3A160x600%2C250x600%2C250x500%2C250x250%2C240x400%2C240x500%2C250x400%2B160x600_1%3A160x600%2C250x600%2C250x500%2C250x250%2C240x400%2C240x500%2C250x400%2B970x90_0%3A970x90%2C1420x90%2C1420x180&ur=https%3A%2F%2Fbuhgalter.com.ua%2F&pbv=6.25.1-c&ncb=1&vs=FFFFF&crs=UTF-8&fr=https%3A%2F%2Fbuhgalter.com.ua%2F&gdpr=0&e_pubcid=88f13056-c0f6-45ac-bc15-03baf473f259

Request Chain 294

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIBjxMpJfdeXtO7k-hJo8VY&google_cver=1

Request Chain 295

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y2hXe2RZyFwZ9VomfUGXEgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIBjxMpJfdeXtO7k-hJo8VY&google_cver=1

Request Chain 296

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEAuYradHN0A4y3duD50Yk1g&google_cver=1

Request Chain 297

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzk0MDAzMzMyNDAwMDkzNzA4MA%3D%3D

Request Chain 298

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIBjxMpJfdeXtO7k-hJo8VY&google_cver=1

Request Chain 299

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y2hXe2RZyFwZ9VomfUGXEgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIBjxMpJfdeXtO7k-hJo8VY&google_cver=1

Request Chain 300

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEAuYradHN0A4y3duD50Yk1g&google_cver=1

Request Chain 301

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTQ1ODIyNTgzMTMzMzc1NDE4

Request Chain 302

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKjr1L3yX3QfqzWHsT8JPyc&google_cver=1

Request Chain 304

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEKHBoRmJNz-M7AXC0m3QoGE&google_cver=1

Request Chain 306

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKjr1L3yX3QfqzWHsT8JPyc&google_cver=1

Request Chain 308

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEKHBoRmJNz-M7AXC0m3QoGE&google_cver=1

Request Chain 321

https://id.rlcdn.com/466606.gif?cparams=google_push%3DASkJ3Fbgw4_g9rc5S9GbZvMhTwuCAXGFn4u5YpHCK9yHO2cxV_Ot1LFc5oliM5z5g2YZtRNBRgOvgW8a5e1-GrK0cz3fSj6ACw&google_gid=CAESEIQNHaoo4_Mozt9Yp7BKqIs&google_cver=1 HTTP 307
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCPuuoZsGEgUI6AcQAEIASm5nb29nbGVfcHVzaD1BU2tKM0ZiZ3c0X2c5cmM1UzlHYlp2TWhUd3VDQVhHRm40dTVZcEhDSzl5SE8yY3hWX090MUxGYzVvbGlNNXo1ZzJZWnRSTkJSZ092Z1c4YTVlMS1HckswY3ozZlNqNkFDdw HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwUEJqTXBRWUE0YjNTTXBDRTBhdDRJVlVHOEduWGJDbzgzVW0wMS1JVFl3OA==&google_push

Request Chain 322

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DASkJ3FZ6RtuR_biYtchnYXackkyDVUENbBRPTytoCGBLJAbf5xRPBd83BFOivUUvRSTfVjc6RNj345Mb2PnW8ewk2JhqXoyV6g&google_gid=CAESEDFwwQJyueKh5SpDZYo5rU8&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DASkJ3FZ6RtuR_biYtchnYXackkyDVUENbBRPTytoCGBLJAbf5xRPBd83BFOivUUvRSTfVjc6RNj345Mb2PnW8ewk2JhqXoyV6g&google_gid=CAESEDFwwQJyueKh5SpDZYo5rU8&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjExMDcwMDU1MjQwMDAyNzY1Mjk1NDk1OA%3D%3D&google_push=ASkJ3FZ6RtuR_biYtchnYXackkyDVUENbBRPTytoCGBLJAbf5xRPBd83BFOivUUvRSTfVjc6RNj345Mb2PnW8ewk2JhqXoyV6g

Request Chain 325

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEE2EcrBPh_ekNjGWOTPmxjM&google_cver=1&google_push=ASkJ3FbL9EzZiKKJl2fzoLYqimhl43vlBB_VUmM_V0JuJFkVhG0loYWdObyl8tkpzAxj7XJyaNm10I39wqfmMN906Q9_pS_5Mg0 HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEE2EcrBPh_ekNjGWOTPmxjM&google_cver=1&google_push=ASkJ3FbL9EzZiKKJl2fzoLYqimhl43vlBB_VUmM_V0JuJFkVhG0loYWdObyl8tkpzAxj7XJyaNm10I39wqfmMN906Q9_pS_5Mg0&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=FEuEND_IRVCSD2-suDs3UQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FbL9EzZiKKJl2fzoLYqimhl43vlBB_VUmM_V0JuJFkVhG0loYWdObyl8tkpzAxj7XJyaNm10I39wqfmMN906Q9_pS_5Mg0

Request Chain 345

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DASkJ3FaAPebrEt0zoVYeOu-efJHVo39nHx1KoFGR4YZqtePfw4QyXfHK7MTk2O30GjXB1uhe7msdmyh4HGof9cHbRTOdiHYngyXY&google_gid=CAESEDFwwQJyueKh5SpDZYo5rU8&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DASkJ3FaAPebrEt0zoVYeOu-efJHVo39nHx1KoFGR4YZqtePfw4QyXfHK7MTk2O30GjXB1uhe7msdmyh4HGof9cHbRTOdiHYngyXY&google_gid=CAESEDFwwQJyueKh5SpDZYo5rU8&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjExMDcwMDU1MjQwMDA2Nzk1ODA0NjUwNw%3D%3D&google_push=ASkJ3FaAPebrEt0zoVYeOu-efJHVo39nHx1KoFGR4YZqtePfw4QyXfHK7MTk2O30GjXB1uhe7msdmyh4HGof9cHbRTOdiHYngyXY

Request Chain 347

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEE2EcrBPh_ekNjGWOTPmxjM&google_cver=1&google_push=ASkJ3FbyI0GQprmwa3zLcmPmKrvGM3MLFkEJBQ07noyfVjs8dhjZksH-cHnIfpUevGU0piE-e7Bye4McSHqjcL3gMbIwUVearLJx HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=FEuEND_IRVCSD2-suDs3UQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FbyI0GQprmwa3zLcmPmKrvGM3MLFkEJBQ07noyfVjs8dhjZksH-cHnIfpUevGU0piE-e7Bye4McSHqjcL3gMbIwUVearLJx

Request Chain 348

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHfnWbtmdkDTFLLunvymKJ8&google_cver=1&google_push=ASkJ3FbxzqHK5jx7pqhwDO1CfgBXKJcpNwwzkHBLPdZwpDAjhw2w1mPshOKD0TGklDJ4DnwgV9HAGb4UJAEs3FGZbrBFaks_G54f HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEE2Mk5ITzMtMjQtSU9MMQ==&google_push=ASkJ3FbxzqHK5jx7pqhwDO1CfgBXKJcpNwwzkHBLPdZwpDAjhw2w1mPshOKD0TGklDJ4DnwgV9HAGb4UJAEs3FGZbrBFaks_G54f

Request Chain 349

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJKhbptg22yXE7Z-S3RJGN8&google_cver=1&google_push=ASkJ3FanhAe4yzgloDbbfpPrbpJJ2x6KNNPs9w7Pgzuqci6yZf_I3TWaL5UAA9XTjVaq2P0xqiksHx3zgcyMrSQnTy2p-zISMUE HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJKhbptg22yXE7Z-S3RJGN8&google_hm=Y2hXe2RZyFwZ9VomfUGXEgAADPcAAAIB&google_nid=index&google_push=ASkJ3FanhAe4yzgloDbbfpPrbpJJ2x6KNNPs9w7Pgzuqci6yZf_I3TWaL5UAA9XTjVaq2P0xqiksHx3zgcyMrSQnTy2p-zISMUE

Request Chain 354

https://d.agkn.com/pixel/2175/?google_gid=CAESEGp_M3Lza0dj8Vmg8prebxI&google_cver=1&google_push=ASkJ3Faby5U3yJ6E4l1UqtYag99gnqnLps6eSBJiYyoFjKc3HiQLq7xNK5GQt6mlNTQI1mVSQNs1J6g2OZTpMgFP3A5K1bMQg60p HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ASkJ3Faby5U3yJ6E4l1UqtYag99gnqnLps6eSBJiYyoFjKc3HiQLq7xNK5GQt6mlNTQI1mVSQNs1J6g2OZTpMgFP3A5K1bMQg60p&google_hm=Q0FFU0VHcF9NM0x6YTBkajhWbWc4cHJlYnhJ

Request Chain 357

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEE2EcrBPh_ekNjGWOTPmxjM&google_cver=1&google_push=ASkJ3FZ4CVjg7Mi8vBfDmOejQQkP1e9a8H5ZaARmxq19X4fJyewtYAjYlkTUZAizNfWizVcfej5_B9CGtuOPd_E2fBKdo-8RhYZc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=FEuEND_IRVCSD2-suDs3UQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FZ4CVjg7Mi8vBfDmOejQQkP1e9a8H5ZaARmxq19X4fJyewtYAjYlkTUZAizNfWizVcfej5_B9CGtuOPd_E2fBKdo-8RhYZc

Request Chain 358

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHfnWbtmdkDTFLLunvymKJ8&google_cver=1&google_push=ASkJ3FbHdkvxp3iuT55hLpTAKIqC6Hu3RDsiXy3pqrA3v4iyQYohwAqYCRkTJd4yoDiVsPukvXHO3rQogdKE8lQVOdIAb758L6Ac HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEE2Mk5ITzMtMjQtSU9MMQ==&google_push=ASkJ3FbHdkvxp3iuT55hLpTAKIqC6Hu3RDsiXy3pqrA3v4iyQYohwAqYCRkTJd4yoDiVsPukvXHO3rQogdKE8lQVOdIAb758L6Ac

Request Chain 359

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJKhbptg22yXE7Z-S3RJGN8&google_cver=1&google_push=ASkJ3FayZbtUXbMmlHDgRxPA7wyQG9zhhSE18kN_B5J44nTui41L5U5wVNITkq6z1LKxAwt8FZGblGNdjlbww3zKHK5odD6l3ac9 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJKhbptg22yXE7Z-S3RJGN8&google_hm=Y2hXe2RZyFwZ9VomfUGXEgAADPcAAAIB&google_nid=index&google_push=ASkJ3FayZbtUXbMmlHDgRxPA7wyQG9zhhSE18kN_B5J44nTui41L5U5wVNITkq6z1LKxAwt8FZGblGNdjlbww3zKHK5odD6l3ac9

Request Chain 368

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEE2EcrBPh_ekNjGWOTPmxjM&google_cver=1&google_push=ASkJ3FaF6nE8fIK3Hp8K_BTQ30O8TCaSYrcERlwoqvs3FQjEPXeBjtnYdVaMbRSFaLIOzIpK8UPPuhMywJirRGbDKR3jpWBYOupU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=FEuEND_IRVCSD2-suDs3UQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FaF6nE8fIK3Hp8K_BTQ30O8TCaSYrcERlwoqvs3FQjEPXeBjtnYdVaMbRSFaLIOzIpK8UPPuhMywJirRGbDKR3jpWBYOupU

Request Chain 369

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHfnWbtmdkDTFLLunvymKJ8&google_cver=1&google_push=ASkJ3FYcTVfUKMt5rXqegkde29Gn1t-6GltvgxjsS_MG1q8LKusrqwh1TyuH58rcFscmr-fGRGZXACf1ZS355YZG5-RSRjrbq78 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEE2Mk5ITzMtMjQtSU9MMQ==&google_push=ASkJ3FYcTVfUKMt5rXqegkde29Gn1t-6GltvgxjsS_MG1q8LKusrqwh1TyuH58rcFscmr-fGRGZXACf1ZS355YZG5-RSRjrbq78

Request Chain 370

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJKhbptg22yXE7Z-S3RJGN8&google_cver=1&google_push=ASkJ3FYhZJGXbRu4ndgz0eL15vjLcNdoJkCIn5_W5hPyW2igbEu_QpD22vNVyHd_u3rO9UZpecM-N05fdFpw-2GKxMErDLPIDyA HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJKhbptg22yXE7Z-S3RJGN8&google_hm=Y2hXe2RZyFwZ9VomfUGXEgAADPcAAAIB&google_nid=index&google_push=ASkJ3FYhZJGXbRu4ndgz0eL15vjLcNdoJkCIn5_W5hPyW2igbEu_QpD22vNVyHd_u3rO9UZpecM-N05fdFpw-2GKxMErDLPIDyA

Request Chain 423

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fbuhgalter.com.ua%2F&domain=buhgalter.com.ua&cw=1&pbt=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=TGj6tHxhVzV3dmpWeUdPNGZCR3FlMVJTQ2U2N24vMUUycWI3NHBrNDdsZHRUSUhKb1dNNURkdFFvMHFkZ3lCYmIyWDFuYks5bFB5WEhtSzl0aUswZm9UcG54ZnU2d0NJOHE4ejNiQWZYVnVGS0NGdUUvVFNFakNJMStNRHBKU3FyNE03QjZXQ1hMRjkzTHRCL0J2U0NkY0dwVGZEbGJ4eHBKY1hicUxTenIzL091Qk1vaTVDSHVZTVl4Q3BJTUZCL24rNXRGMUs3Zno1M0tXa0xxa1UvemlXdjFuZzlXRGVsNUNacHpzbUNNd09LeThmNGZCU3NVcllKeExoUUhsbHJzRnNTfA&cppv=2

Request Chain 432

https://x.bidswitch.net/sync?ssp=themediagrid&gdpr=0 HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=themediagrid&gdpr=0 HTTP 302
https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=0&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dthemediagrid%26bsw_param%3D4a0366a6-15f9-4555-824f-d04542524811%26gdpr%3D0%26consent%3D%26gdpr_pd%3D%26expires%3D7 HTTP 302
https://x.bidswitch.net/sync?dsp_id=354&user_id=85ddaa7e36e745a4b1fb1122859e8875&ssp=themediagrid&bsw_param=4a0366a6-15f9-4555-824f-d04542524811&gdpr=0&consent=&gdpr_pd=&expires=7

Request Chain 436

https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D6da86a98-0371-4a87-6296-10316e5e1c79%26reqId%3Da5a4bd7a-3448-4020-4726-c876b70c59ce%26zdid%3D1361 HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D6da86a98-0371-4a87-6296-10316e5e1c79%26reqId%3Da5a4bd7a-3448-4020-4726-c876b70c59ce%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=9a222cc1-fa9b-4b70-b97e-244f454e9f41&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6da86a98-0371-4a87-6296-10316e5e1c79&reqId=a5a4bd7a-3448-4020-4726-c876b70c59ce&zdid=1361

Request Chain 441

https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D6da86a98-0371-4a87-6296-10316e5e1c79%26reqId%3Da5a4bd7a-3448-4020-4726-c876b70c59ce%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&cid=144B8434-3FC8-4550-920F-6FACB83B3751&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6da86a98-0371-4a87-6296-10316e5e1c79&reqId=a5a4bd7a-3448-4020-4726-c876b70c59ce&zdid=1361

Request Chain 442

https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6da86a98-0371-4a87-6296-10316e5e1c79&reqId=a5a4bd7a-3448-4020-4726-c876b70c59ce&zdid=1361 HTTP 302
https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6da86a98-0371-4a87-6296-10316e5e1c79&reqId=a5a4bd7a-3448-4020-4726-c876b70c59ce&zdid=1361&s_h=1

Request Chain 443

https://dpm.demdex.net/ibs:dpid=199624&dpuuid=6da86a98-0371-4a87-6296-10316e5e1c79&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D6da86a98-0371-4a87-6296-10316e5e1c79%26reqId%3Da5a4bd7a-3448-4020-4726-c876b70c59ce%26zdid%3D1361 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=6da86a98-0371-4a87-6296-10316e5e1c79&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D6da86a98-0371-4a87-6296-10316e5e1c79%26reqId%3Da5a4bd7a-3448-4020-4726-c876b70c59ce%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=49986690031227565273538504277502134209&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6da86a98-0371-4a87-6296-10316e5e1c79&reqId=a5a4bd7a-3448-4020-4726-c876b70c59ce&zdid=1361

Request Chain 445

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D6da86a98-0371-4a87-6296-10316e5e1c79%26reqId%3Da5a4bd7a-3448-4020-4726-c876b70c59ce%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=7163071401727162523&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6da86a98-0371-4a87-6296-10316e5e1c79&reqId=a5a4bd7a-3448-4020-4726-c876b70c59ce&zdid=1361

Request Chain 446

https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=6da86a98-0371-4a87-6296-10316e5e1c79 HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=6da86a98-0371-4a87-6296-10316e5e1c79

Request Chain 447

https://idsync.frontend.weborama.fr/ids?key=zeotap&value=6da86a98-0371-4a87-6296-10316e5e1c79&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D6da86a98-0371-4a87-6296-10316e5e1c79%26reqId%3Da5a4bd7a-3448-4020-4726-c876b70c59ce%26zdid%3D1361 HTTP 302
https://idsync.frontend.weborama.fr/ids?key=zeotap&value=6da86a98-0371-4a87-6296-10316e5e1c79&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D6da86a98-0371-4a87-6296-10316e5e1c79%26reqId%3Da5a4bd7a-3448-4020-4726-c876b70c59ce%26zdid%3D1361&bounce=1&random=1861520179 HTTP 302
https://mwzeom.zeotap.com/mw?webouuid=zaNRJzJjqnWL7UROjYfqse&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6da86a98-0371-4a87-6296-10316e5e1c79&reqId=a5a4bd7a-3448-4020-4726-c876b70c59ce&zdid=1361

Request Chain 448

https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D[sas_uid]%26zpartnerid%3D592%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D6da86a98-0371-4a87-6296-10316e5e1c79%26reqId%3Da5a4bd7a-3448-4020-4726-c876b70c59ce%26zdid%3D1361 HTTP 302
https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https://mwzeom.zeotap.com/mw?cid=[sas_uid]&zpartnerid=592&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6da86a98-0371-4a87-6296-10316e5e1c79&reqId=a5a4bd7a-3448-4020-4726-c876b70c59ce&zdid=1361&cklb=1 HTTP 302
https://mwzeom.zeotap.com/mw?cid=

Request Chain 465

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=seedtag&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu

Request Chain 474

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fappnexus%3Fchanneluid%3D%24UID HTTP 302
https://s.seedtag.com/cs/cookiesync/appnexus?channeluid=545822583133375418

Request Chain 475

https://sync.smartadserver.com/getuid?gdpr_consent=&us_privacy=&nwid=3050&url=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fsmart%3Fchanneluid%3D%5Bsas_uid%5D HTTP 302
https://sync.smartadserver.com/getuid?gdpr_consent=&us_privacy=&nwid=3050&url=https://s.seedtag.com/cs/cookiesync/smart?channeluid=[sas_uid]&cklb=1

Request Chain 478

https://x.bidswitch.net/sync?ssp=seedtag&user_id=&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=seedtag&user_id=&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=seedtag&bsw_custom_parameter=b981e0ec-6af9-4915-87f7-1d5bcf69c02b

Request Chain 479

https://sync.search.spotxchange.com/partner?adv_id=8651&redir=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fspotx%3Fchanneluid%3D%24SPOTX_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=8651&redir=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fspotx%3Fchanneluid%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=dd9439d4-5e36-11ed-8cea-1bbe6fc50406 HTTP 302
https://s.seedtag.com/cs/cookiesync/spotx?channeluid=dd94397f-5e36-11ed-8cea-1bbe6fc50406

Request Chain 480

https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Frichaudience%3Fchanneluid%3D%5BPDID%5D HTTP 302
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcs.seedtag.com%2F

Request Chain 481

https://sync.search.spotxchange.com/partner?source=249286 HTTP 302
https://sync.search.spotxchange.com/partner?source=249286&__user_check__=1&sync_id=dd945627-5e36-11ed-bb08-1c5660560106 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_sc&gdpr=0&gdpr_consent=%24%7BGDPR_CONSENT_229%7D

Request Chain 482

https://ad.360yield.com/server_match?partner_id=1680&r=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fimprovedigital%3Fchanneluid%3D%7BPUB_USER_ID%7D HTTP 302
https://ad.360yield.com/ul_cb/server_match?partner_id=1680&r=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fimprovedigital%3Fchanneluid%3D%7BPUB_USER_ID%7D HTTP 302
https://s.seedtag.com/cs/cookiesync/improvedigital?channeluid=94317cc9-1bbd-4164-b415-1375a0a7ca5e

Request Chain 483

https://ssum-sec.casalemedia.com/usermatchredir?s=191730&cb=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Findexexchange%3Fchanneluid%3D HTTP 302
https://s.seedtag.com/cs/cookiesync/indexexchange?channeluid=Y2hXe2RZyFwZ9VomfUGXEgAA%263319

Request Chain 484

https://ups.analytics.yahoo.com/ups/58427/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58427/occ?verify=true HTTP 302
https://s.seedtag.com/cs/cookiesync/verizon?channeluid=y-Hd24vn5E2uHOuElXsMB.CUXCgPrU5qosyFoXopY-~A

Request Chain 490

https://c1.adform.net/serving/cookie/match?party=14&cid=144B8434-3FC8-4550-920F-6FACB83B3751&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=144B8434-3FC8-4550-920F-6FACB83B3751&gdpr=0&gdpr_consent=

Request Chain 491

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7185896234098286157

Request Chain 492

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:82846368-577d-4100-b174-c8d18d5a97ce&gdpr=0&gdpr_consent=

Request Chain 494

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=144B8434-3FC8-4550-920F-6FACB83B3751&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=144B8434-3FC8-4550-920F-6FACB83B3751&redir=true&gdpr=0&gdpr_consent=&dcc=t

Request Chain 495

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=545822583133375418&gdpr=0&gdpr_consent=

Request Chain 496

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=mBIaYJsWGzqDGR89mEcBOZYUSWiDEh9rn0ChYKJT

Request Chain 497

https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7163071401727752347&gdpr=0&gdpr_consent=

Request Chain 498

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCdkNVN0cwSzhBQUNGU0J0V0U5QQ&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1

Request Chain 500

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=Y2hXfQAGGcAxNQAr

Request Chain 505

https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid

Request Chain 507

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1667782525671 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6709912834

Request Chain 508

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=FEuEND_IRVCSD2-suDs3UQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

Request Chain 509

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=f1ad6368-577d-4e00-b7d6-8996b05e4ffb

Request Chain 510

https://pixel.onaudience.com/?partner=214&mapped=144B8434-3FC8-4550-920F-6FACB83B3751&gdpr=0&gdpr_consent= HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0 HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1

Request Chain 511

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MTQ0Qjg0MzQtM0ZDOC00NTUwLTkyMEYtNkZBQ0I4M0IzNzUx&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 512

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEF_xKDUmdbfTys_xgNGdKbo&google_cver=1

Request Chain 514

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8147882932685425809

Request Chain 516

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://ws.rqtrk.eu/pull?redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26expires%3D1%26ssp%3D%24bidswitch_ssp_id&return-unstable=true&eb=&bidswitch_ssp_id=pubmatic&g=1&gdpr_pd=&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=193&user_id=&expires=1&ssp=pubmatic

Request Chain 518

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=144B8434-3FC8-4550-920F-6FACB83B3751&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=144B8434-3FC8-4550-920F-6FACB83B3751&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-8PPqSZBE2uXIXv4cH7N1enkwOvv4qXE-~A&gdpr=0&gdpr_consent=

Request Chain 521

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4417831177384936708&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 524

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y2hXe2RZyFwZ9VomfUGXEgAADPcAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEJKhbptg22yXE7Z-S3RJGN8&google_cver=1

Request Chain 530

https://ad.turn.com/r/cs?pid=21 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4345773583347008772

Request Chain 540

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0 HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&dcc=t

Request Chain 541

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEDk0mo0s5g2orESgwINtgws&google_cver=1

460 HTTP transactions
88 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
buhgalter.com.ua/
Redirect Chain

http://buhgalter.com.ua/
https://buhgalter.com.ua/

104 KB
29 KB

189ms
110ms

Document
text/html

136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL

https://buhgalter.com.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

136.144.183.196 Haarlem, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),

Reverse DNS

136-144-183-196.colo.transip.net

Software

nginx /

Resource Hash

7dfb2782fc22e53f82323405ea2baf302699bebbbcbc9478b5e07c32c55ec3df

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=15768000; includeSubdomains;
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate, max-age=0 no-transform
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Mon, 07 Nov 2022 00:55:19 GMT
expires: Mon, 07 Nov 2022 01:55:19 GMT
last-modified: Thu, 28 May 2020 12:12:45 GMT
server: nginx
strict-transport-security: max-age=15768000; includeSubdomains;
vary: Accept-Encoding
x-content-type-options: nosniff nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block 1; mode=block

Redirect headers

Connection: Keep-Alive
Content-Length: 233
Content-Type: text/html; charset=iso-8859-1
Date: Mon, 07 Nov 2022 00:55:19 GMT
Keep-Alive: timeout=5, max=100
Location: https://buhgalter.com.ua/
Server: Apache
Strict-Transport-Security: max-age=15768000; includeSubdomains;
x-xss-protection: 1; mode=block

GET
H2 200 jquery.min.js Show response
buhgalter.com.ua/assets/templates/base/js/ 94 KB
33 KB 66ms
65ms Script
application/javascript 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://buhgalter.com.ua/assets/templates/base/js/jquery.min.js?1548420380
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Haarlem, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 00:55:19 GMT
content-encoding: gzip
last-modified: Fri, 25 Jan 2019 12:46:20 GMT
server: nginx
etag: W/"5c4b051c-1762a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1209600, public, no-transform
expires: Mon, 21 Nov 2022 00:55:19 GMT

GET
H2 200 client.js Show response
cdn.gravitec.net/storage/c77ccd81f8480b85adc1e41419254e96/ 64 KB
18 KB 158ms
67ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.net/storage/c77ccd81f8480b85adc1e41419254e96/client.js
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: b272da8532a2532b094eb8b01d0c38fac4cb5cbc2a48e620f40cdf886db497a1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires: Mon, 31 Oct 2022 19:59:21 GMT
date: Mon, 07 Nov 2022 00:55:19 GMT
content-encoding: gzip
last-modified: Mon, 31 Oct 2022 19:57:34 GMT
server: nginx
etag: W/"636028ae-100fb"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=10
x-proxy-cache: REVALIDATED

GET
H2 200 main.js Show response
buhgalter.com.ua/assets/templates/base/js/ 31 KB
8 KB 54ms
49ms Script
application/javascript 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://buhgalter.com.ua/assets/templates/base/js/main.js?1665486999
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Haarlem, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: c4a6f381a5dfdcf76a9c61b3aeec81e4899cf5b2141eeb80db87a81ecc4e1d21

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 00:55:19 GMT
content-encoding: gzip
last-modified: Tue, 11 Oct 2022 11:16:39 GMT
server: nginx
etag: W/"63455097-7b37"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1209600, public, no-transform
expires: Mon, 21 Nov 2022 00:55:19 GMT

GET
H2 200 advert.js Show response
buhgalter.com.ua/assets/templates/base/js/ 2 KB
1 KB 54ms
50ms Script
application/javascript 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://buhgalter.com.ua/assets/templates/base/js/advert.js?1482134876
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Haarlem, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: 22ef740962bc0b112be9cf31438b5f65689bee5ea052a5538cf05d959cd4d96c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 00:55:19 GMT
content-encoding: gzip
last-modified: Mon, 19 Dec 2016 08:07:56 GMT
server: nginx
etag: W/"5857955c-947"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1209600, public, no-transform
expires: Mon, 21 Nov 2022 00:55:19 GMT

GET
H2 200 custom_branding.css
buhgalter.com.ua/assets/templates/base/css/ 2 KB
798 B 68ms
68ms Stylesheet
text/css 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://buhgalter.com.ua/assets/templates/base/css/custom_branding.css?1645010085
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Haarlem, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: 3061a71d8be14bbf325156cea941da0e53ef184eef60c14331e15b4145b4dc7e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 00:55:19 GMT
content-encoding: gzip
last-modified: Wed, 16 Feb 2022 11:14:45 GMT
server: nginx
etag: W/"620cdca5-90d"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1209600, public, no-transform
expires: Mon, 21 Nov 2022 00:55:19 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
43 KB 145ms
53ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-35985798-1

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9a14b4bf52d7468e62a119a2c783754e660ba698bd1ce349e145fd668a0013e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 00:55:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43558
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 07 Nov 2022 00:55:19 GMT

GET
H2 200 config_accounts.js Show response
buhgalter.com.ua/assets/templates/base/js/ 676 B
885 B 54ms
50ms Script
application/javascript 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://buhgalter.com.ua/assets/templates/base/js/config_accounts.js
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Haarlem, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: a84684c392beb111f1ffc575860f0fd182e14aa8953829b5655a90cf5094e898

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 00:55:19 GMT
last-modified: Thu, 11 Nov 2021 09:07:41 GMT
server: nginx
etag: "618cdd5d-2a4"
content-type: application/javascript
cache-control: max-age=1209600, public, no-transform
accept-ranges: bytes
content-length: 676
expires: Mon, 21 Nov 2022 00:55:19 GMT

GET
H2 200 all-sites.js Show response
buhgalter.com.ua/assets/templates/base/js/ 31 KB
7 KB 54ms
51ms Script
application/javascript 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://buhgalter.com.ua/assets/templates/base/js/all-sites.js?v=20072022
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Haarlem, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: e2375265c2c58ff376a5b20241c598a2822e043c80935b4a27b50306b4338280

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 00:55:19 GMT
content-encoding: gzip
last-modified: Wed, 20 Jul 2022 07:26:46 GMT
server: nginx
etag: W/"62d7ae36-7c31"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1209600, public, no-transform
expires: Mon, 21 Nov 2022 00:55:19 GMT

GET
H2 200 buy-access.css
buhgalter.com.ua/assets/templates/base/css/ 14 KB
3 KB 41ms
41ms Stylesheet
text/css 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://buhgalter.com.ua/assets/templates/base/css/buy-access.css?1666712570
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Haarlem, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: 0945e4fad72d0c08a7eeb945cd19a38c4e1b159550a38336f397fd408223b8ad

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 00:55:19 GMT
content-encoding: gzip
last-modified: Tue, 25 Oct 2022 15:42:50 GMT
server: nginx
etag: W/"635803fa-39e0"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1209600, public, no-transform
expires: Mon, 21 Nov 2022 00:55:19 GMT

GET
H2 200 sockjs.min.js Show response
cdn.jsdelivr.net/sockjs/0.3.4/ 33 KB
12 KB 110ms
40ms Script
application/javascript 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/sockjs/0.3.4/sockjs.min.js

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4b6d898c081feaaf31175668b7a4837cf08ee6480fce388cbb93fc710646d07

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 00:55:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 19927976
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19169-FRA, cache-lcy19221-LCY
server: cloudflare
etag: W/"845f-2xqGtL6IkSLNx0THukpBdUC8xho"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g8jCnIUbkPkz%2F%2FlH%2FqFUph7QZ4KzgtZpJhs8NaxqyWzO9x2mf5J4BdO5rI0GKBSwSfbcAw0qQTy7arpIAeJGqnxj%2FuaeowyFZpEr5YhMcuPOvtT9eRezAqyU6cE9%2FvjwxeBcrrqqrxZqDGKgodM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 76621a4abbbe76e7-LHR

GET
H2 200 subscribe_form_newsone.css
buhgalter.com.ua/assets/templates/base/css/ 2 KB
817 B 43ms
43ms Stylesheet
text/css 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://buhgalter.com.ua/assets/templates/base/css/subscribe_form_newsone.css?1665485092
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Haarlem, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: 1e18095b9d6ac7a64d0acc19a7691ceac4bb92f0da943acbe4183c75ab07f27e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 00:55:19 GMT
content-encoding: gzip
last-modified: Tue, 11 Oct 2022 10:44:52 GMT
server: nginx
etag: W/"63454924-72c"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1209600, public, no-transform
expires: Mon, 21 Nov 2022 00:55:19 GMT

GET
H2 200 bcom_logo_footer.png
buhgalter.com.ua/assets/templates/base/images/ 9 KB
10 KB 54ms
51ms Image
image/png 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buhgalter.com.ua/assets/templates/base/images/bcom_logo_footer.png
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Haarlem, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: 27bf5587dcdf6b46c008ea961d5a4792d2d7b8cdff11db21f9251425e4c1c20b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 00:55:19 GMT
last-modified: Tue, 25 Oct 2022 07:24:51 GMT
server: nginx
etag: "63578f43-25e7"
content-type: image/png
cache-control: max-age=1209600, public, no-transform
accept-ranges: bytes
content-length: 9703
expires: Mon, 21 Nov 2022 00:55:19 GMT

GET
H2 200 payment_types.svg
buhgalter.com.ua/assets/templates/base/images/ 3 KB
3 KB 55ms
51ms Image
image/svg+xml 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buhgalter.com.ua/assets/templates/base/images/payment_types.svg
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Haarlem, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: cb89401c31c55eaf5d321b8d956d8b26717e2fe7663101a173619f642cb11d63

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 00:55:19 GMT
content-encoding: gzip
last-modified: Tue, 25 Oct 2022 07:26:26 GMT
server: nginx
etag: W/"63578fa2-c9b"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=1209600, public, no-transform
expires: Mon, 21 Nov 2022 00:55:19 GMT

GET
H2 200 footer_logo_forum.svg
buhgalter.com.ua/assets/templates/base/images/ 5 KB
4 KB 55ms
52ms Image
image/svg+xml 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buhgalter.com.ua/assets/templates/base/images/footer_logo_forum.svg
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Haarlem, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: 7cb32d973638c94c708c3bfd9d908d9c899f1f77930c149059a1ce06ef4cefb0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 00:55:19 GMT
content-encoding: gzip
last-modified: Tue, 25 Oct 2022 07:26:44 GMT
server: nginx
etag: W/"63578fb4-1554"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=1209600, public, no-transform
expires: Mon, 21 Nov 2022 00:55:19 GMT

GET
H2 200 js.cookie.min.js Show response
buhgalter.com.ua/assets/templates/base/js/ 2 KB
1 KB 37ms
36ms Script
application/javascript 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://buhgalter.com.ua/assets/templates/base/js/js.cookie.min.js?1651056762
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Haarlem, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: 94d7ec1ea563f6e407c32352b0a74f09bb645a4c4a4805951c3a168e57fbb554

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 00:55:19 GMT
content-encoding: gzip
last-modified: Wed, 27 Apr 2022 10:52:42 GMT
server: nginx
etag: W/"6269207a-690"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1209600, public, no-transform
expires: Mon, 21 Nov 2022 00:55:19 GMT

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ 45 KB
17 KB 178ms
59ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

a765b6b49657c03fd21414da60eed05a7978b91fcf9f0818ca51cbca2f7ede0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 00:55:19 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16836
x-xss-protection: 0
server: cafe
etag: 14253518212129236209
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 07 Nov 2022 00:55:19 GMT

GET
H2 200 chat2.js Show response
buhgalter.com.ua/assets/templates/base/chat/js/ 14 KB
5 KB 55ms
52ms Script
application/javascript 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://buhgalter.com.ua/assets/templates/base/chat/js/chat2.js?1575636222
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Haarlem, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: 2794e4bee8b85e3e25f439d6e2eff996da14eee39f04ccd2ab65436562be1fe9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 00:55:19 GMT
content-encoding: gzip
last-modified: Fri, 06 Dec 2019 12:43:42 GMT
server: nginx
etag: W/"5dea4cfe-375c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1209600, public, no-transform
expires: Mon, 21 Nov 2022 00:55:19 GMT

GET
H2 200 favorites.js Show response
buhgalter.com.ua/assets/templates/base/js/ 5 KB
1 KB 41ms
35ms Script
application/javascript 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://buhgalter.com.ua/assets/templates/base/js/favorites.js?1549530983
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Haarlem, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: b044100db87d9ea6f2baea5b4c2cacbd92d3f76a8fb521cdcddca8c26c196c1f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 00:55:19 GMT
content-encoding: gzip
last-modified: Thu, 07 Feb 2019 09:16:23 GMT
server: nginx
etag: W/"5c5bf767-140a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1209600, public, no-transform
expires: Mon, 21 Nov 2022 00:55:19 GMT

GET
H2 200 ads_remove_popup.js Show response
buhgalter.com.ua/assets/templates/base/js/ 3 KB
1 KB 42ms
36ms Script
application/javascript 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://buhgalter.com.ua/assets/templates/base/js/ads_remove_popup.js?1551773669
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Haarlem, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: 060bb8520b20eb55d3627c997fb70a310ee7340fca81019d845ec4d411f1f28d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 00:55:19 GMT
content-encoding: gzip
last-modified: Tue, 05 Mar 2019 08:14:29 GMT
server: nginx
etag: W/"5c7e2fe5-c04"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1209600, public, no-transform
expires: Mon, 21 Nov 2022 00:55:19 GMT

GET
H2 200 analytics.js Show response
buhgalter.com.ua/assets/templates/base/js/ 9 KB
2 KB 42ms
36ms Script
application/javascript 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://buhgalter.com.ua/assets/templates/base/js/analytics.js?1626441437
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Haarlem, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: d80bd54f6f01cdaa4f9b4bf238a45def7223316f3613971da9a6a417c62b5364

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 00:55:19 GMT
content-encoding: gzip
last-modified: Fri, 16 Jul 2021 13:17:17 GMT
server: nginx
etag: W/"60f186dd-22ed"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1209600, public, no-transform
expires: Mon, 21 Nov 2022 00:55:19 GMT

GET
H2 200 content_breaker.js Show response
buhgalter.com.ua/assets/templates/base/js/ 785 B
994 B 43ms
36ms Script
application/javascript 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://buhgalter.com.ua/assets/templates/base/js/content_breaker.js?1638465638
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Haarlem, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: aac16f954d581bdc9117839285ab45c1e9c71133dbdf18d0e72f420f18d99f13

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 00:55:19 GMT
last-modified: Thu, 02 Dec 2021 17:20:38 GMT
server: nginx
etag: "61a90066-311"
content-type: application/javascript
cache-control: max-age=1209600, public, no-transform
accept-ranges: bytes
content-length: 785
expires: Mon, 21 Nov 2022 00:55:19 GMT

GET
H2 200 check_access.js Show response
buhgalter.com.ua/assets/templates/base/js/ 302 B
511 B 43ms
37ms Script
application/javascript 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://buhgalter.com.ua/assets/templates/base/js/check_access.js?1638465374
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Haarlem, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: a7175d1d334c622399772f16264ac7a80176047397f32836b6e0b004a59969e8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 00:55:19 GMT
last-modified: Thu, 02 Dec 2021 17:16:14 GMT
server: nginx
etag: "61a8ff5e-12e"
content-type: application/javascript
cache-control: max-age=1209600, public, no-transform
accept-ranges: bytes
content-length: 302
expires: Mon, 21 Nov 2022 00:55:19 GMT

GET
H2 200 ads_turn_off.css
buhgalter.com.ua/assets/templates/base/css/ 5 KB
1 KB 43ms
37ms Stylesheet
text/css 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://buhgalter.com.ua/assets/templates/base/css/ads_turn_off.css?v=20200507
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Haarlem, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: 52b55ae47fb6f7ce41328be63dce372ff1e2c28be04a4d1e7a3ba68152acfa7c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 00:55:19 GMT
content-encoding: gzip
last-modified: Mon, 29 Aug 2022 11:00:26 GMT
server: nginx
etag: W/"630c9c4a-12ce"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1209600, public, no-transform
expires: Mon, 21 Nov 2022 00:55:19 GMT

GET
H2 200 accounts_manager.js Show response
buhgalter.com.ua/assets/templates/base/js/ 2 KB
740 B 43ms
38ms Script
application/javascript 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://buhgalter.com.ua/assets/templates/base/js/accounts_manager.js?v=02022021
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Haarlem, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: f268e67bed4c1584ddf22b804ba2e482c2ed18c8905a1f032406bf846d7887dc

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 00:55:19 GMT
content-encoding: gzip
last-modified: Mon, 25 Jan 2021 07:56:35 GMT
server: nginx
etag: W/"600e79b3-609"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1209600, public, no-transform
expires: Mon, 21 Nov 2022 00:55:19 GMT

GET
H2 200 ads_turn_off.js Show response
buhgalter.com.ua/assets/templates/base/js/ 3 KB
1 KB 43ms
38ms Script
application/javascript 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://buhgalter.com.ua/assets/templates/base/js/ads_turn_off.js?1661763183
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Haarlem, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: abf2a4b981439fd1bfd908b09d480d4ddcd77b220c5d68f2aa342e7582396db8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 00:55:19 GMT
content-encoding: gzip
last-modified: Mon, 29 Aug 2022 08:53:03 GMT
server: nginx
etag: W/"630c7e6f-b0a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1209600, public, no-transform
expires: Mon, 21 Nov 2022 00:55:19 GMT

GET
H2 200 lw.css
buhgalter.com.ua/assets/templates/base/css/ 2 KB
834 B 44ms
38ms Stylesheet
text/css 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://buhgalter.com.ua/assets/templates/base/css/lw.css?1642000502
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Haarlem, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: ec7cf723e138fd1ced41f6f1c2c0d724c43183a65b54ebaef160e9635fc222d6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 00:55:19 GMT
content-encoding: gzip
last-modified: Wed, 12 Jan 2022 15:15:02 GMT
server: nginx
etag: W/"61def076-73c"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1209600, public, no-transform
expires: Mon, 21 Nov 2022 00:55:19 GMT

GET
H2 200 wrapper_hb_299506_4371.js Show response
player.adtelligent.com/prebid/ 2 KB
1 KB 162ms
63ms Script
application/javascript 45.133.44.4
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/prebid/wrapper_hb_299506_4371.js?cb=19303
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: e142124087c412eef969cd891c1fc1e1629fc878fc1641dbfe44bf9ef38b187c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires: Wed, 09 Nov 2022 00:55:19 GMT
date: Mon, 07 Nov 2022 00:55:19 GMT
content-encoding: gzip
last-modified: Mon, 31 Oct 2022 12:06:13 GMT
server: nginx
etag: W/"635fba35-6c4"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=172800
x-proxy-cache: HIT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 205 KB
72 KB 197ms
107ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WVLD3W

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

92eb1c91ff909f41d07610e54ff4a8b77c6a902b5189285294239013a0b8a5c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 00:55:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 73122
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 07 Nov 2022 00:55:19 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
1 KB 139ms
50ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@500&display=swap

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/assets/templates/base/css/buy-access.css?1666712570

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3b542bc706a41d36ca02e27cc3a6165104c2b7fdc57aa9a23ca63e164495c2c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 07 Nov 2022 00:55:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 00:43:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 07 Nov 2022 00:55:19 GMT

GET
H2 200 resource_icons_v7.png
buhgalter.com.ua/assets/templates/base/images/accounts/ 4 KB
4 KB 40ms
40ms Image
image/png 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buhgalter.com.ua/assets/templates/base/images/accounts/resource_icons_v7.png
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Haarlem, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: c5a7e1a01e97fddf0d6fea76f7a895d53516d76728a4615816a71afa8141d8df

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 00:55:19 GMT
last-modified: Thu, 17 Jun 2021 10:19:17 GMT
server: nginx
etag: "60cb21a5-f41"
content-type: image/png
cache-control: max-age=1209600, public, no-transform
accept-ranges: bytes
content-length: 3905
expires: Mon, 21 Nov 2022 00:55:19 GMT

GET
H2 200 configs Show response
cdn.gravitec.net/sdk/web/ 2 KB
1 KB 112ms
42ms Fetch
application/json 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.net/sdk/web/configs?appKey=c77ccd81f8480b85adc1e41419254e96
Requested by: Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/c77ccd81f8480b85adc1e41419254e96/client.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: dafaa937eadd710a78845e1e43b6facb9b04efd0c94ef1b5d0639b70a9e4b76c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 00:55:19 GMT
x-correlation-id: 1a376a6bb64324d81967da12bfc8f228
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-proxy-cache: MISS

GET
H2 200 logo_event_n.png
buhgalter.com.ua/assets/templates/base/images/ 9 KB
10 KB 37ms
37ms Image
image/png 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buhgalter.com.ua/assets/templates/base/images/logo_event_n.png
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Haarlem, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: d564e795aec94a8c74308ecec87cb269c8b536135086e36ba14ffa7f22434264

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 00:55:19 GMT
last-modified: Tue, 15 Jun 2021 12:47:48 GMT
server: nginx
etag: "60c8a174-25c4"
content-type: image/png
cache-control: max-age=1209600, public, no-transform
accept-ranges: bytes
content-length: 9668
expires: Mon, 21 Nov 2022 00:55:19 GMT

GET
H2 200 fbds.js Show response
connect.facebook.net/en_US/ 4 KB
3 KB 123ms
41ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbds.js

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

18f6e3c3179bf84f07b30ca394e8605749cef60d91b0090ee9b76d68bfaa04d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 07 Nov 2022 00:55:19 GMT
content-md5: yh5IK+ySKnUbUU87m70KJA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2167
x-fb-rlafr: 0
x-fb-debug: MA4xxojSwS2SmcLNfdD21It5dnD5u8ScWJuVO6iEfZQFIxcZuXVgPIXPrxNxEX/6+6yrAwopT6lOJQK1o6Ev1A==
x-fb-trip-id: 686109401
x-fb-content-md5: 0ae6662e251d27b257b15db97e360ee2
cross-origin-opener-policy: same-origin-allow-popups
etag: "16efafa8e7f72e1c67beb372ca55e626"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 07 Nov 2022 01:14:58 GMT

POST
H/1.1 200
OK add Show response
analytics.factor.ua/analytics/ 0
242 B 326ms
242ms XHR
text/html 95.170.82.90
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.factor.ua/analytics/add
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/assets/templates/base/js/analytics.js?1626441437
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.170.82.90 Amsterdam, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 95-170-82-90.colo.transip.net
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: https://buhgalter.com.ua
Date: Mon, 07 Nov 2022 00:55:19 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 0
Content-Type: text/html; charset=UTF-8

POST
H2 200 z Show response
s.zmctrack.net/ Frame 63BB 50 KB
23 KB 276ms
132ms XHR
text/javascript 185.187.81.40
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.zmctrack.net/z
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.40 Kyiv, Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: openresty /
Resource Hash: f072e55945d5803dcfa7600a5bc425ed840ba977eb0f86abced0d1fc2bab7036

Request headers

Referer
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 07 Nov 2022 00:55:19 GMT
content-encoding: gzip
server: openresty
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: X-Location, X-Meta-Status, X-Set-Cookie, X-Cookie, X-Check
cache-control: no-cache, no-store
access-control-allow-headers: X-Request-Data, X-Headers, X-Url, Accept-Encoding, Accept-Language, Content-Language, Accept, Content-Type, Cookie, Origin, User-Agent
content-length: 23448
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK / Show response
jsonip.com/ 150 B
451 B 506ms
167ms Script
application/json 2600:3c01::f03c:91ff:fe79:43b
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL

https://jsonip.com/?callback=jQuery111105752361119691518_1667782519389&_=1667782519390

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/assets/templates/base/js/jquery.min.js?1548420380

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:3c01::f03c:91ff:fe79:43b Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),

Reverse DNS

Software

nginx/1.20.2 /

Resource Hash

b9c462507a2e54f1df5dbb15250ef89ff0ef0220477f77bd52e259b8d1971227

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 07 Nov 2022 00:55:20 GMT
Strict-Transport-Security: max-age=31536000;
Server: nginx/1.20.2
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Connection: keep-alive

GET
H2 200 acceptcookies.css
buhgalter.com.ua/assets/templates/base/css/ 2 KB
744 B 38ms
37ms Stylesheet
text/css 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://buhgalter.com.ua/assets/templates/base/css/acceptcookies.css
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/assets/templates/base/js/jquery.min.js?1548420380
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Haarlem, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: f009046c8dfa738f7b73d46544595b6d47858c62f8af8c9a1fa87be048d17330

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 00:55:19 GMT
content-encoding: gzip
last-modified: Wed, 02 Nov 2022 14:51:17 GMT
server: nginx
etag: W/"636283e5-662"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1209600, public, no-transform
expires: Mon, 21 Nov 2022 00:55:19 GMT

GET
H2 200 acceptcookies.js Show response
buhgalter.com.ua/assets/templates/base/js/ 3 KB
1 KB 37ms
37ms XHR
application/javascript 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://buhgalter.com.ua/assets/templates/base/js/acceptcookies.js?_=1667782519391
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/assets/templates/base/js/jquery.min.js?1548420380
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Haarlem, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: 24d2d062a3432cd4d5b5079a056eaa1c0267f7ac8299bbff426395d70d081f2d

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://buhgalter.com.ua/
X-Requested-With: XMLHttpRequest
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 00:55:19 GMT
content-encoding: gzip
last-modified: Wed, 02 Nov 2022 14:51:31 GMT
server: nginx
etag: W/"636283f3-ba8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1209600, public, no-transform
expires: Mon, 21 Nov 2022 00:55:19 GMT

GET
H2 200 main.css
buhgalter.com.ua/assets/templates/base/chat/css/ 849 KB
458 KB 38ms
38ms Stylesheet
text/css 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://buhgalter.com.ua/assets/templates/base/chat/css/main.css?1625654744
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/assets/templates/base/js/jquery.min.js?1548420380
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Haarlem, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: 5e1055767f6d4ebc018c9e2386d3ca843ce1cc24daf9add01c652a15b7fdaf4d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 00:55:19 GMT
content-encoding: gzip
last-modified: Wed, 07 Jul 2021 10:45:44 GMT
server: nginx
etag: W/"60e585d8-d4267"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1209600, public, no-transform
expires: Mon, 21 Nov 2022 00:55:19 GMT

GET
H2 200 favourites.css
buhgalter.com.ua/assets/templates/base/css/ 5 KB
1 KB 84ms
84ms Stylesheet
text/css 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://buhgalter.com.ua/assets/templates/base/css/favourites.css?1665487532
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/assets/templates/base/js/jquery.min.js?1548420380
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Haarlem, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: 1cd795d06d23422370a772ff4f11b2149589c1ef15e91de8194d92403ca2ffdb

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 00:55:19 GMT
content-encoding: gzip
last-modified: Tue, 11 Oct 2022 11:25:32 GMT
server: nginx
etag: W/"634552ac-15ec"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1209600, public, no-transform
expires: Mon, 21 Nov 2022 00:55:19 GMT

GET
H2 200 notyfy_popups.css
buhgalter.com.ua/assets/templates/base/css/ 3 KB
973 B 84ms
83ms Stylesheet
text/css 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://buhgalter.com.ua/assets/templates/base/css/notyfy_popups.css?1551775774
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/assets/templates/base/js/jquery.min.js?1548420380
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Haarlem, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: 7b63f721e824f90d7f3144b2458f93b1697419fc8790f35537a064ed757a1b80

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 00:55:19 GMT
content-encoding: gzip
last-modified: Tue, 05 Mar 2019 08:49:34 GMT
server: nginx
etag: W/"5c7e381e-a18"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1209600, public, no-transform
expires: Mon, 21 Nov 2022 00:55:19 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.6.3/css/ 52 KB
12 KB 104ms
43ms Stylesheet
text/css 2606:4700:e2::ac40:850f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.6.3/css/all.css
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/assets/templates/base/js/jquery.min.js?1548420380
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:850f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a

Request headers

Referer: https://buhgalter.com.ua/
Origin: https://buhgalter.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 00:55:19 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 3V161PYDH4JC447N
age: 2208972
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: GU1A7f7xIC5K5fv7tW4nNDeUHBTXd8vi+WvxqG8sJMJeUO0gVdaFjMTn9yZcKSDFIiC0DIpWKRE=
last-modified: Wed, 30 Jun 2021 15:44:33 GMT
server: cloudflare
etag: W/"dc93d584e41f8417f6b7163320d34329"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FYCTexQYpFGoa1sZhJjrZLfScRoE0S3YKWjzV8BtiJHd%2BIumhcBWwIwdypEdwUAWED3479tSTkJoL9EjsjgGZpe3N7RHGjUj2T0dNHdKghJYiGpxxiOeE3BYy015vo%2Fi1BCy56Xr5Z%2F5xpzTZovJg82b"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 76621a4c0cca886d-LHR

GET
H2 200 media.css
buhgalter.com.ua/assets/templates/base/css/ 121 KB
42 KB 84ms
83ms Stylesheet
text/css 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://buhgalter.com.ua/assets/templates/base/css/media.css?1667293624
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/assets/templates/base/js/jquery.min.js?1548420380
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Haarlem, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: e20e767839f09483c5eae25b181b720e31943d94a40dda6e7a6ea1e2809dcdb7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 00:55:19 GMT
content-encoding: gzip
last-modified: Tue, 01 Nov 2022 09:07:04 GMT
server: nginx
etag: W/"6360e1b8-1e459"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1209600, public, no-transform
expires: Mon, 21 Nov 2022 00:55:19 GMT

GET
H2 200 subscribe_form.css
buhgalter.com.ua/assets/templates/base/css/ 2 KB
784 B 84ms
83ms Stylesheet
text/css 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://buhgalter.com.ua/assets/templates/base/css/subscribe_form.css?1562068831
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/assets/templates/base/js/jquery.min.js?1548420380
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Haarlem, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: f7ec9f64994c0f12acd8ab801d6709a5373b161d22752d64c316fc4dc6b04026

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 00:55:19 GMT
content-encoding: gzip
last-modified: Tue, 02 Jul 2019 12:00:31 GMT
server: nginx
etag: W/"5d1b475f-656"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1209600, public, no-transform
expires: Mon, 21 Nov 2022 00:55:19 GMT

GET
H2 200 newsinfocus.css
buhgalter.com.ua/assets/templates/base/css/ 12 KB
6 KB 84ms
84ms Stylesheet
text/css 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://buhgalter.com.ua/assets/templates/base/css/newsinfocus.css?1629355568
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/assets/templates/base/js/jquery.min.js?1548420380
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Haarlem, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: a4f9fa103935fadea54ea87412c9697a65d9545e2b4d67b3b3f984590c1f0dea

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 00:55:19 GMT
content-encoding: gzip
last-modified: Thu, 19 Aug 2021 06:46:08 GMT
server: nginx
etag: W/"611dfe30-2fc1"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1209600, public, no-transform
expires: Mon, 21 Nov 2022 00:55:19 GMT

GET
H2 200 hbw_master_299506_4371.js Show response
player.adtelligent.com/prebidlink/19303/ 153 KB
33 KB 57ms
57ms Script
application/javascript 45.133.44.4
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/prebidlink/19303/hbw_master_299506_4371.js
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebid/wrapper_hb_299506_4371.js?cb=19303
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: 08062237a2f036354dc3634789c4f19fb2a043eb270e11ef1cb973bfad05cae9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires: Wed, 09 Nov 2022 00:55:19 GMT
date: Mon, 07 Nov 2022 00:55:19 GMT
content-encoding: gzip
last-modified: Mon, 31 Oct 2022 12:06:13 GMT
server: nginx
etag: W/"635fba35-26382"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=172800
x-proxy-cache: HIT

GET
H2 200 hb_299506_4371.js Show response
player.adtelligent.com/prebidlink/19303/ 350 KB
108 KB 107ms
107ms Script
application/javascript 45.133.44.4
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/prebidlink/19303/hb_299506_4371.js
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebid/wrapper_hb_299506_4371.js?cb=19303
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: 2de059c14703eb5c8982ab9b19ee3af6e8c8206d776c065965cdbb465b2c6d84

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires: Wed, 09 Nov 2022 00:55:19 GMT
date: Mon, 07 Nov 2022 00:55:19 GMT
content-encoding: gzip
last-modified: Tue, 18 Oct 2022 14:20:20 GMT
server: nginx
etag: W/"634eb624-57672"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=172800
x-proxy-cache: HIT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 79 KB
27 KB 135ms
49ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc8fcdbed629aa9488b81150e46ef7ec1f7d0b46e387830c0a84b4fb12ca8d67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 00:55:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27353
x-xss-protection: 0
server: sffe
etag: "1386 / 339 of 1000 / last-modified: 1667599556"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 07 Nov 2022 00:55:19 GMT

GET
H2 200 / Show response
id.gravitec.net/ Frame 281C 621 B
699 B 148ms
38ms Document
text/html 2a02:6ea0:c700::20
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://id.gravitec.net/
Requested by: Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/c77ccd81f8480b85adc1e41419254e96/client.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::20 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 9d1cb86ec27e86dfdefab39206fb510070d00b81d91f11ddc6720e3c62629d32

Request headers

Referer: https://buhgalter.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-origin: *
cache-control: max-age=315360000 public
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 07 Nov 2022 00:55:19 GMT
etag: W/"5e9485b6-26d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Mon, 13 Apr 2020 15:31:02 GMT
pragma: public
server: CDN77-Turbo
x-77-cache: HIT
x-77-nzt: AdRmOI0svoj/UHm+AA
x-77-nzt-ray: wo1agLR58Bc
x-77-pop: frankfurtDE
x-accel-expires: @1970659623
x-age: 12482896
x-cache: HIT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/975200280/ 2 KB
1 KB 142ms
54ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/975200280/?random=1667782519617&cv=9&fst=1667782519617&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fbuhgalter.com.ua%2F&tiba=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D0%B1%D1%83%D1%85%D0%B3%D0%B0%D0%BB%D1%82%D0%B5%D1%80%D1%96%D0%B2%20%D0%B1%D1%8E%D0%B4%D0%B6%D0%B5%D1%82%D0%BD%D0%B8%D1%85%20%D1%83%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3bfefd3fa8a9a68e7088af73e972540f3523c55ce9bd208e6762453fd4db2acf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 00:55:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 980
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 129ms
40ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-35985798-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 06 Nov 2022 23:24:49 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 5430
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Mon, 07 Nov 2022 01:24:49 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/977649145/ 2 KB
2 KB 102ms
53ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/977649145/?random=1667782519654&cv=11&fst=1667782519654&bg=ffffff&guid=ON&async=1&gtm=2wgb20&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fbuhgalter.com.ua%2F&tiba=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D0%B1%D1%83%D1%85%D0%B3%D0%B0%D0%BB%D1%82%D0%B5%D1%80%D1%96%D0%B2%20%D0%B1%D1%8E%D0%B4%D0%B6%D0%B5%D1%82%D0%BD%D0%B8%D1%85%20%D1%83%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVLD3W

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ce0d69d0b69a5ed7af97608c6281574b2d47f354840b381be5a89dfffdfb152

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 00:55:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 920
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 optimize.js Show response
www.google-analytics.com/gtm/ 114 KB
44 KB 141ms
79ms Script
application/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/optimize.js?id=GTM-WMZFGRB

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVLD3W

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6b4a6f01c46aa35416cd318b384b92b49cb78e6de9aee2f81815d34a25bd5ca7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 00:55:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 45166
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 07 Nov 2022 00:55:19 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/uk_UA/ 3 KB
2 KB 69ms
69ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/uk_UA/sdk.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVLD3W

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9984a520fadf5c92540edcdd4e9df3b6632ae2a955b22bac81c7a0291aeba4df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 07 Nov 2022 00:55:19 GMT
content-md5: L8670S/0IoGu6gBnvVrQVQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1689
x-fb-rlafr: 0
x-fb-debug: bD/ti2tcK8Xjv9TZstcUEIXA8Pi47ehsPqtSQYGaYxte0mcAL88dO8oL2GnfsLTM7k3NkpCw6JSYafDIN1p3AA==
x-fb-trip-id: 686109401
x-fb-content-md5: 36d141563043c1a25f7cc75bbf8ac28d
cross-origin-opener-policy: same-origin-allow-popups
etag: "2668b15e4b778ac776a8d9c1e9b4bbf9"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
priority: u=3,i
expires: Mon, 07 Nov 2022 01:13:53 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 103 KB
27 KB 40ms
39ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f896040524443394b8b1ba4fbd1de94be74378ab901e53b3b40c1323d1735143

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 07 Nov 2022 00:55:19 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27337
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: GvDtDdhuaLv9vcwRrw1TJ9U07fWDIaAfZthcJfyLzyUv44e+R5zkVgGt60UJFv6gX0pF8wDPx/52cE8Br3mUAA==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 214 KB
75 KB 56ms
55ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-6VVQ37Y1T2&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVLD3W

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4d82400221a897df3f8d39ab260b1ad8f6ed5b6be95182ce721ca2c0c9bf45be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 00:55:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76466
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 07 Nov 2022 00:55:19 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 125ms
42ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1495025544106981&ev=PixelInitialized&dl=https%3A%2F%2Fbuhgalter.com.ua%2F&rl=&if=false&ts=1667782519675

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 07 Nov 2022 00:55:19 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
DATA 200
OK truncated
/ 408 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 259c000134f1b62928de5c6c5b2fbd055aa9c1133a3d95ae6794acf455f86458

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 411 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f1bb0ca338f496307dafa965e2c5429c8df952986576cb812f0f0ba83e4d1f25

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 user.png
buhgalter.com.ua/assets/templates/base/chat/img/ 631 B
831 B 36ms
35ms Image
image/png 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buhgalter.com.ua/assets/templates/base/chat/img/user.png
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/assets/templates/base/chat/css/main.css?1625654744
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Haarlem, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: fa730e45f1461662728ed590039a2cb0900eee5486af662670dccca0e7f0ddd6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/assets/templates/base/chat/css/main.css?1625654744
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 00:55:19 GMT
last-modified: Fri, 25 Jan 2019 12:16:54 GMT
server: nginx
etag: "5c4afe36-277"
content-type: image/png
cache-control: max-age=1209600, public, no-transform
accept-ranges: bytes
content-length: 631
expires: Mon, 21 Nov 2022 00:55:19 GMT

GET
H2 200 smyle.png
buhgalter.com.ua/assets/templates/base/chat/img/ 816 B
1016 B 36ms
36ms Image
image/png 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buhgalter.com.ua/assets/templates/base/chat/img/smyle.png
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/assets/templates/base/chat/css/main.css?1625654744
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Haarlem, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: 5833f676a69a7385d07b129f61b2545762ac94c5691a5c8fc82b1eff66d74737

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/assets/templates/base/chat/css/main.css?1625654744
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 00:55:19 GMT
last-modified: Fri, 25 Jan 2019 12:16:54 GMT
server: nginx
etag: "5c4afe36-330"
content-type: image/png
cache-control: max-age=1209600, public, no-transform
accept-ranges: bytes
content-length: 816
expires: Mon, 21 Nov 2022 00:55:19 GMT

GET
DATA 200
OK truncated
/ 383 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f3fb84ac22d9aa3bcb4eb5a032abb61f745d15a6e89e4b5c87a60d08bb48bbd8

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ic_video.png
buhgalter.com.ua/assets/templates/base/images/ico-social/ 424 B
624 B 36ms
36ms Image
image/png 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buhgalter.com.ua/assets/templates/base/images/ico-social/ic_video.png
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/assets/templates/base/css/media.css?1667293624
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Haarlem, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: 8d08002698e3eea9504529fb40cb7ee307d4bfcb79b26e6b7a9f0d88583ae8ae

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/assets/templates/base/css/media.css?1667293624
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 00:55:19 GMT
last-modified: Thu, 28 May 2020 12:05:04 GMT
server: nginx
etag: "5ecfa8f0-1a8"
content-type: image/png
cache-control: max-age=1209600, public, no-transform
accept-ranges: bytes
content-length: 424
expires: Mon, 21 Nov 2022 00:55:19 GMT

GET
H2 200 fit_logo_site.svg
buhgalter.com.ua/assets/templates/base/images/ 5 KB
2 KB 37ms
36ms Image
image/svg+xml 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buhgalter.com.ua/assets/templates/base/images/fit_logo_site.svg
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/assets/templates/base/css/media.css?1667293624
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Haarlem, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: 296a988d4d9033be4c070388508bd7d4e7e2d149bd3f985ef21bf8de7cff2f9c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/assets/templates/base/css/media.css?1667293624
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 00:55:19 GMT
content-encoding: gzip
last-modified: Tue, 26 Jul 2022 10:17:26 GMT
server: nginx
etag: W/"62dfbf36-12ba"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=1209600, public, no-transform
expires: Mon, 21 Nov 2022 00:55:19 GMT

GET
DATA 200
OK truncated
/ 288 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aa7d00eefe0b4610697ae7d4bdd52e0fcc48e82806bafb322e16e7ee66678ace

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 468 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b265408716dbe3e1a43a7bb536defb88b2a4df5e02fd12f1262ded3e46b2c9c2

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 425 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2d27a1810a9c43b17603247c2757dba5e852432b29416d66de79bf6a3bbd1fd3

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 106 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 74c3d6e4e68a777357e0779c0dac3ab4b146a1b9f95f5884893f453e703ef745

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 359 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a6e139420501c07877ec62682f783b60662ae4dc43f08c03fb16d7c45871981e

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 285 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4e54a4e1093719499f227854e31568e062cbb3eb158697d3a4ab56df81450ce6

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 93 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f1f2c754697a52684fccacaa9e300ac3268d6c13837b9ac7f46475cc67de8d4c

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 107 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4fa18ae7faa4c864e0c14d23b00a46e5cb48f7509335d3d9ece052ff93c328d5

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 fa-brands-400.woff2
use.fontawesome.com/releases/v5.6.3/webfonts/ 73 KB
73 KB 101ms
67ms Font
font/woff2 2606:4700:e2::ac40:850f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.6.3/webfonts/fa-brands-400.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.6.3/css/all.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e2::ac40:850f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eed474a49bdbf745c19e463f070e67977c1ab27835603eb749d9e5c249cf81f8

Request headers

Referer: https://use.fontawesome.com/releases/v5.6.3/css/all.css
Origin: https://buhgalter.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 00:55:19 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: MN97B8PSVDA4F6MX
age: 156879
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 74288
x-amz-id-2: Z5r0UES0wZC9ow4qqOXga3VBCFdewqPoHTS3ScANxMSJDKoI6KMY7aRIVDTZHk1i1031ZhEBbsg=
last-modified: Wed, 30 Jun 2021 15:44:54 GMT
server: cloudflare
etag: "eac60e8a656781e13d2a674b4d9051c0"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0rq04QXKqXabeXEkZ7TBo0zkBstE0RdRg6PtP3hvLLflorW757bDU%2BX09DDMubfnKZetcRExnvUqQMDXkH2kfMd%2FM9Q0D7xP3FQbL%2F4QItxmqY4KYWx4HSHcmDbn9Rr%2Fgg7vfTBescU%2BMSYiOHZFGNkK"}],"group":"cf-nel","max_age":604800}
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 76621a4cc946773e-LHR

GET
H3 200 fa-regular-400.woff2
use.fontawesome.com/releases/v5.6.3/webfonts/ 15 KB
15 KB 70ms
37ms Font
font/woff2 2606:4700:e2::ac40:850f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.6.3/webfonts/fa-regular-400.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.6.3/css/all.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e2::ac40:850f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ecdc6188a4b2ec48e2ebf84a2a6584e78473f1216d7119832b5dc109bec7492

Request headers

Referer: https://use.fontawesome.com/releases/v5.6.3/css/all.css
Origin: https://buhgalter.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 00:55:19 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: KAAPC52N0WDZNTD4
age: 354066
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14872
x-amz-id-2: xVl9FVzitUbsUc4QZDepZeTU55obzAaXY/GmCRFvLgSm0saftiFX/y1kNPCLrEKdhlYH047qPQ4=
last-modified: Wed, 30 Jun 2021 15:44:54 GMT
server: cloudflare
etag: "4b218302f9057d02864d4909661831e9"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u3VSC5kMhsTLmVMvVFQazuzemT0nxA1Tl48p0vuRwHKl6O9WWEw8dPAuaHvUZ677JBfBRIiSjyZWX41nyK2oA8vCSG%2BsQV9Lu7iEshx8Xj5aJMEcPfw42angE6qtasVIl%2BrzHJ%2BWoNlYw%2BadJ7uy9Shz"}],"group":"cf-nel","max_age":604800}
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 76621a4cc945773e-LHR

GET
H3 200 1495025544106981 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 145ms
101ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1495025544106981?v=2.9.89&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7dd25d04429575c13f1c5b0e13e65fa7bb8d8e2035fbe3194c5eecc7bfbb7f29

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 07 Nov 2022 00:55:19 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: XpkXHw4d1QDkVrFrczNgSDb2CU+FpaLqObFaAN394ROj16pHDEYxSjxd5fp6dfJsYABbUQ/TsmTmOTyyrYxa0w==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK / Show response
ghb.adtelligent.com/geo/ 152 B
424 B 125ms
29ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/geo/
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19303/hbw_master_299506_4371.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 76aca2a3a5554f3302fb8b7bf6db768cdddd1af7bcd81be8766d03528c39c58e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 07 Nov 2022 00:55:19 GMT
Server: Adtelligent
Content-Type: application/json
Access-Control-Allow-Origin: https://buhgalter.com.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 152

GET
H/1.1 200
OK tracking Show response
ghb.adtelligent.com/adunit/ 43 B
433 B 124ms
29ms XHR
image/gif 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/adunit/tracking?event=11&type=0&client_id=299506&site_id=4371&full_page_url=https%3A%2F%2Fbuhgalter.com.ua%2F&adid=62ng82.kh&features=147488&vpbv=N094&tte=192&lifecycle_tte=822
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19303/hbw_master_299506_4371.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 07 Nov 2022 00:55:19 GMT
Server: Adtelligent
Content-Type: image/gif
Access-Control-Allow-Origin: https://buhgalter.com.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 43

GET
H3 200 sdk.js Show response
connect.facebook.net/uk_UA/ 306 KB
86 KB 83ms
41ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/uk_UA/sdk.js?hash=d475600695bcf858c40471c9671f4a93

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/uk_UA/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

01af8f6778afe20575d3f80ed19d37651cb12d0fec740cc6bc9fcb2676361355

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://buhgalter.com.ua/
Origin: https://buhgalter.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 07 Nov 2022 00:55:19 GMT
content-md5: PbD3eSN9hlLYXtVJ53SdmA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88525
x-fb-rlafr: 0
x-fb-debug: xAS/hlr4Ua6CG+KdqO1WdX+V/VGmmxdmwNPPpJuwvEKEoYmxYJTr+qc31GFHabWNi6chz3Nkp9JsGNyQO0Zt0Q==
x-fb-content-md5: 81252d482b9f84ba25eeb401c8d77339
cross-origin-opener-policy: same-origin-allow-popups
etag: "0a9917919c64c1ed217c81b1bf3aedf9"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
priority: u=3,i
expires: Mon, 06 Nov 2023 23:13:44 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
347 B 105ms
34ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-6VVQ37Y1T2&gtm=2oeb20&_p=153317570&_gaz=1&cid=886186701.1667782520&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1667782519&sct=1&seg=0&dl=https%3A%2F%2Fbuhgalter.com.ua%2F&dt=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D0%B1%D1%83%D1%85%D0%B3%D0%B0%D0%BB%D1%82%D0%B5%D1%80%D1%96%D0%B2%20%D0%B1%D1%8E%D0%B4%D0%B6%D0%B5%D1%82%D0%BD%D0%B8%D1%85%20%D1%83%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6VVQ37Y1T2&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 00:55:19 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://buhgalter.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
347 B 106ms
35ms Ping
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-6VVQ37Y1T2&cid=886186701.1667782520&gtm=2oeb20&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6VVQ37Y1T2&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 00:55:19 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://buhgalter.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.co.uk/ads/ 42 B
501 B 139ms
53ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-6VVQ37Y1T2&cid=886186701.1667782520&gtm=2oeb20&aip=1&z=459955533

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 00:55:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/977649145/ 42 B
108 B 144ms
55ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/977649145/?random=1667782519654&cv=11&fst=1667779200000&bg=ffffff&guid=ON&async=1&gtm=2wgb20&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fbuhgalter.com.ua%2F&tiba=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D0%B1%D1%83%D1%85%D0%B3%D0%B0%D0%BB%D1%82%D0%B5%D1%80%D1%96%D0%B2%20%D0%B1%D1%8E%D0%B4%D0%B6%D0%B5%D1%82%D0%BD%D0%B8%D1%85%20%D1%83%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2&fmt=3&is_vtc=1&random=810343536&rmt_tld=0&ipr=y

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 00:55:19 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.co.uk/pagead/1p-user-list/977649145/ 42 B
108 B 114ms
54ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/pagead/1p-user-list/977649145/?random=1667782519654&cv=11&fst=1667779200000&bg=ffffff&guid=ON&async=1&gtm=2wgb20&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fbuhgalter.com.ua%2F&tiba=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D0%B1%D1%83%D1%85%D0%B3%D0%B0%D0%BB%D1%82%D0%B5%D1%80%D1%96%D0%B2%20%D0%B1%D1%8E%D0%B4%D0%B6%D0%B5%D1%82%D0%BD%D0%B8%D1%85%20%D1%83%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2&fmt=3&is_vtc=1&random=810343536&rmt_tld=1&ipr=y

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 00:55:19 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/975200280/ 42 B
548 B 143ms
54ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/975200280/?random=1667782519617&cv=9&fst=1667779200000&num=1&guid=ON&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fbuhgalter.com.ua%2F&tiba=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D0%B1%D1%83%D1%85%D0%B3%D0%B0%D0%BB%D1%82%D0%B5%D1%80%D1%96%D0%B2%20%D0%B1%D1%8E%D0%B4%D0%B6%D0%B5%D1%82%D0%BD%D0%B8%D1%85%20%D1%83%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2&fmt=3&is_vtc=1&random=1018336379&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 00:55:19 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.co.uk/pagead/1p-user-list/975200280/ 42 B
154 B 113ms
53ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/pagead/1p-user-list/975200280/?random=1667782519617&cv=9&fst=1667779200000&num=1&guid=ON&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fbuhgalter.com.ua%2F&tiba=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D0%B1%D1%83%D1%85%D0%B3%D0%B0%D0%BB%D1%82%D0%B5%D1%80%D1%96%D0%B2%20%D0%B1%D1%8E%D0%B4%D0%B6%D0%B5%D1%82%D0%BD%D0%B8%D1%85%20%D1%83%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2&fmt=3&is_vtc=1&random=1018336379&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 00:55:19 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_2022110101.js Show response
securepubads.g.doubleclick.net/gpt/ 380 KB
128 KB 139ms
49ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110101.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce331bf5c6c5e330f399d37e697146dd66cbc23038c122adba0b3cd3b1fe2781

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 19:44:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18622
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 130882
x-xss-protection: 0
last-modified: Tue, 01 Nov 2022 08:35:09 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 06 Nov 2023 19:44:57 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 287 B
763 B 147ms
58ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=buhgalter.com.ua

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c29d67f4e9401f25dc64727b141330574b2392bfd7713ee2c2346c89d7c0d09e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 00:55:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 128
x-xss-protection: 0
expires: Mon, 07 Nov 2022 00:55:19 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 135ms
51ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=153317570&t=pageview&_s=1&dl=https%3A%2F%2Fbuhgalter.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D0%B1%D1%83%D1%85%D0%B3%D0%B0%D0%BB%D1%82%D0%B5%D1%80%D1%96%D0%B2%20%D0%B1%D1%8E%D0%B4%D0%B6%D0%B5%D1%82%D0%BD%D0%B8%D1%85%20%D1%83%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=4CDACUABRAAAACAAI~&jid=565238902&gjid=741909445&cid=886186701.1667782520&tid=UA-35985798-1&_gid=1730227377.1667782520&_r=1&gtm=2oub20&z=859498310

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 00:55:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://buhgalter.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 124ms
42ms Image
image/gif 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=153317570&t=event&_s=2&dl=https%3A%2F%2Fbuhgalter.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D0%B1%D1%83%D1%85%D0%B3%D0%B0%D0%BB%D1%82%D0%B5%D1%80%D1%96%D0%B2%20%D0%B1%D1%8E%D0%B4%D0%B6%D0%B5%D1%82%D0%BD%D0%B8%D1%85%20%D1%83%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=general&ea=event2&_u=4CDACUABRAAAACAAI~&jid=&gjid=&cid=886186701.1667782520&tid=UA-35985798-1&_gid=1730227377.1667782520&cd2=%D0%BD%D0%B5%D1%82&gtm=2oub20&cd1=%D0%BD%D0%B5%D1%82&z=336742583

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Nov 2022 02:42:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 79968
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 0.bundle.js Show response
cdn.gravitec.net/modules/ 9 KB
4 KB 35ms
34ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.net/modules/0.bundle.js
Requested by: Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/c77ccd81f8480b85adc1e41419254e96/client.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 0a91fbed903c7ee569d116adee58d579d0c64775a469ee86d3cc4281f913bda1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires: Wed, 02 Feb 2022 09:06:29 GMT
date: Mon, 07 Nov 2022 00:55:19 GMT
content-encoding: gzip
last-modified: Wed, 02 Feb 2022 09:01:35 GMT
server: nginx
etag: W/"61fa486f-2550"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=10
x-proxy-cache: HIT

GET
H2 200 1.bundle.js Show response
cdn.gravitec.net/modules/ 32 KB
8 KB 40ms
39ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.net/modules/1.bundle.js
Requested by: Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/c77ccd81f8480b85adc1e41419254e96/client.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 23b89bb3578573b474d7a69e2df32e8f0ee7839a44392edb040e4117a07ce6fa

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires: Wed, 02 Feb 2022 09:06:29 GMT
date: Mon, 07 Nov 2022 00:55:19 GMT
content-encoding: gzip
last-modified: Wed, 02 Feb 2022 09:01:35 GMT
server: nginx
etag: W/"61fa486f-8092"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=10
x-proxy-cache: HIT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 75ms
51ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=153317570&t=pageview&_s=1&dl=https%3A%2F%2Fbuhgalter.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D0%B1%D1%83%D1%85%D0%B3%D0%B0%D0%BB%D1%82%D0%B5%D1%80%D1%96%D0%B2%20%D0%B1%D1%8E%D0%B4%D0%B6%D0%B5%D1%82%D0%BD%D0%B8%D1%85%20%D1%83%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=6CDACUABRAAAACAAI~&jid=656127831&gjid=1005143042&cid=886186701.1667782520&tid=UA-53572572-5&_gid=1730227377.1667782520&_r=1&gtm=2wgb20WVLD3W&z=2059770519

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 00:55:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://buhgalter.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 72ms
52ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=153317570&t=pageview&_s=1&dl=https%3A%2F%2Fbuhgalter.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D0%B1%D1%83%D1%85%D0%B3%D0%B0%D0%BB%D1%82%D0%B5%D1%80%D1%96%D0%B2%20%D0%B1%D1%8E%D0%B4%D0%B6%D0%B5%D1%82%D0%BD%D0%B8%D1%85%20%D1%83%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=6CDACUABRAAAACAAI~&jid=916984414&gjid=1431693395&cid=886186701.1667782520&tid=UA-35985798-1&_gid=1730227377.1667782520&_r=1&gtm=2wgb20WVLD3W&z=1518121508

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 00:55:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://buhgalter.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 /
loadercdn.net/ 0
169 B 468ms
70ms Image
text/plain 185.187.81.41
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadercdn.net/?r=1&u=609cf778a3f90d26&d=buhgalter.com.ua
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.41 Kyiv, Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 07 Nov 2022 00:55:20 GMT
server: openresty

GET
H/1.1 200
OK csyncs Show response
ghb.adtelligent.com/ 739 B
700 B 29ms
29ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/csyncs?aid1=443991
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19303/hbw_master_299506_4371.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: d57d9b0ec43302abd831b7baa5dd82223b11d3691aa9d123e3c63a784a45d15d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 07 Nov 2022 00:55:19 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://buhgalter.com.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 389

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 84ms
40ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1264355410382750&ev=fb_page_view&dl=https%3A%2F%2Fbuhgalter.com.ua%2F&rl=&if=false&ts=1667782519989&sw=1600&sh=1200&at=

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 07 Nov 2022 00:55:20 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2 204 /
csync.loopme.me/ Frame EF7D 0
0 383ms
39ms Document
text/plain 35.214.236.176
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D%26pubid%3D11378
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19303/hbw_master_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.214.236.176 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS: 176.236.214.35.bc.googleusercontent.com
Software: _ /
Resource Hash

Request headers

Referer: https://buhgalter.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

date: Mon, 07 Nov 2022 00:55:20 GMT
server: _

GET
H/1.1

200
OK

csync Show response
sync.adtelligent.com/ Frame DAF9
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=adtelligent&ssp_user_id={}
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=adtelligent&ssp_user_id={}
https://sync.adtelligent.com/csync?t=a&ep=736011&extuid=4bc5d70f-ba3d-4e84-970e-c8d441e962d4

0
404 B

334ms
186ms

Document
text/plain

62.149.1.122
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=736011&extuid=4bc5d70f-ba3d-4e84-970e-c8d441e962d4
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19303/hbw_master_299506_4371.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 62.149.1.122 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://buhgalter.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Content-Length: 0
Date: Mon, 07 Nov 2022 00:55:20 GMT
Etag: ec662cdd9d15c7b5
Server: Adtelligent

Redirect headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Date: Mon, 07 Nov 2022 00:55:20 GMT
Location: //sync.adtelligent.com/csync?t=a&ep=736011&extuid=4bc5d70f-ba3d-4e84-970e-c8d441e962d4

GET 981e2a0ec1c40493e59b139b8db4f728.gif
cs.admanmedia.com/ Frame 1D4C 0
0

GET
H/1.1

200
OK

csync
sync.adtelligent.com/
Redirect Chain

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=53d07f38-a9f9-463a-96b4-ccde080678f4

0
404 B

404ms
189ms

Image
text/plain

62.149.1.122
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=53d07f38-a9f9-463a-96b4-ccde080678f4
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: HTTP/1.1
Server: 62.149.1.122 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 07 Nov 2022 00:55:20 GMT
Server: Adtelligent
Etag: ec662cdd9d15c7b5
Content-Length: 0

Redirect headers

location: https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=53d07f38-a9f9-463a-96b4-ccde080678f4
date: Mon, 07 Nov 2022 00:55:20 GMT
cache-control: no-store no-transform
server: nginx
content-length: 166
content-type: text/html; charset=utf-8

GET
H/1.1 204
No Content pixel
ap.lijit.com/ 0
277 B 398ms
41ms Image
text/plain 72.251.249.9
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.9 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 07 Nov 2022 00:55:20 GMT
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 7 B
28 B 106ms
36ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-53572572-5&cid=886186701.1667782520&jid=656127831&gjid=1005143042&_gid=1730227377.1667782520&_u=6CDACUABRAAAACAAI~&z=1400980126

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 07 Nov 2022 00:55:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://buhgalter.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 7 B
28 B 106ms
37ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-35985798-1&cid=886186701.1667782520&jid=565238902&gjid=741909445&_gid=1730227377.1667782520&_u=4CDACUAARAAAACAAI~&z=257061894

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 07 Nov 2022 00:55:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://buhgalter.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 7 B
28 B 105ms
37ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-35985798-1&cid=886186701.1667782520&jid=916984414&gjid=1431693395&_gid=1730227377.1667782520&_u=6CDACUABRAAAACAAI~&z=1978906411

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 07 Nov 2022 00:55:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://buhgalter.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 41ms
41ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1495025544106981&ev=PageView&dl=https%3A%2F%2Fbuhgalter.com.ua%2F&rl=&if=false&ts=1667782520051&sw=1600&sh=1200&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.2.1667782520050.534887747&it=1667782519800&coo=false&rqm=GET

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 07 Nov 2022 00:55:20 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2 200 config.json Show response
player.adtelligent.com/exchange_rates/299481/ 2 KB
1 KB 306ms
225ms XHR
application/json 45.133.44.4
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/exchange_rates/299481/config.json?cb=https%3A%2F%2Fbuhgalter.com.ua%2F
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19303/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: 571d98b8be6a0ea6d706616d281fd6e46b569e9432f0d8eb0e21cc9c64fce257

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

expires: Wed, 09 Nov 2022 00:55:20 GMT
date: Mon, 07 Nov 2022 00:55:20 GMT
content-encoding: gzip
last-modified: Sat, 05 Nov 2022 12:01:08 GMT
server: nginx
etag: W/"63665084-8a3"
content-type: application/json
access-control-allow-origin: https://buhgalter.com.ua
cache-control: max-age=172800
x-proxy-cache: HIT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 17380452670e8c3216bc2cf483c28eec5059a45c47cabf1b216e09a6815f12cb

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
792 B 246ms
50ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=buhgalter.com.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 00:55:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 249ms
53ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=buhgalter.com.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 00:55:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 690 B
387 B 176ms
94ms XHR
text/plain 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3013276566603812&correlator=2516172747661764&eid=31069354%2C31061690&output=ldjh&gdfp_req=1&vrg=2022110101&ptt=17&impl=fifs&iu_parts=141806220%2Cbuhgalter-brand-custom&enc_prev_ius=%2F0%2F1&prev_iu_szs=1920x1080&ifi=1&adks=2347397124&sfv=1-0-39&prev_scp=excl_cat%3DPREPOST&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1667782520170&lmt=1590667965&dlt=1667782519283&idt=841&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fbuhgalter.com.ua%2F&frm=20&vis=1&psz=1600x2887&msz=1920x-1&fws=640&ohw=0&ga_vid=886186701.1667782520&ga_sid=1667782520&ga_hid=153317570&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

23e19e517b2d938bcf2fbfe1931148804a89822869068908e18c68015ad4f25f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 00:55:20 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 356
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://buhgalter.com.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 544 B
313 B 159ms
77ms XHR
text/plain 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3013276566603812&correlator=2741904377041351&eid=31069354%2C31061690&output=ldjh&gdfp_req=1&vrg=2022110101&ptt=17&impl=fifs&iu_parts=430837318%2CTOTAL_TAS%2CAdtelligent&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=2&adks=1413638297&sfv=1-0-39&prev_scp=tmPtS%3DINSERT_UTM_SOURCE_HERE%26tmPtM%3DINSERT_UTM_MEDIUM_HERE%26tmDmn%3DINSERT_DOMAIN_HERE%26tmClnt%3DAdtelligent%26excl_cat%3DPREPOST&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1667782520176&lmt=1590667965&dlt=1667782519283&idt=841&adxs=0&adys=2888&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fbuhgalter.com.ua%2F&frm=20&vis=1&psz=1600x2887&msz=1600x0&fws=0&ohw=0&ga_vid=886186701.1667782520&ga_sid=1667782520&ga_hid=153317570&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

77e1eb556e5b144b37d63f8bb16ad5062fa01a55e003038c51464e2ba968b2df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 00:55:20 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 282
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://buhgalter.com.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
b421d36273e048925721661df0521728.safeframe.googlesyndication.com/safeframe/1-0-39/html/ Frame 2FF3 6 KB
3 KB 161ms
48ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://buhgalter.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 2988
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 07 Nov 2022 00:55:20 GMT
expires: Tue, 07 Nov 2023 00:55:20 GMT
last-modified: Tue, 25 Oct 2022 18:59:17 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 225ms
51ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-53572572-5&cid=886186701.1667782520&jid=656127831&_u=6CDACUABRAAAACAAI~&z=1246351684

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 00:55:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.co.uk/ads/ 42 B
63 B 230ms
57ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-53572572-5&cid=886186701.1667782520&jid=656127831&_u=6CDACUABRAAAACAAI~&z=1246351684

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 00:55:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 225ms
51ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-35985798-1&cid=886186701.1667782520&jid=916984414&_u=6CDACUABRAAAACAAI~&z=274275426

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 00:55:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.co.uk/ads/ 42 B
63 B 230ms
58ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-35985798-1&cid=886186701.1667782520&jid=916984414&_u=6CDACUABRAAAACAAI~&z=274275426

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 00:55:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 231ms
58ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-35985798-1&cid=886186701.1667782520&jid=565238902&_u=4CDACUAARAAAACAAI~&z=157441364

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 00:55:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.co.uk/ads/ 42 B
63 B 229ms
57ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-35985798-1&cid=886186701.1667782520&jid=565238902&_u=4CDACUAARAAAACAAI~&z=157441364

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 00:55:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 bid Show response
s.seedtag.com/c/hb/ 88 B
890 B 377ms
221ms XHR
application/json 34.149.50.64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.seedtag.com/c/hb/bid
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19303/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 64.50.149.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 6b8fd7dd4105ce1ed396f303763969895138f914f8a96914107f5f0423881eba

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 07 Nov 2022 00:55:20 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
etag: W/"58-/hSBaI8EP6Zq6lRnBN3lI05bllY"
vary: X-HTTP-Method-Override
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H/1.1 200
OK / Show response
ghb.adtelligent.com/v2/auction/ 4 KB
729 B 31ms
31ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/v2/auction/
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19303/hb_299506_4371.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 6c7003d5cc097546b5da1801aec020dbb503041e72947eeb3be60dd5a36bb4db

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 07 Nov 2022 00:55:19 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://buhgalter.com.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 418

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
116 B 258ms
70ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19303/hb_299506_4371.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://buhgalter.com.ua
date: Mon, 07 Nov 2022 00:55:20 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 37 B
565 B 264ms
125ms XHR
application/json 104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=863026&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%221959248e909583f%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fbuhgalter.com.ua%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A5%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A5%2C%22ren%22%3Afalse%2C%22version%22%3A%226.25.1-c%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22212c2b6733d1179%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22863026%22%2C%22sid%22%3A%22970x90%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F141806220%2Fbuhgalter.com.ua_top_banner%23div-gpt-ad-top-banner%22%7D%7D%2C%7B%22id%22%3A%2224f0c6c516b8a9%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A620%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22863026%22%2C%22sid%22%3A%22620x90%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F141806220%2Fbuhgalter.com.ua_bottom%23div-gpt-ad-bottom%22%7D%7D%2C%7B%22id%22%3A%2230362e7f599abac%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A250%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22863026%22%2C%22sid%22%3A%22250x600%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F141806220%2Fbuhgalter.com.ua_right_banner%23div-gpt-ad-right-banner%22%7D%7D%2C%7B%22id%22%3A%2235e43b040b4135a%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A250%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22863026%22%2C%22sid%22%3A%22250x600%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F141806220%2Fbuhgalter.com.ua_left_banner%23div-gpt-ad-left-banner%22%7D%7D%2C%7B%22id%22%3A%223660e5d361cc41%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22863026%22%2C%22sid%22%3A%22970x90%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F141806220%2Fbuhgalter_catfish_banner%23div-gpt-ad-buhgalter_catfish_banner%22%7D%7D%5D%2C%22at%22%3A1%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2288f13056-c0f6-45ac-bc15-03baf473f259%22%7D%5D%7D%5D%2C%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%7D
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19303/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 651e95847f7d32216e1b69015c052faa01310a0fa73cd107220860fdfc20e406

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 00:55:20 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TzGTfdpVXOt6QPAdFTi6IZQY5FGtEgnt5uCV9ghAspynyiU%2FVpK5jIgDu5i4YfbhRdKvFYiaWYeKIMWcdJHwjlkQDCxTuCtN9QELiWn11tO7mCjWLoh4hUAhjc86BWzrt0Hq%2FX%2Fo"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://buhgalter.com.ua
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 76621a504a8d88b9-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
expires: 0

GET fastlane.json
fastlane.rubiconproject.com/a/api/ 0
0

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 310 B
1 KB 284ms
124ms XHR
application/json 2602:803:c004:200::141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48254&zone_id=1767334&size_id=1&gdpr=0&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=88f13056-c0f6-45ac-bc15-03baf473f259%5E1&rf=https%3A%2F%2Fbuhgalter.com.ua%2F&tg_i.pbadslot=%2F141806220%2Fbuhgalter.com.ua_bottom%23div-gpt-ad-bottom&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=2ae91f01-59b6-446e-b6c4-94f88c5984c3&l_pb_bid_id=3908caae3c5293a&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F141806220%2Fbuhgalter.com.ua_bottom%23div-gpt-ad-bottom&slots=1&rand=0.3813348292482779
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19303/hb_299506_4371.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: e3d9de01673e8b1a30b38ff593b53f5d82833bcd0e8a6beaa4af6fca5c41c558

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 07 Nov 2022 00:55:20 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://buhgalter.com.ua
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 310
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 342 B
1 KB 316ms
156ms XHR
application/json 2602:803:c004:200::141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48254&zone_id=1767334&size_id=9&alt_size_ids=14%2C17%2C179&gdpr=0&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=88f13056-c0f6-45ac-bc15-03baf473f259%5E1&rf=https%3A%2F%2Fbuhgalter.com.ua%2F&tg_i.pbadslot=%2F141806220%2Fbuhgalter.com.ua_right_banner%23div-gpt-ad-right-banner&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=99476348-70dc-41d8-8e80-73f102326031&l_pb_bid_id=404d9bcbf00483d&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F141806220%2Fbuhgalter.com.ua_right_banner%23div-gpt-ad-right-banner&slots=1&rand=0.02623061371126667
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19303/hb_299506_4371.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 96b81dae602788a05effa934ca7986ff554bd40697b49f0d074d8c52ede341b5

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 07 Nov 2022 00:55:20 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://buhgalter.com.ua
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 342
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 340 B
1 KB 1282ms
1123ms XHR
application/json 2602:803:c004:200::141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48254&zone_id=1767334&size_id=9&alt_size_ids=14%2C17%2C179&gdpr=0&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=88f13056-c0f6-45ac-bc15-03baf473f259%5E1&rf=https%3A%2F%2Fbuhgalter.com.ua%2F&tg_i.pbadslot=%2F141806220%2Fbuhgalter.com.ua_left_banner%23div-gpt-ad-left-banner&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=1875c4cb-bae5-48d3-9bdd-75df9db9bb56&l_pb_bid_id=41acb7abd3cdd94&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F141806220%2Fbuhgalter.com.ua_left_banner%23div-gpt-ad-left-banner&slots=1&rand=0.9223775318986958
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19303/hb_299506_4371.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: a8080b77cc159de7699f27a85b3181b1eba0022951d1f7c63f315aa0a541b864

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 07 Nov 2022 00:55:21 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://buhgalter.com.ua
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 340
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 330 B
1 KB 301ms
142ms XHR
application/json 2602:803:c004:200::141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48254&zone_id=1767334&size_id=55&gdpr=0&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=88f13056-c0f6-45ac-bc15-03baf473f259%5E1&rf=https%3A%2F%2Fbuhgalter.com.ua%2F&tg_i.pbadslot=%2F141806220%2Fbuhgalter_catfish_banner%23div-gpt-ad-buhgalter_catfish_banner&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=aec70faa-892b-4e0c-805c-2fdb097cc3d1&l_pb_bid_id=426b80af15597f1&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F141806220%2Fbuhgalter_catfish_banner%23div-gpt-ad-buhgalter_catfish_banner&slots=1&rand=0.08963584732152574
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19303/hb_299506_4371.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 90d8e64b860db5f3a92910feeb47cc539b732f1eb49376e448dd64e3f9013750

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 07 Nov 2022 00:55:20 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://buhgalter.com.ua
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 330
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2

200

ROS Show response
pbjs.e-planning.net/hb/1/2e43c/1/buhgalter.com.ua/
Redirect Chain

https://pbjs.e-planning.net/pbjs/1/2e43c/1/buhgalter.com.ua/ROS?rnd=0.519101693750263&e=728x90_0%3A728x90%2C970x90%2C1x1%2B468x60_0%3A468x60%2C610x90%2C620x90%2B160x600_0%3A160x600%2C250x600%2C250x...
https://pbjs.e-planning.net/hb/1/2e43c/1/buhgalter.com.ua/ROS?ct=1&r=pbjs&rnd=0.519101693750263&e=728x90_0%3A728x90%2C970x90%2C1x1%2B468x60_0%3A468x60%2C610x90%2C620x90%2B160x600_0%3A160x600%2C250x...

581 B
996 B

36ms
35ms

XHR
application/json

185.172.90.252
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://pbjs.e-planning.net/hb/1/2e43c/1/buhgalter.com.ua/ROS?ct=1&r=pbjs&rnd=0.519101693750263&e=728x90_0%3A728x90%2C970x90%2C1x1%2B468x60_0%3A468x60%2C610x90%2C620x90%2B160x600_0%3A160x600%2C250x600%2C250x500%2C250x250%2C240x400%2C240x500%2C250x400%2B160x600_1%3A160x600%2C250x600%2C250x500%2C250x250%2C240x400%2C240x500%2C250x400%2B970x90_0%3A970x90%2C1420x90%2C1420x180&ur=https%3A%2F%2Fbuhgalter.com.ua%2F&pbv=6.25.1-c&ncb=1&vs=FFFFF&crs=UTF-8&fr=https%3A%2F%2Fbuhgalter.com.ua%2F&gdpr=0&e_pubcid=88f13056-c0f6-45ac-bc15-03baf473f259
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Server: 185.172.90.252 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: 52e5aa30fbcd4f762fd828571b6d91b0ac214112c4c7cea30d137f4aef3c521a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires: Mon, 07 Nov 2022 00:55:20 GMT
date: Mon, 07 Nov 2022 00:55:20 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://buhgalter.com.ua
content-type: application/json
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-length: 581
x-sid: AMS-937

Redirect headers

date: Mon, 07 Nov 2022 00:55:20 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://buhgalter.com.ua
location: /hb/1/2e43c/1/buhgalter.com.ua/ROS?ct=1&r=pbjs&rnd=0.519101693750263&e=728x90_0%3A728x90%2C970x90%2C1x1%2B468x60_0%3A468x60%2C610x90%2C620x90%2B160x600_0%3A160x600%2C250x600%2C250x500%2C250x250%2C240x400%2C240x500%2C250x400%2B160x600_1%3A160x600%2C250x600%2C250x500%2C250x250%2C240x400%2C240x500%2C250x400%2B970x90_0%3A970x90%2C1420x90%2C1420x180&ur=https%3A%2F%2Fbuhgalter.com.ua%2F&pbv=6.25.1-c&ncb=1&vs=FFFFF&crs=UTF-8&fr=https%3A%2F%2Fbuhgalter.com.ua%2F&gdpr=0&e_pubcid=88f13056-c0f6-45ac-bc15-03baf473f259
content-type: text/html; charset=iso-8859-1
access-control-allow-credentials: true
x-sid: AMS-937

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
218 B 194ms
54ms XHR
text/plain 2a02:2638::24
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.25.1-c&cb=42466111033

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19303/hb_299506_4371.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 07 Nov 2022 00:55:20 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

POST
H2 200 hbjson Show response
grid.bidswitch.net/ 24 B
240 B 282ms
61ms XHR
application/json 3.67.210.236
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://grid.bidswitch.net/hbjson
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19303/hb_299506_4371.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.67.210.236 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-67-210-236.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e1425372c0bd837512dd7517bb0bc49739dbd3e61eb97a4ca4eb3b8aeae69b49

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://buhgalter.com.ua
date: Mon, 07 Nov 2022 00:55:20 GMT
content-encoding: gzip
access-control-allow-credentials: true
cache-control: no-cache, no-store, must-revalidate
content-length: 49
content-type: application/json

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 48 B
743 B 172ms
35ms XHR
application/json 185.89.210.46
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19303/hb_299506_4371.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

983775b438c242df7cb0ceb87bd2582f96ff0d4e8043f822adf3a3e93261b9a8

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 07 Nov 2022 00:55:20 GMT
AN-X-Request-Uuid: 7845d731-0a6d-4cbd-a0b0-9eab18923b8b
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://buhgalter.com.ua
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.138.196.106; 217.138.196.106; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 48
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
178 B 176ms
39ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19303/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://buhgalter.com.ua
date: Mon, 07 Nov 2022 00:55:20 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 343 B
1 KB 1261ms
1111ms XHR
application/json 2602:803:c004:200::141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2126352&size_id=2&alt_size_ids=55%2C221&gdpr=0&eid_pubcid.org=88f13056-c0f6-45ac-bc15-03baf473f259%5E1&rf=https%3A%2F%2Fbuhgalter.com.ua%2F&tg_i.pbadslot=%2F141806220%2Fbuhgalter.com.ua_top_banner%23div-gpt-ad-top-banner&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=886651f4-2d86-4996-a1b3-1a75e4fea152&l_pb_bid_id=73e06ba1db8b0d2&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F141806220%2Fbuhgalter.com.ua_top_banner%23div-gpt-ad-top-banner&slots=1&rand=0.6045160146995425
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19303/hb_299506_4371.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: f862e8ce91086aaf218a7dad2ad925eda30a52e91352744b3a193e1a979b0a21

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 07 Nov 2022 00:55:21 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://buhgalter.com.ua
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 343
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 311 B
1 KB 1377ms
1103ms XHR
application/json 2602:803:c004:200::141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2126352&size_id=1&gdpr=0&eid_pubcid.org=88f13056-c0f6-45ac-bc15-03baf473f259%5E1&rf=https%3A%2F%2Fbuhgalter.com.ua%2F&tg_i.pbadslot=%2F141806220%2Fbuhgalter.com.ua_bottom%23div-gpt-ad-bottom&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=2ae91f01-59b6-446e-b6c4-94f88c5984c3&l_pb_bid_id=74fca5d11451f14&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F141806220%2Fbuhgalter.com.ua_bottom%23div-gpt-ad-bottom&slots=1&rand=0.15476953962127982
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19303/hb_299506_4371.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 8a19f12b731e36db6d78c0455a6fb759cb4b1019efda788a89a6f748330e5fee

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 07 Nov 2022 00:55:21 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://buhgalter.com.ua
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 311
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 323 B
1 KB 502ms
210ms XHR
application/json 2602:803:c004:200::141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2126352&size_id=9&alt_size_ids=14%2C17%2C179&gdpr=0&eid_pubcid.org=88f13056-c0f6-45ac-bc15-03baf473f259%5E1&rf=https%3A%2F%2Fbuhgalter.com.ua%2F&tg_i.pbadslot=%2F141806220%2Fbuhgalter.com.ua_right_banner%23div-gpt-ad-right-banner&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=99476348-70dc-41d8-8e80-73f102326031&l_pb_bid_id=75a704df779543c&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F141806220%2Fbuhgalter.com.ua_right_banner%23div-gpt-ad-right-banner&slots=1&rand=0.7220847937007908
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19303/hb_299506_4371.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: baf4d1aa5f87c1d3b95173cfaf7c1be2abaf406aca3ed11992d59ed294ef31d2

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 07 Nov 2022 00:55:20 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://buhgalter.com.ua
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 323
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 321 B
1 KB 405ms
98ms XHR
application/json 2602:803:c004:200::141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2126352&size_id=9&alt_size_ids=14%2C17%2C179&gdpr=0&eid_pubcid.org=88f13056-c0f6-45ac-bc15-03baf473f259%5E1&rf=https%3A%2F%2Fbuhgalter.com.ua%2F&tg_i.pbadslot=%2F141806220%2Fbuhgalter.com.ua_left_banner%23div-gpt-ad-left-banner&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=1875c4cb-bae5-48d3-9bdd-75df9db9bb56&l_pb_bid_id=76909687966f481&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F141806220%2Fbuhgalter.com.ua_left_banner%23div-gpt-ad-left-banner&slots=1&rand=0.3857558954130056
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19303/hb_299506_4371.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: d445f72c0b1f543531b8a607eb045b0a22521a33bc745e7db574822081a79365

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 07 Nov 2022 00:55:20 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://buhgalter.com.ua
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 321
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 331 B
1 KB 1510ms
1105ms XHR
application/json 2602:803:c004:200::141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2126352&size_id=55&gdpr=0&eid_pubcid.org=88f13056-c0f6-45ac-bc15-03baf473f259%5E1&rf=https%3A%2F%2Fbuhgalter.com.ua%2F&tg_i.pbadslot=%2F141806220%2Fbuhgalter_catfish_banner%23div-gpt-ad-buhgalter_catfish_banner&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=aec70faa-892b-4e0c-805c-2fdb097cc3d1&l_pb_bid_id=77a11f552d1a2c4&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F141806220%2Fbuhgalter_catfish_banner%23div-gpt-ad-buhgalter_catfish_banner&slots=1&rand=0.38343044752124245
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19303/hb_299506_4371.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: c1657f7d278d39d8e8bf7041a3a49cb6f39b13119e388b8ffe6a4f94e9d97fbe

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 07 Nov 2022 00:55:21 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://buhgalter.com.ua
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 331
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 184ms
52ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969134018383a88c53ad784fa4006c&cmd=bid&secure=1
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19303/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 3c74cc19975b79ddaa3fb1eda4375e3f6f8b6e95280efa826485eacde38238f4

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 07 Nov 2022 00:55:20 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 225ms
92ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969134018383a88c53ad80c1690073&cmd=bid&secure=1
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19303/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 096a1fd3254fc42817c4c633d6a201862b3712f06836041523a6de862d37875b

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 07 Nov 2022 00:55:20 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
293 B 182ms
50ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969ce4018383a88820ad8173e00067&cmd=bid&secure=1
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19303/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 3954c072b8ccae5186c1cecc9b6e4e1552d9dbb32a88fd772e4d354e61dc1bff

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 07 Nov 2022 00:55:20 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 185ms
53ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969ce4018383a88820ad81ad100068&cmd=bid&secure=1
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19303/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 477f6940fb583ae0905ec9ecafb6487eac6bd16ab264572519030c25c5e4c4bf

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 07 Nov 2022 00:55:20 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 183ms
52ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969134018383a88c53ad81dedc0075&cmd=bid&secure=1
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19303/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: e3c2c212e12228ab63bc14f3eacae9780501d66b7cf9e981252b52ccfc65081b

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 07 Nov 2022 00:55:20 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 184ms
53ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a9694a6018383a89128ad822331007d&cmd=bid&secure=1
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19303/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: afaf0cc0324afcbb874fc9f5f09910b261023013f12f829f8cd0c30512af8dac

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 07 Nov 2022 00:55:20 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 185ms
54ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969ce4018383a88820ad8253e00069&cmd=bid&secure=1
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19303/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 886be91a01119208c9cc1a1ea2ed933d7c075f1d89659d21823d139f75507fa5

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 07 Nov 2022 00:55:20 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 183ms
52ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969134018383a88c53ad8103460074&cmd=bid&secure=1
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19303/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: d70fcb40f836001ac6d087dd80390fa48bf954e337ea319064b798d9958d7c8f

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 07 Nov 2022 00:55:20 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 218ms
87ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a9694a6018383a89128ad829262007e&cmd=bid&secure=1
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19303/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 24d18d4fc17a28fc09f962bae64be4acf0d0a38e6443ae308ad64eb1a22fe2ec

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 07 Nov 2022 00:55:20 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 255ms
124ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969ce4018383a88820ad81ad100068&cmd=bid&secure=1
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19303/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 83303b6433a288df8cd75c5def273e30123f4aafb674b9d1c90c5b84273425d3

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 07 Nov 2022 00:55:20 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 217ms
87ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969ce4018383a88820ad8253e00069&cmd=bid&secure=1
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19303/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 3a2eb5bdd4ebebd44b01f9835c1558932f68cdf8794d5ff6f4ef88b988d20be2

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 07 Nov 2022 00:55:20 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 252ms
122ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969134018383a88c53ad80c1690073&cmd=bid&secure=1
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19303/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 830c492faf4a8fd45323fc4cc866f1d5c77dd3d3d330a58842d1dd07fa6f2676

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 07 Nov 2022 00:55:20 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 221ms
91ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969134018383a88c53ad82f4990077&cmd=bid&secure=1
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19303/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: fdffbf78abc7d7cda412843cc7a44689f1f03fa27c085e3246bd08975a906688

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 07 Nov 2022 00:55:20 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 216ms
86ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a9694a6018383a89128ad84e4b00081&cmd=bid&secure=1
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19303/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 7829988b563456c6175f01dfe2a83226f4f92e5c3375d380843538cd7025a6f9

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 07 Nov 2022 00:55:20 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 220ms
91ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969134018383a88c53ad805d2c0071&cmd=bid&secure=1
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19303/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 5d9d6ec7c41585e96ab6ea96934ff2dd16785b537ee1e1c73cf9ea2fbf0979f0

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 07 Nov 2022 00:55:20 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 224ms
95ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969134018383a88c53ad784fa4006c&cmd=bid&secure=1
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19303/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: f9700993b93e875b84bcf02e5ed2be7f8a3d30f073c9ec929a00de192c247996

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 07 Nov 2022 00:55:20 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 225ms
96ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969ce4018383a88820ad8095670064&cmd=bid&secure=1
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19303/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: e4bc48c05d48842ca3875e39b1d070f10c579e57834e47494d27276af60ff2a6

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 07 Nov 2022 00:55:20 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 217ms
88ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a9694a6018383a89128ad813cb7007b&cmd=bid&secure=1
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19303/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 53f64343db1ef6abfd36c823fbf750323e5209120aa59a5ce50afccb3fb2dbd9

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 07 Nov 2022 00:55:20 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 224ms
95ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969ce4018383a88820ad84331b006b&cmd=bid&secure=1
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19303/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 9954936e02b683773333025d253980050ceb542347cab9395912bb82f98ee147

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 07 Nov 2022 00:55:20 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 223ms
94ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969134018383a88c53ad847394007a&cmd=bid&secure=1
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19303/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: a382434a37923931c10946c507330698902a876d4a9f27b2ab584ef51173a253

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 07 Nov 2022 00:55:20 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 222ms
94ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a9694a6018383a89128ad84af220080&cmd=bid&secure=1
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19303/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 2075b9bb7a326a93084593989a0edcaa4d64e579741df7efb8e842ee56930499

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 07 Nov 2022 00:55:20 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 223ms
94ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969134018383a88c53ad784fa4006c&cmd=bid&secure=1
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19303/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 96d2e5e87903e7b623ab5286f09fa34daf4ed6dfa8af3efb1595c51121d9473b

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 07 Nov 2022 00:55:20 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 220ms
92ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969ce4018383a88820ad8095670064&cmd=bid&secure=1
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19303/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 797d07bd95a6bd28ccd62afa00442978b2e78874f385b12e235cb9fe4aa860e2

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 07 Nov 2022 00:55:20 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 258ms
130ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a9694a6018383a89128ad813cb7007b&cmd=bid&secure=1
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19303/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 28944c23ec8eef8e3f1bc3f8dc145623c5d7c10c7b8909006681229fb86687a8

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 07 Nov 2022 00:55:20 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 221ms
93ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969134018383a88c53ad805d2c0071&cmd=bid&secure=1
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19303/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 835bde703fda03992fac1cdeaaa672dde40be8a46a68640bb7cfefa0639710ad

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 07 Nov 2022 00:55:20 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 240ms
113ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969ce4018383a88820ad84331b006b&cmd=bid&secure=1
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19303/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 50112439d2836bd2c991492af692b8935bb06b6045855a60683474cd7b5558ec

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 07 Nov 2022 00:55:20 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 213ms
85ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969134018383a88c53ad847394007a&cmd=bid&secure=1
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19303/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 641ffe72873f12017fb86aaf780a09ec9a0b7ae276a83f5510960dba130eea47

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 07 Nov 2022 00:55:20 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 222ms
95ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a9694a6018383a89128ad84af220080&cmd=bid&secure=1
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19303/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: a7db669654ce495a1fa505a2b97684211209182f7c103dae0c2f611c1020b1d2

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 07 Nov 2022 00:55:20 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 220ms
93ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969134018383a88c53ad784fa4006c&cmd=bid&secure=1
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19303/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 65050eb8b9d9d8603c13cdb97ff40c7964893046ae304654feb30d98bc128647

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 07 Nov 2022 00:55:20 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 219ms
92ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969134018383a88c53ad81dedc0075&cmd=bid&secure=1
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19303/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: e5b33f5be41fcd2f98f846f226216e57b5b86a3fd9bdda198bd36143fa282cc3

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 07 Nov 2022 00:55:20 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 213ms
86ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a9694a6018383a89128ad822331007d&cmd=bid&secure=1
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19303/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 11b8039f67c83221d338e7df04a5517d18c2bc1711d092633f902019ea0c700f

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 07 Nov 2022 00:55:20 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 219ms
93ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969ce4018383a88820ad8253e00069&cmd=bid&secure=1
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19303/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: dc47f31e1c5dc6cc2efc59fbbe537072343769f8cf1378d7b0e110e4ad3b0892

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 07 Nov 2022 00:55:20 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 213ms
87ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969ce4018383a88820ad81ad100068&cmd=bid&secure=1
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19303/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: ec000cc0df2a0e65abe1a1fe11c547f7072bb92e52671bd741605634ac530d37

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 07 Nov 2022 00:55:20 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 245ms
119ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969134018383a88c53ad80c1690073&cmd=bid&secure=1
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19303/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 8598ebb5ec244f26b8b287ec7c79de0301a7f7d3b6b17ca7aa5099a10a64da49

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 07 Nov 2022 00:55:20 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 213ms
88ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969ce4018383a88820ad851b23006c&cmd=bid&secure=1
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19303/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: dfa57ee471aa3e24aaf9c383ad55e34704fa0c0f6bc918413c6b57d13ed961cc

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 07 Nov 2022 00:55:20 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 210ms
85ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969134018383a88c53ad82f4990077&cmd=bid&secure=1
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19303/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: fd159884459d6b0d0cb9173afc37b4ece971e711b3035ba95447f84acfa38ff5

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 07 Nov 2022 00:55:20 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-allow-credentials: true
content-length: 62

POST
H2 200 z Show response
s.zmctrack.net/ Frame 6557 102 B
451 B 71ms
71ms XHR
text/plain 185.187.81.40
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.zmctrack.net/z
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.40 Kyiv, Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: openresty /
Resource Hash: d21e8ca19cb63cc85e4704f1921c06fd9e035f04b26e9c81f98361c3199d77ca

Request headers

Content-language: eyJ4LXBvc3QiOiIxIn0=
Referer
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 07 Nov 2022 00:55:20 GMT
server: openresty
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://buhgalter.com.ua
access-control-expose-headers: X-Meta-Request-Id, X-Location, X-Meta-Status, X-Check, X-Cookie
access-control-allow-headers: X-Request-Data, X-Headers, X-Url, Accept-Encoding, Accept-Language, Content-Language, Accept, Content-Type, Cookie, Origin, User-Agent
content-length: 102

GET
H3 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.6.3/webfonts/ 77 KB
78 KB 37ms
36ms Font
font/woff2 2606:4700:e2::ac40:850f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.6.3/webfonts/fa-solid-900.woff2
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e2::ac40:850f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f419ad7a4477f36ce73c74a23dce784150ca38fa5075a8e06109709cbb716903

Request headers

Referer: https://buhgalter.com.ua/
Origin: https://buhgalter.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 00:55:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: W5QANDTB5EC0GR8V
age: 545592
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 79100
x-amz-id-2: 3MG11YceOd9oD3VbfGM4/BG7w+/+uJoc/ZlLwMyBckI2VpzfxMi/q8DyFYzoGLYQ46IDl3SH6FE=
last-modified: Wed, 30 Jun 2021 15:44:54 GMT
server: cloudflare
etag: "5dc01cfcd5336f696cb85da7ce53fa9b"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K4O%2B3Pqq%2FDNzFRMVPdwLOkV6pCgcrjr9tI4bPO39EvoDis%2BdtUZWWqqfAmV3mJcmeTE26HBOooo5eSupuS%2BrE0OEEWtDKyvsvmPjQxmy54BG4LNJraGfo2FBJnMtIkqBTXm5oOBpjBRcNYJNu4PaSiW9"}],"group":"cf-nel","max_age":604800}
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 76621a515e82773e-LHR

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ecc36cc1d2a1b39c6dcc4d23c5e1c029f1d2c78e8f696e094c8ea8db964e5664

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 9 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: de845987f3459366a295fa160b916e6945c7b96961d7ba73d441b03f211811e8

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 16 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f7c81f756187282cde04eb081009912e336f388013eb18b70b9895f4cefb6a79

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 13 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ea35c5d1362d678749f64a9e5e667ff8e8cde215869401caa753c5e6585f568f

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 8 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d691477018d0f0957939aa725df7f8a979d42731cd24ffc4b2a91e8cb456db82

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 16 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 09cf7684a243dfc294f30f108a7a97ad7807efebc4699aeff4baf8b94c65d749

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 29 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c52ea3c0b9b1233a70ed9ee281fec4418c13f8688c556ba31e587e0570cc2b43

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 13 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c4a5a12744673c5a2dbb3653fcf99e1d86f9630f2a49ff4aa892cc5018794720

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7535435b268eceb5a194a8a6065e853af11815cedcbe1769155617d3a8487d60

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c1ccf8f543009a813c29e737c9d9b1c5348169995360fbab23c402ab35c93374

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 69768ececc08139a577e3382f14cdec2f0c549663ab259f280e2f83e709065a2

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 10 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e955ea3c7cea5f641e22b09184850d60c3a4a8eef354d739ca9e0ac25daebfaf

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 8 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f1b4809c02c833ef4a89170232005bdb3b7b825cd4a1b16e1f7868fdcef834d7

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 14 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7d5bed178d04622ad95cab658071133ce2ea6b1b394fd71179ec07b5de122bc5

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0c593b478bac40d4bd1c30ccf349c6e118c347e0ed9881ff7e70a7c5de86493e

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 36bfcbfb8c235969f901acae944343611139ad8fe2ab577e907cbd2ca7cbef55

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 8 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fd3eec52805f5b6243e9fe47efb617a37254f80fdeafe26f9d39e007635e0266

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e94d0e2d56d7e7d35935918e549a374568fad167f2c8f4e5189104fa6546d8d5

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 6 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c52a8264c8a4dfb27b101c226b29ed7df32bd643d17550a6aabf8d44d880c75d

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 6 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ca30c33aa5f114d6c4810f2546893395a3047705d5a8b23cb60bba9a157a77ef

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 09bf76bf9a693f6d1ff70fb63a0f530e6d880240a4cf8b53baa070cb244852c0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 14 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d0e59aaca8c9a62d2ae97808a1d7c958012a860f486ecf0f35c73308ac3623cb

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b3513b034d0ecb8f59408a1ca4b9b3a8ba63c68f07f877b2e1e1f34da644afe1

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 14 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c1dffd59aa695c7624ba66ca5c2a1f152f44821259b74a05a3e76f59e84331fb

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 14 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 87a156566bf61f245a0b0d6c16f0446eb7cc4a36a9350be545fa37259a40b71a

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 36 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6e337204ed03b6e4418d9b9b436cd2614831b06c4e1a9ca156d47ece9ad0951c

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 16 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f77bdfc493418da1a85260cc1b790bd02c9d0a09426ed1ad89a9613aa16e5758

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 28 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 741cb5b795c866f5aef2c01f64bf8eda484c92bfebe3ee309c9ed35cd252f033

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 08e04409d774299c7ac6fbbd18203bb89d0febac102760ed40a76864a6bb4066

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 12 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b6681c00074d8e62bb49a4c31444da8096a55f8830f62e4e8cf7b00882ba6cdb

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 6 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b36e2f24c228d4aa3773ac182616c0cf6835f37725be8de6ce7305caa2a99348

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2c30bce9316a009e9a17785731b7c5b52af0e3f3f162efbc5787513b54cea138

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d453778582484007a5a8c9b610fbe6a12a863260562fadd46f8e402f740ab12e

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7704281ee0b386ac39b9b1f6ca82401efc3500b75ac160e9a46ab6246974d9a5

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 061543b6ada60edddffd9f7c3f5a4fd1fa7c37e0f023816dbe1a8d4091daf49e

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6aa60dd23a74b3701f5ed911709abd25ac4e7f4a8cbd13d777fda48db32915f8

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dd9366b123766ecaeec85d47719aaa8ddbd3b68aa7e1fae5434fec5133ebd7cd

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 159210f9ceb6561cae10aa34238d9c3d4a601a5ac825ff6d9f3e669d8bd0df0e

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 16 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a1b43339886c2df3f1451af8474e95a8923085ef0fc240820e7a8218110d573b

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 9 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 07b382d14e2714223655f23745e8bfad2b87de32d3bc5d145403ed07dbcce891

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d285ddb67b0c0d1642d8dbc0d6c122085eaf32cc6df3f165febbb4a47d05c9b5

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 10 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aac32479b7e00e374a47b5c6daeb907574805cd3320d6d2c520764c6ee96c12d

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 9 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: df352596341aef158df4b1735cf3b02723951a0a584685f896ce3782f6e33f29

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 9 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 679449bd06f6cbbe46b129b5009ce6b490d323677b02fac4a62b10bdfc678ddb

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 6 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4f9695de838f580539a55fb51b39700729e469625f429ef612e7e3173bd004bc

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 83f2963ac96def32a52b88d46767a0e6b4f7d5deeabe40bdcd795ce25b99217a

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b35b72ac1876a9d5ec1b9955529f4070e971ce9439a1394970143145b499117f

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 57433e1293341458165bf38974563d349e5c2116f089af926afe7bf6a4e4a49c

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 18 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b61c483c1ef272649d59390899f6ba6dacc4a0047fd5f31fb66a5a4bcb5af0ea

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 30 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a3492ab3d262a82e24fbabfecd777c0800964578ca1e00a363307bd3e590dc77

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 110b303089a71f1b1c392a22406acdad508b9b0d39a1f39626827e86f3a5a78f

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9ce75ed467996485eace448fc8554374409488e31678c2e1efb995c77449c0e4

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 10 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a56602d44222ff0e9c9c9d8faa30c87de0a0b053145aff4a43be4588d216157f

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 6 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3971a86564fe25b2262b78bf830d8af076f7cde4fe7b2167585b38571b3f180a

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 11 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6689b10d16d6c6f738c2fae6e209c53d7b4ad2d597ba712e0ecc2f1852a280ac

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e027435211ef2a57f103c525775456d802bd6ad5acaa62117d45e10930c7af7e

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d4c5780344a410ba6f301b65ec5a0fff84b5ff87bdf3e65c7f6f52958beba7e0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 11 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 188fc2045c73ceb0931b06357ec5c0a8c0b93045b831c79e557c25e4c8959d01

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 9 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 75471d692aeb9322e75a041dcb0c363657eb51db495b14d5555c5e7a907fa799

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 07ab47c07bab62e7d7ff7bc8ec64936785a7e488438074dd3510227aa5c466b0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ffa2e149a7cb4362696d47b85863b157283c7225b648bf0ea43e0591165e4c2d

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 11 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f7ec7b8677014393b78f8e512a7b08dd6227d6d54fb6c145ab0ccc5a71b11600

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 82a4df0a6f0f70b0df90aeef7e01e356a0a5859da073e4139145dffd0844b226

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 489 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 84d368b23e95809600d8e96a8532cc3b88c49cecd69a058d249b4ec0024073ba

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 11 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c1862f5fa7dd3945e2bab43995b64fa4f720581a0b070afea4dc9431b9cfabd8

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 1000 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b3d7d3c47dc2ed2229601da34d1b8d1a9f7e7405e2a495c582544cd4fe82dc20

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6356465097a91fe7436546d26b9a0575a5092cdea33572d65d1ee447777890c5

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 14 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 52db729bbfda2646c18d63f4ad32c8bb07ab396a30c8cd49b22d0481af5310c2

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 13 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 625614d0c74d2cd49b55966090b740556a74d6f81fab60a6ba40cbeb2a328ebd

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 16 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a18472ae86a7b20ced524d98ed60a37cc38d222dd6891200a0edcc335d3d9350

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 arr.png
buhgalter.com.ua/assets/templates/base/chat/img/ 1 KB
1 KB 36ms
36ms Image
image/png 136.144.183.196
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buhgalter.com.ua/assets/templates/base/chat/img/arr.png
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/assets/templates/base/chat/css/main.css?1625654744
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.183.196 Haarlem, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-183-196.colo.transip.net
Software: nginx /
Resource Hash: 40cf551965abb3907196d630825291b27d1b77dd499bbbf12e07905a25afcf59

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/assets/templates/base/chat/css/main.css?1625654744
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 00:55:20 GMT
last-modified: Tue, 13 Dec 2016 08:59:45 GMT
server: nginx
etag: "584fb881-490"
content-type: image/png
cache-control: max-age=1209600, public, no-transform
accept-ranges: bytes
content-length: 1168
expires: Mon, 21 Nov 2022 00:55:20 GMT

GET
DATA 200
OK truncated
/ 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2ee69f515b17f5b570b287e1d92f35e94e76139440dbd97db70805430ffda58d

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 130ms
41ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://buhgalter.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 20:10:25 GMT
x-content-type-options: nosniff
age: 362695
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Nov 2023 20:10:25 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 72A7 0
15 B 41ms
40ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://buhgalter.com.ua
Referer: https://buhgalter.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://buhgalter.com.ua
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Mon, 07 Nov 2022 00:55:20 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

POST
H/1.1 204
No Content multitracking Show response
ghb.adtelligent.com/adunit/ 0
227 B 61ms
60ms XHR
text/plain 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/adunit/multitracking
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19303/hbw_master_299506_4371.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://buhgalter.com.ua
Date: Mon, 07 Nov 2022 00:55:20 GMT
Access-Control-Allow-Credentials: true
Server: Adtelligent
Connection: Keep-Alive
X-Robots-Tag: noindex

GET
H3 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
122 B 135ms
51ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=buhgalter.com.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 00:55:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 139ms
52ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=buhgalter.com.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 00:55:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 150 KB
55 KB 549ms
549ms XHR
text/plain 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3013276566603812&correlator=3888615110343182&eid=31069354%2C31061690&output=ldjh&gdfp_req=1&vrg=2022110101&ptt=17&impl=fifs&iu_parts=141806220%2Cbuhgalter.com.ua_top_banner%2Cbuhgalter.com.ua_bottom%2Cbuhgalter.com.ua_right_banner%2Cbuhgalter.com.ua_left_banner%2Cbuhgalter_catfish_banner&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5&prev_iu_szs=970x90%7C728x90%7C1x1%2C468x60%7C610x90%7C620x90%2C160x600%7C250x600%7C250x500%7C250x250%7C240x400%7C240x500%7C250x400%2C160x600%7C250x600%7C250x500%7C250x250%7C240x400%7C240x500%7C250x400%2C970x90%7C1420x90%7C1420x180&ifi=3&adks=1472868681%2C377900176%2C2541184592%2C2347727364%2C3757304322&sfv=1-0-39&prev_scp=hb_rfBid%3D0%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&sc=1&cookie=ID%3Dbb33f1411e745320%3AT%3D1667782520%3AS%3DALNI_MauSNwu9NE4Cy5CXRSSRBhrgP2wGg&gpic=UID%3D00000b7daab5ced4%3AT%3D1667782520%3ART%3D1667782520%3AS%3DALNI_MbnUy3uRGi7_7zWH-NLjbOR7oUimA&abxe=1&dt=1667782522215&lmt=1590667965&dlt=1667782519283&idt=841&adxs=315%2C500%2C1160%2C210%2C0&adys=40%2C2592%2C898%2C1233%2C1200&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C2%7C0%7C3%7C4&ucis=3%7C4%7C5%7C6%7C7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fbuhgalter.com.ua%2F&frm=20&vis=1&psz=1600x-1%7C620x0%7C250x0%7C250x0%7C1600x-1&msz=1600x-1%7C620x0%7C250x0%7C250x0%7C1600x-1&fws=0%2C0%2C0%2C0%2C512&ohw=0%2C0%2C0%2C0%2C0&psts=AMjMPc1XkJAHNXt9UNW-Mep-d7_V&ga_vid=886186701.1667782520&ga_sid=1667782520&ga_hid=153317570&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

601eb4a892c3dc6894730d4256f914278188b7f7ffb209add115a3788b5afeee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 00:55:22 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56422
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-1,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,-1,-1,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://buhgalter.com.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ 87 KB
28 KB 122ms
39ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19303/hb_299506_4371.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 00:55:22 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 29 Dec 2021 12:30:46 GMT
server: nginx
etag: W/"61cc54f6-15c19"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 08 Nov 2022 00:55:22 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 89 KB
29 KB 110ms
37ms XHR
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://buhgalter.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 00:55:22 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Mon, 24 Oct 2022 11:21:19 GMT
server: nginx
etag: W/"6356752f-16294"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 08 Nov 2022 00:55:22 GMT

GET
H3 200 container.html Show response
b421d36273e048925721661df0521728.safeframe.googlesyndication.com/safeframe/1-0-39/html/ Frame A11D 6 KB
3 KB 135ms
49ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://buhgalter.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 2988
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 07 Nov 2022 00:55:20 GMT
expires: Tue, 07 Nov 2023 00:55:20 GMT
last-modified: Tue, 25 Oct 2022 18:59:17 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
b421d36273e048925721661df0521728.safeframe.googlesyndication.com/safeframe/1-0-39/html/ Frame 6B14 6 KB
3 KB 116ms
48ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://buhgalter.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 2988
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 07 Nov 2022 00:55:20 GMT
expires: Tue, 07 Nov 2023 00:55:20 GMT
last-modified: Tue, 25 Oct 2022 18:59:17 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
b421d36273e048925721661df0521728.safeframe.googlesyndication.com/safeframe/1-0-39/html/ Frame B648 6 KB
3 KB 108ms
44ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://buhgalter.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 2988
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 07 Nov 2022 00:55:20 GMT
expires: Tue, 07 Nov 2023 00:55:20 GMT
last-modified: Tue, 25 Oct 2022 18:59:17 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
b421d36273e048925721661df0521728.safeframe.googlesyndication.com/safeframe/1-0-39/html/ Frame 6048 6 KB
3 KB 101ms
41ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://buhgalter.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 2988
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 07 Nov 2022 00:55:20 GMT
expires: Tue, 07 Nov 2023 00:55:20 GMT
last-modified: Tue, 25 Oct 2022 18:59:17 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame F359 640 B
262 B 144ms
52ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQmYSshgMY--WavQEwAQ&v=APEucNUvyGYZxrkQMkijp0ZU6lqRbJKFP6NwCNYZkX9hnCmT1jU_vIjE5_uQfkp_TxLiIfh5ojg2J_rdgQpFM8BDUCBD8EzAachzD_E4VAMkaCIB8qlrANqGn0fpwodRfzuEKlA_kopurqwtnnMOhvlr9fqnLA0R24OPqLRswcCnHpTP-Tj-XWw

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 07 Nov 2022 00:55:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 8CE1 88 KB
36 KB 230ms
140ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DlTO3a7MK1FbWR5KUbOXfE9oQl0nwaeVA-WoGcWX7ggNh0_jqMtQ18Gqx_Ru3wGUp7C3Vq18pTgUo-tg9T0i61W5a-xyNddK0ZL8PhAKxjhh6TH1VBpFpX9YX7o61B7XjwN2hBOkTM23DGFMzmfEEmHADmuVsDhvjqDBTxY2YI0lg5irc&dbm_d=AKAmf-AHm7AEMb4Vv0ZengD8zmY8_ElbjmCAfcg4b0RfXJoAfvBuFxzJu1nV_7rM0FaOAwAQ_S0SIUnytLFbtLt75FvlQE3W98aRyNmKhqLmlytxc90CY7hkZiUbOpgV-OagX59lAtwro8x-dUt08giRnZWMYJbiuQYZ7Mh0goLWhVB6a8cVMuYsREcyYOdN5bRYNewxnwCqZH6xfAK30PjG2QCO1eytfTshsxBHjh3p28v-6wE5h6E7A2l0eXZe6SAcVGgyg4bSKuoaR05jelIokYM9uCuoMjdhWvIh-Ti2QDHFB9Y6R6bK77ULjoTKkTXKp4R_8nMHSsHAz9AwF6IIzN-PcN2FqZhVjaS_SdflymWekMBHo3YMBUAvABOUgARVWQhIA-90OV70w-TFElIqDVZxHTVfkNuPlmRup1Ztbn6caQnqcUtBBOS6MXwosmptgIskL8juGjv2yGPhEb7U92D9KUXboY1q1hyBoy_6TD6pSyU8ZvFSVSuQ5PTv1tWb3jQRkGcZNGwQieplEmq1HNlrpJIVHiBpt8Tm9iHIUUE6I-T1H_jTqRwc8tMZvqtxgF14FCVJjOw3FK3N6eCrId08vUD-LKrIHac1_BOStBhdbTGEHhr2M8RZjJXJ3vHXfW__klz_zswI9OtnPDG4O2PQIEq1oUXmn4oDwLHPLjvhTC0XDhO1jAEm_DbHzdeY267djiR8g35wzjnmqsEznKlrtzOSD4vYuX7Pjz81e75PmapAHFCiPcnAhZcmTWrDd72UPgRQ0g-kZ4-GqcD1OeF6uPSkerehJng0tjruYe6avkH1kBI99Aelsr0EhXfMV_-krV4hdeyn0cfACD2pudR6oVo0W2VILOKILZ0oE9TljsaVwgnxq5MSt8Jll4TYIpi4Vbop-uW2LOCWDTK8kRtIN0-fjnshfhsXgB1euhVuxjmLfhY1eoWHxL19MAORJ_pkrGL_Lez3rMsoD7Tho64KDB5m5vfXhJntnTuo36-zGlWDbMUyOOjRGJQSOOXZLsQ8gCIi4RIhQqoZCNWfUBPVvfBtx4aaqGL7lefi93KwvimbBN9xX5k7QJdDt5dsAwTjFKvNoGbdOOytNBP5q8DjI2iKUpJcVC57dRJ3QusU2z_KEyiFYJHLiar6Lp1t8D9m6fhPQhO6dwFHTMDwNneKYrMeKAlbp8yPe52rmBRHEEg4Obs7EYvFBnzf7epHOxYwWiloYX1epyPMsy4Pf73UkUsq8mm1omc5wb-AUpsOw8IjsYxd_5i3FWIy6rf4rKc3XjRnNY0TuQeMusHyeFciqNvN0UVM-YIuvLIasyhwN1UuxASaIm6BNgmMvxJj_8RE_l1ePY9vKaZayPtpHIC0AdtJ415I1y4xAfGZ4TDfWVbEiJVRAiPdq18beNL4H5glqyKaGuQ0T7NdOpTFzC5t6QtxemlisOQycrDct6dz1kyiGZ5531Dl2uX-WZgSy7uDpUeA0_aa4I5w2J67pWRGTUyVhr9H-FoWMTx6zvChIuKUYBjm1C7Z1ieAkMNmTFJ83vMk03yjmYBFoEyF88QT0xeUz5csradk14-iZbEqBYSEGRXOqAvaKOfMSDTChkjtuz8NIpMQ7ex6Owq-6UeRtnK8S0Uz5uoOt9bQfkVlv48-9kNVpAD6XgZ90iQl8haS5bY-lvxpm7PJ9evmJyWdfRKMSAje5zb_F21W2uQkbkVctEmKMZ-AqpVLBuKGImGFxI3iZ3th0PZNhDNqh2CMvY8EkPmhWD9qCMb6fgNBWF5_ZpPQUps9Ln1ss0Y3ltdhFu1xFyFk6f1ZAf--dYn7tbr0sd5Nkmf2zG2sMXHqZFPMnUflL4CAKOftokHh6XYP62Mpdxg0PhBrIRwK2vTmOApGRi_6sPxB_RTMkUn2nuz_W5Bj51H-51fE-lnU8b6bNGKNCRhtr0vl-jPR5aCil3vNRCVoL4svUgMg91c6OsK6hf0Q0whdNqPPZL_Ry1JVpqjV4r2Bh5COOSBL0Ycf0IvLJSMQrEJ4HTPIJ-El7Ayp1YZPo4KuHsVoNcJJA0o8UYTnZcJi2y4o1ScSzHhO7GEePQVrpfMdBVq9cCdFikZnO-0HVXBl-dtxxiXIgAXeKup5WVKpAdDQjUKRfZ2PP0fBdavfeir3W3W8M0gR6ncydDSvN6wFrguTHdcSWAXONNQXNNWpUII_ItLocxYleFcE30mmtIfP6Red7WQURvS8rj1ez_OVnB0KNHhLm1zKvShcQ6eh2-eeS3949snlkeh4xoOTvd-y3diOybXXATlf86hNugzZHboUGdPYkin6TijDDjD69Hjagb4Kg0ZH_NokQcXNToY1F49JZ6C4aOb0hME4G3X4MG4I7st6wfQK87ZHMI3Yzy_1S6SXEF2GJimw1Zmzl0qXjo7cjg3chzLNC2zVN89EqcyAsLS2_MjAxMOKyLBjmcC06EfjUBUs38unXgdNYxeUztj7CjmL_c3xegZIcvvjx3hKNeKOL78KPTUli5kAKBh6oNCZCx6k5ZrynaSeK9TVBxjj8Dj7OyT4DOI52jkRc6VVj1ieBPCzlJ-Mm0sBDnYVObXlE_ltXSASiC9tgBAAWpNAZlI9hb60jUNUH1F0eQ3Q6GN1GbOe7aUbftFmw_DWFP447JyE3kIBmJqDNwBgRK-MRF7IQ6nRh3NQK_aXaik5qdVipzBAA9p4oIB2qouK97GahQWmtvE1LzzE1wNUKgejw4vPOSEbf6jqfV7G4BH4yvPUfjE70usVY-FjUIZ_6jCADjaBi6PZF7Zi5LWH0ryMUQNWUDvhhtznPz7Ay2LmbwvPXlpDrladNARlL23IpsPGy5pwt041TIWFYa9k6vvGjK5URE1gp5UrNq0e6PRiIJei0--EU7MxxWpmRlNaBQ4vQjV2pbRXhHox8mq006gLFvg9KKSSxB3_UJCjiyU6V22ung7fw1KCGuVEk00uZQsBAPXZU3nN0PiV0ednyvVN25pk2mokSTiOuICr32FTBbb7rUZN7fWNm9cO2fKNvxURQgv2P0dl-a9h3hfMjf1zhVXZBW0nBBpBy4CZ_Fu7ZqYzpGmdfgfXN10lrBzXlDLItfZ_7Ij9zO0hF2EUc63LVLfdMN8Jeo7VSqpLoa4qv-KzReqvvH3d9maM3Px7ktgpZFR_uUkoXIv_2G9KGSqGOuBRYfKfND6a0mXV9LRkTd7IpeS8KbI1KzpKu0FDTnPxKF9PE-kTDgPaWtKy4Ylk8K9wFIPpK1LEfiwd6A7NyRvhA6ncrhb7anh0g_ZK7ETSKDhO2nYVYM2SLMpsOBnmLjg8CbM1fzA85cxqFuZ2_1ct62CdwevI2wEGyqhSZLkKwz757b3to2Sqkd9Eb4aLT16USgs9p1Q4b8CJQJLAVXU07PKII8_-qRnPK6QMGj-qhVHsxspR0bIs4D21TEQncwpvkyqH5CTyG2LAwE9QB8_SM2u2dZJRUvZoMIYUqfxmXHH072_PnWiZ78sKYmtA8m7LuB2yx4eEJh9rFP0OWhrAVg0ES3E0F3xnGKFEv0sTxsTg9v0u4cDVa4NelhkbUviKGO1ztT2s_B6Aov2aoQ6E6Gu_MpWaiS8Z0dVaDWIdFe2pr2wH0JmMOI79ZzxNi6NcdhaDvdREGFTIz7Y-qprY93qpJyBZDvkqQvvFwDDkJh4uP7KON0czqFz_Tp0Jp3IMvaGIVlAb6Mz0l2SAqr1-mN6TCRcWjrJCS5m-7nglAil-1i_E_gc4kxk-pz0NRm8RLeWpGER62AzP0vmyhnEB5NytjVdxEOXnkCKReB7sysO0_s0DxKrTN8Wr9dh72TnyFDsW8tg&cid=CAQSPADq26N9P-iQ2CR10tcO4Qn2VNG2t4heQ71sKGjZCqYF6xBXPvpxy9g03YzMsAA3ScVgYC53s_rcJ-aTZRgBIA4&rfl=2%2Chttps%253A%252F%252Fbuhgalter.com.ua%252F%240

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f44f1a0e536dcd68550cbdc4e2d3f900ef653c0baad9fc1933fabf2e057f250c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 00:55:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36515
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame 8CE1 47 KB
13 KB 212ms
93ms Script
application/javascript 52.17.139.148
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=925113&advId=818610713&campId=15566740965&pubId=1&placementId=396800763&adsafe_par&bundleId=&dealId=&bidurl=https://buhgalter.com.ua/
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.139.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-139-148.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 7beefcfa4e4cc831fcf9a5ef7d9888980014d0f2a080b20c19149c375b7a310b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 00:55:23 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame 8CE1 3 KB
1 KB 179ms
80ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/window_focus_fy2021.js

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 20:58:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14190
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Nov 2022 20:58:53 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame 8CE1 17 KB
8 KB 138ms
39ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

71d49d865114d9bb25bfdfc0272b738cdfd771749b21360ce5fb40eee3b4d986

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 14:38:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36998
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7305
x-xss-protection: 0
server: cafe
etag: 12747696668401323709
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Nov 2022 14:38:45 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 8CE1 0
0 50ms
49ms Image
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQYMHjkZufUVbM7w1e19JR5a52wgE7S_zloAsdVF6ds7dMuE40ogaVCwpx7Il3aiCWF7mAKccFlgLQmyZG2FxzfkL7jjA
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8CE1 154 KB
47 KB 228ms
137ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c96507386689e69f6112a5d0a91ea851a260e5c023642dc374a8489271f53246

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 00:55:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48204
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1667489865617883"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 07 Nov 2022 00:55:23 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8CE1 42 B
173 B 76ms
75ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BWMePfrj8RbbmWcjdQtbS2gSeLKUq2rGCvZw9evmhp0GVMTm_NmfLWIzLnoD0ChbLb5GjO96BxQokLQthLoTpvKxT5hztJl4qELaS5xpKgIeqW06c

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 00:55:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 2CDB 640 B
262 B 132ms
53ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COHJsb0CEPztzbYDGLGk8dcBMAE&v=APEucNX99tYksgMGcS_BO7rjni9XIfdaX97ce0-5aOqPdqPNXxAKK-fHMO8I69phty_aLsGqTd-zPqNH_f_jv-zc4sxLIdUUi1MzlzWtF_CnZBUmoxmjjwS8VpzGq_2FuI75HojKxlag_TkJD0qMmw_lm7S3bUpySuikhmvAJjKjLtZHglrqHeQ

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 07 Nov 2022 00:55:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20221101/r20110914/ Frame 5F1E 23 KB
9 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221101/r20110914/abg_lite_fy2021.js

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b5fa761ba024f252dbb252611630bf622e64e2312acc77d184fc05f2ab7ed4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 18:06:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24531
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9180
x-xss-protection: 0
server: cafe
etag: 12585499704757265805
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Nov 2022 18:06:32 GMT

GET
H2 200 4388038636653711172
s0.2mdn.net/simgad/ Frame 5F1E 21 KB
21 KB 132ms
41ms Image
image/gif 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/4388038636653711172

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d6ee7a2b9829027605dcd54b943d44244400a1bfb272ab4288ae4b5f128ead8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 13:18:14 GMT
x-content-type-options: nosniff
age: 214629
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21359
x-xss-protection: 0
last-modified: Tue, 01 Nov 2022 07:45:25 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 04 Nov 2023 13:18:14 GMT

GET
H2 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20221101/r20110914/elements/html/ Frame 5F1E 6 KB
2 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221101/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0f9a96a8b15dfa0bd82a9b0c4f7d31927c96784bb62af0a94fbaa78cde5e2fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 18:06:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24531
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2477
x-xss-protection: 0
server: cafe
etag: 8436122973860808490
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Nov 2022 18:06:32 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5F1E 0
0 201ms
87ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstev0f8wzHmPQrSUaMlC6faM0zGsWRHWHiQJTlVAT9jEhiv0JEjEXZxjeQBcx5cGaPN9k-3etscDfwwp12Kn5ZOAv2H4IIUiKFji7jPRWMAKN9h-yzPXbtrwX_8JJ5LDmxrLN0juXsqu5y8t3d1-i0QXR-g7oVTLkPOwM-0FKYfWnXshsr6O2Lv0aL_Py5gak0DkjdAEgu84NHe17cMPF26dnHwggpQez3-hHPFUO-X33PcXpb1DZexapeVJSjUL4Vx9nOqFkNtB55jItRED564ajc2wfa7_26yB72Cowlu6wYpzDGPqOquoJsAzPH15bGVVCSWN9Zt-uJAj0ZF5MOI2rfFXS-_XuqSYkddP1lAg2HjRsefQ1cyjOsUd2MXlkDGvw-yc1JQunxCvlsr1c2QVuVTixCYXXpWGCd-YnFEhMKjGy7oX-JD-Vs7IrFmV6Kh0Odgo67UEx7birPftpgGgzpMcNFVMSWU_KhKap0cCviqkfKXpM0ML85FTaXUbFkYTRN670oJvriJGeBPRj5udpZ5nWGD3stkpaK90POulbm6_ZIyJHeD1f76IIZFSdJnfBLG3OSL4AMgDQxk0ciBM2vIlXCoslJF4uxTT8Br0BPoRVm3OPHBICjPCXb60ggtgUmcQ5b5_Eoa4tZFAn7CvZNA_cXy1WxpXiyDeBNOaS7Cq9YPN8Yek3fUiuODSQxan-_weF5AyCZWYhR-OPDZUG9aK_yZ-Sn1y_Hw8gjHztTRWynpo8u_eJj_7ZExo488HwSk4GHSvb5PMWI5nzAR44TRQsI4ACEhnjOybWQuST_YzMMAt8Ebi75VLgXCfxXkhRQg7W_2x-e_IIP4aKX33qKklEbVPfEk5VUdEuJOrUmYHaLpXt7gGUg4C4rlb7dSs_znctDO6LnPNk62EQTD59sv1CY2ODVxbGGpB4l9f--M9MygW3MDUdUbeX76iPX22l2jb5ZvKR3zuQZu7jhNX9ETJqi4ALAGr6cJnMgW8YzX_fomkPTfiDoR2tztF8EnPR2RbqUXUojf3clkjNntW5c93MaGhH5fnO53xY15aHUV8Vt1yWgpC85oywPoEoToxcxY47lJP3t-d5a3EUi7j0342MWx9oPBnsjCvDBD6QCJdRiQ9fJwfX4HELOHLqvWRa17RvGGWDOyjUzrFkBH5sqH450qA-EfkUap74R8R5hoUW-N9hsgIbL9fisj9lEW5Uua8CSnBUtBhoXYauuWu6oXQb1AAcx2cTOdQHmW3RaQrsTkOF0gTDLy8Kt1Ydm_xUE5L7_AlzrY338B3SFv9tFlm2na_GcDsbq0sALP&sai=AMfl-YTwE7vILAeeIndjKUMJzx-aFSvTX1cgSeaiPx9xbLNkRdVYGb0alAub9jdp9jHihyr8YBwCd6FlJffal6ZrVJPnNTSI2NWb7cntrvTm1LqX1Yai5zxa3dQISSHQLhNAPkDhyXLs40bV-JbB1lpfSkEk8A_iR_p0_g_tCiqN4TYLbnYCG5T1Wfsn4RQoUrqCZCHvdwfs70kILXWuH36UGKvbBJAsm5hZUeY_u0gJ9lhus1sxmVVKiPPSLNqe2cYyVJrBc5vn4JF5P4nE2h4PcNkTgckk_Nc3oeSFWeOTsOiqFejuwE11bmZXYhUuVcMXH8rvSyQEKQz3mrgV3V735sa20sr92Bh8a7rg3Tmby3Byobalk4EZxlvtGjPHA-loyhfq11Ffjzj7t5Lpjb0JuSNR7A&sig=Cg0ArKJSzD-0iJrTAUuiEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20221101.66656&arae=0&ftch=1&adurl=

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 07 Nov 2022 00:55:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 07 Nov 2022 00:55:23 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 5F1E 41 KB
15 KB 163ms
83ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 11:24:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 221480
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 04 Nov 2023 11:24:03 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame 5F1E 3 KB
1 KB 162ms
81ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/window_focus_fy2021.js

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 20:58:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14190
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Nov 2022 20:58:53 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame 5F1E 17 KB
7 KB 124ms
43ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

71d49d865114d9bb25bfdfc0272b738cdfd771749b21360ce5fb40eee3b4d986

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 14:38:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36998
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7305
x-xss-protection: 0
server: cafe
etag: 12747696668401323709
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Nov 2022 14:38:45 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 5F1E 0
0 49ms
48ms Image
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR2SuXfFJmoPC_SJ9HVKZsWmtqS3KHcATt8a6VbFD3wDRDWsdNaKXu3le8Y50TPVzLd1TS0Cmlxh9yz9eBhz4e-YFB6-A
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5F1E 154 KB
47 KB 122ms
51ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c96507386689e69f6112a5d0a91ea851a260e5c023642dc374a8489271f53246

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 00:55:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48204
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1667489865617883"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 07 Nov 2022 00:55:23 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5F1E 42 B
107 B 75ms
75ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DUFPTh12B1TmixhFY10js-n--cDTxuX0Isqt0R4fVt9t6N4fQ8fl7WLHJb41fL0P12_CgGRc5Dpz3eTZ6yxDZC7kTGBqNqTHjB_PAGEJLBxEMlSwM

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 00:55:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame F1FF 624 B
242 B 116ms
51ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CIaBahCjyH4Y-ojj1wEwAQ&v=APEucNXKOgQrHqJzjCC1HcfFt5qpA5PnP1bbIB3iRbt46E3IKeZZSsqBqqw7rwxfHtkGI3k2C27yS8xy_qr3osQWJk487W5zgB3xJ0dk2TNtFR5bCENFfNMSJHgVdnZfunFIVzu_nuG0W60BMhl-6wYm1sHtEwV9iqoPM704Dj1sa7nKPNqO_DQ

Requested by

Host: b421d36273e048925721661df0521728.safeframe.googlesyndication.com
URL: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 07 Nov 2022 00:55:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 6B14 72 KB
34 KB 144ms
80ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BNNZfcSwRAm-PTOlP4qYvG10CC-mmB6gqGWEMJKf9jYlTM8ArryqpsAmSkSPgXHxOFfYfD976Yue9mTO0Kq0xYJI5Jbw&cry=1&dbm_d=AKAmf-C5EcUkOKZq68_Vc3A8tf-XH5t6_UdgoiGs9DGxD06PA722P8KnJAKUCaYLDgENBNrVpAEiDsP_jh8zL4mes1q0GB2FMByUiK7xGy0AZ3-dDirxyrYKg3--mazZrzS4_gOJNQh1xRXCGpXyFMaj0-y6GYIFOPF7FXIx0jZVJL50yvtogKrKXRJ_4Km33SftmZy4n4Rv7C3rH5cb1xbzOKglYeN5XdnlKtq5uA6gGxS8Dpx3BGWiamk7HLTz2Nkys3eXMUNC9tzGZ9x3f7CaVoEvxpv8bNNVV8S6UfZTllrtBxgMx2H0OD4Ep0MtkHCfyP4ep6oHcZP2CRZ9jAue-LJkzoOE1fIIfXOV7MeB-X7Zy8Dr_gLuac0zWCAd_FUaS7fzWSQq6HtgZE2t7u6OLyPSxskZkHm8BwBE5RXFeKVi3U9BUFZCdjOQ21DwDpwewxEMVXyN52QNlAZSXXHfk8C6FRa4O7_551NVidp8PcqHyK_jE_C2AqruW-K35OwF4cBv8Ckqxj97r4iQgeiToWn8ESXpcE3wjddwNUBDsHqp9B4wM99FOV8VPmuMLfVn4v-42pFokjqi78pGSJcXEPv_CTCg_5mxtEC0L6Fv_QN5A5XXBGHLgBayehm-AaEvoMauic2_87lnu7YiPDaNNdGU_uXHBluQh7DtGJiGAOXFR6PUDchpXuZPngTJde6ad307gRHtofgGO1loEq-CRaKQK3TqFH8E5qZ-V3l2_2Nr0Wl5XQNpw8pXBiwt1CXTpl6v5u7bh8iCMobyLUqiYcKbYu0lENr_pb9DuMC4Gi208fyO97aJF8aK6Twf7MpAgHd9apIK2JvwymWUS_h89goHgeHVb91I9iLc_JWWC_O2g6a4QBcnfaok0iAW4zKgOcJt-75gCLG7g12NP_1znfDkLUFsdpVs7KXuhimIDEL-aVtiAPaOYd4nkS20GnWUqDJUl1_R9lmap79exVOQfKd5HAanxdFHONvAGi9jE7DWvK7HZwXQm6CjR6q7h02wFMhi9SyRsS2lkQpnTx4f94trav99EZR10OQOyL0m_J4Pts1BzXAHDKauUbzkmYi1Xok7rsrXg-t1HC399JrxIs8VN7vjcOrDqqusIoL6QHF1klDIVcefKADvNZfIKCU4ix7HqSAJWMNe8Ky9APxqKi0YqW4SsHxgc3lYujeNSc1YfJujcoA0O7-YpiWwVrfLCwqRQp6uuz6Jadu6-03BigB81Vfs5iC8Ksj79uQfziu8TG21QUbukJ5pPD5EKEiy8PnURRz_cNTSKM2zKC7ngbRUxVN_jyLFYsnoQ2cTLlmQuxmLAD1cGue2Cy4513tBAs6P_BiiEvAQ0sabe3hvvaMvFRbhZiPUe5bZCcI7RH6K_nJzuZ3dBTrYifRD33IzJ5L9WBDaH8C1V9cgGszYJMOWfCj1prDGanqFrS6L0MbP4gtjKoSpy4S3r1mYIXlCccrF6Ch_dGJ1MVBAROPOQa0kakFiiz212o_raE1aJQn_iv6mIZ9aSXUYuuwECLLGRHaU_wk9nk_TD0hhtIeXJsww82mGe_VBUp3PZUrMQxzpz6Suv5OCArMWYyTw1aJJoPlLKhwYOmnAeXn4IUMed0SvZj_G0mc6p1Sccqoj66y2bAVtQbqvbKov7MpopJI1E30LoD8xECzVtiaB0ld8V76h9n9pNrE4ItWWsGBARwwQgum8bIc1N1HnXvUrjz9CB0-VeVjzB0ifn5Tahc7qhrMwF83XWEdCEh7Ry6_oaqyCIxOmqlUUbFNp--07i_GjLdoP8ImZ55Fi1CpPYjIpVqKJqNp12cCbYwFYzCoSJFOcNHrruck8d21mBjyJB13kGjc9P5DQ7EuqC7aj0QU418BKbGoPPUyV-5V1QGtQkqZlR1uVkc-s__qxksck9p7TS1yKfV1bnFz0hKiCAewDTHAdemrVtDEwrLtRzM0CkpUFJGaWBVJU68syV4-LPUzHNQ2MPdkpHi5IwTj9Y9YLGjjA-iknq1NhBhNXD_KD8g_wEQrHZGcyV9Wg6hMtjkWGMCon7uF0OOAaktOeko5Bk3hFBC4pzw5pFiEZtYWyvY0VIYVO2WX8ZC-xaadbGiUaPCfI7rCRQldyKdBRMwRHduf_1QVPcDnncuJ2Eyd1ZXNNVm9Y3YyEK4ZeclQDJg7th5oan3DdK1kiqJR-AwrJbq7lFD0xvFfpCcILWicoDNrlCYGtPWCvxkOV_iKkoV9qwU074mfomx7RuCElxau5Us2ooHOWLAWzjWFFc3THb8PF2cWCCbn2a8xSgq8snMoTAskry3Ek-O2H-585Vsovs9cNErH4W_5cknvL5K4xGCcjcnm2IXdQESx1Th6R2FWVnehIRRfPI6sXZlVQtbxyvjhlZ5iSWovDuI86VWL82LBBLDvdjdx4MSQyJ1JcDvqcQQqtmtljOO8_emXeXorrETwPCzxGfug3kAgG-RYNX1SRHNIbxZPkeF8j2mx7r_0zW--4n4xABQ2pCCpWkIoZbbefhhTGaK_xp5BweWuCHkl2C_ESAmGepwBNUzo5EkgrfeCAMLLec2vhjmM1vLaV9jLYg4ETHF15ZsVWD3BD6b0tsgz1B7K4hTsgqkbLByS31pBgFzUfRe1XCLap9ZRQbtrHMNabxovnguwhCTUa20lRQXbs2BETBvU87BvRMMy8XRdzWSmwGQ7j4eMVGqRzb6myaEg7wI3fLNQt9Nc0iqI6hIqT9D6qV1B-0ZMRvE3TDpLCLzy_B_XerozBpIN0RaGouz9gl8yIIdYtt1AQbyYe0kcL1lQt5LHw5xztzprWue6S0aj2ZOo9B-YZpYQFGcH-i6My4ci647-aucldqBtxa5QFjMJ9OKRHLQ5Xo_FftpgbZoHDT7aDtsRk4KfX7lWhsD0_aS-jnPIRhkBcQXFkLwcKYhHyhmDBloE_8mck1GKDp7HI4prBhFDP-axE1hDHiEoH7UYdjkEEzxGL-53rIkVYp0pkjkDdwDXa7XHMZ67xjF0AAURMLwExLgna7BjJ79HChNjNZ-9tdPZbkLypFpwxWhnvbrQemzKgZJGN2OmCSO9lCjspEUVZwTN3Vfbk8IR6he_uTdyTSnoV3_zHqf_jDMf4I4m9jFg3sc8i11QjL1-dif9Zrbs8KNSTSyBdYkZuU3NiLMvXBGb7cEG-cuZSH94slE_DYow4PezIbNzVtETP5lMRTDhwmcNUvTUnSghRSvqs-o8YpQLft67c_A91g3mJvASWz9xiOthe9H6qul5bN1qoUB2_GNxaEcRjmlgKJ2qTEup_W_Of6MU4jh62POuhHadg6jg24kvYwRYsrFTUwqMtShhoag8HzR-gvz7RwlqU3E2A_Km7ciqCakAl8O8M74uYh02Qyj7yCuACy_3pT-gGfnRIzJCgx1te49yxPsliCbE8zsfCf2gFLzejM6bkFuKT3x9hi38h5ssyE8ZqBILIJpOM5o8OLxTWbBffWbnS75DofIwOqGLNyMZihNekzdPlhHtMA1wf3AXam4mrY8th00DzztTfEWQFGo-r2b9QhHgQ8cJFR1gC7h4tZkIvqwKn6c58m75ORAe3opu-WN0B-KUB-qj_m6xUJeF7L3tTbX2PncXQki2vrYBr2X84JagIWI_ySKdjUaxd0uyvjR_Qh-ptgsN-krMm-uIu0Oe3H2CEISLgZV7-bvZzUwdhLpAxYKvQQ5PjJrV3sDE7SyYsRH5Cne5RZcHtNmMJZqHakR8kl_7ikDT6bPmsNTmkmVcj8VxecgkQvBC_KbVp&cid=CAQSPADq26N9P-iQ2CR10tcO4Qn2VNG2t4heQ71sKGjZCqYF6xBXPvpxy9g03YzMsAA3ScVgYC53s_rcJ-aTZRgBIA4&rfl=1%2Chttps%253A%252F%252Fbuhgalter.com.ua%252F%240

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8beee01ceca9d3509ada8315d70063ff45e6ee95db336eb64d52b0358529fcc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 00:55:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6B14 42 B
107 B 74ms
73ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CyMBrc7a7UL2RMEvB8K6qnNLxR5u_l3KllMyVHLYN_8GO6iefceuKEKJ4U_7w6sO8QMidJ5TNvv2sFFK3v7a3nQsQ_D0criSFtPZy7Be-xQzVm6HU

Requested by

Host: b421d36273e048925721661df0521728.safeframe.googlesyndication.com
URL: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 00:55:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame 6B14 3 KB
1 KB 171ms
95ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/window_focus_fy2021.js

Requested by

Host: b421d36273e048925721661df0521728.safeframe.googlesyndication.com
URL: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 20:58:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14190
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Nov 2022 20:58:53 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame 6B14 17 KB
7 KB 125ms
49ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: b421d36273e048925721661df0521728.safeframe.googlesyndication.com
URL: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

71d49d865114d9bb25bfdfc0272b738cdfd771749b21360ce5fb40eee3b4d986

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 14:38:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36998
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7305
x-xss-protection: 0
server: cafe
etag: 12747696668401323709
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Nov 2022 14:38:45 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 6B14 0
0 48ms
48ms Image
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTbtTWN6Qqk-Kv2Zu6uD3j3XqDRmJJJ-RkJloa5NWQ7hJmfyP5eM7F955ZUz2lk-UU8eslXe0DufNGdVNZnVQgGmFPjeA
Requested by: Host: b421d36273e048925721661df0521728.safeframe.googlesyndication.com
URL: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6B14 154 KB
47 KB 147ms
79ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: b421d36273e048925721661df0521728.safeframe.googlesyndication.com
URL: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c96507386689e69f6112a5d0a91ea851a260e5c023642dc374a8489271f53246

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 00:55:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48204
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1667489865617883"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 07 Nov 2022 00:55:23 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 9561 624 B
242 B 111ms
50ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3Y4tMCEIis7NsCGL6xhMYBMAE&v=APEucNXAdF8vcp9ioi7CVRiU9BYWs101lfU8XYSaeroZ8m3gVU8wABpwajg-IdJm2aAqTytdVTDaze-tLxeKO_Yql6hVZfsU9kkQn3oBK-qGr4wt2syjEgqDrEz75BHi7Vy6YUUbHhJiPr4ajp7-rSG-hD_pLot4uuLzf_E70sHoMlKd0k8U-lA

Requested by

Host: b421d36273e048925721661df0521728.safeframe.googlesyndication.com
URL: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 07 Nov 2022 00:55:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame A11D 28 KB
17 KB 178ms
117ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DZNBWmm_INEHrhpmFi6xDtcXkmn-w9FKBmo5Vswka-4PYsCY4z6SzwgoflhyvYt_DUIcecL8bt5Rpl-nBYh8a4cbAiSD-hiNsF7ZIb-CXJHP5Wgn10FtsI8xFhPZlr1nWLHlS1cmYtHzEQdQS_zHslFZPuWcXPhVN2PhvHODAFh-96YEo&cry=1&dbm_d=AKAmf-CGzvFIjcDEDP9IMrzdbVIrpkpoFUquaT1eNdKi8zKlTUs3e2fKJklB9wFqGPCYcUNOm0oUpU5ZNYyDvxmWeSLvO0QXOxycXYHW_6UDe-duMFfi4S1MPaNAFu1bBNNdyODgVNJwRsQ_AiXyQIt0LoNdlA96EstnKpHd0IG0i-iSjleAxP9VihhJff9LcJjKSJ_wfRuKv2dfZ51TqFvVjyLqUpaQAnAbYK41Q70WIfkGGxXI2w_L4ik7RwXUH0pbioKuOuIGRJqksgkO9fxH7guby16OtRzCOwW-HchuGuPqXSluRZMmISo2gxJ2nFVcKxKmCHs7Q47u9b-vzKeHMb1xLNsW9hDVhUai4XrMXNeUKOGFUkERR1iNENZpcaYKyyBzTcCvUVBkTtCLkw0S-Sq1QrvMdR10N94QDvRtJBAlM1GuTSUP1AvFhy85f_l8qCc5X9l7IPRoZPPIdspavH1MttD3fNMs5M8Zr5_-lInmEb9JPKcisSDCanr19svRYfjZ4Hs770iJZ3zMOdozcJuHQsao6SgMmB2ghEbTIz5uvOGJQpRAubIKnlMEkhHBaX4_m2miKQZp3_ftn4Mfc1ARljRBIEPhQJOMICbvzibQsSQmStwd0hCQQV6c9Od2wlhrVAiqZjMeW32mnBQ3JdMeEuYBj6rEuWZ_LxUxVY2Z58r1rWg8jiqT123kY0Ros5xsBuELIb71V-RR9vU-y9fq-2vm_KhJC5zRhjY7-GDkQs5wVAIqVLiEFPizTAiyjgQ4kzcGuUa6S6yYQUmcPeUa6D9NYTySiHBjXkmcUdcbP5Xh9QaIcPmyQ1nZPWScMiPwskSXqKpTeMu0a9RZiWBZ7SCDFIUTD0xM-c4Ur_kC8cU6oaQPMJmknbiLRRogrp7i-7K4Dvck6EPEo7gsZ12GMsdcMPKql9SFa8pKyP-wmFi_GCZt9mBa0ekvj7njosqw6dyxIX012hOvuYNmthe3bjAtvIx68jl8WeIkwj8Sqc4dgfiEyOMlHcKNjz71BvNYhzo-ROdeLlJX6wDduiv-6mX2yMu2yZJhoNFug6aIbSHCQniLj5lm7oxXq1491YNrrJCySzPJZ6th0B41vDcp4b7mikxjNewHeLMZfm4ytp9rV_aiYuqWB8_fC73kRnw0LBdLBVRsIz54FBcBNTVJrgI0B6BV_XLozvCOSodne0usg-ZI_GwNrTxGH6rv97k47WfsrD4DdJD4YdyIlqNTyqup1XAAr4bSYF9b7n8y-KmkGty5nJ2BlJqYxeiRDwjBIr0UNh_iSfroepnhWgP2Ae1aLqcSq0YAlnVd_JXn-8KawouolF5ZrR8gl7enOp9OBvi3NEKLSAjWKSkm9pJsL5nbAjh6JhKFYO5jjak3cjgbt_WH2deEC7bhHZqMZTaOkkDN9UvT0uJ4DipsnarCRj4kU1xK-tucSeLnRQhl8McB94onMrqRJo1EMWufj1juaKCJ3RGh4LpYvvApEuji1KgE6MQP13Q5OxIUssJT5-F-5iRtrxtfdXuCb6F6rE1VKx3cdHLox70LF3ktnz079yt9TCI9QHlxIzMzz8otTcC7o-Dot6Z5Zz0ZGXocfcUR_TS0Us1lvIw16YTWp4isnAXTP6FfTOZpJWrW1rELKOkLaH996e8t7cPQwOiusE7Jkr9ScwXgXrpSTeRLms3eF4A6b5-j2wxF9sA1Qdi7tniZQTVqY2WuWYyPV5r-eNz_cWH_PiS64dv8AG8UpPP1k3UQe2jPryfpNafW1mhvyqYoVr_RKDiCfNPCfHB1iAqFl_izaFcNaGZT7VBhtib5rWFaeI86qmRnqgFfH23ruOn7UNXrwTJOhie_hMg8UlOr_7QFohfck48KmFB__IuFNkUr0FCtpgJUvgbM1vWxZnu0H0e8AUcmy7AO3X3WHlaGWBMK00Ut4Dn04PjIzs5HEhcBOxJmVH4WRXi9ua3KPznIA631Q4PfMokdhLO-AhvZqeRc6LBqptyJnmr8ZuZwdKjHSS9E9tjlXaAs7w6YVA9oy2eMW8DV51wIFqtDI7iu2AjtAfmKNssfIF1hDIZww6lLMGw3ibYkh7mql8wThdaXP64iNkrC9hv9bP9Y8WrdZQ-xwRHCjphMhFYGA9odR2G8rYHwqetuVSzAgPk7tr9l4WiAd4S-BfmbO8Uviq504zIQgXSIIUuUHtfiJKroOm4h0gCsfv8XaSbywYQMcHagmyPKAuDsfu35IJsfC7igEqBG4OSZtMJ6KXem7cWn8hAMWpDj5e-R9jwdNUvI-rsLLLRGowGR7i10Lf9mBYq45zgDGnNucS1QtVvmJcgZyrQYp2DbZM7GXtP7PF-577bP7t77zua8dzXl4OMne-WdKfORiLMKMm0b3qxIJq0rR3SvpTeEilckeC0kWwHWfXcIlAucSZboWJuH6LBQTgVR-EfCPmxv8RD97xGHCqQzXKUGN1V0mTxCCbF2W8IyvprM8I8zF_YrpdyA19eeOMQUyLFslEJEgdSfqxf0RxqAJSI8fcSXHj-msUxOG13oZROmO0A2unp3bw67DEPGtgLZQrCADpytNhOsXFCuVN6rPVdNA4w9FraEwOojKeGvvFwbXZQGjLUHB8g-GrsGiEvbtDI8x3syBM_fEU50BFwMkj93fg-aFfryStNTAEMFK8b1T8Nc0iGuWyBF9hRfGsjuU2djBPbqntHMNJjgzEohuwTVn9eerWzyxbePtO_8xta4eX1N5eES4qo7NJgN_tsDP4IN3iVNKcOqWcwOw_im2rU8tg0KCZSGVyRJquI1UW1b1zhRid27ojhDweHmU0-ukTrVRcdiAsUCggpuh_3-APaV32SX2dNjrrSB-7q5X07mYJP1hQcUtMWl8NdTZnoXz25skQ2q0QHdghXqTPz90dAs4PJsz3T6GTLAAoo-2nu47jBAMdncGawc1LY-AaaYoZLD1uqTb3v_EQpneBCjcqoQn2X7DJXcCIE5PpIZBJZ2w4eU4W5-1V1q3rHpEmiedJ1P7faaMaB6fZBstLKpvPfwrg6QonCAFICEAgAbzn9fFhv1E0qvahNW2vOK7Q07FIxjGQfnBT9Xo-fFCa7dt8yQWHfUQ_A7IQP9vocru8PJIIZQQGfAFrrkoOaUcIPkosdl4foIdA_Su7VLuMTNCc6ZEgTLZ_vm0tQZ1-fwykJR7v_NTBHu9aTXTgVP_CYh7lc-hon2WA4-wLieCCMc721UgSDjpes5ZVk2VORWPNcMNnuGKBdVMAohpaykcDE8QGFjCuu2sJJdnr3OJsYP66ZlYyvn7RUMKlm8aCTidpvTiyhGp10oRwE0fwu6KJ5DB-sciaVbLiQ4j6jwfBoF9PgK3Nku6bsri3Q4V6CbPhLN39tJisN0yPnKcc704rENcPUJJ_PFV2oSqYJJWyr47sbWrT5YgMxgPA5bMLo0IAZSsMk&cid=CAQSPADq26N9P-iQ2CR10tcO4Qn2VNG2t4heQ71sKGjZCqYF6xBXPvpxy9g03YzMsAA3ScVgYC53s_rcJ-aTZRgBIA4&rfl=1%2Chttps%253A%252F%252Fbuhgalter.com.ua%252F%240

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4e388fe3caca4cf58a303f6eccf2c2a25f6ca596d0f8cfabd87788dbe3095ee8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 00:55:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17196
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame A11D 42 B
107 B 75ms
73ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CoPAEcxjTMSjUhpu8mMwVwSYNo5toTrRUo99IhmAzmiIVHswUydQBHQk9d46-Iy4tTCdxMMVHvLj7vI7LV2tgg1qWX5-52PHASeeMXPVxY-T7vMPs

Requested by

Host: b421d36273e048925721661df0521728.safeframe.googlesyndication.com
URL: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 00:55:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adServer.bs Show response
bs.serving-sys.com/Serving/ Frame A11D 13 KB
6 KB 245ms
54ms Script
text/html 18.198.85.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/Serving/adServer.bs?ncu=$$https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DC-41veldoY8qcEYiQjuwP272P0AuL_NSBaO-ImqvED7Ox9P0IEAEgjOWgH2C7hoCA0ArIAQmoAwGqBJYCT9A2Y9cZM8ah2pqnmkQxT4KBi9o3cfB31OBTrM8THLooZPOo6ZT-x540WjvMxGXA8LkAbRJuXwg2R4zm7ws8AeATQcTAmvwPjEEh8uwp52DziG_q-D2J3HE8TWa5hKdLRrej7lx12dbCfU2k_mOTyjKjEvyzjTCt6umJeGiklIxso1vdGzqrgbAnyb4QRNkhWNtG5heXRhHWIiUatLebIdRorfRzQ166JYdaYoEZiWOYQ3-rdM9FYaDUcvbTzQhDaaNUqT8CxHW2PI1y2FaRXNf4ktDBXzR6IM-W5v8ATWjaAYgmcnlXj8oNKJnl9RxcZ7nO1byQzyFuVTpPIoQW3Ls8EO_ZX6FRhDEcoey6AraAGqFh1xjABLrrpffbA-AEA5AGAaAGTYAHvO762gKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgGYCwHICwGADAGwE_jZixHYEwrYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPADq26N9P-iQ2CR10tcO4Qn2VNG2t4heQ71sKGjZCqYF6xBXPvpxy9g03YzMsAA3ScVgYC53s_rcJ-aTZRgBIA4%26sig%3DAOD64_29JM8uOrE1I_odwADgsR6EqXnDSw%26client%3Dca-pub-8618771545316321%26dbm_c%3DAKAmf-AqQkDtm_lUhHQrSY5YFf7AjHWFfZQ2TkKMQV86hL_EywVVs7bGkZLY1BTw9i9zDgSV9IW745BJOGkO06eP6VGbBiSeZaynDbfgGTKJF402px35ShBhH5qTd-K8Bayd3FYHuXzISPdt7KYlDfQRZHDeBB7OPGf8AQz6_OGGJ7WJg6iYs7E%26cry%3D1%26dbm_d%3DAKAmf-DQJ50D-NbCaZkTS9JoALikMxVH6cd9FPvNX-oXI1KEkH3VJrT65jDOgnib1Jr_ba3EH2SstmN3UP8Um_UmI9eilP22yroNcJZv6b-UGAjt0hJwCwI40psCgInuFdoUDJwxG1gIitCrfzyhsHkIrxL9tIrCxZkszDX88XoYgmkoNFZrBUdRlWthfwfPJX1GNNZGyT9Rcr5Z8A7iUllmRYqLHMZ3GPLdSwh30XAnfibsWaWze9GnYRQirTkCbLZj_mxoX8JjbI3hZSVBdKBZaOxRLyxbMiTBN_4jzJz3AfWKlgcscYgdl_aejh2zk7DvO0mlnobtMV4b_GLJxoJXgyUq9FolZmhkm5h7dJ8McAWks2kxQEBoBTOzY8K2ZCRgVgIAsJyMHEgvZZN9arZ6lok4oHD1FotCnC4YWebw2QORC433srvIxDDAzTAroB0B7UbQhgb8-i6VsrXKkSKBIH-s67NMHI03Q0qgmb9J2Q4B9pquqgmTqtqOK5Z8DR_PtfKT_WRI1cj8dsPl5kAfGjLQOpAYRAL_aPboBcRStKHM0bUWNIs%26adurl%3D$$&c=28&cn=display&pli=1077774931&gdpr=&gdpr_consent=&w=728&h=90&ord=[timestamp]&pcp=$$ABAjH0h5tAxJIIwn1PcneQDarCKR$$&z=10000
Requested by: Host: b421d36273e048925721661df0521728.safeframe.googlesyndication.com
URL: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.85.91 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-85-91.eu-central-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 42c805e59c5ad69eb13f463e81d6e5ccf411bab00019afbc36ecc387ee37756d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 00:55:23 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: CP="NOI DEVa OUR BUS UNI"
cache-control: no-cache, no-store
content-length: 5638
expires: Sun, 05-Jun-2005 22:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame A11D 3 KB
1 KB 167ms
97ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/window_focus_fy2021.js

Requested by

Host: b421d36273e048925721661df0521728.safeframe.googlesyndication.com
URL: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 20:58:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14190
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Nov 2022 20:58:53 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame A11D 17 KB
7 KB 145ms
74ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: b421d36273e048925721661df0521728.safeframe.googlesyndication.com
URL: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

71d49d865114d9bb25bfdfc0272b738cdfd771749b21360ce5fb40eee3b4d986

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 14:38:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36998
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7305
x-xss-protection: 0
server: cafe
etag: 12747696668401323709
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Nov 2022 14:38:45 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame A11D 0
0 50ms
49ms Image
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQoe8O0chj6uN9_LanLcIFamk1CUN6NK6oMF4VjyZ_fEHuLIPUU7lV8fy6DKyx2uEoajcYVeCxDlcHaqJDKBAoGN0TELA
Requested by: Host: b421d36273e048925721661df0521728.safeframe.googlesyndication.com
URL: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A11D 154 KB
47 KB 139ms
77ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: b421d36273e048925721661df0521728.safeframe.googlesyndication.com
URL: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c96507386689e69f6112a5d0a91ea851a260e5c023642dc374a8489271f53246

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 00:55:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48204
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1667489865617883"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 07 Nov 2022 00:55:23 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame FF3B 1 KB
643 B 127ms
40ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: b421d36273e048925721661df0521728.safeframe.googlesyndication.com
URL: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 38263
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 06 Nov 2022 14:17:40 GMT
etag: 48472445140208031
expires: Mon, 07 Nov 2022 14:17:40 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame F1FF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIBjxMpJfdeXtO7k-hJo8VY&google_cver=1

43 B
766 B

42ms
42ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIBjxMpJfdeXtO7k-hJo8VY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIaBahCjyH4Y-ojj1wEwAQ&v=APEucNXKOgQrHqJzjCC1HcfFt5qpA5PnP1bbIB3iRbt46E3IKeZZSsqBqqw7rwxfHtkGI3k2C27yS8xy_qr3osQWJk487W5zgB3xJ0dk2TNtFR5bCENFfNMSJHgVdnZfunFIVzu_nuG0W60BMhl-6wYm1sHtEwV9iqoPM704Dj1sa7nKPNqO_DQ
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 07 Nov 2022 00:55:23 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Mon, 07 Nov 2022 00:55:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIBjxMpJfdeXtO7k-hJo8VY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame F1FF
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y2hXe2RZyFwZ9VomfUGXEgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIBjxMpJfdeXtO7k-hJo8VY&google_cver=1

43 B
766 B

40ms
39ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIBjxMpJfdeXtO7k-hJo8VY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIaBahCjyH4Y-ojj1wEwAQ&v=APEucNXKOgQrHqJzjCC1HcfFt5qpA5PnP1bbIB3iRbt46E3IKeZZSsqBqqw7rwxfHtkGI3k2C27yS8xy_qr3osQWJk487W5zgB3xJ0dk2TNtFR5bCENFfNMSJHgVdnZfunFIVzu_nuG0W60BMhl-6wYm1sHtEwV9iqoPM704Dj1sa7nKPNqO_DQ
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 07 Nov 2022 00:55:23 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Mon, 07 Nov 2022 00:55:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIBjxMpJfdeXtO7k-hJo8VY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame F1FF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEAuYradHN0A4y3duD50Yk1g&google_cver=1

43 B
1019 B

36ms
36ms

Image
image/gif

185.89.210.46
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEAuYradHN0A4y3duD50Yk1g&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIaBahCjyH4Y-ojj1wEwAQ&v=APEucNXKOgQrHqJzjCC1HcfFt5qpA5PnP1bbIB3iRbt46E3IKeZZSsqBqqw7rwxfHtkGI3k2C27yS8xy_qr3osQWJk487W5zgB3xJ0dk2TNtFR5bCENFfNMSJHgVdnZfunFIVzu_nuG0W60BMhl-6wYm1sHtEwV9iqoPM704Dj1sa7nKPNqO_DQ

Protocol

HTTP/1.1

Server

185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 07 Nov 2022 00:55:23 GMT
AN-X-Request-Uuid: 180f0872-d423-4662-addc-833c4d2503a8
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.138.196.106; 217.138.196.106; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 07 Nov 2022 00:55:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEAuYradHN0A4y3duD50Yk1g&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F1FF
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzk0MDAzMzMyNDAwMDkzNzA4MA%3D%3D

170 B
188 B

136ms
51ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzk0MDAzMzMyNDAwMDkzNzA4MA%3D%3D

Requested by

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 00:55:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 07 Nov 2022 00:55:23 GMT
AN-X-Request-Uuid: e894fec3-104c-4258-b82c-1c7b38d4709d
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzk0MDAzMzMyNDAwMDkzNzA4MA%3D%3D
Connection: keep-alive
X-Proxy-Origin: 217.138.196.106; 217.138.196.106; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 9561
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIBjxMpJfdeXtO7k-hJo8VY&google_cver=1

43 B
766 B

43ms
43ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIBjxMpJfdeXtO7k-hJo8VY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3Y4tMCEIis7NsCGL6xhMYBMAE&v=APEucNXAdF8vcp9ioi7CVRiU9BYWs101lfU8XYSaeroZ8m3gVU8wABpwajg-IdJm2aAqTytdVTDaze-tLxeKO_Yql6hVZfsU9kkQn3oBK-qGr4wt2syjEgqDrEz75BHi7Vy6YUUbHhJiPr4ajp7-rSG-hD_pLot4uuLzf_E70sHoMlKd0k8U-lA
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 07 Nov 2022 00:55:23 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Mon, 07 Nov 2022 00:55:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIBjxMpJfdeXtO7k-hJo8VY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 9561
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y2hXe2RZyFwZ9VomfUGXEgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIBjxMpJfdeXtO7k-hJo8VY&google_cver=1

43 B
894 B

40ms
40ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIBjxMpJfdeXtO7k-hJo8VY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3Y4tMCEIis7NsCGL6xhMYBMAE&v=APEucNXAdF8vcp9ioi7CVRiU9BYWs101lfU8XYSaeroZ8m3gVU8wABpwajg-IdJm2aAqTytdVTDaze-tLxeKO_Yql6hVZfsU9kkQn3oBK-qGr4wt2syjEgqDrEz75BHi7Vy6YUUbHhJiPr4ajp7-rSG-hD_pLot4uuLzf_E70sHoMlKd0k8U-lA
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 07 Nov 2022 00:55:23 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Mon, 07 Nov 2022 00:55:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIBjxMpJfdeXtO7k-hJo8VY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 9561
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEAuYradHN0A4y3duD50Yk1g&google_cver=1

43 B
1019 B

35ms
35ms

Image
image/gif

185.89.210.46
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEAuYradHN0A4y3duD50Yk1g&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3Y4tMCEIis7NsCGL6xhMYBMAE&v=APEucNXAdF8vcp9ioi7CVRiU9BYWs101lfU8XYSaeroZ8m3gVU8wABpwajg-IdJm2aAqTytdVTDaze-tLxeKO_Yql6hVZfsU9kkQn3oBK-qGr4wt2syjEgqDrEz75BHi7Vy6YUUbHhJiPr4ajp7-rSG-hD_pLot4uuLzf_E70sHoMlKd0k8U-lA

Protocol

HTTP/1.1

Server

185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 07 Nov 2022 00:55:23 GMT
AN-X-Request-Uuid: 16e5314f-06a1-475c-b719-59fec939fca5
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.138.196.106; 217.138.196.106; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 07 Nov 2022 00:55:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEAuYradHN0A4y3duD50Yk1g&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9561
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTQ1ODIyNTgzMTMzMzc1NDE4

170 B
188 B

131ms
51ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTQ1ODIyNTgzMTMzMzc1NDE4

Requested by

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 00:55:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 07 Nov 2022 00:55:23 GMT
AN-X-Request-Uuid: bd319f0d-0453-41bd-9062-3951f644b106
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTQ1ODIyNTgzMTMzMzc1NDE4
Connection: keep-alive
X-Proxy-Origin: 217.138.196.106; 217.138.196.106; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame F359
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKjr1L3yX3QfqzWHsT8JPyc&google_cver=1

43 B
61 B

64ms
32ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKjr1L3yX3QfqzWHsT8JPyc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQmYSshgMY--WavQEwAQ&v=APEucNUvyGYZxrkQMkijp0ZU6lqRbJKFP6NwCNYZkX9hnCmT1jU_vIjE5_uQfkp_TxLiIfh5ojg2J_rdgQpFM8BDUCBD8EzAachzD_E4VAMkaCIB8qlrANqGn0fpwodRfzuEKlA_kopurqwtnnMOhvlr9fqnLA0R24OPqLRswcCnHpTP-Tj-XWw
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 00:55:23 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 07 Nov 2022 00:55:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKjr1L3yX3QfqzWHsT8JPyc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame F359 43 B
304 B 111ms
31ms Image
image/gif 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQmYSshgMY--WavQEwAQ&v=APEucNUvyGYZxrkQMkijp0ZU6lqRbJKFP6NwCNYZkX9hnCmT1jU_vIjE5_uQfkp_TxLiIfh5ojg2J_rdgQpFM8BDUCBD8EzAachzD_E4VAMkaCIB8qlrANqGn0fpwodRfzuEKlA_kopurqwtnnMOhvlr9fqnLA0R24OPqLRswcCnHpTP-Tj-XWw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 00:55:23 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame F359
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEKHBoRmJNz-M7AXC0m3QoGE&google_cver=1

23 B
172 B

83ms
71ms

Image
image/gif

104.75.89.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEKHBoRmJNz-M7AXC0m3QoGE&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQmYSshgMY--WavQEwAQ&v=APEucNUvyGYZxrkQMkijp0ZU6lqRbJKFP6NwCNYZkX9hnCmT1jU_vIjE5_uQfkp_TxLiIfh5ojg2J_rdgQpFM8BDUCBD8EzAachzD_E4VAMkaCIB8qlrANqGn0fpwodRfzuEKlA_kopurqwtnnMOhvlr9fqnLA0R24OPqLRswcCnHpTP-Tj-XWw
Protocol: H2
Server: 104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-89-75.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires: Mon, 07 Nov 2022 00:55:23 GMT
pragma: no-cache
date: Mon, 07 Nov 2022 00:55:23 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 07 Nov 2022 00:55:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=CAESEKHBoRmJNz-M7AXC0m3QoGE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame F359 23 B
172 B 227ms
66ms Image
image/gif 104.75.89.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQmYSshgMY--WavQEwAQ&v=APEucNUvyGYZxrkQMkijp0ZU6lqRbJKFP6NwCNYZkX9hnCmT1jU_vIjE5_uQfkp_TxLiIfh5ojg2J_rdgQpFM8BDUCBD8EzAachzD_E4VAMkaCIB8qlrANqGn0fpwodRfzuEKlA_kopurqwtnnMOhvlr9fqnLA0R24OPqLRswcCnHpTP-Tj-XWw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-89-75.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires: Mon, 07 Nov 2022 00:55:23 GMT
pragma: no-cache
date: Mon, 07 Nov 2022 00:55:23 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 2CDB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKjr1L3yX3QfqzWHsT8JPyc&google_cver=1

43 B
61 B

64ms
33ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKjr1L3yX3QfqzWHsT8JPyc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHJsb0CEPztzbYDGLGk8dcBMAE&v=APEucNX99tYksgMGcS_BO7rjni9XIfdaX97ce0-5aOqPdqPNXxAKK-fHMO8I69phty_aLsGqTd-zPqNH_f_jv-zc4sxLIdUUi1MzlzWtF_CnZBUmoxmjjwS8VpzGq_2FuI75HojKxlag_TkJD0qMmw_lm7S3bUpySuikhmvAJjKjLtZHglrqHeQ
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 00:55:23 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 07 Nov 2022 00:55:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKjr1L3yX3QfqzWHsT8JPyc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 2CDB 43 B
120 B 105ms
31ms Image
image/gif 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHJsb0CEPztzbYDGLGk8dcBMAE&v=APEucNX99tYksgMGcS_BO7rjni9XIfdaX97ce0-5aOqPdqPNXxAKK-fHMO8I69phty_aLsGqTd-zPqNH_f_jv-zc4sxLIdUUi1MzlzWtF_CnZBUmoxmjjwS8VpzGq_2FuI75HojKxlag_TkJD0qMmw_lm7S3bUpySuikhmvAJjKjLtZHglrqHeQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 00:55:23 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame 2CDB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEKHBoRmJNz-M7AXC0m3QoGE&google_cver=1

23 B
172 B

82ms
70ms

Image
image/gif

104.75.89.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEKHBoRmJNz-M7AXC0m3QoGE&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHJsb0CEPztzbYDGLGk8dcBMAE&v=APEucNX99tYksgMGcS_BO7rjni9XIfdaX97ce0-5aOqPdqPNXxAKK-fHMO8I69phty_aLsGqTd-zPqNH_f_jv-zc4sxLIdUUi1MzlzWtF_CnZBUmoxmjjwS8VpzGq_2FuI75HojKxlag_TkJD0qMmw_lm7S3bUpySuikhmvAJjKjLtZHglrqHeQ
Protocol: H2
Server: 104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-89-75.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires: Mon, 07 Nov 2022 00:55:23 GMT
pragma: no-cache
date: Mon, 07 Nov 2022 00:55:23 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 07 Nov 2022 00:55:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=CAESEKHBoRmJNz-M7AXC0m3QoGE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 2CDB 23 B
172 B 228ms
69ms Image
image/gif 104.75.89.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHJsb0CEPztzbYDGLGk8dcBMAE&v=APEucNX99tYksgMGcS_BO7rjni9XIfdaX97ce0-5aOqPdqPNXxAKK-fHMO8I69phty_aLsGqTd-zPqNH_f_jv-zc4sxLIdUUi1MzlzWtF_CnZBUmoxmjjwS8VpzGq_2FuI75HojKxlag_TkJD0qMmw_lm7S3bUpySuikhmvAJjKjLtZHglrqHeQ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-89-75.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires: Mon, 07 Nov 2022 00:55:23 GMT
pragma: no-cache
date: Mon, 07 Nov 2022 00:55:23 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

GET
DATA 200
OK truncated
/ Frame 5F1E 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0f6dea341f671dfd5961526e6dd9583053152e70daf083fe40616f3b8a3e3e92

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5F1E 0
0 80ms
79ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstev0f8wzHmPQrSUaMlC6faM0zGsWRHWHiQJTlVAT9jEhiv0JEjEXZxjeQBcx5cGaPN9k-3etscDfwwp12Kn5ZOAv2H4IIUiKFji7jPRWMAKN9h-yzPXbtrwX_8JJ5LDmxrLN0juXsqu5y8t3d1-i0QXR-g7oVTLkPOwM-0FKYfWnXshsr6O2Lv0aL_Py5gak0DkjdAEgu84NHe17cMPF26dnHwggpQez3-hHPFUO-X33PcXpb1DZexapeVJSjUL4Vx9nOqFkNtB55jItRED564ajc2wfa7_26yB72Cowlu6wYpzDGPqOquoJsAzPH15bGVVCSWN9Zt-uJAj0ZF5MOI2rfFXS-_XuqSYkddP1lAg2HjRsefQ1cyjOsUd2MXlkDGvw-yc1JQunxCvlsr1c2QVuVTixCYXXpWGCd-YnFEhMKjGy7oX-JD-Vs7IrFmV6Kh0Odgo67UEx7birPftpgGgzpMcNFVMSWU_KhKap0cCviqkfKXpM0ML85FTaXUbFkYTRN670oJvriJGeBPRj5udpZ5nWGD3stkpaK90POulbm6_ZIyJHeD1f76IIZFSdJnfBLG3OSL4AMgDQxk0ciBM2vIlXCoslJF4uxTT8Br0BPoRVm3OPHBICjPCXb60ggtgUmcQ5b5_Eoa4tZFAn7CvZNA_cXy1WxpXiyDeBNOaS7Cq9YPN8Yek3fUiuODSQxan-_weF5AyCZWYhR-OPDZUG9aK_yZ-Sn1y_Hw8gjHztTRWynpo8u_eJj_7ZExo488HwSk4GHSvb5PMWI5nzAR44TRQsI4ACEhnjOybWQuST_YzMMAt8Ebi75VLgXCfxXkhRQg7W_2x-e_IIP4aKX33qKklEbVPfEk5VUdEuJOrUmYHaLpXt7gGUg4C4rlb7dSs_znctDO6LnPNk62EQTD59sv1CY2ODVxbGGpB4l9f--M9MygW3MDUdUbeX76iPX22l2jb5ZvKR3zuQZu7jhNX9ETJqi4ALAGr6cJnMgW8YzX_fomkPTfiDoR2tztF8EnPR2RbqUXUojf3clkjNntW5c93MaGhH5fnO53xY15aHUV8Vt1yWgpC85oywPoEoToxcxY47lJP3t-d5a3EUi7j0342MWx9oPBnsjCvDBD6QCJdRiQ9fJwfX4HELOHLqvWRa17RvGGWDOyjUzrFkBH5sqH450qA-EfkUap74R8R5hoUW-N9hsgIbL9fisj9lEW5Uua8CSnBUtBhoXYauuWu6oXQb1AAcx2cTOdQHmW3RaQrsTkOF0gTDLy8Kt1Ydm_xUE5L7_AlzrY338B3SFv9tFlm2na_GcDsbq0sALP&sai=AMfl-YTwE7vILAeeIndjKUMJzx-aFSvTX1cgSeaiPx9xbLNkRdVYGb0alAub9jdp9jHihyr8YBwCd6FlJffal6ZrVJPnNTSI2NWb7cntrvTm1LqX1Yai5zxa3dQISSHQLhNAPkDhyXLs40bV-JbB1lpfSkEk8A_iR_p0_g_tCiqN4TYLbnYCG5T1Wfsn4RQoUrqCZCHvdwfs70kILXWuH36UGKvbBJAsm5hZUeY_u0gJ9lhus1sxmVVKiPPSLNqe2cYyVJrBc5vn4JF5P4nE2h4PcNkTgckk_Nc3oeSFWeOTsOiqFejuwE11bmZXYhUuVcMXH8rvSyQEKQz3mrgV3V735sa20sr92Bh8a7rg3Tmby3Byobalk4EZxlvtGjPHA-loyhfq11Ffjzj7t5Lpjb0JuSNR7A&sig=Cg0ArKJSzD-0iJrTAUuiEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=169&vt=11&dtpt=168&dett=2&cstd=0&cisv=r20221101.66656&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 00:55:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 07 Nov 2022 00:55:23 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 45DE 22 KB
8 KB 126ms
42ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 221480
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 04 Nov 2022 11:24:03 GMT
expires: Sat, 04 Nov 2023 11:24:03 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20221027/r20110914/ Frame 6B14 30 KB
11 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221027/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BNNZfcSwRAm-PTOlP4qYvG10CC-mmB6gqGWEMJKf9jYlTM8ArryqpsAmSkSPgXHxOFfYfD976Yue9mTO0Kq0xYJI5Jbw&cry=1&dbm_d=AKAmf-C5EcUkOKZq68_Vc3A8tf-XH5t6_UdgoiGs9DGxD06PA722P8KnJAKUCaYLDgENBNrVpAEiDsP_jh8zL4mes1q0GB2FMByUiK7xGy0AZ3-dDirxyrYKg3--mazZrzS4_gOJNQh1xRXCGpXyFMaj0-y6GYIFOPF7FXIx0jZVJL50yvtogKrKXRJ_4Km33SftmZy4n4Rv7C3rH5cb1xbzOKglYeN5XdnlKtq5uA6gGxS8Dpx3BGWiamk7HLTz2Nkys3eXMUNC9tzGZ9x3f7CaVoEvxpv8bNNVV8S6UfZTllrtBxgMx2H0OD4Ep0MtkHCfyP4ep6oHcZP2CRZ9jAue-LJkzoOE1fIIfXOV7MeB-X7Zy8Dr_gLuac0zWCAd_FUaS7fzWSQq6HtgZE2t7u6OLyPSxskZkHm8BwBE5RXFeKVi3U9BUFZCdjOQ21DwDpwewxEMVXyN52QNlAZSXXHfk8C6FRa4O7_551NVidp8PcqHyK_jE_C2AqruW-K35OwF4cBv8Ckqxj97r4iQgeiToWn8ESXpcE3wjddwNUBDsHqp9B4wM99FOV8VPmuMLfVn4v-42pFokjqi78pGSJcXEPv_CTCg_5mxtEC0L6Fv_QN5A5XXBGHLgBayehm-AaEvoMauic2_87lnu7YiPDaNNdGU_uXHBluQh7DtGJiGAOXFR6PUDchpXuZPngTJde6ad307gRHtofgGO1loEq-CRaKQK3TqFH8E5qZ-V3l2_2Nr0Wl5XQNpw8pXBiwt1CXTpl6v5u7bh8iCMobyLUqiYcKbYu0lENr_pb9DuMC4Gi208fyO97aJF8aK6Twf7MpAgHd9apIK2JvwymWUS_h89goHgeHVb91I9iLc_JWWC_O2g6a4QBcnfaok0iAW4zKgOcJt-75gCLG7g12NP_1znfDkLUFsdpVs7KXuhimIDEL-aVtiAPaOYd4nkS20GnWUqDJUl1_R9lmap79exVOQfKd5HAanxdFHONvAGi9jE7DWvK7HZwXQm6CjR6q7h02wFMhi9SyRsS2lkQpnTx4f94trav99EZR10OQOyL0m_J4Pts1BzXAHDKauUbzkmYi1Xok7rsrXg-t1HC399JrxIs8VN7vjcOrDqqusIoL6QHF1klDIVcefKADvNZfIKCU4ix7HqSAJWMNe8Ky9APxqKi0YqW4SsHxgc3lYujeNSc1YfJujcoA0O7-YpiWwVrfLCwqRQp6uuz6Jadu6-03BigB81Vfs5iC8Ksj79uQfziu8TG21QUbukJ5pPD5EKEiy8PnURRz_cNTSKM2zKC7ngbRUxVN_jyLFYsnoQ2cTLlmQuxmLAD1cGue2Cy4513tBAs6P_BiiEvAQ0sabe3hvvaMvFRbhZiPUe5bZCcI7RH6K_nJzuZ3dBTrYifRD33IzJ5L9WBDaH8C1V9cgGszYJMOWfCj1prDGanqFrS6L0MbP4gtjKoSpy4S3r1mYIXlCccrF6Ch_dGJ1MVBAROPOQa0kakFiiz212o_raE1aJQn_iv6mIZ9aSXUYuuwECLLGRHaU_wk9nk_TD0hhtIeXJsww82mGe_VBUp3PZUrMQxzpz6Suv5OCArMWYyTw1aJJoPlLKhwYOmnAeXn4IUMed0SvZj_G0mc6p1Sccqoj66y2bAVtQbqvbKov7MpopJI1E30LoD8xECzVtiaB0ld8V76h9n9pNrE4ItWWsGBARwwQgum8bIc1N1HnXvUrjz9CB0-VeVjzB0ifn5Tahc7qhrMwF83XWEdCEh7Ry6_oaqyCIxOmqlUUbFNp--07i_GjLdoP8ImZ55Fi1CpPYjIpVqKJqNp12cCbYwFYzCoSJFOcNHrruck8d21mBjyJB13kGjc9P5DQ7EuqC7aj0QU418BKbGoPPUyV-5V1QGtQkqZlR1uVkc-s__qxksck9p7TS1yKfV1bnFz0hKiCAewDTHAdemrVtDEwrLtRzM0CkpUFJGaWBVJU68syV4-LPUzHNQ2MPdkpHi5IwTj9Y9YLGjjA-iknq1NhBhNXD_KD8g_wEQrHZGcyV9Wg6hMtjkWGMCon7uF0OOAaktOeko5Bk3hFBC4pzw5pFiEZtYWyvY0VIYVO2WX8ZC-xaadbGiUaPCfI7rCRQldyKdBRMwRHduf_1QVPcDnncuJ2Eyd1ZXNNVm9Y3YyEK4ZeclQDJg7th5oan3DdK1kiqJR-AwrJbq7lFD0xvFfpCcILWicoDNrlCYGtPWCvxkOV_iKkoV9qwU074mfomx7RuCElxau5Us2ooHOWLAWzjWFFc3THb8PF2cWCCbn2a8xSgq8snMoTAskry3Ek-O2H-585Vsovs9cNErH4W_5cknvL5K4xGCcjcnm2IXdQESx1Th6R2FWVnehIRRfPI6sXZlVQtbxyvjhlZ5iSWovDuI86VWL82LBBLDvdjdx4MSQyJ1JcDvqcQQqtmtljOO8_emXeXorrETwPCzxGfug3kAgG-RYNX1SRHNIbxZPkeF8j2mx7r_0zW--4n4xABQ2pCCpWkIoZbbefhhTGaK_xp5BweWuCHkl2C_ESAmGepwBNUzo5EkgrfeCAMLLec2vhjmM1vLaV9jLYg4ETHF15ZsVWD3BD6b0tsgz1B7K4hTsgqkbLByS31pBgFzUfRe1XCLap9ZRQbtrHMNabxovnguwhCTUa20lRQXbs2BETBvU87BvRMMy8XRdzWSmwGQ7j4eMVGqRzb6myaEg7wI3fLNQt9Nc0iqI6hIqT9D6qV1B-0ZMRvE3TDpLCLzy_B_XerozBpIN0RaGouz9gl8yIIdYtt1AQbyYe0kcL1lQt5LHw5xztzprWue6S0aj2ZOo9B-YZpYQFGcH-i6My4ci647-aucldqBtxa5QFjMJ9OKRHLQ5Xo_FftpgbZoHDT7aDtsRk4KfX7lWhsD0_aS-jnPIRhkBcQXFkLwcKYhHyhmDBloE_8mck1GKDp7HI4prBhFDP-axE1hDHiEoH7UYdjkEEzxGL-53rIkVYp0pkjkDdwDXa7XHMZ67xjF0AAURMLwExLgna7BjJ79HChNjNZ-9tdPZbkLypFpwxWhnvbrQemzKgZJGN2OmCSO9lCjspEUVZwTN3Vfbk8IR6he_uTdyTSnoV3_zHqf_jDMf4I4m9jFg3sc8i11QjL1-dif9Zrbs8KNSTSyBdYkZuU3NiLMvXBGb7cEG-cuZSH94slE_DYow4PezIbNzVtETP5lMRTDhwmcNUvTUnSghRSvqs-o8YpQLft67c_A91g3mJvASWz9xiOthe9H6qul5bN1qoUB2_GNxaEcRjmlgKJ2qTEup_W_Of6MU4jh62POuhHadg6jg24kvYwRYsrFTUwqMtShhoag8HzR-gvz7RwlqU3E2A_Km7ciqCakAl8O8M74uYh02Qyj7yCuACy_3pT-gGfnRIzJCgx1te49yxPsliCbE8zsfCf2gFLzejM6bkFuKT3x9hi38h5ssyE8ZqBILIJpOM5o8OLxTWbBffWbnS75DofIwOqGLNyMZihNekzdPlhHtMA1wf3AXam4mrY8th00DzztTfEWQFGo-r2b9QhHgQ8cJFR1gC7h4tZkIvqwKn6c58m75ORAe3opu-WN0B-KUB-qj_m6xUJeF7L3tTbX2PncXQki2vrYBr2X84JagIWI_ySKdjUaxd0uyvjR_Qh-ptgsN-krMm-uIu0Oe3H2CEISLgZV7-bvZzUwdhLpAxYKvQQ5PjJrV3sDE7SyYsRH5Cne5RZcHtNmMJZqHakR8kl_7ikDT6bPmsNTmkmVcj8VxecgkQvBC_KbVp&cid=CAQSPADq26N9P-iQ2CR10tcO4Qn2VNG2t4heQ71sKGjZCqYF6xBXPvpxy9g03YzMsAA3ScVgYC53s_rcJ-aTZRgBIA4&rfl=1%2Chttps%253A%252F%252Fbuhgalter.com.ua%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ac32377ae624ac720172de6cd59d7fad67c0c78fe658c7a7b2b43be14b9d74ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 11:24:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48679
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11484
x-xss-protection: 0
server: cafe
etag: 16485072225624805710
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Nov 2022 11:24:04 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20221027/r20110914/elements/html/ Frame 6B14 8 KB
3 KB 51ms
51ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221027/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d4fd99fb81b7a54dde7ec7af98a536d555323b8c4445005fd82aeaa0351c975c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 11:24:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48679
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2990
x-xss-protection: 0
server: cafe
etag: 2274832811029412562
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Nov 2022 11:24:04 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 6B14 0
0 88ms
87ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvWrmkB1W7UcjKDFMrb9yo8BAH548vVudQpplYbaovWigv_27Mup--Pb9jFtBM7XLuei8CAQ4ThRFRg4JbfUKhgHqM8jH0G1hXBhEsT8F41XvVa8ZwdoPcHJSAOkmGpI8umw53ua4aW7BJcwtoHmDlz4TnKlGrpM83PmGxfqt4XVVsrLH4NifIkcaNgLtaOgi8VhKqSrkLY_tuyNgU7NSdLLN3TDbHujwLCaAVNZCB5yIllOAeBgqtrl6B6t8c9YxamPuhCQtAU5tyFFsAjcUuxlx9nPPQnm0cmB4AccYrpmrQNm6jM3emQJNWejBZKcKNSKcL1xQSH1agbQ_Z8WlJwj4GF0FfSzfY56D7gwh66SW8C4YvXcgo5ue6fpPO4MrLNNaDAZakS33ylTsdhnLz_C4htcinr7n4SehDdaTVlzQVDgG9VKRf_7qrK470BHrnBiR24v1CXXBbMR_bNDqaKgL4JQMFFxlE9XrVYczOMnurA6sARoRNdbrVBhYwtoeICsz2q05bpVdr0yDRnqpNA_naA_oQUgYYfaXuOohM4vvUH8DUV7pzUYV7c5j2HGOCsr3TvVnbyT5AWDgMK6hs1AOdTVUTrOVKOGVIJNW8uoLyio2gxv5wapj6RSpsej5IOAZEf3_ls1XxQg9iijCdi3mJnMb4Ez55-RhvPkBY83t1QsBzUTG99k1HaFeh7Nsbec-REEC4MqRyzFfELj4azngnYKZjPks73zGcdJfmxfD0RLB7Gi95CmfhcXUkXUIkOM68F6lW8B1JHCPU6fF_z6vgIQ0Q_YE81XON8JcTCSkFEceg7JSdXDJhPQw4jdFoDV3G14rR35F18zuHFrxAhxk_OnJ2PpnMrqR-zC6iL4fGeRQqof9QYRU3AafBZHM_OqsXSJc3jQio5jtfqWjUrutzobLFpLuPdK7CVEwFJLGBhmkvS95PQieGoHk6R3h0vAB_1BwVpaovgJiKAxj42bSO8WwQnlRJ1ka5qG0gnEaUQc_SakpyoSUo7NrlDfzhxYAWr1k0G1tIvX-asA1BEaf33vTdknyLDbp8b-mejrcqEazfF5PwYXtpLn8Tl__k841wIAOF19bLZ81EqU3J_DXJ6vawLpwK6CoVCrX9kKf5V9XHZF34XVEV9MIK7n1j6HP-PDIy2SprxWKb-skv22IRrl9cpxoC04K8oLPUauH-XXEFAnH9Yzt7XmYZPVeEQHB4SA-RSvGf14MJx6qPR4LhJi-JRefra2VBdioPL4Eam3WZ08bhv9FEsAv_j4-YAMioXKxxwHHFaQKzecgGPWZYnE_ZZtzJ7DiIAQNruICHzHjPCYuuIjrc&sai=AMfl-YRfaUqfbrN8PN-t7dblVjEO4k2fogda-4bDXPTA24BN_5BdZU68qlxRK4o8LYucslA0A2nYBUNrNYzyrpuJPiDBtnjsmPb2JFgi03ATctj1E3YqWmgmOqmADkNEZxTZSGpDJXttql7s5jm_St8lUkCtFNmEh0EeNh5w7hQDizzgr-oGYOO1enyNYdHsGOAZlD7s0978gcu0M5Mq1P-EiJ2B4fkJ5ioghU1d5k1U4S6SFQShYHOEM9SslKKFt9Y7JpvS6Ii8L9oRXg&sig=Cg0ArKJSzCQcS0GkNuZ2EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20221027.92164&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 07 Nov 2022 00:55:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 07 Nov 2022 00:55:23 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 6B14 41 KB
15 KB 117ms
40ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 11:24:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 221480
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 04 Nov 2023 11:24:03 GMT

GET
H3 200 17833668557370009334
s0.2mdn.net/simgad/ Frame 6B14 85 KB
85 KB 127ms
44ms Image
image/gif 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/17833668557370009334

Requested by

Host: b421d36273e048925721661df0521728.safeframe.googlesyndication.com
URL: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7fa2dc82324a628f7b1f6e555fc90d3cdc3f8a0cf20e727bfeb967d302b58cf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 01:05:26 GMT
x-content-type-options: nosniff
age: 172197
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87054
x-xss-protection: 0
last-modified: Mon, 31 Oct 2022 14:49:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 05 Nov 2023 01:05:26 GMT

POST
H/1.1 204
No Content multitracking Show response
ghb.adtelligent.com/adunit/ 0
227 B 29ms
28ms XHR
text/plain 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/adunit/multitracking
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19303/hbw_master_299506_4371.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://buhgalter.com.ua
Date: Mon, 07 Nov 2022 00:55:22 GMT
Access-Control-Allow-Credentials: true
Server: Adtelligent
Connection: Keep-Alive
X-Robots-Tag: noindex

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20221027/r20110914/ Frame A11D 30 KB
11 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221027/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DZNBWmm_INEHrhpmFi6xDtcXkmn-w9FKBmo5Vswka-4PYsCY4z6SzwgoflhyvYt_DUIcecL8bt5Rpl-nBYh8a4cbAiSD-hiNsF7ZIb-CXJHP5Wgn10FtsI8xFhPZlr1nWLHlS1cmYtHzEQdQS_zHslFZPuWcXPhVN2PhvHODAFh-96YEo&cry=1&dbm_d=AKAmf-CGzvFIjcDEDP9IMrzdbVIrpkpoFUquaT1eNdKi8zKlTUs3e2fKJklB9wFqGPCYcUNOm0oUpU5ZNYyDvxmWeSLvO0QXOxycXYHW_6UDe-duMFfi4S1MPaNAFu1bBNNdyODgVNJwRsQ_AiXyQIt0LoNdlA96EstnKpHd0IG0i-iSjleAxP9VihhJff9LcJjKSJ_wfRuKv2dfZ51TqFvVjyLqUpaQAnAbYK41Q70WIfkGGxXI2w_L4ik7RwXUH0pbioKuOuIGRJqksgkO9fxH7guby16OtRzCOwW-HchuGuPqXSluRZMmISo2gxJ2nFVcKxKmCHs7Q47u9b-vzKeHMb1xLNsW9hDVhUai4XrMXNeUKOGFUkERR1iNENZpcaYKyyBzTcCvUVBkTtCLkw0S-Sq1QrvMdR10N94QDvRtJBAlM1GuTSUP1AvFhy85f_l8qCc5X9l7IPRoZPPIdspavH1MttD3fNMs5M8Zr5_-lInmEb9JPKcisSDCanr19svRYfjZ4Hs770iJZ3zMOdozcJuHQsao6SgMmB2ghEbTIz5uvOGJQpRAubIKnlMEkhHBaX4_m2miKQZp3_ftn4Mfc1ARljRBIEPhQJOMICbvzibQsSQmStwd0hCQQV6c9Od2wlhrVAiqZjMeW32mnBQ3JdMeEuYBj6rEuWZ_LxUxVY2Z58r1rWg8jiqT123kY0Ros5xsBuELIb71V-RR9vU-y9fq-2vm_KhJC5zRhjY7-GDkQs5wVAIqVLiEFPizTAiyjgQ4kzcGuUa6S6yYQUmcPeUa6D9NYTySiHBjXkmcUdcbP5Xh9QaIcPmyQ1nZPWScMiPwskSXqKpTeMu0a9RZiWBZ7SCDFIUTD0xM-c4Ur_kC8cU6oaQPMJmknbiLRRogrp7i-7K4Dvck6EPEo7gsZ12GMsdcMPKql9SFa8pKyP-wmFi_GCZt9mBa0ekvj7njosqw6dyxIX012hOvuYNmthe3bjAtvIx68jl8WeIkwj8Sqc4dgfiEyOMlHcKNjz71BvNYhzo-ROdeLlJX6wDduiv-6mX2yMu2yZJhoNFug6aIbSHCQniLj5lm7oxXq1491YNrrJCySzPJZ6th0B41vDcp4b7mikxjNewHeLMZfm4ytp9rV_aiYuqWB8_fC73kRnw0LBdLBVRsIz54FBcBNTVJrgI0B6BV_XLozvCOSodne0usg-ZI_GwNrTxGH6rv97k47WfsrD4DdJD4YdyIlqNTyqup1XAAr4bSYF9b7n8y-KmkGty5nJ2BlJqYxeiRDwjBIr0UNh_iSfroepnhWgP2Ae1aLqcSq0YAlnVd_JXn-8KawouolF5ZrR8gl7enOp9OBvi3NEKLSAjWKSkm9pJsL5nbAjh6JhKFYO5jjak3cjgbt_WH2deEC7bhHZqMZTaOkkDN9UvT0uJ4DipsnarCRj4kU1xK-tucSeLnRQhl8McB94onMrqRJo1EMWufj1juaKCJ3RGh4LpYvvApEuji1KgE6MQP13Q5OxIUssJT5-F-5iRtrxtfdXuCb6F6rE1VKx3cdHLox70LF3ktnz079yt9TCI9QHlxIzMzz8otTcC7o-Dot6Z5Zz0ZGXocfcUR_TS0Us1lvIw16YTWp4isnAXTP6FfTOZpJWrW1rELKOkLaH996e8t7cPQwOiusE7Jkr9ScwXgXrpSTeRLms3eF4A6b5-j2wxF9sA1Qdi7tniZQTVqY2WuWYyPV5r-eNz_cWH_PiS64dv8AG8UpPP1k3UQe2jPryfpNafW1mhvyqYoVr_RKDiCfNPCfHB1iAqFl_izaFcNaGZT7VBhtib5rWFaeI86qmRnqgFfH23ruOn7UNXrwTJOhie_hMg8UlOr_7QFohfck48KmFB__IuFNkUr0FCtpgJUvgbM1vWxZnu0H0e8AUcmy7AO3X3WHlaGWBMK00Ut4Dn04PjIzs5HEhcBOxJmVH4WRXi9ua3KPznIA631Q4PfMokdhLO-AhvZqeRc6LBqptyJnmr8ZuZwdKjHSS9E9tjlXaAs7w6YVA9oy2eMW8DV51wIFqtDI7iu2AjtAfmKNssfIF1hDIZww6lLMGw3ibYkh7mql8wThdaXP64iNkrC9hv9bP9Y8WrdZQ-xwRHCjphMhFYGA9odR2G8rYHwqetuVSzAgPk7tr9l4WiAd4S-BfmbO8Uviq504zIQgXSIIUuUHtfiJKroOm4h0gCsfv8XaSbywYQMcHagmyPKAuDsfu35IJsfC7igEqBG4OSZtMJ6KXem7cWn8hAMWpDj5e-R9jwdNUvI-rsLLLRGowGR7i10Lf9mBYq45zgDGnNucS1QtVvmJcgZyrQYp2DbZM7GXtP7PF-577bP7t77zua8dzXl4OMne-WdKfORiLMKMm0b3qxIJq0rR3SvpTeEilckeC0kWwHWfXcIlAucSZboWJuH6LBQTgVR-EfCPmxv8RD97xGHCqQzXKUGN1V0mTxCCbF2W8IyvprM8I8zF_YrpdyA19eeOMQUyLFslEJEgdSfqxf0RxqAJSI8fcSXHj-msUxOG13oZROmO0A2unp3bw67DEPGtgLZQrCADpytNhOsXFCuVN6rPVdNA4w9FraEwOojKeGvvFwbXZQGjLUHB8g-GrsGiEvbtDI8x3syBM_fEU50BFwMkj93fg-aFfryStNTAEMFK8b1T8Nc0iGuWyBF9hRfGsjuU2djBPbqntHMNJjgzEohuwTVn9eerWzyxbePtO_8xta4eX1N5eES4qo7NJgN_tsDP4IN3iVNKcOqWcwOw_im2rU8tg0KCZSGVyRJquI1UW1b1zhRid27ojhDweHmU0-ukTrVRcdiAsUCggpuh_3-APaV32SX2dNjrrSB-7q5X07mYJP1hQcUtMWl8NdTZnoXz25skQ2q0QHdghXqTPz90dAs4PJsz3T6GTLAAoo-2nu47jBAMdncGawc1LY-AaaYoZLD1uqTb3v_EQpneBCjcqoQn2X7DJXcCIE5PpIZBJZ2w4eU4W5-1V1q3rHpEmiedJ1P7faaMaB6fZBstLKpvPfwrg6QonCAFICEAgAbzn9fFhv1E0qvahNW2vOK7Q07FIxjGQfnBT9Xo-fFCa7dt8yQWHfUQ_A7IQP9vocru8PJIIZQQGfAFrrkoOaUcIPkosdl4foIdA_Su7VLuMTNCc6ZEgTLZ_vm0tQZ1-fwykJR7v_NTBHu9aTXTgVP_CYh7lc-hon2WA4-wLieCCMc721UgSDjpes5ZVk2VORWPNcMNnuGKBdVMAohpaykcDE8QGFjCuu2sJJdnr3OJsYP66ZlYyvn7RUMKlm8aCTidpvTiyhGp10oRwE0fwu6KJ5DB-sciaVbLiQ4j6jwfBoF9PgK3Nku6bsri3Q4V6CbPhLN39tJisN0yPnKcc704rENcPUJJ_PFV2oSqYJJWyr47sbWrT5YgMxgPA5bMLo0IAZSsMk&cid=CAQSPADq26N9P-iQ2CR10tcO4Qn2VNG2t4heQ71sKGjZCqYF6xBXPvpxy9g03YzMsAA3ScVgYC53s_rcJ-aTZRgBIA4&rfl=1%2Chttps%253A%252F%252Fbuhgalter.com.ua%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ac32377ae624ac720172de6cd59d7fad67c0c78fe658c7a7b2b43be14b9d74ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 11:24:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48679
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11484
x-xss-protection: 0
server: cafe
etag: 16485072225624805710
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Nov 2022 11:24:04 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame A11D 41 KB
15 KB 112ms
51ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 11:24:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 221480
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 04 Nov 2023 11:24:03 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FF3B
Redirect Chain

https://id.rlcdn.com/466606.gif?cparams=google_push%3DASkJ3Fbgw4_g9rc5S9GbZvMhTwuCAXGFn4u5YpHCK9yHO2cxV_Ot1LFc5oliM5z5g2YZtRNBRgOvgW8a5e1-GrK0cz3fSj6ACw&google_gid=CAESEIQNHaoo4_Mozt9Yp7BKqIs&googl...
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCPuuoZsGEgUI6AcQAEIASm5nb29nbGVfcHVzaD1BU2tKM0ZiZ3c0X2c5cmM1UzlHYlp2TWhUd3VDQVhHRm40dTVZcEhDSzl5SE8yY3hWX090MUxGYzVvbGlNNXo1ZzJZWnRSTkJSZ092Z1c4YTVlMS1Hck...
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwUEJqTXBRWUE0YjNTTXBDRTBhdDRJVlVHOEduWGJDbzgzVW0wMS1JVFl3OA==&google_push

170 B
188 B

50ms
50ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwUEJqTXBRWUE0YjNTTXBDRTBhdDRJVlVHOEduWGJDbzgzVW0wMS1JVFl3OA==&google_push

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 00:55:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 07 Nov 2022 00:55:23 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwUEJqTXBRWUE0YjNTTXBDRTBhdDRJVlVHOEduWGJDbzgzVW0wMS1JVFl3OA==&google_push
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FF3B
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DASkJ3FZ6RtuR...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DASkJ3FZ6RtuR...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjExMDcwMDU1MjQwMDAyNzY1Mjk1NDk1OA%3D%3D&google_push=ASkJ3FZ6RtuR_biYtchnYXackkyDVUENbBRPTytoCGBLJAbf5xRPBd83BFOivUUvRSTfVj...

170 B
188 B

52ms
52ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjExMDcwMDU1MjQwMDAyNzY1Mjk1NDk1OA%3D%3D&google_push=ASkJ3FZ6RtuR_biYtchnYXackkyDVUENbBRPTytoCGBLJAbf5xRPBd83BFOivUUvRSTfVjc6RNj345Mb2PnW8ewk2JhqXoyV6g

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 00:55:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjExMDcwMDU1MjQwMDAyNzY1Mjk1NDk1OA%3D%3D&google_push=ASkJ3FZ6RtuR_biYtchnYXackkyDVUENbBRPTytoCGBLJAbf5xRPBd83BFOivUUvRSTfVjc6RNj345Mb2PnW8ewk2JhqXoyV6g
pragma: no-cache
date: Mon, 07 Nov 2022 00:55:24 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 0
expires: Mon, 07 Nov 2022 00:55:24 GMT

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame FF3B 43 B
356 B 114ms
40ms Image
image/gif 34.98.67.61
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEFyce0TS6HFmNpa-HBBfnvo&google_push=ASkJ3FYkvxlw3MGPzRw521tqtIytm4aD6fIqbkWfZVkvxMzM9udJaknss_UmNbE_v1F9lstumrn21gCPAnkMnMGhpuAE8y6zQUI&google_cver=1
Requested by: Host: b421d36273e048925721661df0521728.safeframe.googlesyndication.com
URL: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 00:55:23 GMT
via: 1.1 google
server: Apache
content-type: image/gif;charset=UTF-8
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame FF3B 43 B
351 B 116ms
33ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEA_5HFz4Tdahldbwo4hdca8&google_cver=1&google_push=ASkJ3FYVcHsxDKG2BiDL7ZvCZAxDT4P6yzoJzYbCXuvwJMW3R8XW9XDnU53q5sBNvy9KX-6GIk5kLTzXL4dyBeRPGFBZRs5NxLg
Requested by: Host: b421d36273e048925721661df0521728.safeframe.googlesyndication.com
URL: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 00:55:23 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: vvljktpne6tckbak86pdao4sna1rnok0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FF3B
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=FEuEND_IRVCSD2-suDs3UQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

51ms
50ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=FEuEND_IRVCSD2-suDs3UQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FbL9EzZiKKJl2fzoLYqimhl43vlBB_VUmM_V0JuJFkVhG0loYWdObyl8tkpzAxj7XJyaNm10I39wqfmMN906Q9_pS_5Mg0

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 00:55:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=FEuEND_IRVCSD2-suDs3UQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FbL9EzZiKKJl2fzoLYqimhl43vlBB_VUmM_V0JuJFkVhG0loYWdObyl8tkpzAxj7XJyaNm10I39wqfmMN906Q9_pS_5Mg0
date: Mon, 07 Nov 2022 00:55:23 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2 200 trk
ag.innovid.com/ Frame FF3B 43 B
296 B 345ms
42ms Image
image/gif 2a05:d01c:1d8:8100:3d7c:b3e5:1d0f:44c5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEKz3eylu0CGDBa5zbBpfDZc&google_cver=1&google_push=ASkJ3FbrVhuj0NXax4gurJ_36XgrepbkUcNcXF5TUA1Y5fCUIfY9sXP37douHuq0AAwWSG-YOW75hUE9g3ESPIdA5Xep-G7nl0I
Requested by: Host: b421d36273e048925721661df0521728.safeframe.googlesyndication.com
URL: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8100:3d7c:b3e5:1d0f:44c5 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 07 Nov 2022 00:55:23 GMT
cache-control: no-cache
content-length: 43
request-time: 0
expires: -1

GET googleredir
googlecm.hit.gemius.pl/ Frame FF3B 0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame FF3B 0
59 B 106ms
88ms Image
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13ITAWZ7cY2nQu31gW2wi7J6QHsYUft-nitHeTcrlFJKMuFgQBT0ZT-3a7a9muaKacQnOorIDw

Requested by

Host: b421d36273e048925721661df0521728.safeframe.googlesyndication.com
URL: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 00:55:23 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 8CE1 170 KB
59 KB 130ms
45ms Script
text/javascript 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/
Origin: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 16:47:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29286
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 07 Nov 2022 16:47:17 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20221027/r20110914/elements/html/ Frame 8CE1 8 KB
3 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221027/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DlTO3a7MK1FbWR5KUbOXfE9oQl0nwaeVA-WoGcWX7ggNh0_jqMtQ18Gqx_Ru3wGUp7C3Vq18pTgUo-tg9T0i61W5a-xyNddK0ZL8PhAKxjhh6TH1VBpFpX9YX7o61B7XjwN2hBOkTM23DGFMzmfEEmHADmuVsDhvjqDBTxY2YI0lg5irc&dbm_d=AKAmf-AHm7AEMb4Vv0ZengD8zmY8_ElbjmCAfcg4b0RfXJoAfvBuFxzJu1nV_7rM0FaOAwAQ_S0SIUnytLFbtLt75FvlQE3W98aRyNmKhqLmlytxc90CY7hkZiUbOpgV-OagX59lAtwro8x-dUt08giRnZWMYJbiuQYZ7Mh0goLWhVB6a8cVMuYsREcyYOdN5bRYNewxnwCqZH6xfAK30PjG2QCO1eytfTshsxBHjh3p28v-6wE5h6E7A2l0eXZe6SAcVGgyg4bSKuoaR05jelIokYM9uCuoMjdhWvIh-Ti2QDHFB9Y6R6bK77ULjoTKkTXKp4R_8nMHSsHAz9AwF6IIzN-PcN2FqZhVjaS_SdflymWekMBHo3YMBUAvABOUgARVWQhIA-90OV70w-TFElIqDVZxHTVfkNuPlmRup1Ztbn6caQnqcUtBBOS6MXwosmptgIskL8juGjv2yGPhEb7U92D9KUXboY1q1hyBoy_6TD6pSyU8ZvFSVSuQ5PTv1tWb3jQRkGcZNGwQieplEmq1HNlrpJIVHiBpt8Tm9iHIUUE6I-T1H_jTqRwc8tMZvqtxgF14FCVJjOw3FK3N6eCrId08vUD-LKrIHac1_BOStBhdbTGEHhr2M8RZjJXJ3vHXfW__klz_zswI9OtnPDG4O2PQIEq1oUXmn4oDwLHPLjvhTC0XDhO1jAEm_DbHzdeY267djiR8g35wzjnmqsEznKlrtzOSD4vYuX7Pjz81e75PmapAHFCiPcnAhZcmTWrDd72UPgRQ0g-kZ4-GqcD1OeF6uPSkerehJng0tjruYe6avkH1kBI99Aelsr0EhXfMV_-krV4hdeyn0cfACD2pudR6oVo0W2VILOKILZ0oE9TljsaVwgnxq5MSt8Jll4TYIpi4Vbop-uW2LOCWDTK8kRtIN0-fjnshfhsXgB1euhVuxjmLfhY1eoWHxL19MAORJ_pkrGL_Lez3rMsoD7Tho64KDB5m5vfXhJntnTuo36-zGlWDbMUyOOjRGJQSOOXZLsQ8gCIi4RIhQqoZCNWfUBPVvfBtx4aaqGL7lefi93KwvimbBN9xX5k7QJdDt5dsAwTjFKvNoGbdOOytNBP5q8DjI2iKUpJcVC57dRJ3QusU2z_KEyiFYJHLiar6Lp1t8D9m6fhPQhO6dwFHTMDwNneKYrMeKAlbp8yPe52rmBRHEEg4Obs7EYvFBnzf7epHOxYwWiloYX1epyPMsy4Pf73UkUsq8mm1omc5wb-AUpsOw8IjsYxd_5i3FWIy6rf4rKc3XjRnNY0TuQeMusHyeFciqNvN0UVM-YIuvLIasyhwN1UuxASaIm6BNgmMvxJj_8RE_l1ePY9vKaZayPtpHIC0AdtJ415I1y4xAfGZ4TDfWVbEiJVRAiPdq18beNL4H5glqyKaGuQ0T7NdOpTFzC5t6QtxemlisOQycrDct6dz1kyiGZ5531Dl2uX-WZgSy7uDpUeA0_aa4I5w2J67pWRGTUyVhr9H-FoWMTx6zvChIuKUYBjm1C7Z1ieAkMNmTFJ83vMk03yjmYBFoEyF88QT0xeUz5csradk14-iZbEqBYSEGRXOqAvaKOfMSDTChkjtuz8NIpMQ7ex6Owq-6UeRtnK8S0Uz5uoOt9bQfkVlv48-9kNVpAD6XgZ90iQl8haS5bY-lvxpm7PJ9evmJyWdfRKMSAje5zb_F21W2uQkbkVctEmKMZ-AqpVLBuKGImGFxI3iZ3th0PZNhDNqh2CMvY8EkPmhWD9qCMb6fgNBWF5_ZpPQUps9Ln1ss0Y3ltdhFu1xFyFk6f1ZAf--dYn7tbr0sd5Nkmf2zG2sMXHqZFPMnUflL4CAKOftokHh6XYP62Mpdxg0PhBrIRwK2vTmOApGRi_6sPxB_RTMkUn2nuz_W5Bj51H-51fE-lnU8b6bNGKNCRhtr0vl-jPR5aCil3vNRCVoL4svUgMg91c6OsK6hf0Q0whdNqPPZL_Ry1JVpqjV4r2Bh5COOSBL0Ycf0IvLJSMQrEJ4HTPIJ-El7Ayp1YZPo4KuHsVoNcJJA0o8UYTnZcJi2y4o1ScSzHhO7GEePQVrpfMdBVq9cCdFikZnO-0HVXBl-dtxxiXIgAXeKup5WVKpAdDQjUKRfZ2PP0fBdavfeir3W3W8M0gR6ncydDSvN6wFrguTHdcSWAXONNQXNNWpUII_ItLocxYleFcE30mmtIfP6Red7WQURvS8rj1ez_OVnB0KNHhLm1zKvShcQ6eh2-eeS3949snlkeh4xoOTvd-y3diOybXXATlf86hNugzZHboUGdPYkin6TijDDjD69Hjagb4Kg0ZH_NokQcXNToY1F49JZ6C4aOb0hME4G3X4MG4I7st6wfQK87ZHMI3Yzy_1S6SXEF2GJimw1Zmzl0qXjo7cjg3chzLNC2zVN89EqcyAsLS2_MjAxMOKyLBjmcC06EfjUBUs38unXgdNYxeUztj7CjmL_c3xegZIcvvjx3hKNeKOL78KPTUli5kAKBh6oNCZCx6k5ZrynaSeK9TVBxjj8Dj7OyT4DOI52jkRc6VVj1ieBPCzlJ-Mm0sBDnYVObXlE_ltXSASiC9tgBAAWpNAZlI9hb60jUNUH1F0eQ3Q6GN1GbOe7aUbftFmw_DWFP447JyE3kIBmJqDNwBgRK-MRF7IQ6nRh3NQK_aXaik5qdVipzBAA9p4oIB2qouK97GahQWmtvE1LzzE1wNUKgejw4vPOSEbf6jqfV7G4BH4yvPUfjE70usVY-FjUIZ_6jCADjaBi6PZF7Zi5LWH0ryMUQNWUDvhhtznPz7Ay2LmbwvPXlpDrladNARlL23IpsPGy5pwt041TIWFYa9k6vvGjK5URE1gp5UrNq0e6PRiIJei0--EU7MxxWpmRlNaBQ4vQjV2pbRXhHox8mq006gLFvg9KKSSxB3_UJCjiyU6V22ung7fw1KCGuVEk00uZQsBAPXZU3nN0PiV0ednyvVN25pk2mokSTiOuICr32FTBbb7rUZN7fWNm9cO2fKNvxURQgv2P0dl-a9h3hfMjf1zhVXZBW0nBBpBy4CZ_Fu7ZqYzpGmdfgfXN10lrBzXlDLItfZ_7Ij9zO0hF2EUc63LVLfdMN8Jeo7VSqpLoa4qv-KzReqvvH3d9maM3Px7ktgpZFR_uUkoXIv_2G9KGSqGOuBRYfKfND6a0mXV9LRkTd7IpeS8KbI1KzpKu0FDTnPxKF9PE-kTDgPaWtKy4Ylk8K9wFIPpK1LEfiwd6A7NyRvhA6ncrhb7anh0g_ZK7ETSKDhO2nYVYM2SLMpsOBnmLjg8CbM1fzA85cxqFuZ2_1ct62CdwevI2wEGyqhSZLkKwz757b3to2Sqkd9Eb4aLT16USgs9p1Q4b8CJQJLAVXU07PKII8_-qRnPK6QMGj-qhVHsxspR0bIs4D21TEQncwpvkyqH5CTyG2LAwE9QB8_SM2u2dZJRUvZoMIYUqfxmXHH072_PnWiZ78sKYmtA8m7LuB2yx4eEJh9rFP0OWhrAVg0ES3E0F3xnGKFEv0sTxsTg9v0u4cDVa4NelhkbUviKGO1ztT2s_B6Aov2aoQ6E6Gu_MpWaiS8Z0dVaDWIdFe2pr2wH0JmMOI79ZzxNi6NcdhaDvdREGFTIz7Y-qprY93qpJyBZDvkqQvvFwDDkJh4uP7KON0czqFz_Tp0Jp3IMvaGIVlAb6Mz0l2SAqr1-mN6TCRcWjrJCS5m-7nglAil-1i_E_gc4kxk-pz0NRm8RLeWpGER62AzP0vmyhnEB5NytjVdxEOXnkCKReB7sysO0_s0DxKrTN8Wr9dh72TnyFDsW8tg&cid=CAQSPADq26N9P-iQ2CR10tcO4Qn2VNG2t4heQ71sKGjZCqYF6xBXPvpxy9g03YzMsAA3ScVgYC53s_rcJ-aTZRgBIA4&rfl=2%2Chttps%253A%252F%252Fbuhgalter.com.ua%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d4fd99fb81b7a54dde7ec7af98a536d555323b8c4445005fd82aeaa0351c975c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 11:24:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48679
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2990
x-xss-protection: 0
server: cafe
etag: 2274832811029412562
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Nov 2022 11:24:04 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20221027/r20110914/ Frame 8CE1 30 KB
11 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221027/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ac32377ae624ac720172de6cd59d7fad67c0c78fe658c7a7b2b43be14b9d74ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 11:24:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48679
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11484
x-xss-protection: 0
server: cafe
etag: 16485072225624805710
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Nov 2022 11:24:04 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 85F0 1 KB
643 B 41ms
41ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: b421d36273e048925721661df0521728.safeframe.googlesyndication.com
URL: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 38263
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 06 Nov 2022 14:17:40 GMT
etag: 48472445140208031
expires: Mon, 07 Nov 2022 14:17:40 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 6B14 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 03ec2546ee47d60d8ef7dffdb2ee2b3a7782dd8d13e497474f2d181e5234109f

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 8CE1 41 KB
15 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: b421d36273e048925721661df0521728.safeframe.googlesyndication.com
URL: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 11:24:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 221480
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 04 Nov 2023 11:24:03 GMT

GET
H2 200 main.19.8.359.js Show response
static.adsafeprotected.com/ Frame 8CE1 196 KB
61 KB 152ms
46ms Script
application/javascript 2600:9000:214f:be00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.359.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=925113&advId=818610713&campId=15566740965&pubId=1&placementId=396800763&adsafe_par&bundleId=&dealId=&bidurl=https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:be00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5fe4cee60703157514ce978943393746a979a9db391171751c1a112d87a2d94f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 17:48:32 GMT
x-amz-version-id: C3H4tKfF2WwZtgWb4iM6h3Ga9eoMcVrA
content-encoding: gzip
via: 1.1 25ffb5a941b5a46b102cd385a9cdbb50.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 976012
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 26 Oct 2022 15:25:21 GMT
server: AmazonS3
etag: W/"f74cf064aebe76070098bdc393232df8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: GspX307HQl-kJyRsOeKkiQm3KRf9n0DsOBho1ExrkcyEq3WCHFo62A==

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 8F9E 1 KB
643 B 43ms
40ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: b421d36273e048925721661df0521728.safeframe.googlesyndication.com
URL: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 38263
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 06 Nov 2022 14:17:40 GMT
etag: 48472445140208031
expires: Mon, 07 Nov 2022 14:17:40 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 8CE1 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c06733a03fb7cb0388b93a06b06d4618cfcf471d73d2074b6053fe7e6f0d2f5c

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ebHtml5Banner.js Show response
secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_227_3_0/ Frame A11D 308 KB
83 KB 212ms
45ms Script
application/javascript 2.16.202.8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_227_3_0/ebHtml5Banner.js
Requested by: Host: bs.serving-sys.com
URL: https://bs.serving-sys.com/Serving/adServer.bs?ncu=$$https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DC-41veldoY8qcEYiQjuwP272P0AuL_NSBaO-ImqvED7Ox9P0IEAEgjOWgH2C7hoCA0ArIAQmoAwGqBJYCT9A2Y9cZM8ah2pqnmkQxT4KBi9o3cfB31OBTrM8THLooZPOo6ZT-x540WjvMxGXA8LkAbRJuXwg2R4zm7ws8AeATQcTAmvwPjEEh8uwp52DziG_q-D2J3HE8TWa5hKdLRrej7lx12dbCfU2k_mOTyjKjEvyzjTCt6umJeGiklIxso1vdGzqrgbAnyb4QRNkhWNtG5heXRhHWIiUatLebIdRorfRzQ166JYdaYoEZiWOYQ3-rdM9FYaDUcvbTzQhDaaNUqT8CxHW2PI1y2FaRXNf4ktDBXzR6IM-W5v8ATWjaAYgmcnlXj8oNKJnl9RxcZ7nO1byQzyFuVTpPIoQW3Ls8EO_ZX6FRhDEcoey6AraAGqFh1xjABLrrpffbA-AEA5AGAaAGTYAHvO762gKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgGYCwHICwGADAGwE_jZixHYEwrYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPADq26N9P-iQ2CR10tcO4Qn2VNG2t4heQ71sKGjZCqYF6xBXPvpxy9g03YzMsAA3ScVgYC53s_rcJ-aTZRgBIA4%26sig%3DAOD64_29JM8uOrE1I_odwADgsR6EqXnDSw%26client%3Dca-pub-8618771545316321%26dbm_c%3DAKAmf-AqQkDtm_lUhHQrSY5YFf7AjHWFfZQ2TkKMQV86hL_EywVVs7bGkZLY1BTw9i9zDgSV9IW745BJOGkO06eP6VGbBiSeZaynDbfgGTKJF402px35ShBhH5qTd-K8Bayd3FYHuXzISPdt7KYlDfQRZHDeBB7OPGf8AQz6_OGGJ7WJg6iYs7E%26cry%3D1%26dbm_d%3DAKAmf-DQJ50D-NbCaZkTS9JoALikMxVH6cd9FPvNX-oXI1KEkH3VJrT65jDOgnib1Jr_ba3EH2SstmN3UP8Um_UmI9eilP22yroNcJZv6b-UGAjt0hJwCwI40psCgInuFdoUDJwxG1gIitCrfzyhsHkIrxL9tIrCxZkszDX88XoYgmkoNFZrBUdRlWthfwfPJX1GNNZGyT9Rcr5Z8A7iUllmRYqLHMZ3GPLdSwh30XAnfibsWaWze9GnYRQirTkCbLZj_mxoX8JjbI3hZSVBdKBZaOxRLyxbMiTBN_4jzJz3AfWKlgcscYgdl_aejh2zk7DvO0mlnobtMV4b_GLJxoJXgyUq9FolZmhkm5h7dJ8McAWks2kxQEBoBTOzY8K2ZCRgVgIAsJyMHEgvZZN9arZ6lok4oHD1FotCnC4YWebw2QORC433srvIxDDAzTAroB0B7UbQhgb8-i6VsrXKkSKBIH-s67NMHI03Q0qgmb9J2Q4B9pquqgmTqtqOK5Z8DR_PtfKT_WRI1cj8dsPl5kAfGjLQOpAYRAL_aPboBcRStKHM0bUWNIs%26adurl%3D$$&c=28&cn=display&pli=1077774931&gdpr=&gdpr_consent=&w=728&h=90&ord=[timestamp]&pcp=$$ABAjH0h5tAxJIIwn1PcneQDarCKR$$&z=10000
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.202.8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-202-8.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 7e3f345722360a6c96af7d8f35e144da276dc894163a02d9b04031460b48c683

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 00:55:23 GMT
content-encoding: gzip
last-modified: Wed, 28 Sep 2022 12:41:48 GMT
server: AmazonS3
x-amz-cf-pop: EWR52-C1
etag: W/"266452d7263950a086489d15b8e3deb0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1512248
accept-ranges: bytes
x-amz-cf-id: rr1WMfMZc507Eja8kt0E2AX-aiQAI6ybncDTF9xRg1vPYDXB_mkPWg==
content-length: 84502

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 112B 1 KB
643 B 40ms
40ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: b421d36273e048925721661df0521728.safeframe.googlesyndication.com
URL: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 38263
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 06 Nov 2022 14:17:40 GMT
etag: 48472445140208031
expires: Mon, 07 Nov 2022 14:17:40 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame A11D 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 06bdd96bd20cf276fc8b35c8225617f5b09ba312b23cfe638179ceee57852390

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 38EA 22 KB
8 KB 41ms
41ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 221480
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 04 Nov 2022 11:24:03 GMT
expires: Sat, 04 Nov 2023 11:24:03 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 14D9 22 KB
8 KB 41ms
40ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 221480
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 04 Nov 2022 11:24:03 GMT
expires: Sat, 04 Nov 2023 11:24:03 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 6B14 0
0 163ms
78ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvWrmkB1W7UcjKDFMrb9yo8BAH548vVudQpplYbaovWigv_27Mup--Pb9jFtBM7XLuei8CAQ4ThRFRg4JbfUKhgHqM8jH0G1hXBhEsT8F41XvVa8ZwdoPcHJSAOkmGpI8umw53ua4aW7BJcwtoHmDlz4TnKlGrpM83PmGxfqt4XVVsrLH4NifIkcaNgLtaOgi8VhKqSrkLY_tuyNgU7NSdLLN3TDbHujwLCaAVNZCB5yIllOAeBgqtrl6B6t8c9YxamPuhCQtAU5tyFFsAjcUuxlx9nPPQnm0cmB4AccYrpmrQNm6jM3emQJNWejBZKcKNSKcL1xQSH1agbQ_Z8WlJwj4GF0FfSzfY56D7gwh66SW8C4YvXcgo5ue6fpPO4MrLNNaDAZakS33ylTsdhnLz_C4htcinr7n4SehDdaTVlzQVDgG9VKRf_7qrK470BHrnBiR24v1CXXBbMR_bNDqaKgL4JQMFFxlE9XrVYczOMnurA6sARoRNdbrVBhYwtoeICsz2q05bpVdr0yDRnqpNA_naA_oQUgYYfaXuOohM4vvUH8DUV7pzUYV7c5j2HGOCsr3TvVnbyT5AWDgMK6hs1AOdTVUTrOVKOGVIJNW8uoLyio2gxv5wapj6RSpsej5IOAZEf3_ls1XxQg9iijCdi3mJnMb4Ez55-RhvPkBY83t1QsBzUTG99k1HaFeh7Nsbec-REEC4MqRyzFfELj4azngnYKZjPks73zGcdJfmxfD0RLB7Gi95CmfhcXUkXUIkOM68F6lW8B1JHCPU6fF_z6vgIQ0Q_YE81XON8JcTCSkFEceg7JSdXDJhPQw4jdFoDV3G14rR35F18zuHFrxAhxk_OnJ2PpnMrqR-zC6iL4fGeRQqof9QYRU3AafBZHM_OqsXSJc3jQio5jtfqWjUrutzobLFpLuPdK7CVEwFJLGBhmkvS95PQieGoHk6R3h0vAB_1BwVpaovgJiKAxj42bSO8WwQnlRJ1ka5qG0gnEaUQc_SakpyoSUo7NrlDfzhxYAWr1k0G1tIvX-asA1BEaf33vTdknyLDbp8b-mejrcqEazfF5PwYXtpLn8Tl__k841wIAOF19bLZ81EqU3J_DXJ6vawLpwK6CoVCrX9kKf5V9XHZF34XVEV9MIK7n1j6HP-PDIy2SprxWKb-skv22IRrl9cpxoC04K8oLPUauH-XXEFAnH9Yzt7XmYZPVeEQHB4SA-RSvGf14MJx6qPR4LhJi-JRefra2VBdioPL4Eam3WZ08bhv9FEsAv_j4-YAMioXKxxwHHFaQKzecgGPWZYnE_ZZtzJ7DiIAQNruICHzHjPCYuuIjrc&sai=AMfl-YRfaUqfbrN8PN-t7dblVjEO4k2fogda-4bDXPTA24BN_5BdZU68qlxRK4o8LYucslA0A2nYBUNrNYzyrpuJPiDBtnjsmPb2JFgi03ATctj1E3YqWmgmOqmADkNEZxTZSGpDJXttql7s5jm_St8lUkCtFNmEh0EeNh5w7hQDizzgr-oGYOO1enyNYdHsGOAZlD7s0978gcu0M5Mq1P-EiJ2B4fkJ5ioghU1d5k1U4S6SFQShYHOEM9SslKKFt9Y7JpvS6Ii8L9oRXg&sig=Cg0ArKJSzCQcS0GkNuZ2EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=233&vt=11&dtpt=232&dett=2&cstd=0&cisv=r20221027.92164&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 00:55:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 07 Nov 2022 00:55:23 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 85F0 35 B
463 B 127ms
42ms Image
image/gif 2620:116:800d:21:ef75:8280:f209:5ba1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEHShO92dUiO911_dcSQvySg&google_cver=1&google_push=ASkJ3FYJn241nzLvBQqtnWZfmT0bTnM7TNXwbafymcj4SYg9Dtz1f9sJynv5NOdeLhkNJMW-gn3gLLoVvHNcZ4fdsImxKFuWZOTQ

Requested by

Host: b421d36273e048925721661df0521728.safeframe.googlesyndication.com
URL: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 00:55:23 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 85F0
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DASkJ3FaAPebr...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DASkJ3FaAPebr...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjExMDcwMDU1MjQwMDA2Nzk1ODA0NjUwNw%3D%3D&google_push=ASkJ3FaAPebrEt0zoVYeOu-efJHVo39nHx1KoFGR4YZqtePfw4QyXfHK7MTk2O30GjXB1u...

170 B
188 B

54ms
54ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjExMDcwMDU1MjQwMDA2Nzk1ODA0NjUwNw%3D%3D&google_push=ASkJ3FaAPebrEt0zoVYeOu-efJHVo39nHx1KoFGR4YZqtePfw4QyXfHK7MTk2O30GjXB1uhe7msdmyh4HGof9cHbRTOdiHYngyXY

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 00:55:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjExMDcwMDU1MjQwMDA2Nzk1ODA0NjUwNw%3D%3D&google_push=ASkJ3FaAPebrEt0zoVYeOu-efJHVo39nHx1KoFGR4YZqtePfw4QyXfHK7MTk2O30GjXB1uhe7msdmyh4HGof9cHbRTOdiHYngyXY
pragma: no-cache
date: Mon, 07 Nov 2022 00:55:24 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 0
expires: Mon, 07 Nov 2022 00:55:24 GMT

GET
H3 200 dds
rtb.openx.net/sync/ Frame 85F0 43 B
64 B 67ms
35ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEA_5HFz4Tdahldbwo4hdca8&google_cver=1&google_push=ASkJ3FaoVAohHF1-MI07AF8gIIT1OG80ue5KEyo5t05Crvu-vyjqQSbMngs7zqQIElmMUN3TiMTC85o4Se-YIyrBEb5bHJWR_2k1
Requested by: Host: b421d36273e048925721661df0521728.safeframe.googlesyndication.com
URL: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 00:55:22 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 7jd45lfl54f1usts0g759gcejr216e96

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 85F0
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=FEuEND_IRVCSD2-suDs3UQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

51ms
50ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=FEuEND_IRVCSD2-suDs3UQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FbyI0GQprmwa3zLcmPmKrvGM3MLFkEJBQ07noyfVjs8dhjZksH-cHnIfpUevGU0piE-e7Bye4McSHqjcL3gMbIwUVearLJx

Requested by

Host: b421d36273e048925721661df0521728.safeframe.googlesyndication.com
URL: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 00:55:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=FEuEND_IRVCSD2-suDs3UQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FbyI0GQprmwa3zLcmPmKrvGM3MLFkEJBQ07noyfVjs8dhjZksH-cHnIfpUevGU0piE-e7Bye4McSHqjcL3gMbIwUVearLJx
date: Mon, 07 Nov 2022 00:55:22 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 85F0
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHfnWbtmdkDTFLLunvymKJ8&google_cver=1&google_push=ASkJ3FbxzqHK5jx7pqhwDO1CfgBXKJcpNwwzkHBLPdZwpDAjhw2w1mPshOKD0TGklDJ4DnwgV9H...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEE2Mk5ITzMtMjQtSU9MMQ==&google_push=ASkJ3FbxzqHK5jx7pqhwDO1CfgBXKJcpNwwzkHBLPdZwpDAjhw2w1mPshOKD0TGklDJ4DnwgV9HAGb4UJAEs3FGZbrBFaks_G54f

170 B
188 B

51ms
51ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEE2Mk5ITzMtMjQtSU9MMQ==&google_push=ASkJ3FbxzqHK5jx7pqhwDO1CfgBXKJcpNwwzkHBLPdZwpDAjhw2w1mPshOKD0TGklDJ4DnwgV9HAGb4UJAEs3FGZbrBFaks_G54f

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 00:55:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEE2Mk5ITzMtMjQtSU9MMQ==&google_push=ASkJ3FbxzqHK5jx7pqhwDO1CfgBXKJcpNwwzkHBLPdZwpDAjhw2w1mPshOKD0TGklDJ4DnwgV9HAGb4UJAEs3FGZbrBFaks_G54f
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 85F0
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJKhbptg22yXE7Z-S3RJGN8&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJKhbptg22yXE7Z-S3RJGN8&google_hm=Y2hXe2RZyFwZ9VomfUGXEgAADPcAAAIB&google_nid=index&google_push=ASkJ3FanhAe4yzgloDbbfpPrbpJJ2x6KNNPs9...

170 B
188 B

50ms
50ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJKhbptg22yXE7Z-S3RJGN8&google_hm=Y2hXe2RZyFwZ9VomfUGXEgAADPcAAAIB&google_nid=index&google_push=ASkJ3FanhAe4yzgloDbbfpPrbpJJ2x6KNNPs9w7Pgzuqci6yZf_I3TWaL5UAA9XTjVaq2P0xqiksHx3zgcyMrSQnTy2p-zISMUE

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 00:55:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 07 Nov 2022 00:55:23 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F8Lqhzo1wd4uK26veAuFoX86U4gABwbA9Jbtk%2BsyG6kFrfzxnriGbB3CdBz%2BHmvbZ9x8zmlI1tputsZKpgx9dC2WGKu8U1gcAq0grs%2FpWLg%2Fz19BKWDqDekzF0%2FR0Ngd3O0wlFjrEIgmCg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJKhbptg22yXE7Z-S3RJGN8&google_hm=Y2hXe2RZyFwZ9VomfUGXEgAADPcAAAIB&google_nid=index&google_push=ASkJ3FanhAe4yzgloDbbfpPrbpJJ2x6KNNPs9w7Pgzuqci6yZf_I3TWaL5UAA9XTjVaq2P0xqiksHx3zgcyMrSQnTy2p-zISMUE
cache-control: no-cache
cf-ray: 76621a643a40d17c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 trk
ag.innovid.com/ Frame 85F0 43 B
295 B 124ms
43ms Image
image/gif 2a05:d01c:1d8:8100:3d7c:b3e5:1d0f:44c5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEKz3eylu0CGDBa5zbBpfDZc&google_cver=1&google_push=ASkJ3FYgz2vLP44uBNccSm7akHAEwpRledpwHdy8Sv84gGFBP3qxr_v_GCBqFi265pCnmnqIUwVoS5u9d8oEGk6DDk5szh0QczTQ
Requested by: Host: b421d36273e048925721661df0521728.safeframe.googlesyndication.com
URL: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8100:3d7c:b3e5:1d0f:44c5 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 07 Nov 2022 00:55:23 GMT
cache-control: no-cache
content-length: 43
request-time: 1
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 85F0 0
12 B 50ms
49ms Image
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KOh2DJNbs8aAYhgSYLPbbb45X9iv0Njneto3oiWRb4MnbRIKqk2_0A_O5oYi3PQz2KpBkI

Requested by

Host: b421d36273e048925721661df0521728.safeframe.googlesyndication.com
URL: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 00:55:23 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame F938 22 KB
8 KB 41ms
40ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 221480
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 04 Nov 2022 11:24:03 GMT
expires: Sat, 04 Nov 2023 11:24:03 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dpixel
cms.quantserve.com/ Frame 8F9E 35 B
463 B 118ms
43ms Image
image/gif 2620:116:800d:21:ef75:8280:f209:5ba1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEHShO92dUiO911_dcSQvySg&google_cver=1&google_push=ASkJ3Fb0eBcNKjr-5vkU8B1ihjwdUKdU1MdDRb35Ync7TmwvNtLU_YSkJji1Y-6e84wTEQlD1txzaq-19jXDnYdv1Hg9rkUovX9V

Requested by

Host: b421d36273e048925721661df0521728.safeframe.googlesyndication.com
URL: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 00:55:23 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8F9E
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEGp_M3Lza0dj8Vmg8prebxI&google_cver=1&google_push=ASkJ3Faby5U3yJ6E4l1UqtYag99gnqnLps6eSBJiYyoFjKc3HiQLq7xNK5GQt6mlNTQI1mVSQNs1J6g2OZTpMgFP3A5K1bMQg60p
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ASkJ3Faby5U3yJ6E4l1UqtYag99gnqnLps6eSBJiYyoFjKc3HiQLq7xNK5GQt6mlNTQI1mVSQNs1J6g2OZTpMgFP3A5K1bMQg60p&google_hm=Q0FFU0VHcF9NM0x6YTBka...

170 B
188 B

50ms
50ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ASkJ3Faby5U3yJ6E4l1UqtYag99gnqnLps6eSBJiYyoFjKc3HiQLq7xNK5GQt6mlNTQI1mVSQNs1J6g2OZTpMgFP3A5K1bMQg60p&google_hm=Q0FFU0VHcF9NM0x6YTBkajhWbWc4cHJlYnhJ

Requested by

Host: b421d36273e048925721661df0521728.safeframe.googlesyndication.com
URL: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 00:55:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 07 Nov 2022 00:55:22 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ASkJ3Faby5U3yJ6E4l1UqtYag99gnqnLps6eSBJiYyoFjKc3HiQLq7xNK5GQt6mlNTQI1mVSQNs1J6g2OZTpMgFP3A5K1bMQg60p&google_hm=Q0FFU0VHcF9NM0x6YTBkajhWbWc4cHJlYnhJ
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 sync
odr.mookie1.com/t/v2/ Frame 8F9E 43 B
61 B 73ms
41ms Image
image/gif 34.98.67.61
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEFyce0TS6HFmNpa-HBBfnvo&google_push=ASkJ3FalK4Z1Z_xFpXUJRna6BEpu9YBgtmwMMkF9soJxkx2JvDvApgbip3BQzHpZ6m8ILqV9aCa6DCVI2FwAPPlT5o1xocO1cCs1&google_cver=1
Requested by: Host: b421d36273e048925721661df0521728.safeframe.googlesyndication.com
URL: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 00:55:23 GMT
via: 1.1 google
server: Apache
content-type: image/gif;charset=UTF-8
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 dds
rtb.openx.net/sync/ Frame 8F9E 43 B
64 B 57ms
34ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEA_5HFz4Tdahldbwo4hdca8&google_cver=1&google_push=ASkJ3FYLRhX2QkrFooP5ygRi7ueseGWqo374JEEicYF1KOzP3iMWohutAyFWO1P-3mMo-1d43uPATPBSJMSQi5w5Dg3dXX70pl0
Requested by: Host: b421d36273e048925721661df0521728.safeframe.googlesyndication.com
URL: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 00:55:22 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: jek37d86n9oq614nsra79qe8n9viaadg

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8F9E
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=FEuEND_IRVCSD2-suDs3UQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

56ms
56ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=FEuEND_IRVCSD2-suDs3UQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FZ4CVjg7Mi8vBfDmOejQQkP1e9a8H5ZaARmxq19X4fJyewtYAjYlkTUZAizNfWizVcfej5_B9CGtuOPd_E2fBKdo-8RhYZc

Requested by

Host: b421d36273e048925721661df0521728.safeframe.googlesyndication.com
URL: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 00:55:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=FEuEND_IRVCSD2-suDs3UQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FZ4CVjg7Mi8vBfDmOejQQkP1e9a8H5ZaARmxq19X4fJyewtYAjYlkTUZAizNfWizVcfej5_B9CGtuOPd_E2fBKdo-8RhYZc
date: Mon, 07 Nov 2022 00:55:22 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8F9E
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHfnWbtmdkDTFLLunvymKJ8&google_cver=1&google_push=ASkJ3FbHdkvxp3iuT55hLpTAKIqC6Hu3RDsiXy3pqrA3v4iyQYohwAqYCRkTJd4yoDiVsPukvXH...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEE2Mk5ITzMtMjQtSU9MMQ==&google_push=ASkJ3FbHdkvxp3iuT55hLpTAKIqC6Hu3RDsiXy3pqrA3v4iyQYohwAqYCRkTJd4yoDiVsPukvXHO3rQogdKE8lQVOdIAb758L6Ac

170 B
188 B

51ms
50ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEE2Mk5ITzMtMjQtSU9MMQ==&google_push=ASkJ3FbHdkvxp3iuT55hLpTAKIqC6Hu3RDsiXy3pqrA3v4iyQYohwAqYCRkTJd4yoDiVsPukvXHO3rQogdKE8lQVOdIAb758L6Ac

Requested by

Host: b421d36273e048925721661df0521728.safeframe.googlesyndication.com
URL: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 00:55:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEE2Mk5ITzMtMjQtSU9MMQ==&google_push=ASkJ3FbHdkvxp3iuT55hLpTAKIqC6Hu3RDsiXy3pqrA3v4iyQYohwAqYCRkTJd4yoDiVsPukvXHO3rQogdKE8lQVOdIAb758L6Ac
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8F9E
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJKhbptg22yXE7Z-S3RJGN8&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJKhbptg22yXE7Z-S3RJGN8&google_hm=Y2hXe2RZyFwZ9VomfUGXEgAADPcAAAIB&google_nid=index&google_push=ASkJ3FayZbtUXbMmlHDgRxPA7wyQG9zhhSE18...

170 B
188 B

50ms
50ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJKhbptg22yXE7Z-S3RJGN8&google_hm=Y2hXe2RZyFwZ9VomfUGXEgAADPcAAAIB&google_nid=index&google_push=ASkJ3FayZbtUXbMmlHDgRxPA7wyQG9zhhSE18kN_B5J44nTui41L5U5wVNITkq6z1LKxAwt8FZGblGNdjlbww3zKHK5odD6l3ac9

Requested by

Host: b421d36273e048925721661df0521728.safeframe.googlesyndication.com
URL: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 00:55:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 07 Nov 2022 00:55:23 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PTim9FexrXcjC7iIhK%2B11qZHTXWS%2B12QvbiHisQFWs5NghmloFypfvQXp5XKAUNp54AUQ%2FKMxL%2FVt5lOigr6RgZviyPGsiFI8tCHVjWLhzWLz%2FOcHlh8SxGJ1V8Pi4hLQPvGt%2FjToi%2FqzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJKhbptg22yXE7Z-S3RJGN8&google_hm=Y2hXe2RZyFwZ9VomfUGXEgAADPcAAAIB&google_nid=index&google_push=ASkJ3FayZbtUXbMmlHDgRxPA7wyQG9zhhSE18kN_B5J44nTui41L5U5wVNITkq6z1LKxAwt8FZGblGNdjlbww3zKHK5odD6l3ac9
cache-control: no-cache
cf-ray: 76621a643a41d17c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 8F9E 0
12 B 48ms
48ms Image
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JJA9f2MNJ6wL9ScuBuN6F-Hj3S9yVzHm2wV3ixifGuUffD-7SEJwvztVPRpjqCP0gL8bgK

Requested by

Host: b421d36273e048925721661df0521728.safeframe.googlesyndication.com
URL: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 00:55:23 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js Show response
pagead2.googlesyndication.com/bg/ Frame 45DE 36 KB
16 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bcb6d1cfb83a4d0e68a3789297ef40f1c73eb4d4ca49448aca740876f2b191c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 16:06:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31723
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16061
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 06 Nov 2023 16:06:40 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/10309684648181567772/ Frame 2F87 1 KB
614 B 50ms
49ms Document
text/html 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10309684648181567772/index.html?e=69&leftOffset=0&topOffset=0&c=RIv4wR5awE&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b4829d73b745a93b32e1968c6b61b82032df9ba4a68c0f9c1c6a1ef22fbf5950

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 586
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 07 Nov 2022 00:55:23 GMT
expires: Tue, 07 Nov 2023 00:55:23 GMT
last-modified: Tue, 24 May 2022 09:48:53 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8CE1 0
0 137ms
89ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvUQUZaLNzpQ0xSfEFYYnf04vH_7YWFQyAkrImsFvA0Dfj4rTKOXDbl4rGxQZgMeF9sdoRpOy-QYMbu0KrysAeI_I606tvYgP0-yOTytV6hmuvbh43CkMUQxJKRwdolJdzPq7os4c7kOIKioqPFqjRRxEzSU8s3fb-bVouSLkCDmt0bpsd0z3_3I7u1mxP5uzstZ5xeQ8M-BQY-tYlMr1apJV2Ern0O0vGWGAVhPCsNrXKny6hAwWOVtKhfESntiziOt80rBDawI6pMFPVOXFsCnp74btWgNGidBjHBjzMdtlBiyc9u00SpBsbGa_3LHDuUxOOxOJLFWBCjbHugWU8glnESeuKcRSAbmz84IeRaKXobUbtEhXgIBCCabf78qRU6fpKT9UQFVQTypqLvHX_M1QTcJeijg98d40x5YEC3rKpZiyqkVddoZU6Q9vagtEEDbvvab6tSAogtbMZzHg7CDjuS0jtbuSiME_OiqCS3SN-wgrGZFrObCx36kgGCy1PxBjQAacNcCeYu9Qf0krUzJ0yK3Idb1UNi4bgUyQq7ppcHiMrf5utz7mcM4xD_ATY51L6-mCff6fGYvS5lKDVRdhDuj1yMB3EoNnPOY-OeJVdlUI4fChLB4T_5IesvhnvVmswKrIoaaVspLUP1fBQVQha77IPi4DofU8V4sD_1-RapVwtxB67mM7_vjwrliAJysrIqd8vrpZ1fsXf3VHCj9Uc6M-TZFmAoH7hBLUYjGN_BN7vhLJFHuZeXWrIUuoS4aFMwt2pBvqZt_I_OhO1qFuKeA5I37goFFvBHWEWJ2yD8XrmxtMg3dBI_B4B_D3NoMidzjovWmmdVFdKaZkhXlbBI9FTW0kP39ljkkZ5NmOBsipSjxKyqH_sRtE59suy7TPIzhXtmgwewgXcnoEvXTq6N7QQfu8F0AxRTlkSrpdePBDIAUGYEJZraGB-_ceXi8EEd8RgXSRS-Vr4-cYObgToqBbe0682_xIIxu4Bhp36AgtBQoC-sNLUBwgcFJguc2JuM9uKaqOgXF_qJvOXfxmuCoq_3EF2mVLRfYHkTzQfGMu1se41Pg8bDRoM5uhEc9KFJPr4sNk8nAv2H7vHskbs8gHzVhD7Kn7a9XJeJ6TbqOl6TMGnVfDV8whsI6OkWl4s-r-RYY1aVhUMGYVpxEXh0ywnsMBoN1gwI3iK2bbjht-8s3JkeNlX9qgatpzkClMn3rPBj0CUnXJORqpwrkV7Lxk3BZT7At0_XB99kUHHSHcO0qFsCPR6qv15je_kdq0Qas_Wt6Ydtk6FjNMxzs61-E74VajXseAoBEFyWpAV2UmcAk8C5CksJ&sai=AMfl-YSNiNH3RR90-YclqbbBFVhf8igHImXGKtzyK9Ne_Gt083eHfHzHV0wtKawLgnx1qPIWJFHucK-8FUqHGOMqrOB9Jh69vNUs1mkC6jSEMpMhAX8CCCtYskcaJlUYJdTcJxxJulCL-StFVln8rAGjKos4p-aJk_PtUCe3n23F2Mb9887UJS0xDeuC-WCdAK-m46t1jRnsas0UhgR6_4rD2ZB6gSFur4Pzif-KKtI_KzW8poxnXoIoRUFF6avlWiFpBHObXnA7pPYhUA&sig=Cg0ArKJSzK4lQbHFbxC-EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=222&cbvp=1&cstd=216&cisv=r20221027.48947&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 07 Nov 2022 00:55:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 07 Nov 2022 00:55:23 GMT

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame 8CE1 60 B
60 B 186ms
47ms Image
image/gif 213.202.235.8
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/ai.aspx?extProvId=63&extPu=lh-mindshare&extProvApi=lh_uk&extLi=26911478&extCr=162813187&extPm=322789593&gdpr_consent=&gdpr=

Requested by

Host: b421d36273e048925721661df0521728.safeframe.googlesyndication.com
URL: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

213.202.235.8 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 07 Nov 2022 00:55:23 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy: cross-origin
Connection: close
X-ET-Monitoring: 1
X-Xss-Protection: 0
Pragma: no-cache
Last-Modified: Mo, 07 Nov 2022 12:55:23 GMT
X-ET-Code: 0
Content-Type: image/gif
Cache-Control: max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-ET-Camp: 1630
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 112B 35 B
464 B 92ms
42ms Image
image/gif 2620:116:800d:21:ef75:8280:f209:5ba1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEHShO92dUiO911_dcSQvySg&google_cver=1&google_push=ASkJ3FYDhcboKxC6WwbPYYJTbFXHrYFgcy8tW-y_IoWqs6OsrW4YwrtRpjSU25O08o2XdfwdE9SJW0IVTT31cSvqiHMsPeCeoub0

Requested by

Host: b421d36273e048925721661df0521728.safeframe.googlesyndication.com
URL: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 00:55:23 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3 200 466606.gif
id.rlcdn.com/ Frame 112B 42 B
60 B 41ms
38ms Image
image/gif 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DASkJ3FYzhkzcSMdLHADsO7-tCS6-I-qKOA1q9Ks--77kxXRUMIlqWjeXahsXQAv0FwSec_Grv6h501G-yV9-rjBgNWaO86HzVgU-&google_gid=CAESEIQNHaoo4_Mozt9Yp7BKqIs&google_cver=1
Requested by: Host: b421d36273e048925721661df0521728.safeframe.googlesyndication.com
URL: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 00:55:23 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H3 200 dds
rtb.openx.net/sync/ Frame 112B 43 B
64 B 37ms
34ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEA_5HFz4Tdahldbwo4hdca8&google_cver=1&google_push=ASkJ3FY6pRD0U7jRX1F-6SFpNptXweSP-9nncuchxXJf5DXJLNpJK5vdtvocl7lSKKiGv94W_64fWLTcs0pxS4vP8x-Bm3ttFlCi
Requested by: Host: b421d36273e048925721661df0521728.safeframe.googlesyndication.com
URL: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 00:55:22 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: p97ppv8dkf5g3r4vh79i211bkcbd1ijb

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 112B
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=FEuEND_IRVCSD2-suDs3UQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

53ms
51ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=FEuEND_IRVCSD2-suDs3UQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FaF6nE8fIK3Hp8K_BTQ30O8TCaSYrcERlwoqvs3FQjEPXeBjtnYdVaMbRSFaLIOzIpK8UPPuhMywJirRGbDKR3jpWBYOupU

Requested by

Host: b421d36273e048925721661df0521728.safeframe.googlesyndication.com
URL: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 00:55:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=FEuEND_IRVCSD2-suDs3UQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FaF6nE8fIK3Hp8K_BTQ30O8TCaSYrcERlwoqvs3FQjEPXeBjtnYdVaMbRSFaLIOzIpK8UPPuhMywJirRGbDKR3jpWBYOupU
date: Mon, 07 Nov 2022 00:55:23 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 112B
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHfnWbtmdkDTFLLunvymKJ8&google_cver=1&google_push=ASkJ3FYcTVfUKMt5rXqegkde29Gn1t-6GltvgxjsS_MG1q8LKusrqwh1TyuH58rcFscmr-fGRGZ...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEE2Mk5ITzMtMjQtSU9MMQ==&google_push=ASkJ3FYcTVfUKMt5rXqegkde29Gn1t-6GltvgxjsS_MG1q8LKusrqwh1TyuH58rcFscmr-fGRGZXACf1ZS355YZG5-RSRjrbq78

170 B
188 B

52ms
52ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEE2Mk5ITzMtMjQtSU9MMQ==&google_push=ASkJ3FYcTVfUKMt5rXqegkde29Gn1t-6GltvgxjsS_MG1q8LKusrqwh1TyuH58rcFscmr-fGRGZXACf1ZS355YZG5-RSRjrbq78

Requested by

Host: b421d36273e048925721661df0521728.safeframe.googlesyndication.com
URL: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 00:55:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEE2Mk5ITzMtMjQtSU9MMQ==&google_push=ASkJ3FYcTVfUKMt5rXqegkde29Gn1t-6GltvgxjsS_MG1q8LKusrqwh1TyuH58rcFscmr-fGRGZXACf1ZS355YZG5-RSRjrbq78
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 611afce88997db6fdd35eb213e662871
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 112B
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJKhbptg22yXE7Z-S3RJGN8&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJKhbptg22yXE7Z-S3RJGN8&google_hm=Y2hXe2RZyFwZ9VomfUGXEgAADPcAAAIB&google_nid=index&google_push=ASkJ3FYhZJGXbRu4ndgz0eL15vjLcNdoJkCIn...

170 B
188 B

52ms
52ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJKhbptg22yXE7Z-S3RJGN8&google_hm=Y2hXe2RZyFwZ9VomfUGXEgAADPcAAAIB&google_nid=index&google_push=ASkJ3FYhZJGXbRu4ndgz0eL15vjLcNdoJkCIn5_W5hPyW2igbEu_QpD22vNVyHd_u3rO9UZpecM-N05fdFpw-2GKxMErDLPIDyA

Requested by

Host: b421d36273e048925721661df0521728.safeframe.googlesyndication.com
URL: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 00:55:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 07 Nov 2022 00:55:23 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0ym4FloC%2FldwNyTFmLeSEP4uzieeQMfaAvPd60yI8cKW%2FHXeH4MnmvkN8EKxRW1Iuag8vLKldjLz56GzgHtOuTQ2cXs01PRE4d%2FTiijpYh%2BWqAxhPzZY8metc%2B9APniUwmWMvTD9wzE8lw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJKhbptg22yXE7Z-S3RJGN8&google_hm=Y2hXe2RZyFwZ9VomfUGXEgAADPcAAAIB&google_nid=index&google_push=ASkJ3FYhZJGXbRu4ndgz0eL15vjLcNdoJkCIn5_W5hPyW2igbEu_QpD22vNVyHd_u3rO9UZpecM-N05fdFpw-2GKxMErDLPIDyA
cache-control: no-cache
cf-ray: 76621a643a42d17c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET googleredir
googlecm.hit.gemius.pl/ Frame 112B 0
0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 112B 0
12 B 50ms
48ms Image
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Kcpf6yjW3NRUDvAmjfd3NIz8AIulbeCBZJk2q8J_nSUoRnWYI3n5rHVzlE0Ugp2Tdq3NAGTA

Requested by

Host: b421d36273e048925721661df0521728.safeframe.googlesyndication.com
URL: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 00:55:23 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js Show response
pagead2.googlesyndication.com/bg/ Frame 38EA 36 KB
16 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bcb6d1cfb83a4d0e68a3789297ef40f1c73eb4d4ca49448aca740876f2b191c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 16:06:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31723
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16061
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 06 Nov 2023 16:06:40 GMT

GET
H3 200 vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js Show response
pagead2.googlesyndication.com/bg/ Frame 14D9 36 KB
16 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bcb6d1cfb83a4d0e68a3789297ef40f1c73eb4d4ca49448aca740876f2b191c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 16:06:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31723
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16061
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 06 Nov 2023 16:06:40 GMT

GET
H3 200 vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js Show response
pagead2.googlesyndication.com/bg/ Frame F938 36 KB
16 KB 42ms
39ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bcb6d1cfb83a4d0e68a3789297ef40f1c73eb4d4ca49448aca740876f2b191c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 16:06:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31723
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16061
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 06 Nov 2023 16:06:40 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 2F87 118 KB
40 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10309684648181567772/index.html?e=69&leftOffset=0&topOffset=0&c=RIv4wR5awE&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10309684648181567772/index.html?e=69&leftOffset=0&topOffset=0&c=RIv4wR5awE&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 11:10:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49506
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 07 Nov 2022 11:10:17 GMT

GET
H3 200 preloadjs_1.0.0_55e44727ad1a72cb590cb504b5394b25_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 2F87 64 KB
16 KB 63ms
62ms Script
text/javascript 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/preloadjs_1.0.0_55e44727ad1a72cb590cb504b5394b25_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10309684648181567772/index.html?e=69&leftOffset=0&topOffset=0&c=RIv4wR5awE&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

659aba74af795768d9d8d2ed688e49cd5f47d9425d5a1630329a845759b4591d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10309684648181567772/index.html?e=69&leftOffset=0&topOffset=0&c=RIv4wR5awE&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 00:55:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16579
x-xss-protection: 0
last-modified: Mon, 12 Feb 2018 18:09:40 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 07 Nov 2022 00:55:23 GMT

GET
H3 200 tweenmax_1.20.0_d360d9a082ccc13b1a1a9b153f86b378_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 2F87 112 KB
38 KB 67ms
67ms Script
text/javascript 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.20.0_d360d9a082ccc13b1a1a9b153f86b378_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10309684648181567772/index.html?e=69&leftOffset=0&topOffset=0&c=RIv4wR5awE&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3b9597a90a43830b2a92897a5ef015ce5310e7f32dbb5cd1db2c807c5e6b036

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10309684648181567772/index.html?e=69&leftOffset=0&topOffset=0&c=RIv4wR5awE&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 00:55:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38407
x-xss-protection: 0
last-modified: Wed, 04 Oct 2017 18:33:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 07 Nov 2022 00:55:23 GMT

GET
H3 200 en_GB_polite.js Show response
s0.2mdn.net/creatives/assets/2377528/ Frame 2F87 88 KB
27 KB 49ms
48ms Script
text/javascript 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/2377528/en_GB_polite.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10309684648181567772/index.html?e=69&leftOffset=0&topOffset=0&c=RIv4wR5awE&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b53657aad91e8acd57b698f1c870b19257b454563162f6ba5fafd0328de064e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10309684648181567772/index.html?e=69&leftOffset=0&topOffset=0&c=RIv4wR5awE&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 00:52:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 157
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28008
x-xss-protection: 0
last-modified: Thu, 21 Oct 2021 13:44:48 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 07 Nov 2022 01:07:46 GMT

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 081B 91 KB
23 KB 45ms
44ms Script
application/javascript 2600:9000:214f:be00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: b421d36273e048925721661df0521728.safeframe.googlesyndication.com
URL: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:be00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 25ffb5a941b5a46b102cd385a9cdbb50.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 4007947
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: HomjQNxorcBfQUaSAbO3LIDO7p60i7enpCktJTtgwl1C2LlDQ6wXag==

GET
H2 200 mon
pixel.adsafeprotected.com/ Frame 8CE1 43 B
216 B 43ms
42ms Image
image/gif 52.17.139.148
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=925113&advId=818610713&campId=15566740965&pubId=1&placementId=396800763&adsafe_par&bundleId=&dealId=&bidurl=https://buhgalter.com.ua/&adsafe_url=https%3A%2F%2Fbuhgalter.com.ua&adsafe_type=g&adsafe_url=https%3A%2F%2Fbuhgalter.com.ua%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fb421d36273e048925721661df0521728.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fb421d36273e048925721661df0521728.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-39%2Fhtml%2Fcontainer.html&adsafe_type=bed&adsafe_jsinfo=,id:5f939bef-5c5a-19c1-9c13-cc65f0a1763d,c:teQSyl,sl:na,em:true,fr:false,thd:1,mn:jsserver-primary-78db84bb8c-8mlhz,rg:ie,pt:1-5-15,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:259,mot:0,app:0,maw:0,fm:tmstvg0+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181%7C182%7C1831%7C191%7C192%7C1931%7C1a11%7C1a12%7C1a131%7C1b1*.925113%7C1b11%7C1b12%7C1b13%7C1b14,idMap:1b1*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:278,oid:dc0a4a14-5e36-11ed-96b6-06f7d55c061e,v:19.8.359,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: b421d36273e048925721661df0521728.safeframe.googlesyndication.com
URL: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.139.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-139-148.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 00:55:23 GMT
server: nginx
x-server-name: app09.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 8CE1 43 B
216 B 413ms
128ms Image
image/gif 2600:1f18:1aca:4282:68fb:6c08:1bca:4f5f
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=925113&asId=5f939bef-5c5a-19c1-9c13-cc65f0a1763d&tv=%7Bc:teQSze,pingTime:-3,time:332,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:160,h:600,t:277%7D,%7Bpiv:0,vs:o,r:l,t:332%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:332,n:332,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:277,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B71~1,0~0%5D,as:%5B71~160.600%5D%7D%7D,%7Bsl:o,t:332,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B1~0%5D,as:%5B1~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:tmstvg0+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181%7C182%7C1831%7C191%7C192%7C1931%7C1a11%7C1a12%7C1a131%7C1b1*.925113%7C1b11%7C1b12%7C1b13%7C1b14,idMap:1b1*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:278%7D&br=c
Requested by: Host: b421d36273e048925721661df0521728.safeframe.googlesyndication.com
URL: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:68fb:6c08:1bca:4f5f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 00:55:24 GMT
server: nginx
x-server-name: dt08.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 8CE1 43 B
215 B 410ms
129ms Image
image/gif 2600:1f18:1aca:4282:68fb:6c08:1bca:4f5f
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=925113&asId=5f939bef-5c5a-19c1-9c13-cc65f0a1763d&tv=%7Bc:teQSzg,pingTime:-6,time:334,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:334,n:332,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:277,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B71~1,0~0%5D,as:%5B71~160.600%5D%7D%7D,%7Bsl:o,t:332,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B2~0%5D,as:%5B2~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:tmstvg0+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181%7C182%7C1831%7C191%7C192%7C1931%7C1a11%7C1a12%7C1a131%7C1b1*.925113%7C1b11%7C1b12%7C1b13%7C1b14,idMap:1b1*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:278%7D&tpiLookup=ao:buhgalter.com.ua*%2Cb421d36273e048925721661df0521728.safeframe.googlesyndication.com*&br=c
Requested by: Host: b421d36273e048925721661df0521728.safeframe.googlesyndication.com
URL: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:68fb:6c08:1bca:4f5f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 00:55:24 GMT
server: nginx
x-server-name: dt04.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 8CE1 43 B
215 B 366ms
129ms Image
image/gif 2600:1f18:1aca:4282:68fb:6c08:1bca:4f5f
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=925113&asId=5f939bef-5c5a-19c1-9c13-cc65f0a1763d&tv=%7Bc:teQSA0,pingTime:-2,time:380,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:336,beZ:338,mfA:595,cmA:596,inA:596,inZ:600,prA:600,prZ:608,si:614,poA:614,poZ:627,cmZ:627,mfZ:627,loA:669,loZ:672,ltA:715,ltZ:715,mdA:338,mdZ:535,idA:627,idZ:671%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:160.600,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:160,h:600,t:277%7D,%7Bpiv:0,vs:o,r:l,t:332%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:380,n:332,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:277,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B71~1,0~0%5D,as:%5B71~160.600%5D%7D%7D,%7Bsl:o,t:332,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B48~0%5D,as:%5B48~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:tmstvg0+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181%7C182%7C1831%7C191%7C192%7C1931%7C1a11%7C1a12%7C1a131%7C1b1*.925113%7C1b11%7C1b12%7C1b13%7C1b14,idMap:1b1*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:278,sinceFw:100,readyFired:true%7D&br=c
Requested by: Host: b421d36273e048925721661df0521728.safeframe.googlesyndication.com
URL: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:68fb:6c08:1bca:4f5f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 00:55:24 GMT
server: nginx
x-server-name: dt14.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 URLUtil.js Show response
secure-ds.serving-sys.com/BurstingCachedScripts/Modules_1_94_0_0/ Frame A11D 7 KB
2 KB 45ms
44ms Script
application/javascript 2.16.202.8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/BurstingCachedScripts/Modules_1_94_0_0/URLUtil.js
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_227_3_0/ebHtml5Banner.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.202.8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-202-8.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 269bd69d6c1d25e848132ecfb48ec214040e49fd45e444760c3e226ca5fd7962

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 00:55:23 GMT
content-encoding: gzip
last-modified: Wed, 28 Sep 2022 12:41:48 GMT
server: AmazonS3
x-amz-cf-pop: EWR52-C1
etag: W/"5ac70b83663a79f3a383c3a53f62eafd"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1512275
accept-ranges: bytes
x-amz-cf-id: IYD_Lf_UrfAMYA7niW4B9cwQRCCjar49SobACAuG6Mh1vWvFbvLSwg==
content-length: 1947

GET
H2 200 AdChoice.js Show response
secure-ds.serving-sys.com/BurstingCachedScripts/Modules_1_94_0_0/ Frame A11D 31 KB
7 KB 45ms
45ms Script
application/javascript 2.16.202.8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/BurstingCachedScripts/Modules_1_94_0_0/AdChoice.js
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_227_3_0/ebHtml5Banner.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.202.8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-202-8.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 4e4070246112213095f9384e25a87d0c5b0ecf0ca21b51984e54a2fe79532448

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 00:55:23 GMT
content-encoding: gzip
last-modified: Wed, 28 Sep 2022 12:41:48 GMT
server: AmazonS3
x-amz-cf-pop: EWR52-C1
etag: W/"8c9f70f4926ae612be57ac110d465dbd"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1421550
accept-ranges: bytes
x-amz-cf-id: k2n6cARlEstbhZ319t3VZOfQJS-Rc0GcmfzV3PBPcKx2Pfdju0UeAQ==
content-length: 7202

GET
H2 200 728x90.html Show response
secure-ds.serving-sys.com/resources/PROD/html5/119359/20220323/1076467707/69656689895315216/ Frame B65D 5 KB
2 KB 291ms
291ms Document
text/html 2.16.202.8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/resources/PROD/html5/119359/20220323/1076467707/69656689895315216/728x90.html?v=_2_156_1_0&n=1&sHost=secure-ds.serving-sys.com
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_227_3_0/ebHtml5Banner.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.202.8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-202-8.deploy.static.akamaitechnologies.com
Software: ATS/7.1.0 /
Resource Hash: 678ebb4a2b5dd3d3e75cb750d6e4a22ec4cd79b5d4e8e0d53fe9e0ee06487ae8

Request headers

Referer: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
content-encoding: gzip
content-length: 2012
content-type: text/html
date: Mon, 07 Nov 2022 00:55:23 GMT
etag: "9509c5e70c6fe1c48e2db5bdb5d602dc-df"
expires: Mon, 31 Dec 2035 00:00:00 GMT
last-modified: Wed, 23 Mar 2022 08:56:32 GMT
server: ATS/7.1.0
vary: Accept-Encoding
x-amz-id-2: I15bBWi6S70nJKxN3ZuEwUQP4Ti0aAEjMaeKb6ndTqNFaIcbF9UP1FTIUo8MLfW9gzHxDu/z0Z4=
x-amz-request-id: 19ZXQWD6EMNK7DQM
x-amz-version-id: 38vAmFxKwELBevsCDRfw9Ae4F.o6ijy5

GET
H2 200 IntersectionObserverVisibilityProvider.js Show response
secure-ds.serving-sys.com/BurstingCachedScripts/Modules_1_94_0_0/ Frame A11D 10 KB
3 KB 45ms
45ms Script
application/javascript 2.16.202.8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/BurstingCachedScripts/Modules_1_94_0_0/IntersectionObserverVisibilityProvider.js
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_227_3_0/ebHtml5Banner.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.202.8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-202-8.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 34db11d23b1b71496d67661f658d3f0e00bd9537b98c02c32f5b621f838be247

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 00:55:23 GMT
content-encoding: gzip
last-modified: Wed, 28 Sep 2022 12:41:48 GMT
server: AmazonS3
x-amz-cf-pop: EWR52-C1
etag: W/"e3dd27b7ab9e71c38170980ebbfc1df7"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1421546
accept-ranges: bytes
x-amz-cf-id: MrSQCdhne7F-R_5Bms4LDj2h3yZiAIk8FH3MFfqDIazMT0I8lUojDw==
content-length: 2969

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8CE1 0
0 79ms
79ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvUQUZaLNzpQ0xSfEFYYnf04vH_7YWFQyAkrImsFvA0Dfj4rTKOXDbl4rGxQZgMeF9sdoRpOy-QYMbu0KrysAeI_I606tvYgP0-yOTytV6hmuvbh43CkMUQxJKRwdolJdzPq7os4c7kOIKioqPFqjRRxEzSU8s3fb-bVouSLkCDmt0bpsd0z3_3I7u1mxP5uzstZ5xeQ8M-BQY-tYlMr1apJV2Ern0O0vGWGAVhPCsNrXKny6hAwWOVtKhfESntiziOt80rBDawI6pMFPVOXFsCnp74btWgNGidBjHBjzMdtlBiyc9u00SpBsbGa_3LHDuUxOOxOJLFWBCjbHugWU8glnESeuKcRSAbmz84IeRaKXobUbtEhXgIBCCabf78qRU6fpKT9UQFVQTypqLvHX_M1QTcJeijg98d40x5YEC3rKpZiyqkVddoZU6Q9vagtEEDbvvab6tSAogtbMZzHg7CDjuS0jtbuSiME_OiqCS3SN-wgrGZFrObCx36kgGCy1PxBjQAacNcCeYu9Qf0krUzJ0yK3Idb1UNi4bgUyQq7ppcHiMrf5utz7mcM4xD_ATY51L6-mCff6fGYvS5lKDVRdhDuj1yMB3EoNnPOY-OeJVdlUI4fChLB4T_5IesvhnvVmswKrIoaaVspLUP1fBQVQha77IPi4DofU8V4sD_1-RapVwtxB67mM7_vjwrliAJysrIqd8vrpZ1fsXf3VHCj9Uc6M-TZFmAoH7hBLUYjGN_BN7vhLJFHuZeXWrIUuoS4aFMwt2pBvqZt_I_OhO1qFuKeA5I37goFFvBHWEWJ2yD8XrmxtMg3dBI_B4B_D3NoMidzjovWmmdVFdKaZkhXlbBI9FTW0kP39ljkkZ5NmOBsipSjxKyqH_sRtE59suy7TPIzhXtmgwewgXcnoEvXTq6N7QQfu8F0AxRTlkSrpdePBDIAUGYEJZraGB-_ceXi8EEd8RgXSRS-Vr4-cYObgToqBbe0682_xIIxu4Bhp36AgtBQoC-sNLUBwgcFJguc2JuM9uKaqOgXF_qJvOXfxmuCoq_3EF2mVLRfYHkTzQfGMu1se41Pg8bDRoM5uhEc9KFJPr4sNk8nAv2H7vHskbs8gHzVhD7Kn7a9XJeJ6TbqOl6TMGnVfDV8whsI6OkWl4s-r-RYY1aVhUMGYVpxEXh0ywnsMBoN1gwI3iK2bbjht-8s3JkeNlX9qgatpzkClMn3rPBj0CUnXJORqpwrkV7Lxk3BZT7At0_XB99kUHHSHcO0qFsCPR6qv15je_kdq0Qas_Wt6Ydtk6FjNMxzs61-E74VajXseAoBEFyWpAV2UmcAk8C5CksJ&sai=AMfl-YSNiNH3RR90-YclqbbBFVhf8igHImXGKtzyK9Ne_Gt083eHfHzHV0wtKawLgnx1qPIWJFHucK-8FUqHGOMqrOB9Jh69vNUs1mkC6jSEMpMhAX8CCCtYskcaJlUYJdTcJxxJulCL-StFVln8rAGjKos4p-aJk_PtUCe3n23F2Mb9887UJS0xDeuC-WCdAK-m46t1jRnsas0UhgR6_4rD2ZB6gSFur4Pzif-KKtI_KzW8poxnXoIoRUFF6avlWiFpBHObXnA7pPYhUA&sig=Cg0ArKJSzK4lQbHFbxC-EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=495&vt=11&dtpt=273&dett=3&cstd=216&cisv=r20221027.48947&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 00:55:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 07 Nov 2022 00:55:23 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 2F87 7 KB
6 KB 140ms
57ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/2377528/en_GB_polite.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

94e8c846fd713c731a3025d03cb807b2c9b997d8be69d8745f04bf2d0ef8c573

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 00:55:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5770
x-xss-protection: 0

GET
H2 200 OBA.png
secure-ds.serving-sys.com/BurstingCachedScripts/Res/Images_2_6_4_0//AdChoice/TopRight/ Frame A11D 1 KB
2 KB 46ms
46ms Image
image/png 2.16.202.8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-ds.serving-sys.com/BurstingCachedScripts/Res/Images_2_6_4_0//AdChoice/TopRight/OBA.png
Requested by: Host: b421d36273e048925721661df0521728.safeframe.googlesyndication.com
URL: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.202.8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-202-8.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 6ef81d1a436e54449d094e62ad44dc82221a1c752069947e0a2c071b49a9c701

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 00:55:23 GMT
last-modified: Wed, 22 Dec 2021 10:52:10 GMT
server: AmazonS3
x-amz-cf-pop: EWR52-C1
etag: "31463dfa117c756dc021835384e93387"
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 1411
x-amz-cf-id: CbqDQXkc_9tV3IWBc6Ckd7XJAKBUBUvK2elbOuYm_kN7FEjOIfWviA==

GET
H2 200 OBA_DEFAULT.png
secure-ds.serving-sys.com/BurstingCachedScripts/Res/Images_2_6_4_0//AdChoice/TopRight/ Frame A11D 2 KB
2 KB 45ms
45ms Image
image/png 2.16.202.8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-ds.serving-sys.com/BurstingCachedScripts/Res/Images_2_6_4_0//AdChoice/TopRight/OBA_DEFAULT.png
Requested by: Host: b421d36273e048925721661df0521728.safeframe.googlesyndication.com
URL: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.202.8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-202-8.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: dc05187f20059fb91e255cbd76de4a7e0481e2f02d15ae5c45eeed42d59e2a09

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 00:55:23 GMT
last-modified: Wed, 22 Dec 2021 10:52:14 GMT
server: AmazonS3
x-amz-cf-pop: EWR52-C1
etag: "cfebfa91510d9fe13a4186ba4c48596b"
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 2198
x-amz-cf-id: aYC1r_c6-kPQ2ItsAOFCoQxmIXFgLSRq9OBWZRz9sg8HIatnma6G0w==

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 45DE 0
20 B 79ms
79ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B80jHeldoY4yeEYiQjuwP272P0AsAAAAAOAHgBAI&bg=!W1ilWBzNAAZPh4lnb4c7ACkAdvg8Wq-vXtH7EN45a7pKf7TkI2pq0-gCjLMDS_YW5Vv3PkVLFZEspwIAAAFAUgAAAAJoAQeZA0K8VgNRtz-0LE18DJ6lVXN4Q7tBw8WJHJK8BsM-QnuhCuQMTCw3ICDYdBH_dXpi-Rh4O5ESncfuBCg-oiFELPTWAIxhS-T-GleDDi-BzLxVumGPVvtkLTHL1NTqIdOXU9hpjyP_XUi2wCTqcA5kxQML-ZWlwlwVdoI4rjA5tiiONSLJF9Vf0-W9naaaPRYAMV_Asq43cTQTv3JWsOh_upxW6cTIzzn9-Hi0gr2O5d57bLdsaoH8AYvbE7tUW0m2gu-3mvq_ZmXlBfqcc6MWI3zNq2HJPWLQEHL_kMANvmyoE6hdnCm9HXaWw8ZwOJwDq4hbHh7OO7nAcb_aXRfdVeI7dbwosbJcGg4BVLdUA9glqQj1s9lc_hMrx0C3H9JBkJN6r3A1G8NoAemLhzFwF5YxqVioig9GyzrQyBNKHaB3j6KVJxLNliaO17tBQyXNYGEP9V51MkV-ED8nw0QJSdA50JBbOQU8SrT5ou9sV7fOBQ8itzzNYOhESnZnKZr_eQ6OJNGEKiMxb3Ck7G0IfwE5_7I_BYAKATlFFaW_ijnUS58-3rUzhWfZoDT1D1_oOKXL51uCtjxN8V9XLJE52sCFPVQUoT7mEBiVH4duflgnAojEppXuEw0-Z1XnwpSxJqjIn_L4lNR6j1TYOUz7O0WiVIUMtTTCTyuYqaNpev6OFytpHwI00okc1T3Fk6UyjRAZuv0iUiPlsKOJKJ7hQY5RjLoWm8DCJGiVBELLZLqZFmHwbs_gteO5NVoGi_NFMJYyQQ-4stzZAnA0hXflUpi6y2ZqgLVWEHOCjwntUOjiTimaMHwe3UzvnAfyl75l3yhSKqmqGB1HXGMLHC1Dji27ntf-y0zhl3rWtaqONrjBQA3_GpRYK5VKquL5P6VAHR3S4V6wAEVjfnAAMOzxidKsWZvgCO5ALgZUNULSDFX1Kcd2SwoPzX71AxjZ4aMPcb7hrPboD-Y6XJBXdB5vEfwtcY2nNJ1jea5au1FbRPb5ZavI97W5zYVzZhlUwEox9v8xX-AqrWV1YqrusVdZoZLE6Ue42RlHjgIjHXifNJYJI7LdfejR_6h3I6zsaiFO6tElrwllG_FaKB8n256kTovFUqg

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 00:55:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 38EA 0
20 B 78ms
78ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BDhOfe1doY8O6BtGp3gOjsLMQAAAAADgB4AQC&bg=!EBOlE1fNAAZPh4lnb4c7ACkAdvg8Wm32lc5w1LchCbPoVNGgzeQFIed50mTD-5LxmPnF7-kRIG_BgwIAAAFNUgAAAARoAQeZAu_mKUkZ41bVLzNNQSHE_iicimvi4GiuK1jbQohKhZ6pHQXYbOZKH_hKgbbxu0y_UPGvYn2E-8a4hYBHbY7Lu5p1b6x_yVJEAgB6I4Txeb5DDTPfltU39YHbAb9nZIBijJ-_rjBzhflmkK3Jo6EtCbAgA8KKzBPbJtYnnkbNK8L2rO-CuPoF5gCyQ_CrWfKtz-Js48V5skyknYKu33XVRQl-1pciCXkpR0nbuAwCDJPLVlHLndxLR93EWsxOQCChVyt2C6sd2tPvnPbUmDPap3nyrPsetTaSyQ28RUReygQSepiM_K6OYqL-S-L88Qi_86EuCTq0fQlF0AOC5TgA3AFr-RDbGToSEjy28M6qn4fIfu-jlDtegNz5hNo_OxC7TDbKTwJJFeo5ujXbeWoBpno8hAMxxQ6xuqo8S4sJYLcbeCWk8d8K6VVUMCLxh1S6hCZuyQSgjs795BDRNRtpDLoQQhUMX4HKa1u5N-mdIJwC2op3tfZvWrB8QpwjHU0v-2CqhfDUQpexo4K38_J52EpRilGJNbJBwZZzdZ3f0MorulP0EfJ0rvRy8JPHcFsZFEBSMuFBHD_vUTfr_UkNWYZS-BvzsON9-GedyqNd6KSFuZCTGEVi-KAp9nWwi5Bz9ygDKul5CKJsfdJeP-cmZuDbonYaQw2AX84ht7q66pgWGNlE0wHJP1qmv7Mk7k4SmOvQaYS8HU2gkzKLXGX9_DCKBhji7ixs9gprMLLjrR-sroZQduhj0aDz1zZ9dyTW3zUZcOyAILo1Ceb3S_79Zh1mWKdAvqXU4a_nhmqlmy2DO3CEXwXc9pUVgnyZ8nuaAqdbOf8Zfl-w_-D6QfL7SP4sKw_KB-9pxQla_rZs7Va-OWBwOYoWdpzmUezzlbZJpI7GfIdJBxZ_ot1T7Z1hHPnpLMgG0MT-U6zbjF8KiBZ6BQ5YeoCMbo7prQoxB67fJ8FWToMbnlC2tUFXNqPKbPWZnode0qqR1H11M0EXtixH

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 00:55:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 14D9 0
20 B 78ms
78ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BP3-Ce1doY6_3CIzX-gbd5r_wDwAAAAA4AeAEAg&bg=!0tGl0ZXNAAZPh4lnb4c7ACkAdvg8WqAtJNku49We2CNc_uB0ree5AgpT-YuMT_bFARf-V8kWOEyY5QIAAAFiUgAAAAJoAQeZAvzB1G86PjXVEt69bniLZF5pPnHavD5k3sgmUsZ1j5MU3uSKg_3gUYxXhF8A8LlW9FBhLVSV_GJ9XiXdm5u4NT0W2uTbgPyjHLvZ7RiXXS9sBK-jOB_CcXMAkWONuJn4cXv1AMus_tTUn3hbrNZrP1Nk1YnNfKb0lC01dbJFPTaEbHNUkDn9f8kdjczXIcpEa5ftxaHsoYnh4UsX_04sQfOf_wREyT4HGU1dYwfIS_G8gmLgbTw8OADFIiNsB5-OcPyokOpDD3B-_95IZbU1fE86760JwSKyavE8VghY5ERzJE9DlUyh4uDwfBvIVG77vaKFZZXvr27BYPExK-yVOQJbwMnZ6h1JMQ2ChzSl1e8fJCR8fHBAuNi3ws7kVJ0IiMCac5dGyGyQbDDkGgffr_wQqDZo-PJ_EhKRijYaq4RoTgBK73hh2d5C2MZFEhV93mRCS3nCAEblZ3zjWVLj2Wo_7s2P_zQXUpRwveZwcI0CLJQ67BnpcKhj_dz9dUHYS9ajAkKeZfW96gyPRfOseipcIaHnYPvrBJEYkzS0VN43SlLfRytDiPZqye7-82pzHCCDA0xKwux_4ksSa1KXa0cVbm9p7TZg_MQ0mPK4JB97NfONgDMSFyz9_JsuX_eCHsdtDZy86zHCJjyntAH4eshQeNyisx_uRDu3nLTD5TfXZJYeO6bTTtJEjf4fH6Q6ymEon4KIzwlAs3IzDjLCMW61RL_oaZvpvvE147H-pKtHTLF11bMQNzNHY1oAJizDvQXGqqoevmHvh1QQeNky0UIY7pB8UeiJlT9M9ozm1q3U511KGxza7cgdLu16XdYfs51no1_NFhndGfLOLtPNbodwEjiwyqrb09hppvNzJUaSw4bC-TuD6TIL1w9y_dbDOxckz4Pabos1BFGjW8n0x7jzU7UzG3x8S8CtnotgkFMsey8cVfbZs6_8yDsTwYGCURnM_quLhbQ1-32SFieI8Nnf1rruTLmRL35iezMDMSTTs2oO_bAqPF9MFO6Vbw

Requested by

Host: b421d36273e048925721661df0521728.safeframe.googlesyndication.com
URL: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 00:55:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 2F87 17 KB
6 KB 59ms
58ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 00:55:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 07 Nov 2022 00:55:23 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F938 0
20 B 78ms
78ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BnmI0e1doY-zpCNaW3gPvsKHACwAAAAA4AeAEAg&bg=!GRqlGl7NAAZPh4lnb4c7ACkAdvg8Wulh95nyD8wVgdxreyv53bM4ok8rDfiYB27VzhFIimDDgVpfhgIAAAEWUgAAAANoAQeZAz7nM3dHXUnw-ARWIGqcoxB_hcX2TvqgzPgLTUXcwhX6-9he2UAcdQhp6yTI5XhMCid_3p34fUZmESyItXq5ivumZndjw2wivUpQU4SYpZvcS23Ci67aWKmKFGe7h9__JPTC0BD_InTj5wMYdRdPwopeBLDvPr_5nxT1HwKTm4czyxcw8QnDU3ZcKpJRVB2R8zecIO6F4Y-CReQ_DZv5CUx2fvFkXK9SC0pxBPZ-wl9D6enCgJXEj0WfjsuL61xs7jX_LBhhQwBwNzPA3H5oixAgaNnSuTatl42vtxqK-qiEO6QA8DF-dn2iEKTUvAmyRas51rRwTQ8JbRFonzdJ3AFQQ_kQFaaiATLZm4yuLbdbjlD2suGnZGBwCauZm4QAhH6qE-NuvgzXlBkrHCCHPlSDEE4MY9qH3ZVCRvc7q33yoyCCzYBCSoGVIkf9kSm3hcKKgSoPNKcYZU2edzAkqGVanTfWry41fS7Gt3JcB48R8fUCgS6vKWBOpXeOLdFzcKZ7qMLYulSojl4MOITLfoLgNrkCF7KB5FxDor6FzSKWwl5ggBP3VMjyssmcHLUWuV7RIu-i26KO7ww8d0UH7EfLa_nr0ogoF5h0yzwtt3Yo-x0vqkIC7zGpK3XZIZMVjMA30DKo2UwD0tnZFZCnGmzR0ml7JAySJGv4zBzhYcLDEy-QPPUPqVnirOazyRJs5LRPeTNkbZmSvALGqDeEI2vM668rg3JWPiZKjGGsVS_iC4Qf8oqVswUU9VOz3Cdu0YyKVvzz5bNO-cMx6-_jXTR9JUKT22Ql6B5ojPIvm0kI1oc6d1ejETd-MRfXELb-0jGB34nWCRuKmqiDPzgHKkhUSbYbb6o4mTj1lLMi2ZHmSUoVmqKfwJ7ObQ1egGs9GWWhwD34NmOeFjaHU1GzLRPcwxjepcpiZjkcvDuTh-WpIGcfCwf-pyDtUcgDrLHuCy2ox1c6eZMYI-5Luhvo2_RNlLAyIoYXdpJl2AsHPwGSA3YmRUN9NVg-HXeA5uPFmp6g9XSmWz-WqDIyWXxP8Ss1FAsDjoBmGZyeSJfZAPHbsamMGLkq6oj2jPXHMFwYkb3AIKDfopPkjlHZ5ldPYg

Requested by

Host: b421d36273e048925721661df0521728.safeframe.googlesyndication.com
URL: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 00:55:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js Show response
pagead2.googlesyndication.com/bg/ Frame 37DD 36 KB
16 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bcb6d1cfb83a4d0e68a3789297ef40f1c73eb4d4ca49448aca740876f2b191c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 16:06:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31724
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16061
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 06 Nov 2023 16:06:40 GMT

GET
H2 200 createjs.min.js Show response
secure-ds.serving-sys.com/BurstingcachedScripts/libraries/createjs/1_0_0/ Frame B65D 236 KB
63 KB 49ms
49ms Script
application/javascript 2.16.202.8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/BurstingcachedScripts/libraries/createjs/1_0_0/createjs.min.js
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/resources/PROD/html5/119359/20220323/1076467707/69656689895315216/728x90.html?v=_2_156_1_0&n=1&sHost=secure-ds.serving-sys.com
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.202.8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-202-8.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://secure-ds.serving-sys.com/resources/PROD/html5/119359/20220323/1076467707/69656689895315216/728x90.html?v=_2_156_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 00:55:24 GMT
content-encoding: gzip
last-modified: Mon, 24 Jan 2022 22:49:20 GMT
server: AmazonS3
x-amz-cf-pop: EWR52-C1
etag: W/"2c827824a670702a535169f076c36254"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: DywiWjyI3zOiE4cLPX8ZnVZCEnunLdvJeSNESXT6ftTuE5fGVigihg==
content-length: 63952

GET
H2 200 728x90.js Show response
secure-ds.serving-sys.com/resources/PROD/html5/119359/20220323/1076467707/69656689895315216/ Frame B65D 9 KB
3 KB 295ms
295ms Script
application/x-javascript 2.16.202.8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/resources/PROD/html5/119359/20220323/1076467707/69656689895315216/728x90.js
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/resources/PROD/html5/119359/20220323/1076467707/69656689895315216/728x90.html?v=_2_156_1_0&n=1&sHost=secure-ds.serving-sys.com
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.202.8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-202-8.deploy.static.akamaitechnologies.com
Software: ATS/7.1.0 /
Resource Hash: a27087d9a51e66b5379a365607065df4f882b9190c3217064a2efad7ba680e15

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://secure-ds.serving-sys.com/resources/PROD/html5/119359/20220323/1076467707/69656689895315216/728x90.html?v=_2_156_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: GXvnxLlu3RD.eR3rH4UUNiROs8i0WP70
content-encoding: gzip
date: Mon, 07 Nov 2022 00:55:24 GMT
last-modified: Wed, 23 Mar 2022 08:56:32 GMT
server: ATS/7.1.0
x-amz-request-id: 6DWB27B2EDBJZV85
etag: "05b51c227a493c26396dbc1607209e15"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 2321
x-amz-id-2: BNl0OTINoUevFwz4TdEz8LkX9HKEFzW8EY1yEfdS9nHHI2xigi2H37iQgtDXZyBERe+0+kFdB4k=
expires: Mon, 31 Dec 2035 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 8CE1 43 B
215 B 132ms
131ms Image
image/gif 2600:1f18:1aca:4282:68fb:6c08:1bca:4f5f
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=925113&asId=5f939bef-5c5a-19c1-9c13-cc65f0a1763d&tv=%7Bc:teQSFT,pingTime:-10,time:745,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvOTkuMC40ODQ0LjUxIFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000022202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1667782524060%7C%7C4335795ca2b6d0f74858143dc11560fb%7C%7C6b9a00393fb1607b0ada13520f814ab5%7C%7C22f3332bca65a365f6b335b802a9b71e%7C%7C8b8c506bc1e2ce3cdbc02334b9aedc66%7C%7Ceeaf9c18317c6093239676be212e7803%7C%7C0de9fe98f4aef485f30ecd2d9540537b%7C%7Cb7d46303d5009ea7f322e553e8a5324d%7C%7C1663701684%7D
Requested by: Host: b421d36273e048925721661df0521728.safeframe.googlesyndication.com
URL: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:68fb:6c08:1bca:4f5f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 00:55:24 GMT
server: nginx
x-server-name: dt03.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 adkit.js Show response
secure-ds.serving-sys.com/BurstingCachedScripts/adkit/1_0_41_5/ Frame B65D 71 KB
71 KB 48ms
48ms Script
application/javascript 2.16.202.8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/BurstingCachedScripts/adkit/1_0_41_5/adkit.js
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/resources/PROD/html5/119359/20220323/1076467707/69656689895315216/728x90.html?v=_2_156_1_0&n=1&sHost=secure-ds.serving-sys.com
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.202.8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-202-8.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: a047140cc174d554a323b1b787199a21c2c976e9991fa0428ac9a94a641190ed

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://secure-ds.serving-sys.com/resources/PROD/html5/119359/20220323/1076467707/69656689895315216/728x90.html?v=_2_156_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 00:55:24 GMT
last-modified: Mon, 24 Jan 2022 22:46:45 GMT
server: AmazonS3
x-amz-cf-pop: EWR52-C1
etag: "257b68f9ecc3e5a28f10fd241e580d02"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: d1jfVHeTDp7s_UrlvpYl0n_u51MQqXI0XDey0ozsCCG8A49dYQKqIw==
content-length: 72672

GET
H2 200 config.js Show response
secure-ds.serving-sys.com/BurstingCachedScripts/adkit/1_0_41_5/ Frame B65D 11 B
241 B 45ms
45ms Script
application/javascript 2.16.202.8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/BurstingCachedScripts/adkit/1_0_41_5/config.js
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts/adkit/1_0_41_5/adkit.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.202.8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-202-8.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 0089aa050b89192e6bb4f33c9ca831d4215f30a24cff294ed17a1a187131e267

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://secure-ds.serving-sys.com/resources/PROD/html5/119359/20220323/1076467707/69656689895315216/728x90.html?v=_2_156_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 00:55:24 GMT
last-modified: Mon, 24 Jan 2022 22:47:07 GMT
server: AmazonS3
x-amz-cf-pop: EWR52-C2
etag: "9b623b63a22644fd1a4bf2b3af3481d3"
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 11
x-amz-cf-id: E9KroIjMfwQkD8UkW9n7bhnRlonOBHPJudbmr8q0xLL3yyt2Fn__IA==

GET
H3 200 160x600_NH_D_WD_Affinity-Art-Culture-Gallery.jpg Show response
s0.2mdn.net/creatives/assets/2373736/ Frame 2F87 14 KB
14 KB 43ms
43ms XHR
image/jpeg 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/2373736/160x600_NH_D_WD_Affinity-Art-Culture-Gallery.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/2377528/en_GB_polite.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60aa4db6d951ec9c250ec0907a1f93246e8f42a1cb7dd114242b8b7c52d78a8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/10309684648181567772/index.html?e=69&leftOffset=0&topOffset=0&c=RIv4wR5awE&t=1&renderingType=2&ev=01_247
X-Requested-With: XMLHttpRequest
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 00:50:07 GMT
x-content-type-options: nosniff
age: 317
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14648
x-xss-protection: 0
last-modified: Sun, 24 Apr 2022 16:31:43 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 07 Nov 2022 01:05:07 GMT

GET
BLOB 200
OK 450928da-2644-471e-9090-21e98e501dfa
https://s0.2mdn.net/ Frame 2F87 14 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://s0.2mdn.net/450928da-2644-471e-9090-21e98e501dfa
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60aa4db6d951ec9c250ec0907a1f93246e8f42a1cb7dd114242b8b7c52d78a8c

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length: 14648
Content-Type: image/jpeg

GET
H3 200 en_GB_imageanimation_NH_D_WD_Affinity-Art-Culture-Gallery_160x600.js Show response
s0.2mdn.net/creatives/assets/3199196/ Frame 2F87 40 KB
23 KB 43ms
42ms XHR
text/javascript 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3199196/en_GB_imageanimation_NH_D_WD_Affinity-Art-Culture-Gallery_160x600.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/2377528/en_GB_polite.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b3eca61be6ce7f48f0438c9417cd36767ca6862f86e796cbc4dc0c95e0278f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/10309684648181567772/index.html?e=69&leftOffset=0&topOffset=0&c=RIv4wR5awE&t=1&renderingType=2&ev=01_247
X-Requested-With: XMLHttpRequest
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 00:43:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 740
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23699
x-xss-protection: 0
last-modified: Mon, 09 May 2022 10:43:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 07 Nov 2022 00:58:04 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5F1E 42 B
64 B 83ms
82ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss3pzPJL0Oz1CbGh2ybWtEV0WPYa-jpankEFypg6_6QNFbq5gYZe5h0xcSAS5wsFS-4Lr6nYlPJer52W9Fo5aWNKdGJTXYqO9tPEeEACcrymAwO02KQu2MhVmItA_gEtDreh1FcFw&sai=AMfl-YT2QHaGHsBqxGdnVmijioiAPtP3BzKwf4V6ObToxP8u6iJwzLqeUxw698JHfM6zIDi22Zup0aBoyRudsaFpWafSkhNE8T2k20Ila3W8p6RHv_CE-s0V6FqgQpOO87E&sig=Cg0ArKJSzOjVFLpfNZxTEAE&cid=CAQSPADq26N9P-iQ2CR10tcO4Qn2VNG2t4heQ71sKGjZCqYF6xBXPvpxy9g03YzMsAA3ScVgYC53s_rcJ-aTZRgBIA4&id=lidar2&mcvt=1001&p=898,1160,1148,1410&mtos=0,1001,1001,1001,1001&tos=0,1001,0,0,0&v=20221103&bin=7&avms=nio&bs=0,0&mc=0.91&if=1&vu=1&app=0&itpl=20&adk=2541184592&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1667782522991&rpt=282&isd=0&lsd=0&met=ie&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 00:55:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js-animation_en_GB_imageanimation.js Show response
s0.2mdn.net/creatives/assets/3389262/ Frame 2F87 75 KB
20 KB 42ms
42ms XHR
text/javascript 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3389262/js-animation_en_GB_imageanimation.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/2377528/en_GB_polite.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

887bbef2171d49c602ab37b73b95b357191fd804e7f51ba15c15b750126645dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/10309684648181567772/index.html?e=69&leftOffset=0&topOffset=0&c=RIv4wR5awE&t=1&renderingType=2&ev=01_247
X-Requested-With: XMLHttpRequest
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 00:52:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 157
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20098
x-xss-protection: 0
last-modified: Thu, 21 Oct 2021 13:44:55 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 07 Nov 2022 01:07:47 GMT

POST
H/1.1 200
OK evt Show response
lm.serving-sys.com/lm/ Frame A11D 0
230 B 297ms
41ms XHR
text/plain 3.73.221.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lm.serving-sys.com/lm/evt
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_227_3_0/ebHtml5Banner.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.73.221.153 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-73-221-153.eu-central-1.compute.amazonaws.com
Software: LogModule 0.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com
Access-Control-Allow-Credentials: true
Server: LogModule 0.4
Content-Length: 0
Content-Type: text/plain

POST
H/1.1 200
OK evt Show response
lm.serving-sys.com/lm/ Frame A11D 0
230 B 300ms
43ms XHR
text/plain 3.73.221.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lm.serving-sys.com/lm/evt
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_227_3_0/ebHtml5Banner.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.73.221.153 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-73-221-153.eu-central-1.compute.amazonaws.com
Software: LogModule 0.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com
Access-Control-Allow-Credentials: true
Server: LogModule 0.4
Content-Length: 0
Content-Type: text/plain

GET
H2 200 Serving Show response
bs.serving-sys.com/ Frame A11D 24 B
631 B 46ms
46ms XHR
text/html 18.198.85.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/Serving?cn=display&c=40&sessionid=2545091506890470032&ai=1086651859&usercookie=u2=a6bb5c9e-436b-48e0-aa8f-ed2ef58b0662&oo=0&clsrc=2&clbv=_2_227_3_0&gdprpurposes=1023&dg=1076884561&sdg=1077682784&ctick=627&ord=0.015248037170354278
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_227_3_0/ebHtml5Banner.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.85.91 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-85-91.eu-central-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 2e7778c6ed3c31a131da378d6e573a1b3b6723037cdeea4c4832da83e60c9399

Request headers

Referer: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 00:55:24 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com
p3p: CP="NOI DEVa OUR BUS UNI"
cache-control: private
access-control-allow-credentials: true
content-length: 24
expires: Sun, 05-Jun-2005 22:00:00 GMT

GET
H2 200 adServer.bs Show response
bs.serving-sys.com/Serving/ Frame A11D 0
500 B 47ms
47ms XHR
text/html 18.198.85.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/Serving/adServer.bs?cn=int&iv=2&interactionsStr=$$1086651859~~0~~1076884561~~2545091506890470032%5EActualSize~728x90x0x1x0000x0x0x728x90~0~01020~630$$&usercookie=u2=a6bb5c9e-436b-48e0-aa8f-ed2ef58b0662&rnd=0.8057562846528636&res=32
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_227_3_0/ebHtml5Banner.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.85.91 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-85-91.eu-central-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 00:55:24 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com
p3p: CP="NOI DEVa OUR BUS UNI"
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Sun, 05-Jun-2005 22:00:00 GMT

GET
H2 200 EBLoader.js Show response
secure-ds.serving-sys.com/BurstingScript/ Frame B65D 12 KB
4 KB 47ms
46ms Script
application/javascript 2.16.202.8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/BurstingScript/EBLoader.js
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts/adkit/1_0_41_5/adkit.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.202.8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-202-8.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 9fff3be6850d99a91d7a75095d6f2da3acf82515afe7d12a8ae15471fdce69d0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://secure-ds.serving-sys.com/resources/PROD/html5/119359/20220323/1076467707/69656689895315216/728x90.html?v=_2_156_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 00:55:24 GMT
content-encoding: gzip
last-modified: Tue, 25 Oct 2022 12:53:43 GMT
server: AmazonS3
x-amz-cf-pop: EWR52-C1
etag: W/"12ebd542534f243380a8597e8f3d0ca3"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
x-amz-cf-id: kzJzUEIXx9jfmaRy1AIgEfaDM2gz1a4TnlD_wxJ6OnZLQ2w29YCgwA==
content-length: 3622
expires: Mon, 07 Nov 2022 00:55:24 GMT

GET
H2 200 NH_D_WD_Affinity-Art-Culture-Gallery;strtype=2
ade.googlesyndication.com/ddm/activity/dc_oe=ChMIrJPrhu6a-wIVVot3Ch1vWAi4EAAYACCDqtFNQhMI2cO2hu6a-wIVCIiDBx3b3gO6;stragg=1;&timestamp=1667782524353;str=LH/NULL/386/amadeusBestPrice/ Frame 8CE1 42 B
494 B 182ms
79ms Image
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIrJPrhu6a-wIVVot3Ch1vWAi4EAAYACCDqtFNQhMI2cO2hu6a-wIVCIiDBx3b3gO6;stragg=1;&timestamp=1667782524353;str=LH/NULL/386/amadeusBestPrice/NH_D_WD_Affinity-Art-Culture-Gallery;strtype=2

Requested by

Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 00:55:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A11D 42 B
64 B 77ms
77ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvVT3UvVt2lqZSJj3XTwpp18wutjVUM8UIdIXiNqfNBW0WiS98EUyyOPJ2Z0Pkw0U4K5WjbX_yT2h_rt0B6GaFSA07hMytaPYlv_HAvCJBnnhVdfMErunfWj5Gu&sai=AMfl-YQysc40HveuWk1ip9QnfT7xQV4NIQMw7KkiyYT1wv3fOBOfumPU7mSNpEpXlyrZhdDUiiP28h9Ri4CepwHcTWGl5n6bsD_N5HGFs-R2JUJp59mCZnk-9HYVngIi_Ro&sig=Cg0ArKJSzBlB-Mmhz2WPEAE&cid=CAQSPADq26N9P-iQ2CR10tcO4Qn2VNG2t4heQ71sKGjZCqYF6xBXPvpxy9g03YzMsAA3ScVgYC53s_rcJ-aTZRgBIA4&id=lidar2&mcvt=1000&p=40,436,130,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221103&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1472868681&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1667782522804&rpt=569&isd=0&lsd=0&met=ce&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://b421d36273e048925721661df0521728.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 00:55:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 EB.js Show response
secure-ds.serving-sys.com/BurstingCachedScripts/HTML5Res_2_156_1_0/ Frame B65D 83 KB
29 KB 48ms
48ms XHR
application/javascript 2.16.202.8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/BurstingCachedScripts/HTML5Res_2_156_1_0/EB.js
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingScript/EBLoader.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.202.8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-202-8.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 2ae0a454f7ab15c89d610835eea875e704173af6b217619762ff264cd8ac6dae

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://secure-ds.serving-sys.com/resources/PROD/html5/119359/20220323/1076467707/69656689895315216/728x90.html?v=_2_156_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 00:55:24 GMT
content-encoding: gzip
last-modified: Wed, 28 Sep 2022 12:41:48 GMT
server: AmazonS3
x-amz-cf-pop: EWR52-C1
etag: W/"e216df8f91dd9d34b2e147d34e944524"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1512360
accept-ranges: bytes
x-amz-cf-id: Bf9lNnLh6ZykrYQPfSqP_aUIuMGabmGP2F4UygJFeqaRkGiFtRDplA==
content-length: 29333

POST
H/1.1 200
OK evt Show response
lm.serving-sys.com/lm/ Frame B65D 0
191 B 186ms
44ms XHR
text/plain 3.73.221.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lm.serving-sys.com/lm/evt
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.73.221.153 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-73-221-153.eu-central-1.compute.amazonaws.com
Software: LogModule 0.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure-ds.serving-sys.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: https://secure-ds.serving-sys.com
Access-Control-Allow-Credentials: true
Server: LogModule 0.4
Content-Length: 0
Content-Type: text/plain

GET
H2 200 background.jpg
secure-ds.serving-sys.com/resources/PROD/html5/119359/20220323/1076467707/69656689895315216/ Frame B65D 12 KB
13 KB 386ms
386ms Image
image/jpeg 2.16.202.8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-ds.serving-sys.com/resources/PROD/html5/119359/20220323/1076467707/69656689895315216/background.jpg
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.202.8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-202-8.deploy.static.akamaitechnologies.com
Software: ATS/7.1.0 /
Resource Hash: f3813d6cc9470f8354e367fb821744433c87b1a5b269d2e4f60473570148cf40

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://secure-ds.serving-sys.com/resources/PROD/html5/119359/20220323/1076467707/69656689895315216/728x90.html?v=_2_156_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: NHmqWp_5mLDk8a5QEKd5OOlqX2vo2QLc
date: Mon, 07 Nov 2022 00:55:24 GMT
last-modified: Wed, 23 Mar 2022 08:56:32 GMT
server: ATS/7.1.0
x-amz-request-id: NGAAAS0F3EVEX7HD
etag: "dd2033027a8cd5f9132224d6f2996351"
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
content-length: 12722
x-amz-id-2: bMOiF548UHnkTSHrGG2GHkCi9v82p+FZb8sJ8KhoQG9i1g63tZskAZjYnyf1l04oXvw73Ne/dt0=
expires: Mon, 31 Dec 2035 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 2F87 16 KB
16 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 06e13e753ce02eb311a0491eada8d8671a0c4fa4f85d3b94bb78ed1d0aa76289

Request headers

Referer
Origin: https://s0.2mdn.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H2 200 button.png
secure-ds.serving-sys.com/resources/PROD/html5/119359/20220323/1076467707/69656689895315216/ Frame B65D 933 B
1 KB 289ms
289ms Image
image/png 2.16.202.8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-ds.serving-sys.com/resources/PROD/html5/119359/20220323/1076467707/69656689895315216/button.png
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.202.8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-202-8.deploy.static.akamaitechnologies.com
Software: ATS/7.1.0 /
Resource Hash: 72b9bf3b3da6ba394b7e713b6fd97541eee40888675ce352e13e572e671b69b1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://secure-ds.serving-sys.com/resources/PROD/html5/119359/20220323/1076467707/69656689895315216/728x90.html?v=_2_156_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: rX4GElCi3UhL_1SDkW7xNzAMBlBcvOjy
date: Mon, 07 Nov 2022 00:55:25 GMT
last-modified: Wed, 23 Mar 2022 08:56:32 GMT
server: ATS/7.1.0
x-amz-request-id: 4Y153Q0TTS7M5HDC
etag: "3d52b211b14b9313aebf50b038ce71a1"
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 933
x-amz-id-2: v83o8AIgN5JBHvlTqwKcfC6HWDYSQsRQTvhoa1FMoKC2ESkncRtTzwRKjiNiTJ2AK0kMYM26Cys=
expires: Mon, 31 Dec 2035 00:00:00 GMT

GET
H2 200 copy.png
secure-ds.serving-sys.com/resources/PROD/html5/119359/20220323/1076467707/69656689895315216/ Frame B65D 1 KB
1 KB 297ms
296ms Image
image/png 2.16.202.8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-ds.serving-sys.com/resources/PROD/html5/119359/20220323/1076467707/69656689895315216/copy.png
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.202.8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-202-8.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 3c2b4bd6147e77fc433bf6b66fed2eeff9a78d0ba0f3e08cd9ebbf2b17be51dd

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://secure-ds.serving-sys.com/resources/PROD/html5/119359/20220323/1076467707/69656689895315216/728x90.html?v=_2_156_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: x_7flXdh4WdNRN5Af_nLr0qD.Bnze5Cp
date: Mon, 07 Nov 2022 00:55:25 GMT
last-modified: Wed, 23 Mar 2022 08:56:32 GMT
server: AmazonS3
x-amz-cf-pop: EWR52-C1
etag: "9176a6ea5f76d22f1bc82028f7c575f6"
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 1090
x-amz-cf-id: WCbWQ8C7rpdgJwam4GO9jmzI4j-Vnp4rVYfT1uS5MyvdmP1CRlvJ2w==
expires: Mon, 31 Dec 2035 00:00:00 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 109ms
36ms Preflight
application/json 2a02:2638:1::13

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fbuhgalter.com.ua%2F&domain=buhgalter.com.ua&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://buhgalter.com.ua
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://buhgalter.com.ua
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Mon, 07 Nov 2022 00:55:25 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 407748
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET

sid
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fbuhgalter.com.ua%2F&domain=buhgalter.com.ua&cw=1&pbt=1&lsw=1
https://mug.criteo.com/sid?cpp=TGj6tHxhVzV3dmpWeUdPNGZCR3FlMVJTQ2U2N24vMUUycWI3NHBrNDdsZHRUSUhKb1dNNURkdFFvMHFkZ3lCYmIyWDFuYks5bFB5WEhtSzl0aUswZm9UcG54ZnU2d0NJOHE4ejNiQWZYVnVGS0NGdUUvVFNFakNJMStNRH...

0
0

POST
H/1.1 200 692.json Show response
id5-sync.com/g/v2/ 216 B
626 B 264ms
42ms XHR
application/json 162.19.138.82

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/692.json

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19303/hb_299506_4371.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.82 -, , ASN (),

Reverse DNS

Software

Resource Hash

cbaca2aafa611676af67c5d10f94ea9c2df49dafce60c1509a902a11e379161f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://buhgalter.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://buhgalter.com.ua
date: Mon, 07 Nov 2022 00:55:25 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H2 204 /
csync.loopme.me/ Frame 80D8 0
0 40ms
38ms Document
text/plain 35.214.236.176
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D%26pubid%3D11378
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19303/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.214.236.176 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS: 176.236.214.35.bc.googleusercontent.com
Software: _ /
Resource Hash

Request headers

Referer: https://buhgalter.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

date: Mon, 07 Nov 2022 00:55:25 GMT
server: _

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame ED6D 281 B
554 B 256ms
41ms Document
text/html 23.79.143.124

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?gdpr=0
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19303/hb_299506_4371.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.143.124 -, , ASN (),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://buhgalter.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 07 Nov 2022 00:55:25 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 cs.html Show response
cs.seedtag.com/ Frame F14D 50 KB
16 KB 100ms
42ms Document
text/html 104.18.133.145

General

Check archive.org

Show headers Download Go to

Full URL: https://cs.seedtag.com/cs.html?pt=9741-9206-01&pc=PL&cmp=true
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19303/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.133.145 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 62533bce9accb17502e412cdef6558ac7375e50e1b6fc089f56606c0b6484a0d

Request headers

Referer: https://buhgalter.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 424
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=86400
cf-cache-status: HIT
cf-ray: 76621a6f0e9ed21c-MAN
content-encoding: br
content-type: text/html
date: Mon, 07 Nov 2022 00:55:25 GMT
etag: W/"13ca649e3208fe62aac60882d95c54f3"
expires: Tue, 08 Nov 2022 00:55:25 GMT
last-modified: Thu, 20 Oct 2022 13:01:08 GMT
server: cloudflare
vary: Accept-Encoding
x-goog-generation: 1666270868306825
x-goog-hash: crc32c=KeZweA== md5=E8pknjII/mKqxgiC2VxU8w==
x-goog-metageneration: 2
x-goog-storage-class: REGIONAL
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 15213
x-guploader-uploadid: ADPycdtllcXkb8VY9MnmkiaTrf7j9clphpDlTh8mg6ESmcdlrjaxi7I_K3iacHu7JbneAWxs_Bhx9GvMQ9fd3ANOfJTwTg

GET
H2 200 / Show response
spl.zeotap.com/ Frame 6750 8 KB
2 KB 117ms
46ms Document
text/html 2606:4700:10::ac43:db6

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19303/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 65f7e6a5580a5777aa477f26640eecfe4ed9371d173ff7d1281c9cea1ae6cb31

Request headers

Referer: https://buhgalter.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://buhgalter.com.ua
cf-cache-status: DYNAMIC
cf-ray: 76621a6f2eb90091-LHR
content-encoding: br
content-type: text/html
date: Mon, 07 Nov 2022 00:55:25 GMT
server: cloudflare
vary: Origin
via: 1.1 google

GET
H2 200 ixmatch.html Show response
js-sec.indexww.com/um/ Frame 6601 3 KB
2 KB 91ms
29ms Document
text/html 104.18.13.76

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19303/hb_299506_4371.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.13.76 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://buhgalter.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 94
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 76621a6f196d3607-MAN
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 07 Nov 2022 00:55:25 GMT
expires: Mon, 07 Nov 2022 04:55:25 GMT
last-modified: Mon, 25 Jul 2022 19:18:30 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame C24B 52 KB
17 KB 256ms
45ms Document
text/html 23.35.236.188

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19303/hb_299506_4371.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.188 -, , ASN (),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://buhgalter.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Mon, 07 Nov 2022 00:55:25 GMT
ETag: "623de86a-cf34"
Expires: Tue, 08 Nov 2022 00:55:27 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Unused62: 8096267
Vary: Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 28CB 15 KB
6 KB 280ms
70ms Document
text/html 88.221.168.201

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19303/hb_299506_4371.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.221.168.201 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://buhgalter.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=23785
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Mon, 07 Nov 2022 00:55:25 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Mon, 07 Nov 2022 07:31:50 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET

sync
x.bidswitch.net/
Redirect Chain

https://x.bidswitch.net/sync?ssp=themediagrid&gdpr=0
https://x.bidswitch.net/ul_cb/sync?ssp=themediagrid&gdpr=0
https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=0&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dthem...
https://x.bidswitch.net/sync?dsp_id=354&user_id=85ddaa7e36e745a4b1fb1122859e8875&ssp=themediagrid&bsw_param=4a0366a6-15f9-4555-824f-d04542524811&gdpr=0&consent=&gdpr_pd=&expires=7

0
0

OPTIONS sid
mug.criteo.com/ Frame 0
0

GET
H/1.1 400
Request failed due to privacy signals getuid
ib.adnxs.com/ Frame 6750 0
0 36ms
35ms Image
text/html 185.89.210.46
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6da86a98-0371-4a87-6296-10316e5e1c79&reqId=a5a4bd7a-3448-4020-4726-c876b70c59ce&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 6750 170 B
188 B 54ms
53ms Image
image/png 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6da86a98-0371-4a87-6296-10316e5e1c79&reqId=a5a4bd7a-3448-4020-4726-c876b70c59ce&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 00:55:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 6750
Redirect Chain

https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
https://mwzeom.zeotap.com/mw?cid=9a222cc1-fa9b-4b70-b97e-244f454e9f41&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6da86a98-0371-4a87-6296-10316e5e1c79&reqId=a5a4bd7a-3448-4020...

95 B
152 B

55ms
54ms

Image
image/png

2606:4700:10::ac43:db6

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=9a222cc1-fa9b-4b70-b97e-244f454e9f41&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6da86a98-0371-4a87-6296-10316e5e1c79&reqId=a5a4bd7a-3448-4020-4726-c876b70c59ce&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::ac43:db6 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 00:55:25 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 76621a71684c0091-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

date: Mon, 07 Nov 2022 00:55:25 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://mwzeom.zeotap.com/mw?cid=9a222cc1-fa9b-4b70-b97e-244f454e9f41&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6da86a98-0371-4a87-6296-10316e5e1c79&reqId=a5a4bd7a-3448-4020-4726-c876b70c59ce&zdid=1361
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 403 /
dmp.adform.net/serving/cookie/match/ Frame 6750 0
331 B 206ms
48ms Image
text/plain 37.157.6.247

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6da86a98-0371-4a87-6296-10316e5e1c79&reqId=a5a4bd7a-3448-4020-4726-c876b70c59ce&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.247 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 00:55:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 6750 70 B
264 B 150ms
41ms Image
image/gif 35.71.131.137

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D6da86a98-0371-4a87-6296-10316e5e1c79%26reqId%3Da5a4bd7a-3448-4020-4726-c876b70c59ce%26zdid%3D1361&gdpr=0&gdpr_consent=
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 07 Nov 2022 00:55:25 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 cm
trc.taboola.com/sg/zeotap/1/ Frame 6750 0
161 B 111ms
36ms Image
text/plain 2a04:4e42:400::300

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6da86a98-0371-4a87-6296-10316e5e1c79&reqId=a5a4bd7a-3448-4020-4726-c876b70c59ce&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::300 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-vcl-time-ms: 8
date: Mon, 07 Nov 2022 00:55:25 GMT
via: 1.1 varnish
x-cache-hits: 0
server: nginx
x-timer: S1667782526.546916,VS0,VE8
x-cache: MISS
accept-ranges: bytes
content-length: 0
x-served-by: cache-lcy19226-LCY

GET u
dmp.v.fwmrm.net/ad/ Frame 6750 0
0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 6750
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap...
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&cid=144B8434-3FC8-4550-920F-6FACB83B3751&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6da86a98-0371-4a87-6296-10316e5e1c79&reqId=a5a4bd...

95 B
180 B

54ms
45ms

Image
image/png

2606:4700:10::ac43:db6

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&cid=144B8434-3FC8-4550-920F-6FACB83B3751&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6da86a98-0371-4a87-6296-10316e5e1c79&reqId=a5a4bd7a-3448-4020-4726-c876b70c59ce&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::ac43:db6 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 00:55:25 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 76621a708fb80091-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

location: https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&cid=144B8434-3FC8-4550-920F-6FACB83B3751&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6da86a98-0371-4a87-6296-10316e5e1c79&reqId=a5a4bd7a-3448-4020-4726-c876b70c59ce&zdid=1361
date: Mon, 07 Nov 2022 00:55:24 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET

genericusersync.ashx
sync.tidaltv.com/ Frame 6750
Redirect Chain

https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6da86a98-0371-4a87-6296-10316e5e1c79&reqId=a5a4bd7a-3448-4020-4726-c876b70c59ce&zdid=1361
https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6da86a98-0371-4a87-6296-10316e5e1c79&reqId=a5a4bd7a-3448-4020-4726-c876b70c59ce&zdid=136...

0
0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 6750
Redirect Chain

https://dpm.demdex.net/ibs:dpid=199624&dpuuid=6da86a98-0371-4a87-6296-10316e5e1c79&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=6da86a98-0371-4a87-6296-10316e5e1c79&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
https://mwzeom.zeotap.com/mw?cid=49986690031227565273538504277502134209&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6da86a98-0371-4a87-6296-10316e5e1c79&reqId=a5a4bd7a-3448-...

95 B
152 B

46ms
44ms

Image
image/png

2606:4700:10::ac43:db6

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=49986690031227565273538504277502134209&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6da86a98-0371-4a87-6296-10316e5e1c79&reqId=a5a4bd7a-3448-4020-4726-c876b70c59ce&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::ac43:db6 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 00:55:25 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 76621a71b8790091-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

DCS: dcs-prod-irl1-1-v045-06d6ad95b.edge-irl1.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: Mc/4IASwQjk=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://mwzeom.zeotap.com/mw?cid=49986690031227565273538504277502134209&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6da86a98-0371-4a87-6296-10316e5e1c79&reqId=a5a4bd7a-3448-4020-4726-c876b70c59ce&zdid=1361
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 204 /
loadeu.exelator.com/load/ Frame 6750 0
324 B 202ms
41ms Image
text/plain 54.78.254.47

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6da86a98-0371-4a87-6296-10316e5e1c79&reqId=a5a4bd7a-3448-4020-4726-c876b70c59ce&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.78.254.47 -, , ASN (),
Reverse DNS
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 00:55:25 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 6750
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
https://mwzeom.zeotap.com/mw?cid=7163071401727162523&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6da86a98-0371-4a87-6296-10316e5e1c79&reqId=a5a4bd7a-3448-4020-4726-...

95 B
152 B

59ms
57ms

Image
image/png

2606:4700:10::ac43:db6

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=7163071401727162523&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6da86a98-0371-4a87-6296-10316e5e1c79&reqId=a5a4bd7a-3448-4020-4726-c876b70c59ce&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::ac43:db6 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 00:55:25 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 76621a7108010091-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

Location: https://mwzeom.zeotap.com/mw?cid=7163071401727162523&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6da86a98-0371-4a87-6296-10316e5e1c79&reqId=a5a4bd7a-3448-4020-4726-c876b70c59ce&zdid=1361
Date: Mon, 07 Nov 2022 00:55:25 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

check
pixel.tapad.com/idsync/ex/receive/ Frame 6750
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=6da86a98-0371-4a87-6296-10316e5e1c79
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=6da86a98-0371-4a87-6296-10316e5e1c79

95 B
122 B

70ms
39ms

Image
image/png

35.227.248.159

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=6da86a98-0371-4a87-6296-10316e5e1c79

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

35.227.248.159 -, , ASN (),

Reverse DNS

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 00:55:25 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type: image/png
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

Redirect headers

date: Mon, 07 Nov 2022 00:55:25 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=6da86a98-0371-4a87-6296-10316e5e1c79
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET

mw
mwzeom.zeotap.com/ Frame 6750
Redirect Chain

https://idsync.frontend.weborama.fr/ids?key=zeotap&value=6da86a98-0371-4a87-6296-10316e5e1c79&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
https://idsync.frontend.weborama.fr/ids?key=zeotap&value=6da86a98-0371-4a87-6296-10316e5e1c79&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
https://mwzeom.zeotap.com/mw?webouuid=zaNRJzJjqnWL7UROjYfqse&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6da86a98-0371-4a87-6296-10316e5e1c79&reqId=a5a4bd7a-3448-40...

0
0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 6750
Redirect Chain

https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D[sas_uid]%26zpartnerid%3D592%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%...
https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https://mwzeom.zeotap.com/mw?cid=[sas_uid]&zpartnerid=592&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6da86a98-0371-4a87-6296...
https://mwzeom.zeotap.com/mw?cid=

95 B
152 B

46ms
44ms

Image
image/png

2606:4700:10::ac43:db6

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::ac43:db6 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 00:55:25 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 76621a71e88a0091-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

location: https://mwzeom.zeotap.com/mw?cid=
pragma: no-cache
date: Mon, 07 Nov 2022 00:55:25 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2 404 tpid=6da86a98-0371-4a87-6296-10316e5e1c79
bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/ Frame 6750 49 B
266 B 132ms
40ms Image
image/gif 3.248.126.7

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=6da86a98-0371-4a87-6296-10316e5e1c79?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6da86a98-0371-4a87-6296-10316e5e1c79&reqId=a5a4bd7a-3448-4020-4726-c876b70c59ce&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.248.126.7 -, , ASN (),
Reverse DNS
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 00:55:25 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.20.216
content-length: 49
expires: 0

GET cms
cms.analytics.yahoo.com/ Frame 6750 0
0

GET g.pixel
aa.agkn.com/adscores/ Frame 6750 0
0

GET
H3 200 v2
odr.mookie1.com/t/ Frame 6750 43 B
61 B 44ms
41ms Image
image/gif 34.98.67.61
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=6da86a98-0371-4a87-6296-10316e5e1c79&gdpr=0&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6da86a98-0371-4a87-6296-10316e5e1c79&reqId=a5a4bd7a-3448-4020-4726-c876b70c59ce&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 00:55:25 GMT
via: 1.1 google
server: Apache
content-type: image/gif;charset=UTF-8
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET usermatch.gif
beacon.krxd.net/ Frame 6750 0
0

GET
H2 200 /
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame 6750 95 B
360 B 48ms
47ms Image
image/png 168.119.79.223

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=6da86a98-0371-4a87-6296-10316e5e1c79&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6da86a98-0371-4a87-6296-10316e5e1c79&reqId=a5a4bd7a-3448-4020-4726-c876b70c59ce&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 168.119.79.223 -, , ASN (),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/png
date: Mon, 07 Nov 2022 00:55:25 GMT
server: nginx/1.14.2
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET cQZGoH6Q
sync-tm.everesttech.net/upi/pid/ Frame 6750 0
0

GET v1
engine.widespace.com/map/ext/api/trackingcallback/ Frame 6750 0
0

GET v2
usermatch.krxd.net/um/ Frame 6750 0
0

GET dcm
aax-eu.amazon-adsystem.com/s/ Frame 6750 0
0

GET 87734
tags.bluekai.com/site/ Frame 6750 0
0

GET zeo
obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/ Frame 6750 0
0

GET token
pixel.rubiconproject.com/ Frame 6750 0
0

GET syncd
x.bidswitch.net/ Frame 6750 0
0

GET
H3 200 usermatch Show response
ssum-sec.casalemedia.com/ Frame EF76 1 KB
1 KB 131ms
81ms Document
text/html 104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fbuhgalter.com.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d58e8b7666b75f5556fe47b27c5693ce54d432e3c493ab4a4ab58e10449587b1

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 76621a707c49dc97-LHR
content-encoding: br
content-type: text/html
date: Mon, 07 Nov 2022 00:55:25 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d9Xmz6vnHyaZCxWrrapwGr83H4b%2BlSUwiAuFn4Ke1d8pfEjNU%2BL%2BX9uC0JNy9ry0aY0j7jk9RZFjl1Td2pMuPNBVujtTT1VseFJyV20aznKW%2FN06oj3Ml0ePi%2BWJmzLBcGmIPq4BXnMEBw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 copy1.png
secure-ds.serving-sys.com/resources/PROD/html5/119359/20220323/1076467707/69656689895315216/ Frame B65D 2 KB
2 KB 126ms
125ms Image
image/png 2.16.202.8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-ds.serving-sys.com/resources/PROD/html5/119359/20220323/1076467707/69656689895315216/copy1.png
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.202.8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-202-8.deploy.static.akamaitechnologies.com
Software: ATS/7.1.0 /
Resource Hash: a50ee0d7059bba0a551a747f51496dd950307b63b635a2350166414f015536e7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://secure-ds.serving-sys.com/resources/PROD/html5/119359/20220323/1076467707/69656689895315216/728x90.html?v=_2_156_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: W8AX6mCXa.Vt_kQw5egTPJWmA550u8AH
date: Mon, 07 Nov 2022 00:55:25 GMT
last-modified: Wed, 23 Mar 2022 08:56:32 GMT
server: ATS/7.1.0
x-amz-request-id: HF4Q4GR8TCW3WQX4
etag: "e7c84122321088991cae4f8b50475342"
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 2187
x-amz-id-2: a9DX3NZNUsDISVsVcKGFZXkxv6f2bP//XSgZUrPawtBg3RYvcdILvh7vQ7ic0clo6fggaSo1Y3Q=
expires: Mon, 31 Dec 2035 00:00:00 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame A11D
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=seedtag&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu

281 B
554 B

40ms
40ms

Document
text/html

23.79.143.124

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu
Requested by: Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9741-9206-01&pc=PL&cmp=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.143.124 -, , ASN (),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://cs.seedtag.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 07 Nov 2022 00:55:25 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Mon, 07 Nov 2022 00:55:25 GMT
location: https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu
server: AkamaiGHost

GET
H/1.1 200
OK CookieSync.html Show response
csync.smartadserver.com/rtb/csync/ Frame CC4B 435 B
744 B 160ms
39ms Document
text/html 2a02:26f0:3500:e::1732:835c

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smartadserver.com/rtb/csync/CookieSync.html?nwid=3050&dcid=3
Requested by: Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9741-9206-01&pc=PL&cmp=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:e::1732:835c -, , ASN (),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 4a842d3295b35d0fdbaed094d22f5926f2bcaa2d892ec7ea9a9a89c1f84b33bf

Request headers

Referer: https://cs.seedtag.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=3600
Connection: keep-alive
Content-Length: 435
Content-Type: text/html
Date: Mon, 07 Nov 2022 00:55:25 GMT
ETag: "4b81e967df07d41c24270ccf669f7336:1645524912.090457"
Last-Modified: Tue, 22 Feb 2022 09:59:55 GMT
Server: AkamaiNetStorage

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame E708 15 KB
6 KB 65ms
64ms Document
text/html 88.221.168.201

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Requested by: Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9741-9206-01&pc=PL&cmp=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.221.168.201 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://cs.seedtag.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=23785
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Mon, 07 Nov 2022 00:55:25 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Mon, 07 Nov 2022 07:31:50 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 / Show response
sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/ Frame CF87 61 B
239 B 155ms
47ms Document
text/html 168.119.79.223

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1667782525472&pubconsent=&euconsent=&hasConsent=1
Requested by: Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9741-9206-01&pc=PL&cmp=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 168.119.79.223 -, , ASN (),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 0391042e0e111437f4a2dec7560098dbcc04b68df753281b207b3c956430c89c

Request headers

Referer: https://cs.seedtag.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 07 Nov 2022 00:55:25 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server: nginx/1.14.2
vary: Accept-Encoding

GET /
ssc-cms.33across.com/ps/ Frame CAD0 0
0

GET
H2 200 isync Show response
visitor.omnitagjs.com/visitor/ Frame 9B3B 0
178 B 140ms
35ms Document
text/html 185.255.84.152

General

Check archive.org

Show headers Download Go to

Full URL

https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=

Requested by

Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9741-9206-01&pc=PL&cmp=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.152 -, , ASN (),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://cs.seedtag.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 07 Nov 2022 00:55:25 GMT
expires: 0
pragma: no-cache
server: ayl-lb-fra02
vary: Accept-Encoding
x-content-type-options: nosniff
x-envoy-upstream-service-time: 0

GET
H2 204 /
onetag-sys.com/usync/ Frame C9F7 0
0 143ms
41ms Document
text/plain 51.89.9.251

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=75601b04186d260

Requested by

Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9741-9206-01&pc=PL&cmp=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 -, , ASN (),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://cs.seedtag.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 204 v1
match.sharethrough.com/universal/ Frame BF6A 0
0 173ms
40ms Document
text/plain 3.65.142.183

General

Check archive.org

Show headers Download Go to

Full URL: https://match.sharethrough.com/universal/v1?supply_id=2TwkgUpM&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9741-9206-01&pc=PL&cmp=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.65.142.183 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://cs.seedtag.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

date: Mon, 07 Nov 2022 00:55:25 GMT

GET
H3 204 s
s.seedtag.com/cs/st/ Frame F14D 0
14 B 100ms
39ms Image
text/plain 34.149.50.64
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.seedtag.com/cs/st/s
Requested by: Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9741-9206-01&pc=PL&cmp=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 64.50.149.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cs.seedtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 00:55:25 GMT
via: 1.1 google
access-control-allow-credentials: true
server: nginx
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD

GET
H3

204

appnexus
s.seedtag.com/cs/cookiesync/ Frame F14D
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fappnexus%3Fchanneluid%3D%24UID
https://s.seedtag.com/cs/cookiesync/appnexus?channeluid=545822583133375418

0
15 B

47ms
47ms

Image
text/plain

34.149.50.64
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.seedtag.com/cs/cookiesync/appnexus?channeluid=545822583133375418
Requested by: Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9741-9206-01&pc=PL&cmp=true
Protocol: H3
Server: 34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 64.50.149.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cs.seedtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 00:55:25 GMT
via: 1.1 google
access-control-allow-credentials: true
server: nginx
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

Pragma: no-cache
Date: Mon, 07 Nov 2022 00:55:25 GMT
AN-X-Request-Uuid: 6e4ee1b6-650d-44c4-881e-0b34cbc05739
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://s.seedtag.com/cs/cookiesync/appnexus?channeluid=545822583133375418
Connection: keep-alive
X-Proxy-Origin: 217.138.196.106; 217.138.196.106; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

getuid
sync.smartadserver.com/ Frame F14D
Redirect Chain

https://sync.smartadserver.com/getuid?gdpr_consent=&us_privacy=&nwid=3050&url=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fsmart%3Fchanneluid%3D%5Bsas_uid%5D
https://sync.smartadserver.com/getuid?gdpr_consent=&us_privacy=&nwid=3050&url=https://s.seedtag.com/cs/cookiesync/smart?channeluid=[sas_uid]&cklb=1

0
75 B

67ms
37ms

Image
text/plain

185.86.137.132

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.smartadserver.com/getuid?gdpr_consent=&us_privacy=&nwid=3050&url=https://s.seedtag.com/cs/cookiesync/smart?channeluid=[sas_uid]&cklb=1
Requested by: Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9741-9206-01&pc=PL&cmp=true
Protocol: HTTP/1.1
Server: 185.86.137.132 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cs.seedtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 00:55:25 GMT
content-length: 0

Redirect headers

location: https://sync.smartadserver.com:443/getuid?gdpr_consent=&us_privacy=&nwid=3050&url=https://s.seedtag.com/cs/cookiesync/smart?channeluid=[sas_uid]&cklb=1
pragma: no-cache
date: Mon, 07 Nov 2022 00:55:24 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET seedtag
b1sync.zemanta.com/usersync/ Frame F14D 0
0

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame F14D 70 B
265 B 125ms
41ms Image
image/gif 35.71.131.137

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=5jrh0rv&ttd_tpi=1&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9741-9206-01&pc=PL&cmp=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cs.seedtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 07 Nov 2022 00:55:25 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET

sync
pool.admedo.com/ Frame F14D
Redirect Chain

https://x.bidswitch.net/sync?ssp=seedtag&user_id=&gdpr=0&gdpr_consent=&us_privacy=
https://x.bidswitch.net/ul_cb/sync?ssp=seedtag&user_id=&gdpr=0&gdpr_consent=&us_privacy=
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=seedtag&bsw_custom_parameter=b981e0ec-6af9-4915-87f7-1d5bcf69c02b

0
0

GET

spotx
s.seedtag.com/cs/cookiesync/ Frame F14D
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=8651&redir=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fspotx%3Fchanneluid%3D%24SPOTX_USER_ID
https://sync.search.spotxchange.com/partner?adv_id=8651&redir=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fspotx%3Fchanneluid%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=dd9439d4-5e36-11ed-8cea-...
https://s.seedtag.com/cs/cookiesync/spotx?channeluid=dd94397f-5e36-11ed-8cea-1bbe6fc50406

0
0

GET
H2

200

/
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame F14D
Redirect Chain

https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Frichaudience%3Fchanneluid%3D%5BPDID%5D
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcs.seedtag.com%2F

95 B
222 B

46ms
46ms

Image
image/png

168.119.79.223

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcs.seedtag.com%2F
Requested by: Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9741-9206-01&pc=PL&cmp=true
Protocol: H2
Server: 168.119.79.223 -, , ASN (),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cs.seedtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/png
date: Mon, 07 Nov 2022 00:55:25 GMT
server: nginx/1.14.2
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

location: https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcs.seedtag.com%2F
date: Mon, 07 Nov 2022 00:55:25 GMT
server: nginx/1.14.2
content-type: text/html; charset=UTF-8

GET

pixel
cm.g.doubleclick.net/ Frame F14D
Redirect Chain

https://sync.search.spotxchange.com/partner?source=249286
https://sync.search.spotxchange.com/partner?source=249286&__user_check__=1&sync_id=dd945627-5e36-11ed-bb08-1c5660560106
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_sc&gdpr=0&gdpr_consent=%24%7BGDPR_CONSENT_229%7D

0
0

GET
H3

204

improvedigital
s.seedtag.com/cs/cookiesync/ Frame F14D
Redirect Chain

https://ad.360yield.com/server_match?partner_id=1680&r=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fimprovedigital%3Fchanneluid%3D%7BPUB_USER_ID%7D
https://ad.360yield.com/ul_cb/server_match?partner_id=1680&r=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fimprovedigital%3Fchanneluid%3D%7BPUB_USER_ID%7D
https://s.seedtag.com/cs/cookiesync/improvedigital?channeluid=94317cc9-1bbd-4164-b415-1375a0a7ca5e

0
15 B

37ms
37ms

Image
text/plain

34.149.50.64
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.seedtag.com/cs/cookiesync/improvedigital?channeluid=94317cc9-1bbd-4164-b415-1375a0a7ca5e
Requested by: Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9741-9206-01&pc=PL&cmp=true
Protocol: H3
Server: 34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 64.50.149.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cs.seedtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 00:55:25 GMT
via: 1.1 google
access-control-allow-credentials: true
server: nginx
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

location: https://s.seedtag.com/cs/cookiesync/improvedigital?channeluid=94317cc9-1bbd-4164-b415-1375a0a7ca5e
access-control-allow-origin: *
date: Mon, 07 Nov 2022 00:55:25 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H3

204

indexexchange
s.seedtag.com/cs/cookiesync/ Frame F14D
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=191730&cb=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Findexexchange%3Fchanneluid%3D
https://s.seedtag.com/cs/cookiesync/indexexchange?channeluid=Y2hXe2RZyFwZ9VomfUGXEgAA%263319

0
15 B

37ms
36ms

Image
text/plain

34.149.50.64
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.seedtag.com/cs/cookiesync/indexexchange?channeluid=Y2hXe2RZyFwZ9VomfUGXEgAA%263319
Requested by: Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9741-9206-01&pc=PL&cmp=true
Protocol: H3
Server: 34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 64.50.149.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cs.seedtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 00:55:25 GMT
via: 1.1 google
access-control-allow-credentials: true
server: nginx
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

pragma: no-cache
date: Mon, 07 Nov 2022 00:55:25 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QF5Jxf9hRxNx1wCeysMW24Xj%2FN9%2BG7dvPo1GIcUQHo7r3WSXO9UY7GHjNkmh37rCsA1dJqDaibzy255c%2Ba6rHtO5c7uP1zcoWQrVJYwGnKQ5P%2FdyMvP7EGnqSUPUsHQTLh5kS9nUdzrdMA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://s.seedtag.com/cs/cookiesync/indexexchange?channeluid=Y2hXe2RZyFwZ9VomfUGXEgAA%263319
cache-control: no-cache
cf-ray: 76621a707c46dc97-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

204

verizon
s.seedtag.com/cs/cookiesync/ Frame F14D
Redirect Chain

https://ups.analytics.yahoo.com/ups/58427/occ
https://ups.analytics.yahoo.com/ups/58427/occ?verify=true
https://s.seedtag.com/cs/cookiesync/verizon?channeluid=y-Hd24vn5E2uHOuElXsMB.CUXCgPrU5qosyFoXopY-~A

0
15 B

40ms
38ms

Image
text/plain

34.149.50.64
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.seedtag.com/cs/cookiesync/verizon?channeluid=y-Hd24vn5E2uHOuElXsMB.CUXCgPrU5qosyFoXopY-~A
Requested by: Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9741-9206-01&pc=PL&cmp=true
Protocol: H3
Server: 34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 64.50.149.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cs.seedtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 00:55:25 GMT
via: 1.1 google
access-control-allow-credentials: true
server: nginx
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

location: https://s.seedtag.com/cs/cookiesync/verizon?channeluid=y-Hd24vn5E2uHOuElXsMB.CUXCgPrU5qosyFoXopY-~A
date: Mon, 07 Nov 2022 00:55:25 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 cookie
cm.adform.net/ Frame F14D 43 B
106 B 171ms
49ms Image
image/gif 37.157.4.28

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fadform%3Fchanneluid%3D%24UID
Requested by: Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9741-9206-01&pc=PL&cmp=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.4.28 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cs.seedtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 00:55:25 GMT
server: nginx
content-length: 43
content-type: image/gif

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame F14D 0
277 B 43ms
41ms Image
text/plain 72.251.249.9
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fsovrn%3Fchanneluid%3D%24UID
Requested by: Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9741-9206-01&pc=PL&cmp=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.9 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cs.seedtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 07 Nov 2022 00:55:25 GMT
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame ED6D 33 KB
10 KB 41ms
41ms Script
text/html 23.79.143.124

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.143.124 -, , ASN (),
Reverse DNS
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 7b05dc79113456e63176177d2878daf6a1de8f1fd73a70e6362c11e4ae13dbd1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?gdpr=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 07 Nov 2022 00:55:25 GMT
Content-Encoding: gzip
Last-Modified: Sun, 06 Nov 2022 12:59:45 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=43446
Connection: keep-alive
Content-Length: 9885
Expires: Mon, 07 Nov 2022 12:59:31 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame C24B 0
746 B 35ms
35ms Script
text/html 185.89.210.46
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 07 Nov 2022 00:55:25 GMT
AN-X-Request-Uuid: 54054f95-874b-43cf-b126-e00eb582a240
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.138.196.106; 217.138.196.106; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 28CB 5 KB
6 KB 29ms
28ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=13380755&p=156813&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: f92dda6218c0a8ceaa30f15633b7b3487f85d15ad7c3e027178a044539e7c9c2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Mon, 07 Nov 2022 00:55:25 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

match Show response
c1.adform.net/serving/cookie/ Frame 6A03
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&cid=144B8434-3FC8-4550-920F-6FACB83B3751&gdpr=0&gdpr_consent=
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=144B8434-3FC8-4550-920F-6FACB83B3751&gdpr=0&gdpr_consent=

35 B
466 B

49ms
49ms

Document
image/gif

37.157.6.245

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=144B8434-3FC8-4550-920F-6FACB83B3751&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.245 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
date: Mon, 07 Nov 2022 00:55:25 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 0
date: Mon, 07 Nov 2022 00:55:25 GMT
expires: -1
location: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=144B8434-3FC8-4550-920F-6FACB83B3751&gdpr=0&gdpr_consent=
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET

Pug
image2.pubmatic.com/AdServer/ Frame 0BA3
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7185896234098286157

0
0

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 0DE1
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:82846368-577d-4100-b174-c8d18d5a97ce&gdpr=0&gdpr_consent=

42 B
555 B

75ms
34ms

Document
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:82846368-577d-4100-b174-c8d18d5a97ce&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Mon, 07 Nov 2022 00:55:23 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Content-Type: image/gif
Date: Mon, 07 Nov 2022 00:55:25 GMT
Expires: Mon, 07 Nov 2022 00:55:24 GMT
Keep-Alive: timeout=360
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 4629 97bee97 master cdg-pixel-x29 config:1.0.0
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:82846368-577d-4100-b174-c8d18d5a97ce&gdpr=0&gdpr_consent=

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame 8550 43 B
363 B 118ms
36ms Document
image/gif 178.250.0.163

General

Check archive.org

Show headers Download Go to

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.163 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-cache
content-type: image/gif
cross-origin-resource-policy: cross-origin
date: Mon, 07 Nov 2022 00:55:25 GMT
expires: Mon, 07 Nov 2022 00:00:00 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 644561
strict-transport-security: max-age=31536000; preload;
x-errorlevel: 0

GET

dcm
aax-eu.amazon-adsystem.com/s/ Frame 65CF
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=144B8434-3FC8-4550-920F-6FACB83B3751&redir=true&gdpr=0&gdpr_consent=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=144B8434-3FC8-4550-920F-6FACB83B3751&redir=true&gdpr=0&gdpr_consent=&dcc=t

0
0

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 2681
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=545822583133375418&gdpr=0&gdpr_consent=

42 B
217 B

112ms
36ms

Document
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=545822583133375418&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Mon, 07 Nov 2022 00:55:24 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

AN-X-Request-Uuid: e27de0fe-a0b6-4959-afb0-ac6894383764
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=utf-8
Date: Mon, 07 Nov 2022 00:55:25 GMT
Expires: Sat, 15 Nov 2008 16:00:00 GMT
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=545822583133375418&gdpr=0&gdpr_consent=
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma: no-cache
Server: nginx/1.21.3
X-Proxy-Origin: 217.138.196.106; 217.138.196.106; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame BC7F
Redirect Chain

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=mBIaYJsWGzqDGR89mEcBOZYUSWiDEh9rn0ChYKJT

42 B
342 B

109ms
35ms

Document
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=mBIaYJsWGzqDGR89mEcBOZYUSWiDEh9rn0ChYKJT
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Mon, 07 Nov 2022 00:55:24 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
date: Mon, 07 Nov 2022 00:55:25 GMT
expires: Fri, 04 Aug 1978 12:00:00 GMT
location: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=mBIaYJsWGzqDGR89mEcBOZYUSWiDEh9rn0ChYKJT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
strict-transport-security: max-age=86400

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 1DC9
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7163071401727752347&gdpr=0&gdpr_consent=

42 B
297 B

117ms
37ms

Document
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7163071401727752347&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Mon, 07 Nov 2022 00:55:24 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Date: Mon, 07 Nov 2022 00:55:25 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7163071401727752347&gdpr=0&gdpr_consent=
Server: nginx
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET

pixel
cm.g.doubleclick.net/ Frame 1AF0
Redirect Chain

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCdkNVN0cwSzhBQUNGU0J0V0U5QQ&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...

0
0

GET sync
sync.srv.stackadapt.com/ Frame 304D 0
0

GET

b9pj45k4
sync-tm.everesttech.net/ct/upi/pid/ Frame 2E64
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...

0
0

GET
H2 204 /
csync.loopme.me/ Frame A2E8 0
0 40ms
40ms Document
text/plain 35.214.236.176
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.214.236.176 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS: 176.236.214.35.bc.googleusercontent.com
Software: _ /
Resource Hash

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

date: Mon, 07 Nov 2022 00:55:25 GMT
server: _

GET i.match
a.tribalfusion.com/ Frame 50C7 0
0

GET pub
matching.truffle.bid/sync/ Frame 9FD0 0
0

GET cookiesync
core.iprom.net/ Frame 884F 0
0

GET

/
pixel-eu.onaudience.com/ Frame 18F0
Redirect Chain

https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...

0
0

GET
H2 200 bridge Show response
cm.adgrx.com/ Frame 976A 43 B
283 B 192ms
39ms Document
image/gif 72.251.245.179

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.251.245.179 -, , ASN (),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, proxy-revalidate
content-length: 43
content-type: image/gif
date: Mon, 07 Nov 2022 00:55:25 GMT
expires: Thu, 23 Sep 2004 17:42:04 GMT
p3p: CP="NOI OTC OTP OUR NOR"
pragma: no-cache
server: Cowboy
x-realserver-nx: ams-delivery-7

GET
H2

200

generic Show response
match.adsrvr.org/track/cmf/ Frame 8338
Redirect Chain

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1667782525671
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6709912834

70 B
264 B

41ms
41ms

Document
image/gif

35.71.131.137

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6709912834
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-length: 70
content-type: image/gif
date: Mon, 07 Nov 2022 00:55:25 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

Redirect headers

cache-control: no-store, no-cache, must-revalidate
content-type: text/html
date: Mon, 07 Nov 2022 00:55:25 GMT
etag: RX383e2130a81d4a85b02e61e85a669071003
expires: 0
location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6709912834
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma: no-cache

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 28CB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=FEuEND_IRVCSD2-suDs3UQ%3D%3D&gdpr=0&gdpr_consent=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

15 KB
15 KB

46ms
45ms

Image
text/html

88.221.168.201

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Server: 88.221.168.201 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 00:55:25 GMT
content-encoding: gzip
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
server: Apache
etag: "1300708-3de4-5d6ef246ef4cf"
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=23785
accept-ranges: bytes
content-length: 5549
expires: Mon, 07 Nov 2022 07:31:50 GMT

Redirect headers

pragma: no-cache
date: Mon, 07 Nov 2022 00:55:25 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 28CB
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=f1ad6368-577d-4e00-b7d6-8996b05e4ffb

0
260 B

97ms
29ms

Image
text/plain

185.64.190.81

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=f1ad6368-577d-4e00-b7d6-8996b05e4ffb
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Server: 185.64.190.81 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 00:55:25 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Mon, 07 Nov 2022 00:55:25 GMT
Server: MT3 4629 97bee97 master cdg-pixel-x29 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=f1ad6368-577d-4e00-b7d6-8996b05e4ffb
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 07 Nov 2022 00:55:24 GMT

GET

/
loada.exelator.com/load/ Frame 28CB
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=144B8434-3FC8-4550-920F-6FACB83B3751&gdpr=0&gdpr_consent=
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1

0
0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 28CB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MTQ0Qjg0MzQtM0ZDOC00NTUwLTkyMEYtNkZBQ0I4M0IzNzUx&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
95 B

74ms
35ms

Image
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Mon, 07 Nov 2022 00:55:25 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Mon, 07 Nov 2022 00:55:25 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 28CB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEF_xKDUmdbfTys_xgNGdKbo&google_cver=1

42 B
528 B

73ms
34ms

Image
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEF_xKDUmdbfTys_xgNGdKbo&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Mon, 07 Nov 2022 00:55:24 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Mon, 07 Nov 2022 00:55:25 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEF_xKDUmdbfTys_xgNGdKbo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 28CB 43 B
612 B 137ms
38ms Image
image/gif 34.91.62.186

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.91.62.186 -, , ASN (),

Reverse DNS

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 00:55:25 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Sun, 06 Nov 2022 00:55:25 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 28CB
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8147882932685425809

42 B
218 B

34ms
34ms

Image
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8147882932685425809
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Mon, 07 Nov 2022 00:55:24 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Mon, 07 Nov 2022 00:55:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8147882932685425809
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 28CB 70 B
264 B 51ms
42ms Image
image/gif 35.71.131.137

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 07 Nov 2022 00:55:25 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET

sync
x.bidswitch.net/ Frame 28CB
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://ws.rqtrk.eu/pull?redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26expires%3D1%26ssp%3D%24bidswitch_ssp_id&return-unstable=true&eb=&bidswitch_ssp_id=p...
https://x.bidswitch.net/sync?dsp_id=193&user_id=&expires=1&ssp=pubmatic

0
0

GET
H2 200 144B8434-3FC8-4550-920F-6FACB83B3751
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 28CB 43 B
425 B 180ms
56ms Image
image/gif 2a05:d018:d29:3601:66b:1664:ed6:c452

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/144B8434-3FC8-4550-920F-6FACB83B3751?gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3601:66b:1664:ed6:c452 -, , ASN (),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 00:55:25 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 28CB
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=144B8434-3FC8-4550-920F-6FACB83B3751&redir=true&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=144B8434-3FC8-4550-920F-6FACB83B3751&redir=true&gdpr=0&gdpr_consent=&verify=true
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-8PPqSZBE2uXIXv4cH7N1enkwOvv4qXE-~A&gdpr=0&gdpr_consent=

0
48 B

96ms
29ms

Image
text/plain

185.64.190.81

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-8PPqSZBE2uXIXv4cH7N1enkwOvv4qXE-~A&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Server: 185.64.190.81 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 00:55:25 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-8PPqSZBE2uXIXv4cH7N1enkwOvv4qXE-~A&gdpr=0&gdpr_consent=
date: Mon, 07 Nov 2022 00:55:25 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 204 current
pubmatic-match.dotomi.com/match/bounce/ Frame 28CB 0
104 B 201ms
58ms Image
text/plain 2a02:fa8:8806:12::1370

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=144B8434-3FC8-4550-920F-6FACB83B3751&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1370 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 00:55:25 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 28CB 0
191 B 125ms
32ms Image
text/plain 66.155.71.150

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.150 -, , ASN (),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Mon, 07 Nov 2022 00:55:25 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET

Pug
simage2.pubmatic.com/AdServer/ Frame 28CB
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4417831177384936708&gdpr=0&gdpr_consent=&us_privacy=

0
0

GET pubmaticmatch
match.adsby.bidtheatre.com/ Frame 28CB 0
0

GET apn
ads.playground.xyz/usersync/ Frame 28CB 0
0

GET
H3

200

usermatchredir
ssum-sec.casalemedia.com/ Frame EF76
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y2hXe2RZyFwZ9VomfUGXEgAADPcAAAIB&gdpr_consent=&us_privacy=&gdpr=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEJKhbptg22yXE7Z-S3RJGN8&google_cver=1

43 B
840 B

88ms
85ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEJKhbptg22yXE7Z-S3RJGN8&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fbuhgalter.com.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Server: 104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 00:55:25 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jzuGw4vb2dHgHFM0JlYozN2CHkf%2BBB342foXX7jf5xRIoiDAhaEL7T2mYhKtP2O5XfeoB2RhhXyAag2ROG16opDhdvfJJpXsrbsEsJ5yfMj4Rh9sGNS8mKhmw32Zod5Yn7KHg3q%2Brjg0tQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 76621a716d1adc97-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 07 Nov 2022 00:55:25 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEJKhbptg22yXE7Z-S3RJGN8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 342
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame EF76 70 B
264 B 41ms
41ms Image
image/gif 35.71.131.137

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fbuhgalter.com.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 07 Nov 2022 00:55:25 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET dcm
s.amazon-adsystem.com/ Frame EF76 0
0

GET
H2 200 Y2hXe2RZyFwZ9VomfUGXEgAADPcAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame EF76 43 B
602 B 157ms
56ms Image
image/gif 2a05:d018:d29:3601:66b:1664:ed6:c452

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/Y2hXe2RZyFwZ9VomfUGXEgAADPcAAAIB?gdpr_consent=&us_privacy=&gdpr=

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fbuhgalter.com.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3601:66b:1664:ed6:c452 -, , ASN (),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 00:55:25 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET sync
sync.srv.stackadapt.com/ Frame EF76 0
0

GET /
b1sync.zemanta.com/usersync/index/ Frame EF76 0
0

GET

rum
dsum-sec.casalemedia.com/ Frame EF76
Redirect Chain

https://ad.turn.com/r/cs?pid=21
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4345773583347008772

0
0

GET current
casale-match.dotomi.com/match/bounce/ Frame EF76 0
0

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame EF76 43 B
352 B 96ms
29ms Image
image/gif 104.18.12.76

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?Y2hXe2RZyFwZ9VomfUGXEgAA%263319
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fbuhgalter.com.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.12.76 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 00:55:25 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
age: 8706
etag: "902a3d-2b-546dc3a097100"
vary: Accept-Encoding
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 76621a717ff335bf-MAN
content-length: 43
expires: Tue, 08 Nov 2022 00:55:25 GMT

GET foreground.png
secure-ds.serving-sys.com/resources/PROD/html5/119359/20220323/1076467707/69656689895315216/ Frame B65D 0
0

GET cmp.js
ced-ns.sascdn.com/diff/js/modules/ Frame CC4B 0
0

GET
H/1.1 200
OK CookieSync.min.js Show response
csync.smartadserver.com/rtb/csync/ Frame CC4B 61 KB
14 KB 42ms
41ms Script
application/x-javascript 2a02:26f0:3500:e::1732:835c

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smartadserver.com/rtb/csync/CookieSync.min.js
Requested by: Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/rtb/csync/CookieSync.html?nwid=3050&dcid=3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:e::1732:835c -, , ASN (),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 598686e7213f278bb341e3194022b4355d1cd95818eeb224ea48ca10e96144cf

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://csync.smartadserver.com/rtb/csync/CookieSync.html?nwid=3050&dcid=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 07 Nov 2022 00:55:25 GMT
Content-Encoding: gzip
Last-Modified: Thu, 20 Oct 2022 08:45:26 GMT
Server: AkamaiNetStorage
ETag: "e887ffeb10fe1e5e78f4cd0280a52ce6:1666255728.542245"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13713

GET
H/1.1 200
OK TemplatePool.min.js Show response
csync.smartadserver.com/rtb/csync/ Frame CC4B 152 KB
4 KB 84ms
40ms Script
application/x-javascript 2a02:26f0:3500:e::1732:835c

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smartadserver.com/rtb/csync/TemplatePool.min.js
Requested by: Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/rtb/csync/CookieSync.html?nwid=3050&dcid=3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:e::1732:835c -, , ASN (),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 5af3136530a33e7ac536f9e52da58b6d4419b30baf4eb6fe14462fc516643ce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://csync.smartadserver.com/rtb/csync/CookieSync.html?nwid=3050&dcid=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 07 Nov 2022 00:55:25 GMT
Content-Encoding: gzip
Last-Modified: Thu, 20 Oct 2022 08:45:26 GMT
Server: AkamaiNetStorage
ETag: "89c36d3d06737a5284fa51f4d50162e5:1666255729.181322"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4196

GET token
token.rubiconproject.com/ Frame ED6D 0
0

GET

dcm
aax-eu.amazon-adsystem.com/s/ Frame ED6D
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&dcc=t

0
0

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame ED6D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEDk0mo0s5g2orESgwINtgws&google_cver=1

0
239 B

44ms
43ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEDk0mo0s5g2orESgwINtgws&google_cver=1
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 611afce88997db6fdd35eb213e662871
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Mon, 07 Nov 2022 00:55:25 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEDk0mo0s5g2orESgwINtgws&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 337
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET dcm
s.amazon-adsystem.com/ Frame ED6D 0
0

GET token
token.rubiconproject.com/ Frame ED6D 0
0

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame ED6D 70 B
264 B 46ms
41ms Image
image/gif 35.71.131.137

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Requested by: Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 07 Nov 2022 00:55:25 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame A11D 33 KB
10 KB 45ms
44ms Script
text/html 23.79.143.124

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.143.124 -, , ASN (),
Reverse DNS
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 7b05dc79113456e63176177d2878daf6a1de8f1fd73a70e6362c11e4ae13dbd1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 07 Nov 2022 00:55:25 GMT
Content-Encoding: gzip
Last-Modified: Sun, 06 Nov 2022 12:59:45 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=43446
Connection: keep-alive
Content-Length: 9885
Expires: Mon, 07 Nov 2022 12:59:31 GMT

GET sync.php
pixel-eu.rubiconproject.com/exchange/ Frame A11D 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cs.admanmedia.com
URL: https://cs.admanmedia.com/981e2a0ec1c40493e59b139b8db4f728.gif?puid=[UID]&redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D737612%26extuid%3D%5BUID%5D

Domain: fastlane.rubiconproject.com
URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48254&zone_id=1767334&size_id=2&alt_size_ids=55%2C221&gdpr=0&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=88f13056-c0f6-45ac-bc15-03baf473f259%5E1&rf=https%3A%2F%2Fbuhgalter.com.ua%2F&tg_i.pbadslot=%2F141806220%2Fbuhgalter.com.ua_top_banner%23div-gpt-ad-top-banner&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=886651f4-2d86-4996-a1b3-1a75e4fea152&l_pb_bid_id=38bd537eec0cb4a&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F141806220%2Fbuhgalter.com.ua_top_banner%23div-gpt-ad-top-banner&slots=1&rand=0.1921016360116372

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEHtmknS9J77YF0nMdiso3z8&google_cver=1&google_push=ASkJ3Fb07oNp74VaK_PgwaYB_g53fcBVmlQ2XuNMBLEI7Tj8TLjk5LycpUkv13BsGp7B_dcXoA0iwngyb2CrFO5NfkApm7mvkPE

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEHtmknS9J77YF0nMdiso3z8&google_cver=1&google_push=ASkJ3FYVZxuQRilBRnkQWcSPiBOOsoiBwCmKX8L7fZ67QqCENB4IqncXRvdGHhDWsOvHenfw2B0k-yGHbllDh7J8_kOWG42MrbmT5Q

Domain: mug.criteo.com
URL: https://mug.criteo.com/sid?cpp=TGj6tHxhVzV3dmpWeUdPNGZCR3FlMVJTQ2U2N24vMUUycWI3NHBrNDdsZHRUSUhKb1dNNURkdFFvMHFkZ3lCYmIyWDFuYks5bFB5WEhtSzl0aUswZm9UcG54ZnU2d0NJOHE4ejNiQWZYVnVGS0NGdUUvVFNFakNJMStNRHBKU3FyNE03QjZXQ1hMRjkzTHRCL0J2U0NkY0dwVGZEbGJ4eHBKY1hicUxTenIzL091Qk1vaTVDSHVZTVl4Q3BJTUZCL24rNXRGMUs3Zno1M0tXa0xxa1UvemlXdjFuZzlXRGVsNUNacHpzbUNNd09LeThmNGZCU3NVcllKeExoUUhsbHJzRnNTfA&cppv=2

Domain: x.bidswitch.net
URL: https://x.bidswitch.net/sync?dsp_id=354&user_id=85ddaa7e36e745a4b1fb1122859e8875&ssp=themediagrid&bsw_param=4a0366a6-15f9-4555-824f-d04542524811&gdpr=0&consent=&gdpr_pd=&expires=7

Domain: mug.criteo.com
URL: https://mug.criteo.com/sid?cpp=TGj6tHxhVzV3dmpWeUdPNGZCR3FlMVJTQ2U2N24vMUUycWI3NHBrNDdsZHRUSUhKb1dNNURkdFFvMHFkZ3lCYmIyWDFuYks5bFB5WEhtSzl0aUswZm9UcG54ZnU2d0NJOHE4ejNiQWZYVnVGS0NGdUUvVFNFakNJMStNRHBKU3FyNE03QjZXQ1hMRjkzTHRCL0J2U0NkY0dwVGZEbGJ4eHBKY1hicUxTenIzL091Qk1vaTVDSHVZTVl4Q3BJTUZCL24rNXRGMUs3Zno1M0tXa0xxa1UvemlXdjFuZzlXRGVsNUNacHpzbUNNd09LeThmNGZCU3NVcllKeExoUUhsbHJzRnNTfA&cppv=2

Domain: dmp.v.fwmrm.net
URL: https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D

Domain: sync.tidaltv.com
URL: https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6da86a98-0371-4a87-6296-10316e5e1c79&reqId=a5a4bd7a-3448-4020-4726-c876b70c59ce&zdid=1361&s_h=1

Domain: mwzeom.zeotap.com
URL: https://mwzeom.zeotap.com/mw?webouuid=zaNRJzJjqnWL7UROjYfqse&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6da86a98-0371-4a87-6296-10316e5e1c79&reqId=a5a4bd7a-3448-4020-4726-c876b70c59ce&zdid=1361

Domain: cms.analytics.yahoo.com
URL: https://cms.analytics.yahoo.com/cms?partner_id=ZTAP

Domain: aa.agkn.com
URL: https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=GBR&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6da86a98-0371-4a87-6296-10316e5e1c79&reqId=a5a4bd7a-3448-4020-4726-c876b70c59ce&zdid=1361

Domain: beacon.krxd.net
URL: https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6da86a98-0371-4a87-6296-10316e5e1c79&reqId=a5a4bd7a-3448-4020-4726-c876b70c59ce&zdid=1361

Domain: sync-tm.everesttech.net
URL: https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D6da86a98-0371-4a87-6296-10316e5e1c79%26reqId%3Da5a4bd7a-3448-4020-4726-c876b70c59ce%26zdid%3D1361

Domain: engine.widespace.com
URL: https://engine.widespace.com/map/ext/api/trackingcallback/v1?accessToken=zeotap-user-sync&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6da86a98-0371-4a87-6296-10316e5e1c79&reqId=a5a4bd7a-3448-4020-4726-c876b70c59ce&zdid=1361

Domain: usermatch.krxd.net
URL: https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6da86a98-0371-4a87-6296-10316e5e1c79&reqId=a5a4bd7a-3448-4020-4726-c876b70c59ce&zdid=1361

Domain: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=6da86a98-0371-4a87-6296-10316e5e1c79&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6da86a98-0371-4a87-6296-10316e5e1c79&reqId=a5a4bd7a-3448-4020-4726-c876b70c59ce&zdid=1361

Domain: tags.bluekai.com
URL: https://tags.bluekai.com/site/87734?id=6da86a98-0371-4a87-6296-10316e5e1c79&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6da86a98-0371-4a87-6296-10316e5e1c79&reqId=a5a4bd7a-3448-4020-4726-c876b70c59ce&zdid=1361

Domain: obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com
URL: https://obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D6da86a98-0371-4a87-6296-10316e5e1c79%26reqId%3Da5a4bd7a-3448-4020-4726-c876b70c59ce%26zdid%3D1361

Domain: pixel.rubiconproject.com
URL: https://pixel.rubiconproject.com/token?pid=41544&puid=6da86a98-0371-4a87-6296-10316e5e1c79&gdpr=0&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6da86a98-0371-4a87-6296-10316e5e1c79&reqId=a5a4bd7a-3448-4020-4726-c876b70c59ce&zdid=1361

Domain: x.bidswitch.net
URL: https://x.bidswitch.net/syncd?dsp_id=461&user_group=1&expires=5&user_id=6da86a98-0371-4a87-6296-10316e5e1c79&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BBBSW_UUID%7D%26cookie_age%3D%24%7BCOOKIE_AGE%7D%26env%3DmWeb%26zpartnerid%3D1771%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D6da86a98-0371-4a87-6296-10316e5e1c79%26reqId%3Da5a4bd7a-3448-4020-4726-c876b70c59ce%26zdid%3D1361

Domain: ssc-cms.33across.com
URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X

Domain: b1sync.zemanta.com
URL: https://b1sync.zemanta.com/usersync/seedtag?puid=&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Foutbrain%3Fchanneluid%3D__ZUID__

Domain: pool.admedo.com
URL: https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=seedtag&bsw_custom_parameter=b981e0ec-6af9-4915-87f7-1d5bcf69c02b

Domain: s.seedtag.com
URL: https://s.seedtag.com/cs/cookiesync/spotx?channeluid=dd94397f-5e36-11ed-8cea-1bbe6fc50406

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_sc&gdpr=0&gdpr_consent=%24%7BGDPR_CONSENT_229%7D

Domain: image2.pubmatic.com
URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7185896234098286157

Domain: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=144B8434-3FC8-4550-920F-6FACB83B3751&redir=true&gdpr=0&gdpr_consent=&dcc=t

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCdkNVN0cwSzhBQUNGU0J0V0U5QQ&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1

Domain: sync.srv.stackadapt.com
URL: https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=

Domain: sync-tm.everesttech.net
URL: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=Y2hXfQAGGcAxNQAr

Domain: a.tribalfusion.com
URL: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}

Domain: matching.truffle.bid
URL: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID

Domain: core.iprom.net
URL: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=

Domain: pixel-eu.onaudience.com
URL: https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid

Domain: loada.exelator.com
URL: https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1

Domain: x.bidswitch.net
URL: https://x.bidswitch.net/sync?dsp_id=193&user_id=&expires=1&ssp=pubmatic

Domain: simage2.pubmatic.com
URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4417831177384936708&gdpr=0&gdpr_consent=&us_privacy=

Domain: match.adsby.bidtheatre.com
URL: https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Domain: ads.playground.xyz
URL: https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID

Domain: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y2hXe2RZyFwZ9VomfUGXEgAADPcAAAIB

Domain: sync.srv.stackadapt.com
URL: https://sync.srv.stackadapt.com/sync?nid=68

Domain: b1sync.zemanta.com
URL: https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=

Domain: dsum-sec.casalemedia.com
URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4345773583347008772

Domain: casale-match.dotomi.com
URL: https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1

Domain: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/resources/PROD/html5/119359/20220323/1076467707/69656689895315216/foreground.png

Domain: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/js/modules/cmp.js

Domain: token.rubiconproject.com
URL: https://token.rubiconproject.com/token?pid=25470&gdpr=0

Domain: token.rubiconproject.com
URL: https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0

Domain: token.rubiconproject.com
URL: https://token.rubiconproject.com/token?pid=36584&gdpr=0

Domain: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&dcc=t

Domain: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0

Domain: token.rubiconproject.com
URL: https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0

Domain: pixel-eu.rubiconproject.com
URL: https://pixel-eu.rubiconproject.com/exchange/sync.php?p=seedtag&khaos=LA62NHO3-24-IOL1

Verdicts & Comments Add Verdict or Comment

180 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

65 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
buhgalter.com.ua/	1970-01-20 07:59:34	Name: leads Value: a%3A1%3A%7Bs%3A13%3A%22subscr_source%22%3Ba%3A3%3A%7Bs%3A11%3A%22create_date%22%3Bs%3A10%3A%222022-11-07%22%3Bs%3A6%3A%22source%22%3Ba%3A4%3A%7Bs%3A10%3A%22utm_source%22%3Bs%3A6%3A%22direct%22%3Bs%3A10%3A%22utm_medium%22%3Bs%3A4%3A%22none%22%3Bs%3A3%3A%22url%22%3Bs%3A25%3A%22https%3A%2F%2Fbuhgalter.com.ua%2F%22%3Bs%3A11%3A%22refererData%22%3Ba%3A2%3A%7Bs%3A11%3A%22refererPath%22%3Bs%3A25%3A%22https%3A%2F%2Fbuhgalter.com.ua%2F%22%3Bs%3A7%3A%22referer%22%3Bs%3A16%3A%22buhgalter.com.ua%22%3B%7D%7Ds%3A2%3A%22ga%22%3Ba%3A1%3A%7Bs%3A3%3A%22cid%22%3Bs%3A36%3A%226dcbd2a6-8900-4d65-9ad0-474d245ec33c%22%3B%7D%7D%7D
.buhgalter.com.ua/	1969-12-31 23:59:59	Name: TyD9WUG Value: 1
.buhgalter.com.ua/	1970-01-20 16:52:22	Name: __fp2_f2 Value: Lm8EJaw5UUJhnE4B1QU6zJfAqj113v90
.buhgalter.com.ua/	1969-12-31 23:59:59	Name: kdmF9Qy Value: 1
.buhgalter.com.ua/	1970-01-20 16:52:22	Name: _faguid Value: Lm8EJaw5UUJhnE4B1QU6zJfAqj113v90
buhgalter.com.ua/	1970-01-20 07:20:41	Name: __factor_utm Value: %7B%22utm_medium%22%3A%22none%22%2C%22utm_source%22%3A%22direct%22%2C%22utm_campaign%22%3Anull%2C%22utm_content%22%3Anull%2C%22utm_term%22%3Anull%2C%22url_path%22%3A%22https%3A%2F%2Fbuhgalter.com.ua%2F%22%2C%22refer%22%3A%22%22%2C%22site%22%3A%22buhgalter.com.ua%22%7D
buhgalter.com.ua/	1969-12-31 23:59:59	Name: pageCount Value: 2
.buhgalter.com.ua/	1970-01-20 16:52:22	Name: _ga_6VVQ37Y1T2 Value: GS1.1.1667782519.1.0.1667782519.60.0.0
.buhgalter.com.ua/	1970-01-20 16:52:22	Name: _ga Value: GA1.3.886186701.1667782520
.buhgalter.com.ua/	1970-01-20 07:17:48	Name: _gid Value: GA1.3.1730227377.1667782520
.buhgalter.com.ua/	1970-01-20 07:16:22	Name: _gat_gtag_UA_35985798_1 Value: 1
.buhgalter.com.ua/	1970-01-20 07:16:22	Name: _gat_UA-53572572-5 Value: 1
.buhgalter.com.ua/	1970-01-20 07:16:22	Name: _gat_UA-35985798-1 Value: 1
buhgalter.com.ua/	1970-01-20 16:52:22	Name: cbtYmTName Value: 9Y7XnJHXz9fDxcyWk8LCzZTGk8zFkcfD14jE
.buhgalter.com.ua/	1970-01-20 09:25:58	Name: _fbp Value: fb.2.1667782520050.534887747
buhgalter.com.ua/	1970-01-20 07:59:34	Name: _pbjs_userid_consent_data Value: 2024371239917068
.buhgalter.com.ua/	1970-01-20 16:01:58	Name: _pubcid Value: 88f13056-c0f6-45ac-bc15-03baf473f259
.doubleclick.net/	1970-01-20 16:37:58	Name: IDE Value: AHWqTUngHjKBKavjxedAcay3q2NArDEZaJVCZCGOLcTmoM6buEznT2SQTZ7mu9DMKSA
.buhgalter.com.ua/	1970-01-20 16:37:58	Name: __gads Value: ID=bb33f1411e745320:T=1667782520:S=ALNI_MauSNwu9NE4Cy5CXRSSRBhrgP2wGg
.buhgalter.com.ua/	1970-01-20 16:37:58	Name: __gpi Value: UID=00000b7daab5ced4:T=1667782520:RT=1667782520:S=ALNI_MbnUy3uRGi7_7zWH-NLjbOR7oUimA
pbjs.e-planning.net/	1969-12-31 23:59:59	Name: CT Value: 1
a4p.adpartner.pro/	1970-01-20 08:42:46	Name: apuid Value: 53d07f38-a9f9-463a-96b4-ccde080678f4
loadercdn.net/	1970-01-20 16:52:22	Name: vui Value: f714625412d24438bab3224fd26c517a
.e-planning.net/	1970-01-20 16:52:22	Name: E Value: ANiCqF2daJXdyBYc
.mfadsrvr.com/	1970-01-20 16:52:22	Name: tuuid Value: 4bc5d70f-ba3d-4e84-970e-c8d441e962d4
.mfadsrvr.com/	1970-01-20 16:52:22	Name: c Value: 1667782520
.mfadsrvr.com/	1970-01-20 16:52:22	Name: tuuid_lu Value: 1667782520
.mfadsrvr.com/	1970-01-20 16:52:22	Name: ssh Value: !adtelligent,1667782520
.seedtag.com/	1970-01-20 16:01:58	Name: st_uid Value: 74128469-6a4e-4074-b3bb-745d90bf90b1
.seedtag.com/	1970-01-20 07:59:34	Name: st_ssp Value: Y291bnRyeV9uYW1lPVVuaXRlZCBLaW5nZG9tJmNvdW50cnlfaXNvMj1HQiZjb3VudHJ5X2lzbzM9R0JSJnJlZ2lvbl9uYW1lPU1hbmNoZXN0ZXImcmVnaW9uX2lzbzI9TUFOJmNpdHlfbmFtZT1NYW5jaGVzdGVyJmxvbmdpdHVkZT0tMi4zMTg2JmxhdGl0dWRlPTUzLjQ1MDcmemlwPU0zMg==
.adtelligent.com/	1970-01-20 08:45:39	Name: vmuid Value: ec662cdd9d15c7b5
.adtelligent.com/	1970-01-20 08:45:39	Name: a736011 Value: 4bc5d70f-ba3d-4e84-970e-c8d441e962d4
.adtelligent.com/	1970-01-20 08:45:39	Name: a307558 Value: 53d07f38-a9f9-463a-96b4-ccde080678f4
.rubiconproject.com/	1970-01-20 16:01:58	Name: khaos Value: LA62NHO3-24-IOL1
.rubiconproject.com/	1970-01-20 16:01:58	Name: audit Value: 1\|hLZGFuTafB1eNs+ZYNw/LFqbBgMWySGKoH1GQZR6kugTcNOBtGbweEY6IcV8BcE1e8x9FX/SGzLD4PlHyE3qACYbB5SW5XQ3vWRd+B4fy7Gma+WVcS1g3g==
.adnxs.com/	1970-01-20 09:25:58	Name: uuid2 Value: 545822583133375418
.casalemedia.com/	1970-01-20 16:01:58	Name: CMID Value: Y2hXe2RZyFwZ9VomfUGXEgAA
.casalemedia.com/	1970-01-20 09:25:58	Name: CMPS Value: 3319
.casalemedia.com/	1970-01-20 09:25:58	Name: CMPRO Value: 3319
.pubmatic.com/	1970-01-20 07:17:48	Name: KTPCACOOKIE Value: YES
.rlcdn.com/	1970-01-20 16:01:58	Name: rlas3 Value: iNBDUBWf3vzlbf9x1dVbI5O/DpsyAp5JQ903EI2he6Q=
.adnxs.com/	1970-01-20 09:25:58	Name: anj Value: dTM7k!M41.D>6NRF']wIg2In?ra.N`!]tbPl1M>e)ZlrFUfJ+tGXxoPFp4*QQQMlXYMm?'<z`eN9#MI7b#rh[%^Uj?3If)y3KL9D3I?+e>+=[-
.pubmatic.com/	1970-01-20 09:25:58	Name: KADUSERCOOKIE Value: 144B8434-3FC8-4550-920F-6FACB83B3751
.rlcdn.com/	1970-01-20 08:42:46	Name: pxrc Value: CAA=
.innovid.com/	1970-01-20 09:25:58	Name: uuid Value: 096280c8-1603-4cd6-a0b2-ef22018ae395-20221106 19:55:23
.quantserve.com/	1970-01-20 09:25:58	Name: d Value: EH0BCQHCJ4EA
.quantserve.com/	1970-01-20 16:46:36	Name: mc Value: 6368577b-83e6f-a85e0-3331a
.casalemedia.com/	1970-01-20 09:25:58	Name: CMTS Value: 5174
m.exactag.com/	1970-01-20 09:25:58	Name: exactag_new_gk Value: e93d88ce867d40ac84a2bab53ae83318%7C06.01.2023%2000%3A55%3A23
m.exactag.com/	1970-01-20 11:35:34	Name: exactag_new_uk Value: 9cdd0db833ca4d1abea143cf967f7020%7C
m.exactag.com/	1969-12-31 23:59:59	Name: session_session Value: eb6c0e6c7258443fb680b182
.agkn.com/	1970-01-20 16:01:58	Name: ab Value: 0001%3AGSiCDHZZHkhO8wDbDvPCfreMLbYDYxBg
.agkn.com/	1970-01-20 16:01:58	Name: u Value: C\|0CEAq-xP7KvsT-wAAAAAAAQ13AQCAAQpAAAAAAA
.e.dlx.addthis.com/	1970-01-20 16:46:36	Name: na_tc Value: Y
.addthis.com/	1970-01-20 16:46:36	Name: na_tc Value: Y
.dlx.addthis.com/	1970-01-20 07:59:34	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-20 07:59:34	Name: na_sr Value: 20221107
.dlx.addthis.com/	1970-01-20 07:16:22	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-20 07:59:34	Name: na_sc_e Value: 0
.serving-sys.com/	1970-01-20 09:25:58	Name: A6 Value: 10NfTjxPxT1005xi000010000
.serving-sys.com/	1970-01-20 09:25:58	Name: u2 Value: a6bb5c9e-436b-48e0-aa8f-ed2ef58b06624JD06g
.serving-sys.com/	1970-01-20 09:25:58	Name: eyeblaster Value: RES=32
.addthis.com/	1970-01-20 16:46:36	Name: na_id Value: 2022110700552400027652954958
.addthis.com/	1970-01-20 16:46:36	Name: uid Value: 6368577c979f1345
.addthis.com/	1970-01-20 16:46:36	Name: ouid Value: 6368577c0001d088b8d5bd203f93679463bddeed79eeaccaa546

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://www.googleadservices.com/pagead/conversion.js(Line 26) Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
network	error	URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEHtmknS9J77YF0nMdiso3z8&google_cver=1&google_push=ASkJ3Fb07oNp74VaK_PgwaYB_g53fcBVmlQ2XuNMBLEI7Tj8TLjk5LycpUkv13BsGp7B_dcXoA0iwngyb2CrFO5NfkApm7mvkPE Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE
network	error	URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEHtmknS9J77YF0nMdiso3z8&google_cver=1&google_push=ASkJ3FYVZxuQRilBRnkQWcSPiBOOsoiBwCmKX8L7fZ67QqCENB4IqncXRvdGHhDWsOvHenfw2B0k-yGHbllDh7J8_kOWG42MrbmT5Q Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE
javascript	warning	URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_227_3_0/ebHtml5Banner.js(Line 117) Message: The devicemotion events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
javascript	warning	URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_227_3_0/ebHtml5Banner.js(Line 117) Message: The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
network	error	URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6da86a98-0371-4a87-6296-10316e5e1c79&reqId=a5a4bd7a-3448-4020-4726-c876b70c59ce&zdid=1361 Message: Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network	error	URL: https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6da86a98-0371-4a87-6296-10316e5e1c79&reqId=a5a4bd7a-3448-4020-4726-c876b70c59ce&zdid=1361 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=6da86a98-0371-4a87-6296-10316e5e1c79?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6da86a98-0371-4a87-6296-10316e5e1c79&reqId=a5a4bd7a-3448-4020-4726-c876b70c59ce&zdid=1361 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=38d6491fce05ef96/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DNrGB8F9IYSQUWRbMjnaVnMRU Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=38d6491fce05ef96/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=15768000; includeSubdomains;
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
a4p.adpartner.pro
aa.agkn.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ade.googlesyndication.com
ads.playground.xyz
ads.pubmatic.com
adservice.google.co.uk
adservice.google.com
ag.innovid.com
analytics.factor.ua
ap.lijit.com
b1sync.zemanta.com
b421d36273e048925721661df0521728.safeframe.googlesyndication.com
bcp.crwdcntrl.net
beacon.krxd.net
bidder.criteo.com
bs.serving-sys.com
buhgalter.com.ua
c1.adform.net
c2shb.ssp.yahoo.com
casale-match.dotomi.com
cdn.gravitec.net
cdn.indexww.com
cdn.jsdelivr.net
ced-ns.sascdn.com
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
cms.quantserve.com
connect.facebook.net
core.iprom.net
cs.admanmedia.com
cs.seedtag.com
csync.loopme.me
csync.smartadserver.com
d.agkn.com
dis.criteo.com
dmp.adform.net
dmp.v.fwmrm.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
e.dlx.addthis.com
engine.widespace.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
ghb.adtelligent.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
googlecm.hit.gemius.pl
grid.bidswitch.net
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id.gravitec.net
id.rlcdn.com
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
js-sec.indexww.com
jsonip.com
lm.serving-sys.com
loada.exelator.com
loadercdn.net
loadeu.exelator.com
m.exactag.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.sharethrough.com
matching.truffle.bid
mug.criteo.com
mwzeom.zeotap.com
obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com
odr.mookie1.com
onetag-sys.com
pagead2.googlesyndication.com
pbjs.e-planning.net
pixel-eu.onaudience.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel.adsafeprotected.com
pixel.rubiconproject.com
pixel.tapad.com
player.adtelligent.com
pool.admedo.com
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
pubmatic-match.dotomi.com
region1.analytics.google.com
rtb.mfadsrvr.com
rtb.openx.net
s.amazon-adsystem.com
s.seedtag.com
s.zmctrack.net
s0.2mdn.net
secure-assets.rubiconproject.com
secure-ds.serving-sys.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
spl.zeotap.com
ssc-cms.33across.com
ssum-sec.casalemedia.com
static.adsafeprotected.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.adtelligent.com
sync.mathtag.com
sync.richaudience.com
sync.smartadserver.com
sync.srv.stackadapt.com
sync.teads.tv
sync.tidaltv.com
tags.bluekai.com
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
use.fontawesome.com
usermatch.krxd.net
visitor.omnitagjs.com
www.facebook.com
www.google-analytics.com
www.google.co.uk
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
a.tribalfusion.com
aa.agkn.com
aax-eu.amazon-adsystem.com
ads.playground.xyz
b1sync.zemanta.com
beacon.krxd.net
casale-match.dotomi.com
ced-ns.sascdn.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
core.iprom.net
cs.admanmedia.com
dmp.v.fwmrm.net
dsum-sec.casalemedia.com
engine.widespace.com
fastlane.rubiconproject.com
googlecm.hit.gemius.pl
image2.pubmatic.com
loada.exelator.com
match.adsby.bidtheatre.com
matching.truffle.bid
mug.criteo.com
mwzeom.zeotap.com
obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com
pixel-eu.onaudience.com
pixel-eu.rubiconproject.com
pixel.rubiconproject.com
pool.admedo.com
s.amazon-adsystem.com
s.seedtag.com
secure-ds.serving-sys.com
simage2.pubmatic.com
ssc-cms.33across.com
sync-tm.everesttech.net
sync.srv.stackadapt.com
sync.tidaltv.com
tags.bluekai.com
token.rubiconproject.com
usermatch.krxd.net
x.bidswitch.net
104.18.12.76
104.18.13.76
104.18.133.145
104.18.19.126
104.75.89.75
136.144.183.196
137.74.6.209
142.250.185.194
142.250.186.130
162.19.138.82
168.119.79.223
172.217.16.130
178.250.0.163
18.156.0.31
18.198.85.91
18.202.164.188
185.172.90.252
185.184.8.90
185.187.81.40
185.187.81.41
185.255.84.152
185.29.134.248
185.64.189.110
185.64.189.112
185.64.190.78
185.64.190.81
185.80.39.216
185.86.137.132
185.89.210.46
2.16.202.8
2001:4860:4802:34::36
213.19.147.45
213.202.235.8
216.58.212.130
23.35.236.188
23.79.143.124
2600:1f18:1aca:4282:68fb:6c08:1bca:4f5f
2600:3c01::f03c:91ff:fe79:43b
2600:9000:214f:be00:8:48e:53c0:93a1
2602:803:c004:200::141
2606:4700:10::ac43:db6
2606:4700::6810:5914
2606:4700:e2::ac40:850f
2620:116:800d:21:ef75:8280:f209:5ba1
2a00:1450:4001:800::2002
2a00:1450:4001:802::2006
2a00:1450:4001:806::2003
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::2003
2a00:1450:4001:80b::2004
2a00:1450:4001:810::200a
2a00:1450:4001:812::2002
2a00:1450:4001:812::200e
2a00:1450:4001:827::2001
2a00:1450:4001:828::2001
2a00:1450:4001:828::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2008
2a00:1450:400c:c00::9d
2a02:2638:1::13
2a02:2638::24
2a02:2638::3
2a02:26f0:3500:e::1732:835c
2a02:6ea0:c700::20
2a02:fa8:8806:12::1370
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:400::300
2a05:d018:d29:3601:66b:1664:ed6:c452
2a05:d01c:1d8:8100:3d7c:b3e5:1d0f:44c5
2a0c:5c81:5142::2
3.122.209.252
3.124.32.217
3.248.126.7
3.65.142.183
3.67.210.236
3.73.221.153
34.149.50.64
34.91.62.186
34.98.64.218
34.98.67.61
35.214.236.176
35.227.248.159
35.227.252.103
35.244.174.68
35.71.131.137
37.157.4.28
37.157.6.245
37.157.6.247
45.133.44.3
45.133.44.4
51.89.9.251
52.17.139.148
52.28.203.152
52.48.219.191
54.78.254.47
62.149.1.122
66.155.71.150
69.173.144.138
72.251.245.179
72.251.249.9
85.114.159.118
88.221.168.166
88.221.168.201
95.170.82.90
96.16.141.156
0089aa050b89192e6bb4f33c9ca831d4215f30a24cff294ed17a1a187131e267
01af8f6778afe20575d3f80ed19d37651cb12d0fec740cc6bc9fcb2676361355
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
0391042e0e111437f4a2dec7560098dbcc04b68df753281b207b3c956430c89c
03ec2546ee47d60d8ef7dffdb2ee2b3a7782dd8d13e497474f2d181e5234109f
060bb8520b20eb55d3627c997fb70a310ee7340fca81019d845ec4d411f1f28d
061543b6ada60edddffd9f7c3f5a4fd1fa7c37e0f023816dbe1a8d4091daf49e
06bdd96bd20cf276fc8b35c8225617f5b09ba312b23cfe638179ceee57852390
06e13e753ce02eb311a0491eada8d8671a0c4fa4f85d3b94bb78ed1d0aa76289
07ab47c07bab62e7d7ff7bc8ec64936785a7e488438074dd3510227aa5c466b0
07b382d14e2714223655f23745e8bfad2b87de32d3bc5d145403ed07dbcce891
08062237a2f036354dc3634789c4f19fb2a043eb270e11ef1cb973bfad05cae9
08e04409d774299c7ac6fbbd18203bb89d0febac102760ed40a76864a6bb4066
0945e4fad72d0c08a7eeb945cd19a38c4e1b159550a38336f397fd408223b8ad
096a1fd3254fc42817c4c633d6a201862b3712f06836041523a6de862d37875b
09bf76bf9a693f6d1ff70fb63a0f530e6d880240a4cf8b53baa070cb244852c0
09cf7684a243dfc294f30f108a7a97ad7807efebc4699aeff4baf8b94c65d749
0a91fbed903c7ee569d116adee58d579d0c64775a469ee86d3cc4281f913bda1
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c593b478bac40d4bd1c30ccf349c6e118c347e0ed9881ff7e70a7c5de86493e
0ecdc6188a4b2ec48e2ebf84a2a6584e78473f1216d7119832b5dc109bec7492
0f6dea341f671dfd5961526e6dd9583053152e70daf083fe40616f3b8a3e3e92
110b303089a71f1b1c392a22406acdad508b9b0d39a1f39626827e86f3a5a78f
11b8039f67c83221d338e7df04a5517d18c2bc1711d092633f902019ea0c700f
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
159210f9ceb6561cae10aa34238d9c3d4a601a5ac825ff6d9f3e669d8bd0df0e
17380452670e8c3216bc2cf483c28eec5059a45c47cabf1b216e09a6815f12cb
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
188fc2045c73ceb0931b06357ec5c0a8c0b93045b831c79e557c25e4c8959d01
18f6e3c3179bf84f07b30ca394e8605749cef60d91b0090ee9b76d68bfaa04d5
1cd795d06d23422370a772ff4f11b2149589c1ef15e91de8194d92403ca2ffdb
1e18095b9d6ac7a64d0acc19a7691ceac4bb92f0da943acbe4183c75ab07f27e
2075b9bb7a326a93084593989a0edcaa4d64e579741df7efb8e842ee56930499
22ef740962bc0b112be9cf31438b5f65689bee5ea052a5538cf05d959cd4d96c
23b89bb3578573b474d7a69e2df32e8f0ee7839a44392edb040e4117a07ce6fa
23e19e517b2d938bcf2fbfe1931148804a89822869068908e18c68015ad4f25f
24d18d4fc17a28fc09f962bae64be4acf0d0a38e6443ae308ad64eb1a22fe2ec
24d2d062a3432cd4d5b5079a056eaa1c0267f7ac8299bbff426395d70d081f2d
259c000134f1b62928de5c6c5b2fbd055aa9c1133a3d95ae6794acf455f86458
269bd69d6c1d25e848132ecfb48ec214040e49fd45e444760c3e226ca5fd7962
2794e4bee8b85e3e25f439d6e2eff996da14eee39f04ccd2ab65436562be1fe9
27bf5587dcdf6b46c008ea961d5a4792d2d7b8cdff11db21f9251425e4c1c20b
28944c23ec8eef8e3f1bc3f8dc145623c5d7c10c7b8909006681229fb86687a8
296a988d4d9033be4c070388508bd7d4e7e2d149bd3f985ef21bf8de7cff2f9c
2ae0a454f7ab15c89d610835eea875e704173af6b217619762ff264cd8ac6dae
2b3eca61be6ce7f48f0438c9417cd36767ca6862f86e796cbc4dc0c95e0278f8
2c30bce9316a009e9a17785731b7c5b52af0e3f3f162efbc5787513b54cea138
2d27a1810a9c43b17603247c2757dba5e852432b29416d66de79bf6a3bbd1fd3
2de059c14703eb5c8982ab9b19ee3af6e8c8206d776c065965cdbb465b2c6d84
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e7778c6ed3c31a131da378d6e573a1b3b6723037cdeea4c4832da83e60c9399
2ee69f515b17f5b570b287e1d92f35e94e76139440dbd97db70805430ffda58d
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3061a71d8be14bbf325156cea941da0e53ef184eef60c14331e15b4145b4dc7e
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
34db11d23b1b71496d67661f658d3f0e00bd9537b98c02c32f5b621f838be247
36bfcbfb8c235969f901acae944343611139ad8fe2ab577e907cbd2ca7cbef55
3954c072b8ccae5186c1cecc9b6e4e1552d9dbb32a88fd772e4d354e61dc1bff
3971a86564fe25b2262b78bf830d8af076f7cde4fe7b2167585b38571b3f180a
3a2eb5bdd4ebebd44b01f9835c1558932f68cdf8794d5ff6f4ef88b988d20be2
3b542bc706a41d36ca02e27cc3a6165104c2b7fdc57aa9a23ca63e164495c2c8
3bfefd3fa8a9a68e7088af73e972540f3523c55ce9bd208e6762453fd4db2acf
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
3c2b4bd6147e77fc433bf6b66fed2eeff9a78d0ba0f3e08cd9ebbf2b17be51dd
3c74cc19975b79ddaa3fb1eda4375e3f6f8b6e95280efa826485eacde38238f4
3ce0d69d0b69a5ed7af97608c6281574b2d47f354840b381be5a89dfffdfb152
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3d6ee7a2b9829027605dcd54b943d44244400a1bfb272ab4288ae4b5f128ead8
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40cf551965abb3907196d630825291b27d1b77dd499bbbf12e07905a25afcf59
42c805e59c5ad69eb13f463e81d6e5ccf411bab00019afbc36ecc387ee37756d
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
477f6940fb583ae0905ec9ecafb6487eac6bd16ab264572519030c25c5e4c4bf
481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a842d3295b35d0fdbaed094d22f5926f2bcaa2d892ec7ea9a9a89c1f84b33bf
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d82400221a897df3f8d39ab260b1ad8f6ed5b6be95182ce721ca2c0c9bf45be
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e388fe3caca4cf58a303f6eccf2c2a25f6ca596d0f8cfabd87788dbe3095ee8
4e4070246112213095f9384e25a87d0c5b0ecf0ca21b51984e54a2fe79532448
4e54a4e1093719499f227854e31568e062cbb3eb158697d3a4ab56df81450ce6
4f9695de838f580539a55fb51b39700729e469625f429ef612e7e3173bd004bc
4fa18ae7faa4c864e0c14d23b00a46e5cb48f7509335d3d9ece052ff93c328d5
50112439d2836bd2c991492af692b8935bb06b6045855a60683474cd7b5558ec
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
52b55ae47fb6f7ce41328be63dce372ff1e2c28be04a4d1e7a3ba68152acfa7c
52db729bbfda2646c18d63f4ad32c8bb07ab396a30c8cd49b22d0481af5310c2
52e5aa30fbcd4f762fd828571b6d91b0ac214112c4c7cea30d137f4aef3c521a
53f64343db1ef6abfd36c823fbf750323e5209120aa59a5ce50afccb3fb2dbd9
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
571d98b8be6a0ea6d706616d281fd6e46b569e9432f0d8eb0e21cc9c64fce257
57433e1293341458165bf38974563d349e5c2116f089af926afe7bf6a4e4a49c
5833f676a69a7385d07b129f61b2545762ac94c5691a5c8fc82b1eff66d74737
598686e7213f278bb341e3194022b4355d1cd95818eeb224ea48ca10e96144cf
5af3136530a33e7ac536f9e52da58b6d4419b30baf4eb6fe14462fc516643ce0
5d9d6ec7c41585e96ab6ea96934ff2dd16785b537ee1e1c73cf9ea2fbf0979f0
5e1055767f6d4ebc018c9e2386d3ca843ce1cc24daf9add01c652a15b7fdaf4d
5fe4cee60703157514ce978943393746a979a9db391171751c1a112d87a2d94f
601eb4a892c3dc6894730d4256f914278188b7f7ffb209add115a3788b5afeee
60aa4db6d951ec9c250ec0907a1f93246e8f42a1cb7dd114242b8b7c52d78a8c
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62533bce9accb17502e412cdef6558ac7375e50e1b6fc089f56606c0b6484a0d
625614d0c74d2cd49b55966090b740556a74d6f81fab60a6ba40cbeb2a328ebd
6356465097a91fe7436546d26b9a0575a5092cdea33572d65d1ee447777890c5
641ffe72873f12017fb86aaf780a09ec9a0b7ae276a83f5510960dba130eea47
65050eb8b9d9d8603c13cdb97ff40c7964893046ae304654feb30d98bc128647
651e95847f7d32216e1b69015c052faa01310a0fa73cd107220860fdfc20e406
659aba74af795768d9d8d2ed688e49cd5f47d9425d5a1630329a845759b4591d
65f7e6a5580a5777aa477f26640eecfe4ed9371d173ff7d1281c9cea1ae6cb31
6689b10d16d6c6f738c2fae6e209c53d7b4ad2d597ba712e0ecc2f1852a280ac
678ebb4a2b5dd3d3e75cb750d6e4a22ec4cd79b5d4e8e0d53fe9e0ee06487ae8
679449bd06f6cbbe46b129b5009ce6b490d323677b02fac4a62b10bdfc678ddb
69768ececc08139a577e3382f14cdec2f0c549663ab259f280e2f83e709065a2
6aa60dd23a74b3701f5ed911709abd25ac4e7f4a8cbd13d777fda48db32915f8
6b4a6f01c46aa35416cd318b384b92b49cb78e6de9aee2f81815d34a25bd5ca7
6b8fd7dd4105ce1ed396f303763969895138f914f8a96914107f5f0423881eba
6c7003d5cc097546b5da1801aec020dbb503041e72947eeb3be60dd5a36bb4db
6e337204ed03b6e4418d9b9b436cd2614831b06c4e1a9ca156d47ece9ad0951c
6ef81d1a436e54449d094e62ad44dc82221a1c752069947e0a2c071b49a9c701
71d49d865114d9bb25bfdfc0272b738cdfd771749b21360ce5fb40eee3b4d986
72b9bf3b3da6ba394b7e713b6fd97541eee40888675ce352e13e572e671b69b1
741cb5b795c866f5aef2c01f64bf8eda484c92bfebe3ee309c9ed35cd252f033
74c3d6e4e68a777357e0779c0dac3ab4b146a1b9f95f5884893f453e703ef745
7535435b268eceb5a194a8a6065e853af11815cedcbe1769155617d3a8487d60
75471d692aeb9322e75a041dcb0c363657eb51db495b14d5555c5e7a907fa799
76aca2a3a5554f3302fb8b7bf6db768cdddd1af7bcd81be8766d03528c39c58e
7704281ee0b386ac39b9b1f6ca82401efc3500b75ac160e9a46ab6246974d9a5
77e1eb556e5b144b37d63f8bb16ad5062fa01a55e003038c51464e2ba968b2df
7829988b563456c6175f01dfe2a83226f4f92e5c3375d380843538cd7025a6f9
797d07bd95a6bd28ccd62afa00442978b2e78874f385b12e235cb9fe4aa860e2
7b05dc79113456e63176177d2878daf6a1de8f1fd73a70e6362c11e4ae13dbd1
7b63f721e824f90d7f3144b2458f93b1697419fc8790f35537a064ed757a1b80
7beefcfa4e4cc831fcf9a5ef7d9888980014d0f2a080b20c19149c375b7a310b
7cb32d973638c94c708c3bfd9d908d9c899f1f77930c149059a1ce06ef4cefb0
7d5bed178d04622ad95cab658071133ce2ea6b1b394fd71179ec07b5de122bc5
7dd25d04429575c13f1c5b0e13e65fa7bb8d8e2035fbe3194c5eecc7bfbb7f29
7dfb2782fc22e53f82323405ea2baf302699bebbbcbc9478b5e07c32c55ec3df
7e3f345722360a6c96af7d8f35e144da276dc894163a02d9b04031460b48c683
7fa2dc82324a628f7b1f6e555fc90d3cdc3f8a0cf20e727bfeb967d302b58cf5
82a4df0a6f0f70b0df90aeef7e01e356a0a5859da073e4139145dffd0844b226
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
830c492faf4a8fd45323fc4cc866f1d5c77dd3d3d330a58842d1dd07fa6f2676
83303b6433a288df8cd75c5def273e30123f4aafb674b9d1c90c5b84273425d3
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
835bde703fda03992fac1cdeaaa672dde40be8a46a68640bb7cfefa0639710ad
83f2963ac96def32a52b88d46767a0e6b4f7d5deeabe40bdcd795ce25b99217a
84d368b23e95809600d8e96a8532cc3b88c49cecd69a058d249b4ec0024073ba
8598ebb5ec244f26b8b287ec7c79de0301a7f7d3b6b17ca7aa5099a10a64da49
87a156566bf61f245a0b0d6c16f0446eb7cc4a36a9350be545fa37259a40b71a
886be91a01119208c9cc1a1ea2ed933d7c075f1d89659d21823d139f75507fa5
887bbef2171d49c602ab37b73b95b357191fd804e7f51ba15c15b750126645dd
8a19f12b731e36db6d78c0455a6fb759cb4b1019efda788a89a6f748330e5fee
8beee01ceca9d3509ada8315d70063ff45e6ee95db336eb64d52b0358529fcc0
8d08002698e3eea9504529fb40cb7ee307d4bfcb79b26e6b7a9f0d88583ae8ae
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
90d8e64b860db5f3a92910feeb47cc539b732f1eb49376e448dd64e3f9013750
92eb1c91ff909f41d07610e54ff4a8b77c6a902b5189285294239013a0b8a5c5
94d7ec1ea563f6e407c32352b0a74f09bb645a4c4a4805951c3a168e57fbb554
94e8c846fd713c731a3025d03cb807b2c9b997d8be69d8745f04bf2d0ef8c573
96b81dae602788a05effa934ca7986ff554bd40697b49f0d074d8c52ede341b5
96d2e5e87903e7b623ab5286f09fa34daf4ed6dfa8af3efb1595c51121d9473b
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
983775b438c242df7cb0ceb87bd2582f96ff0d4e8043f822adf3a3e93261b9a8
9954936e02b683773333025d253980050ceb542347cab9395912bb82f98ee147
9984a520fadf5c92540edcdd4e9df3b6632ae2a955b22bac81c7a0291aeba4df
9a14b4bf52d7468e62a119a2c783754e660ba698bd1ce349e145fd668a0013e0
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b5fa761ba024f252dbb252611630bf622e64e2312acc77d184fc05f2ab7ed4d
9ce75ed467996485eace448fc8554374409488e31678c2e1efb995c77449c0e4
9d1cb86ec27e86dfdefab39206fb510070d00b81d91f11ddc6720e3c62629d32
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
9fff3be6850d99a91d7a75095d6f2da3acf82515afe7d12a8ae15471fdce69d0
a047140cc174d554a323b1b787199a21c2c976e9991fa0428ac9a94a641190ed
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a18472ae86a7b20ced524d98ed60a37cc38d222dd6891200a0edcc335d3d9350
a1b43339886c2df3f1451af8474e95a8923085ef0fc240820e7a8218110d573b
a27087d9a51e66b5379a365607065df4f882b9190c3217064a2efad7ba680e15
a3492ab3d262a82e24fbabfecd777c0800964578ca1e00a363307bd3e590dc77
a382434a37923931c10946c507330698902a876d4a9f27b2ab584ef51173a253
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4f9fa103935fadea54ea87412c9697a65d9545e2b4d67b3b3f984590c1f0dea
a50ee0d7059bba0a551a747f51496dd950307b63b635a2350166414f015536e7
a56602d44222ff0e9c9c9d8faa30c87de0a0b053145aff4a43be4588d216157f
a6e139420501c07877ec62682f783b60662ae4dc43f08c03fb16d7c45871981e
a7175d1d334c622399772f16264ac7a80176047397f32836b6e0b004a59969e8
a765b6b49657c03fd21414da60eed05a7978b91fcf9f0818ca51cbca2f7ede0b
a7db669654ce495a1fa505a2b97684211209182f7c103dae0c2f611c1020b1d2
a8080b77cc159de7699f27a85b3181b1eba0022951d1f7c63f315aa0a541b864
a84684c392beb111f1ffc575860f0fd182e14aa8953829b5655a90cf5094e898
aa7d00eefe0b4610697ae7d4bdd52e0fcc48e82806bafb322e16e7ee66678ace
aac16f954d581bdc9117839285ab45c1e9c71133dbdf18d0e72f420f18d99f13
aac32479b7e00e374a47b5c6daeb907574805cd3320d6d2c520764c6ee96c12d
abf2a4b981439fd1bfd908b09d480d4ddcd77b220c5d68f2aa342e7582396db8
ac32377ae624ac720172de6cd59d7fad67c0c78fe658c7a7b2b43be14b9d74ab
afaf0cc0324afcbb874fc9f5f09910b261023013f12f829f8cd0c30512af8dac
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b044100db87d9ea6f2baea5b4c2cacbd92d3f76a8fb521cdcddca8c26c196c1f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b265408716dbe3e1a43a7bb536defb88b2a4df5e02fd12f1262ded3e46b2c9c2
b272da8532a2532b094eb8b01d0c38fac4cb5cbc2a48e620f40cdf886db497a1
b3513b034d0ecb8f59408a1ca4b9b3a8ba63c68f07f877b2e1e1f34da644afe1
b35b72ac1876a9d5ec1b9955529f4070e971ce9439a1394970143145b499117f
b36e2f24c228d4aa3773ac182616c0cf6835f37725be8de6ce7305caa2a99348
b3d7d3c47dc2ed2229601da34d1b8d1a9f7e7405e2a495c582544cd4fe82dc20
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b4829d73b745a93b32e1968c6b61b82032df9ba4a68c0f9c1c6a1ef22fbf5950
b4b6d898c081feaaf31175668b7a4837cf08ee6480fce388cbb93fc710646d07
b53657aad91e8acd57b698f1c870b19257b454563162f6ba5fafd0328de064e9
b61c483c1ef272649d59390899f6ba6dacc4a0047fd5f31fb66a5a4bcb5af0ea
b6681c00074d8e62bb49a4c31444da8096a55f8830f62e4e8cf7b00882ba6cdb
b9c462507a2e54f1df5dbb15250ef89ff0ef0220477f77bd52e259b8d1971227
baf4d1aa5f87c1d3b95173cfaf7c1be2abaf406aca3ed11992d59ed294ef31d2
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bcb6d1cfb83a4d0e68a3789297ef40f1c73eb4d4ca49448aca740876f2b191c6
c06733a03fb7cb0388b93a06b06d4618cfcf471d73d2074b6053fe7e6f0d2f5c
c0f9a96a8b15dfa0bd82a9b0c4f7d31927c96784bb62af0a94fbaa78cde5e2fa
c1657f7d278d39d8e8bf7041a3a49cb6f39b13119e388b8ffe6a4f94e9d97fbe
c1862f5fa7dd3945e2bab43995b64fa4f720581a0b070afea4dc9431b9cfabd8
c1ccf8f543009a813c29e737c9d9b1c5348169995360fbab23c402ab35c93374
c1dffd59aa695c7624ba66ca5c2a1f152f44821259b74a05a3e76f59e84331fb
c29d67f4e9401f25dc64727b141330574b2392bfd7713ee2c2346c89d7c0d09e
c3b9597a90a43830b2a92897a5ef015ce5310e7f32dbb5cd1db2c807c5e6b036
c4a5a12744673c5a2dbb3653fcf99e1d86f9630f2a49ff4aa892cc5018794720
c4a6f381a5dfdcf76a9c61b3aeec81e4899cf5b2141eeb80db87a81ecc4e1d21
c52a8264c8a4dfb27b101c226b29ed7df32bd643d17550a6aabf8d44d880c75d
c52ea3c0b9b1233a70ed9ee281fec4418c13f8688c556ba31e587e0570cc2b43
c5a7e1a01e97fddf0d6fea76f7a895d53516d76728a4615816a71afa8141d8df
c96507386689e69f6112a5d0a91ea851a260e5c023642dc374a8489271f53246
ca30c33aa5f114d6c4810f2546893395a3047705d5a8b23cb60bba9a157a77ef
cb89401c31c55eaf5d321b8d956d8b26717e2fe7663101a173619f642cb11d63
cbaca2aafa611676af67c5d10f94ea9c2df49dafce60c1509a902a11e379161f
cc8fcdbed629aa9488b81150e46ef7ec1f7d0b46e387830c0a84b4fb12ca8d67
ce331bf5c6c5e330f399d37e697146dd66cbc23038c122adba0b3cd3b1fe2781
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0e59aaca8c9a62d2ae97808a1d7c958012a860f486ecf0f35c73308ac3623cb
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d21e8ca19cb63cc85e4704f1921c06fd9e035f04b26e9c81f98361c3199d77ca
d285ddb67b0c0d1642d8dbc0d6c122085eaf32cc6df3f165febbb4a47d05c9b5
d445f72c0b1f543531b8a607eb045b0a22521a33bc745e7db574822081a79365
d453778582484007a5a8c9b610fbe6a12a863260562fadd46f8e402f740ab12e
d4c5780344a410ba6f301b65ec5a0fff84b5ff87bdf3e65c7f6f52958beba7e0
d4fd99fb81b7a54dde7ec7af98a536d555323b8c4445005fd82aeaa0351c975c
d564e795aec94a8c74308ecec87cb269c8b536135086e36ba14ffa7f22434264
d57d9b0ec43302abd831b7baa5dd82223b11d3691aa9d123e3c63a784a45d15d
d58e8b7666b75f5556fe47b27c5693ce54d432e3c493ab4a4ab58e10449587b1
d691477018d0f0957939aa725df7f8a979d42731cd24ffc4b2a91e8cb456db82
d70fcb40f836001ac6d087dd80390fa48bf954e337ea319064b798d9958d7c8f
d80bd54f6f01cdaa4f9b4bf238a45def7223316f3613971da9a6a417c62b5364
dafaa937eadd710a78845e1e43b6facb9b04efd0c94ef1b5d0639b70a9e4b76c
dc05187f20059fb91e255cbd76de4a7e0481e2f02d15ae5c45eeed42d59e2a09
dc47f31e1c5dc6cc2efc59fbbe537072343769f8cf1378d7b0e110e4ad3b0892
dd9366b123766ecaeec85d47719aaa8ddbd3b68aa7e1fae5434fec5133ebd7cd
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de845987f3459366a295fa160b916e6945c7b96961d7ba73d441b03f211811e8
df352596341aef158df4b1735cf3b02723951a0a584685f896ce3782f6e33f29
dfa57ee471aa3e24aaf9c383ad55e34704fa0c0f6bc918413c6b57d13ed961cc
e027435211ef2a57f103c525775456d802bd6ad5acaa62117d45e10930c7af7e
e142124087c412eef969cd891c1fc1e1629fc878fc1641dbfe44bf9ef38b187c
e1425372c0bd837512dd7517bb0bc49739dbd3e61eb97a4ca4eb3b8aeae69b49
e20e767839f09483c5eae25b181b720e31943d94a40dda6e7a6ea1e2809dcdb7
e2375265c2c58ff376a5b20241c598a2822e043c80935b4a27b50306b4338280
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c2c212e12228ab63bc14f3eacae9780501d66b7cf9e981252b52ccfc65081b
e3d9de01673e8b1a30b38ff593b53f5d82833bcd0e8a6beaa4af6fca5c41c558
e4bc48c05d48842ca3875e39b1d070f10c579e57834e47494d27276af60ff2a6
e5b33f5be41fcd2f98f846f226216e57b5b86a3fd9bdda198bd36143fa282cc3
e94d0e2d56d7e7d35935918e549a374568fad167f2c8f4e5189104fa6546d8d5
e955ea3c7cea5f641e22b09184850d60c3a4a8eef354d739ca9e0ac25daebfaf
ea35c5d1362d678749f64a9e5e667ff8e8cde215869401caa753c5e6585f568f
ec000cc0df2a0e65abe1a1fe11c547f7072bb92e52671bd741605634ac530d37
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ec7cf723e138fd1ced41f6f1c2c0d724c43183a65b54ebaef160e9635fc222d6
ecc36cc1d2a1b39c6dcc4d23c5e1c029f1d2c78e8f696e094c8ea8db964e5664
eed474a49bdbf745c19e463f070e67977c1ab27835603eb749d9e5c249cf81f8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f009046c8dfa738f7b73d46544595b6d47858c62f8af8c9a1fa87be048d17330
f072e55945d5803dcfa7600a5bc425ed840ba977eb0f86abced0d1fc2bab7036
f1b4809c02c833ef4a89170232005bdb3b7b825cd4a1b16e1f7868fdcef834d7
f1bb0ca338f496307dafa965e2c5429c8df952986576cb812f0f0ba83e4d1f25
f1f2c754697a52684fccacaa9e300ac3268d6c13837b9ac7f46475cc67de8d4c
f268e67bed4c1584ddf22b804ba2e482c2ed18c8905a1f032406bf846d7887dc
f3813d6cc9470f8354e367fb821744433c87b1a5b269d2e4f60473570148cf40
f3fb84ac22d9aa3bcb4eb5a032abb61f745d15a6e89e4b5c87a60d08bb48bbd8
f419ad7a4477f36ce73c74a23dce784150ca38fa5075a8e06109709cbb716903
f44f1a0e536dcd68550cbdc4e2d3f900ef653c0baad9fc1933fabf2e057f250c
f77bdfc493418da1a85260cc1b790bd02c9d0a09426ed1ad89a9613aa16e5758
f7c81f756187282cde04eb081009912e336f388013eb18b70b9895f4cefb6a79
f7ec7b8677014393b78f8e512a7b08dd6227d6d54fb6c145ab0ccc5a71b11600
f7ec9f64994c0f12acd8ab801d6709a5373b161d22752d64c316fc4dc6b04026
f862e8ce91086aaf218a7dad2ad925eda30a52e91352744b3a193e1a979b0a21
f896040524443394b8b1ba4fbd1de94be74378ab901e53b3b40c1323d1735143
f92dda6218c0a8ceaa30f15633b7b3487f85d15ad7c3e027178a044539e7c9c2
f9700993b93e875b84bcf02e5ed2be7f8a3d30f073c9ec929a00de192c247996
fa730e45f1461662728ed590039a2cb0900eee5486af662670dccca0e7f0ddd6
fd159884459d6b0d0cb9173afc37b4ece971e711b3035ba95447f84acfa38ff5
fd3eec52805f5b6243e9fe47efb617a37254f80fdeafe26f9d39e007635e0266
fdffbf78abc7d7cda412843cc7a44689f1f03fa27c085e3246bd08975a906688
ffa2e149a7cb4362696d47b85863b157283c7225b648bf0ea43e0591165e4c2d

buhgalter.com.ua Open in urlscan Pro 136.144.183.196 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

460 Requests

78 %HTTPS

34 %IPv6

92 Domains

142 Subdomains

96 IPs

11 Countries

3280 kBTransfer

9095 kBSize

65 Cookies

14 Outgoing links

Page URL History

Redirected requests

460 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 88 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

buhgalter.com.ua Open in urlscan Pro
136.144.183.196 Public Scan

Screenshot
Live screenshot

Full Image

460
Requests

78 %
HTTPS

34 %
IPv6

92
Domains

142
Subdomains

96
IPs

11
Countries

3280 kB
Transfer

9095 kB
Size

65
Cookies

460 HTTP transactions
88 data transactions